pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Submission: On June 30 via api (June 30th 2023, 12:05:55 am UTC) from TR — Scanned from DE

Summary HTTP 308 Redirects Behaviour Indicators

Summary

This website contacted 61 IPs in 10 countries across 46 domains to perform 308 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
3	94.138.206.83 94.138.206.83	49126 (AS49126) (AS49126)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
40	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	23.206.208.114 23.206.208.114	16625 (AKAMAI-AS) (AKAMAI-AS)
19	185.7.176.222 185.7.176.222	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
21	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
44	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	108.138.37.209 108.138.37.209	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
1	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	185.7.176.221 185.7.176.221	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
33	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
9	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2251:8c00:3:4706:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2491:9e00:1b:f040:3600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	154.58.197.185 154.58.197.185	174 (COGENT-174) (COGENT-174)
4	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
1	95.101.148.198 95.101.148.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
3 4	35.156.85.133 35.156.85.133	16509 (AMAZON-02) (AMAZON-02)
2 14	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 4	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.22.42 49.12.22.42	24940 (HETZNER-AS) (HETZNER-AS)
1	13.42.188.208 13.42.188.208	16509 (AMAZON-02) (AMAZON-02)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 4	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	54.93.206.198 54.93.206.198	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
1	18.66.26.126 18.66.26.126	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1 2	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2a02:2638:d::2 2a02:2638:d::2	() ()
1	178.250.1.6 178.250.1.6	() ()
1	213.202.235.9 213.202.235.9	() ()
1	2606:4700::68... 2606:4700::6811:190e	() ()
8	2a02:2638:3::10 2a02:2638:3::10	() ()
2	2a02:2638:d::11 2a02:2638:d::11	() ()
2	18.168.234.149 18.168.234.149	() ()
308	61

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)

ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.208.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.37.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-37-209.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:8c00:3:4706:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:9e00:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.58.197.185 (Indonesia)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com

t.hspvst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-198.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal900022.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.85.133 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-85-133.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.168 (Sweden) 4 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.116 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.42.188.208 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-188-208.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:18ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.206.198 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-206-198.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.26.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-26-126.vie50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.161.51 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:d::2 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (None, )

ASN- ()

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.9 (None, )

ASN- ()

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (None, )

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::10 (None, )

ASN- ()

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::11 (None, )

ASN- ()

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.168.234.149 (None, )

ASN- ()

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	1 MB
49	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	275 KB
43	ye-mek.net ye-mek.net cdn.ye-mek.net	629 KB
19	virgul.com static.virgul.com — Cisco Umbrella Rank: 81866 ng.virgul.com — Cisco Umbrella Rank: 65490 ng2.virgul.com — Cisco Umbrella Rank: 74231	233 KB
18	criteo.net static.criteo.net imageproxy.eu.criteo.net csm.eu.criteo.net	280 KB
16	google.com adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	5 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	448 KB
7	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 38273 hal900022.redintelligence.net — Cisco Umbrella Rank: 339411	53 KB
6	w55c.net 3 redirects cti.w55c.net — Cisco Umbrella Rank: 4192 ads.w55c.net — Cisco Umbrella Rank: 12943 i.w55c.net — Cisco Umbrella Rank: 2590 pm.w55c.net — Cisco Umbrella Rank: 1044	35 KB
5	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15453 ads.eu.criteo.com — Cisco Umbrella Rank: 7742 cat.nl3.eu.criteo.com	58 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	110 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com	2 KB
4	de17a.com 4 redirects d5p.de17a.com — Cisco Umbrella Rank: 5037	1 KB
4	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 4796 pixel.mathtag.com — Cisco Umbrella Rank: 1185	3 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 353 aax.amazon-adsystem.com — Cisco Umbrella Rank: 438	62 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 433 imasdk.googleapis.com — Cisco Umbrella Rank: 500 fonts.googleapis.com — Cisco Umbrella Rank: 88	156 KB
4	windows.net pcloak.blob.core.windows.net	3 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 20510 api.webgains.io	31 KB
3	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 49812 medialead.de — Cisco Umbrella Rank: 49477	913 B
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	793 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1425	452 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1067 r.turn.com	869 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	1 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 131895	6 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 469	2 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 485	2 KB
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 136022	131 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 2090 feed.pghub.io — Cisco Umbrella Rank: 2360	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	89 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 13228	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	120 KB
2	cloakan.co www.cloakan.co	1 KB
1	cloudflare.com cdnjs.cloudflare.com	5 KB
1	exactag.com m.exactag.com	60 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1251	213 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 862	464 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 59854	3 KB
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 44074	610 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3235	104 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 39920	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 175361	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 208307	931 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 374	461 B
1	gstatic.com fonts.gstatic.com	34 KB
1	hspvst.com t.hspvst.com — Cisco Umbrella Rank: 188023	916 B
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2484	361 B
308	46

	Domain	Requested by
44	pagead2.googlesyndication.com	static.virgul.com pagead2.googlesyndication.com 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ye-mek.net www.googletagservices.com securepubads.g.doubleclick.net
40	cdn.ye-mek.net	ye-mek.net cdn.ye-mek.net
33	tpc.googlesyndication.com	94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com googleads.g.doubleclick.net ye-mek.net pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
21	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com ye-mek.net www.googletagservices.com
14	cm.g.doubleclick.net	2 redirects ye-mek.net 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com googleads.g.doubleclick.net
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	www.google.com	googleads.g.doubleclick.net ye-mek.net 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com tpc.googlesyndication.com
8	imageproxy.eu.criteo.net	ads.eu.criteo.com
8	static.criteo.net	ads.eu.criteo.com
8	www.googletagservices.com	94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	ng.virgul.com	static.virgul.com ye-mek.net
7	94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
7	static.virgul.com	ye-mek.net static.virgul.com pcloak.blob.core.windows.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	d5p.de17a.com	4 redirects
4	hal9000.redintelligence.net	pcloak.blob.core.windows.net hal900022.redintelligence.net
4	ng2.virgul.com	ye-mek.net
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	match.adsrvr.org	94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com googleads.g.doubleclick.net
3	pm.w55c.net	3 redirects
3	hal900022.redintelligence.net	hal9000.redintelligence.net hal900022.redintelligence.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
3	ye-mek.net	www.cloakan.co ye-mek.net
2	api.webgains.io	analytics.webgains.io
2	csm.eu.criteo.net	ads.eu.criteo.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	x.bidswitch.net	2 redirects
2	s.tribalfusion.com	googleads.g.doubleclick.net
2	a.tribalfusion.com	2 redirects
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	hal900022.redintelligence.net googleads.g.doubleclick.net
2	secure.adnxs.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	dis.criteo.com	94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	fonts.googleapis.com	securepubads.g.doubleclick.net hal900022.redintelligence.net
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
2	connect.facebook.net	ye-mek.net connect.facebook.net
2	images.dmca.com	ye-mek.net
2	www.googletagmanager.com	ye-mek.net adv.office-partner.de
2	www.cloakan.co	pcloak.blob.core.windows.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	m.exactag.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	medialead.de	1 redirects
1	track.webgains.com	pcloak.blob.core.windows.net
1	futalis.de	hal900022.redintelligence.net
1	adv.office-partner.de	hal900022.redintelligence.net
1	pixel.rubiconproject.com	1 redirects
1	i.w55c.net	94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	pixel.mathtag.com	tags.mathtag.com
1	t.hspvst.com	94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
1	ads.w55c.net	94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
1	cti.w55c.net	94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
1	imasdk.googleapis.com	c1.imgiz.com
1	feed.pghub.io	pghub.io
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	pghub.io	static.virgul.com
1	s7.addthis.com	ye-mek.net
1	ajax.googleapis.com	ye-mek.net
308	72

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
www.ye-mek.net RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-29` - `2023-07-07`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
1099124734.rsc.cdn77.org R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
images.dmca.com R3	`2023-05-13` - `2023-08-11`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-09-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-08` - `2023-07-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-27` - `2023-09-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.w55c.net Amazon RSA 2048 M02	`2023-05-29` - `2024-06-25`	a year	crt.sh
*.hspvst.com Gandi Standard SSL CA 2	`2022-12-12` - `2023-12-09`	a year	crt.sh
redintelligence.net R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
pv.medialead.de R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
adv.office-partner.de R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.futalis.de R3	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-03` - `2023-08-27`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-13` - `2023-08-10`	3 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-18` - `2023-08-18`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-07` - `2023-08-30`	3 months	crt.sh

This page contains 44 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Frame ID: F8C345BE3ACB0ECA60458A6D0E1359E5
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: EBC15C5115FBB530B71E5D75A4D784A8
Requests: 92 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 462E3AD94037595F2672EEB576DEB918
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html
Frame ID: 3920DBD599FECB46F74F607DB82F50EE
Requests: 1 HTTP requests in this frame

Frame: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9101CC400044649950C0BC30D7BFF8F3
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: E07387EE5A2CD119BCA1A36F3F3BE3DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083551854&bpp=3&bdt=888&idt=180&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&nras=1&correlator=7875039385869&frm=24&ife=1&pv=2&ga_vid=31328747.1688083552&ga_sid=1688083552&ga_hid=27575131&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C31075630%2C44759875%2C31075573%2C42531644%2C44788442&oid=2&pvsid=2858433892420268&tmod=954131232&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.inbk0utdcyru&fsb=1&dtd=195
Frame ID: A0DFB936FE5CDC6736C4A7FCAA66BBDD
Requests: 1 HTTP requests in this frame

Frame: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 83ABF11A83460845E943BC6246F726CF
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083552430&bpp=14&bdt=129&idt=141&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&nras=1&correlator=6928388214132&frm=8&ife=1&pv=2&ga_vid=614855064.1688083553&ga_sid=1688083553&ga_hid=1633166938&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075643%2C44788442&oid=2&pvsid=3739099639002629&tmod=2108198827&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.f91f2hlp2qve&fsb=1&dtd=161
Frame ID: 09E5185108F22463614F4057898B10A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083552444&bpp=2&bdt=143&idt=153&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6928388214132&frm=8&ife=1&pv=1&ga_vid=614855064.1688083553&ga_sid=1688083553&ga_hid=1633166938&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075643%2C44788442&oid=2&pvsid=3739099639002629&tmod=2108198827&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.evnvmnazx6qd&fsb=1&dtd=158
Frame ID: EE5A3E29ECF35DEA77742685081637E5
Requests: 18 HTTP requests in this frame

Frame: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 8ACD2E27124F9636BBD49A1DB15A97FE
Requests: 12 HTTP requests in this frame

Frame: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 672E5E830E2D0F5DB99C807BCC98F6A2
Requests: 13 HTTP requests in this frame

Frame: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7ED1D11E304C38BFDE5802CC8E5BC913
Requests: 13 HTTP requests in this frame

Frame: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: AC4517A550D9B45E4D18A9D5EC18A475
Requests: 13 HTTP requests in this frame

Frame: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C69204AF12B0316E841D9D4EEA1C0E16
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Frame ID: 65BCB75618E8C11261C56E2F3EED0B03
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407281013&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553094&bpp=3&bdt=214&idt=193&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&nras=1&correlator=8000988199809&frm=8&ife=1&pv=2&ga_vid=702332168.1688083553&ga_sid=1688083553&ga_hid=1969111112&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=600&ifk=2666847685&scr_x=-12245933&scr_y=-12245933&eid=42532277%2C42532279%2C44759875%2C44759926%2C44759842%2C31075665%2C44788441%2C44795921&oid=2&pvsid=1784709798459888&tmod=1527713210&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.sw7go0sqh43z&fsb=1&dtd=212
Frame ID: 04FE5D234EB7B18A82935C3CABAAD792
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407280060&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553057&bpp=4&bdt=185&idt=255&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&nras=1&correlator=1321895833783&frm=8&ife=1&pv=2&ga_vid=211358570.1688083553&ga_sid=1688083553&ga_hid=340539151&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C42532278%2C44759876%2C44759927%2C42532280%2C31075573%2C31075645%2C42531706%2C44788441&oid=2&pvsid=2057020523386192&tmod=167058370&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.3xbt7sgxb8w7&fsb=1&dtd=270
Frame ID: E650815863EBA472EB3CC3818ADED900
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7719BA5D281931111BE214FAE56301FD
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=5799287242&adk=343538185&adf=4198791702&pi=t.ma~as.5799287242&w=120&fwrn=16&format=120x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553097&bpp=1&bdt=217&idt=274&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8000988199809&frm=8&ife=1&pv=1&ga_vid=702332168.1688083553&ga_sid=1688083553&ga_hid=1969111112&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=600&ifk=2666847685&scr_x=-12245933&scr_y=-12245933&eid=42532277%2C42532279%2C44759875%2C44759926%2C44759842%2C31075665%2C44788441%2C44795921&oid=2&pvsid=1784709798459888&tmod=1527713210&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.qn48sh63fynv&fsb=1&dtd=277
Frame ID: 46ABAF815F00D4C6F3E3422623B414DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553061&bpp=1&bdt=190&idt=319&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1321895833783&frm=8&ife=1&pv=1&ga_vid=211358570.1688083553&ga_sid=1688083553&ga_hid=340539151&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C42532278%2C44759876%2C44759927%2C42532280%2C31075573%2C31075645%2C42531706%2C44788441&oid=2&pvsid=2057020523386192&tmod=167058370&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.4vhurvaw2jbr&fsb=1&dtd=323
Frame ID: 16CA70D10659D9808B95A3763F5D4BA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407278883&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553127&bpp=3&bdt=197&idt=272&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&nras=1&correlator=7684227612873&frm=8&ife=1&pv=2&ga_vid=1014192176.1688083553&ga_sid=1688083553&ga_hid=312899483&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2680693957&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C44759875%2C44759926%2C42532277%2C44759842%2C31075624%2C31075644%2C42531705%2C44788441%2C44769662&oid=2&pvsid=1075566652487531&tmod=1190392790&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.suwnc94kh86y&fsb=1&dtd=287
Frame ID: EA188B4BF171624F26F51C3C0A0EE2FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198785760&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553130&bpp=1&bdt=199&idt=297&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7684227612873&frm=8&ife=1&pv=1&ga_vid=1014192176.1688083553&ga_sid=1688083553&ga_hid=312899483&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2680693957&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C44759875%2C44759926%2C42532277%2C44759842%2C31075624%2C31075644%2C42531705%2C44788441%2C44769662&oid=2&pvsid=1075566652487531&tmod=1190392790&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.g6z2jcqqear2&fsb=1&dtd=300
Frame ID: 55F6E3A944DE49D1A6590A2EBF933BDA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=2659805833&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553205&bpp=4&bdt=241&idt=231&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&nras=1&correlator=6123828671159&frm=8&ife=1&pv=2&ga_vid=2013041692.1688083553&ga_sid=1688083553&ga_hid=1572280062&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31075624%2C31075645%2C42531706%2C44788442&oid=2&pvsid=2593432463506537&tmod=508350695&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.hvgz1qhxv0mk&fsb=1&dtd=247
Frame ID: A662FBB4E7803AC615D0673828D3D7BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=3171367898&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553209&bpp=1&bdt=245&idt=258&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6123828671159&frm=8&ife=1&pv=1&ga_vid=2013041692.1688083553&ga_sid=1688083553&ga_hid=1572280062&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31075624%2C31075645%2C42531706%2C44788442&oid=2&pvsid=2593432463506537&tmod=508350695&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.fafwfiq42gks&fsb=1&dtd=262
Frame ID: A869C143DAC98C17C105CBDB885A01CB
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=14442100006165600951389012371022&t=htlp&gdpr=1&consent=1&gdpr_consent=li
Frame ID: 0F70C176A0187ECA4F90FAA40A565012
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 8C62FA19317F9C5C8ED576A2F6726A25
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2832901481
Frame ID: A991CDC2B14AE9BB4628F8C5DD5D5FDC
Requests: 2 HTTP requests in this frame

Frame: https://hal900022.redintelligence.net/request_content.php?s=14442100006165600951389012371022&a=a3bc504e
Frame ID: 423ABD0F63F0C0B197A1F406A7F83505
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 24A5928136FD4966AACFB2C71F562D24
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZJ4cYQAHFoQCO8_kAAAyX0p-4Xzx5rUjMTzy4Q&u=%7C3I8VUl17EUPJzNop02kBwBodnSsI5dHvlrkwxEoKtUE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zjiF9eUSIOuZLnA_GHCrq33Aq8L8-n9i6f2JnWUMEnPzCy2fCmA0TmEQxGU4aqjZ8OL73KXxCxP1vpj96yWlvZpRy1VA_bqAVBCYfdPyXVByeGV-QnTk5cP0tuPI49BX74vzGrjbv3f9_WH-EOFZ3j5GTDF_0dyYAt29bZO3j4V3dbX1K41SYD9tWv1sw-Olr9fO5xbVqyeWnUi5NoaWkZd2lBA8VWgLU0ROxTCbkBpLCL2Lpc1UQjfzaBFt3nSIF3Rt0t6x4t2Diwfi10NlGYAGKdGiOzc3-Mh_2LF0h253mm7N9Tu0engQxx5_05EthNIIZbDvoZ-6rq0DsNv_V7mVGJsIee2LTH2tAoQav8Vsjf0xOOzE_hGhApXL71HtYah_zkyl6pym99XLpZ353xzNZJHIpt4-BmQuARM5jwIIBK12HXiUTDSHHaXiwGsmWt1dg5eCCNgPzVBXnwbzfp6hEmmlO0dQxFKEKRTSEOK_p1tBeeCiL5zXe5P2-WoYAR_tz2sxbDOtlbIclA2-csgG1Vez4tYUYr-fTBs3e3_TyltO120GAkM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtWHcYRyeZIStHOSf78EP3-SA8AvJntKxXNWdkfdwwI23ARABIABgleqYgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAj2aHS-2PbI-qAMByAMCqgSyAU_QFg408j6DR3LYwYXTUM8z-ZYLHCVQwGag__TF1btjjw-PBaJGk60Nxkem5RvYL3flUs8LafwcEZR72l9WQQjFirI3JLBiZJRUzmi22CzXNBUVJakSFuF51K49xVsGYd3_vPjoVRklB77ii9pMbJVXD-nX_gDUcvcLuMCVT8tC-d6YL5BpSQvzPG9gEkKD8fUWjK2_O8I4x2hakH8uyB1OyzWT_78TJ63-sWpzCv_1xUWABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37hkJX12yU4Qcr4Wu3awZi7p6Nsg%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: ECC0CEC34FB3173EC3B6BE3FF201999C
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A159FDCFCF5BF72668F7C0959BD7AE1F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E9F13E314A7A3E02D8BD3609AEAAE0DF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4D9CCD76B067EB5C8DF0163CC151A486
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E47342D39A0B1A8A618E776665DF9AE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6EB9BF8041A0EC3A47A8028F4D9FA749
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 06FC5E4ACF7F3BADF45C6B59FFD7D1D5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F752BDA7F013FEDC8B6A1A0CF18B7867
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4C519E94B31BA5F1437FC5580DF40EA6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1869B12E369D01AD4DFC3D2473497B29
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7A1C5E127F1B858C5E3B4ACADCFA0FFD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2924D60EE4D80FD8447987780588EEF4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 412C256496228C4F3A83C09AE405463F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F725B4E4992E06FAB9E4622EF10B64EB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AddThis (Widgets) Expand

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

308
Requests

95 %
HTTPS

45 %
IPv6

46
Domains

72
Subdomains

61
IPs

10
Countries

4126 kB
Transfer

10115 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 181

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI9y7bZOq_LmqnMD7FERq2o&google_cver=1&google_push=AaAOQGHc8QpE-4Kwy9Mi-ToUN1QX6_WoPAGEeD4sLW57C_4FLMbIiWwm95O69rDQaMmbZ_HYJU-vq71RWkDN0vwEmkMheTZgAEw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI9y7bZOq_LmqnMD7FERq2o&google_cver=1&google_push=AaAOQGHc8QpE-4Kwy9Mi-ToUN1QX6_WoPAGEeD4sLW57C_4FLMbIiWwm95O69rDQaMmbZ_HYJU-vq71RWkDN0vwEmkMheTZgAEw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=R28yTURCSTUxUWYxRTU1&google_gid=CAESEI9y7bZOq_LmqnMD7FERq2o&google_cver=1&google_push=AaAOQGHc8QpE-4Kwy9Mi-ToUN1QX6_WoPAGEeD4sLW57C_4FLMbIiWwm95O69rDQaMmbZ_HYJU-vq71RWkDN0vwEmkMheTZgAEw

Request Chain 183

https://d5p.de17a.com/cookies/google?google_gid=CAESEFFRfcolEgXxDstP77HBniI&google_cver=1&google_push=AaAOQGFsoftRyGgNhesOVwCpnVS9kRKnvLJbXQl-a2UgSkx8xBeD0aGwMsZcWqbAMBlfGkCIZAfrYiZkvVf9Y95eMVvvrB_QMG9Y HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFFRfcolEgXxDstP77HBniI&google_cver=1&google_push=AaAOQGFsoftRyGgNhesOVwCpnVS9kRKnvLJbXQl-a2UgSkx8xBeD0aGwMsZcWqbAMBlfGkCIZAfrYiZkvVf9Y95eMVvvrB_QMG9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFsoftRyGgNhesOVwCpnVS9kRKnvLJbXQl-a2UgSkx8xBeD0aGwMsZcWqbAMBlfGkCIZAfrYiZkvVf9Y95eMVvvrB_QMG9Y

Request Chain 185

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKQhOZWfBikrXc8OeAL7mxA&google_cver=1&google_push=AaAOQGH9dLUVeY9_GjdLLk1vPaq5YnJ90MIZGW40WUhjzXc5L2gghMNra943-n1xg-eh6XjDyzm6BZCHgnLkQGQMqvict3mubIDo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpIVEQyNTgtMVItNVNINA==&google_push=AaAOQGH9dLUVeY9_GjdLLk1vPaq5YnJ90MIZGW40WUhjzXc5L2gghMNra943-n1xg-eh6XjDyzm6BZCHgnLkQGQMqvict3mubIDo

Request Chain 186

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDoLKsMwTKKCozp0OrNJSWk&google_cver=1&google_push=AaAOQGH-SH7FJUmsM8Aq3TNf84iteee8LLctGVSJL0hCt3Faw1Ph4onNFewv2qMm35hEMQvVERGxz1f2uxBkAej236fxNYtUmeSk HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDoLKsMwTKKCozp0OrNJSWk&google_push=AaAOQGH-SH7FJUmsM8Aq3TNf84iteee8LLctGVSJL0hCt3Faw1Ph4onNFewv2qMm35hEMQvVERGxz1f2uxBkAej236fxNYtUmeSk&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDoLKsMwTKKCozp0OrNJSWk&google_hm=ZJ4cYYWNCvOBonLqJF451AAAFLQAAAIB&google_nid=index&google_push=AaAOQGH-SH7FJUmsM8Aq3TNf84iteee8LLctGVSJL0hCt3Faw1Ph4onNFewv2qMm35hEMQvVERGxz1f2uxBkAej236fxNYtUmeSk

Request Chain 187

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKvqZUKdA3QyUsK1sqHF82I&google_cver=1&google_push=AaAOQGEcbUf85ytxjo_eFemD1UhBv9THeWQL1QCy4LW2vvcIe4vgVtXxN0pA8Q1Mj8tlmjNM3P2t47AMLMn9zbpTvgpL18kGXHsfrQ HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEKvqZUKdA3QyUsK1sqHF82I%26google_cver%3D1%26google_push%3DAaAOQGEcbUf85ytxjo_eFemD1UhBv9THeWQL1QCy4LW2vvcIe4vgVtXxN0pA8Q1Mj8tlmjNM3P2t47AMLMn9zbpTvgpL18kGXHsfrQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjQyNDgzMjYyMDc0MzI4MjczMw%3D%3D&google_gid=CAESEKvqZUKdA3QyUsK1sqHF82I&google_cver=1&google_push=AaAOQGEcbUf85ytxjo_eFemD1UhBv9THeWQL1QCy4LW2vvcIe4vgVtXxN0pA8Q1Mj8tlmjNM3P2t47AMLMn9zbpTvgpL18kGXHsfrQ

Request Chain 191

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=14442100006165600951389012371022&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2832901481

Request Chain 194

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14442100006165600951389012371022&t=htlp&gdpr=1&consent=1&gdpr_consent=li HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14442100006165600951389012371022&t=htlp&gdpr=1&consent=1&gdpr_consent=li

Request Chain 198

https://a.tribalfusion.com/i.match?p=b6&u=CAESELxiwG_dPwbjo7FoNRm-fcw&google_cver=1&google_push=AaAOQGHRRB1vpd1YEpJ69u-4p8ukTm3eAosfidRJMBP63DKNLYl3JofKpzA-_A12rG6nLHSdHaV-H8HANE21CyK0ghpJsBh2a-6NZ7s&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHRRB1vpd1YEpJ69u-4p8ukTm3eAosfidRJMBP63DKNLYl3JofKpzA-_A12rG6nLHSdHaV-H8HANE21CyK0ghpJsBh2a-6NZ7s%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELxiwG_dPwbjo7FoNRm-fcw&google_cver=1&google_push=AaAOQGHRRB1vpd1YEpJ69u-4p8ukTm3eAosfidRJMBP63DKNLYl3JofKpzA-_A12rG6nLHSdHaV-H8HANE21CyK0ghpJsBh2a-6NZ7s&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHRRB1vpd1YEpJ69u-4p8ukTm3eAosfidRJMBP63DKNLYl3JofKpzA-_A12rG6nLHSdHaV-H8HANE21CyK0ghpJsBh2a-6NZ7s%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 200

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHh80dC-5NFx-Ytjn4Lf5kA&google_cver=1&google_push=AaAOQGFOmAcd6EUG9Wj41kOaMIL2L8JJ6Wr5IDchu-lz9Ln1tzVco0kdX29mxiRLlNhfIXqw1_LpvcuajJEHxcM2MC9EGj9BEsDUew8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGFOmAcd6EUG9Wj41kOaMIL2L8JJ6Wr5IDchu-lz9Ln1tzVco0kdX29mxiRLlNhfIXqw1_LpvcuajJEHxcM2MC9EGj9BEsDUew8&google_hm=mTe6zUqSSomchUpJF4K7kBg

Request Chain 201

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ_3IITauvlb3L3jNdB5d88&google_cver=1&google_push=AaAOQGFshWKF0vlpkEQtXvYv1sk6sp9BGg2j_jiHETk01jVNjgnsoh24FnzsiFagr-dyCGJ6ato1uYWh1wi8Zm4OJmDIFCnKUbkEodw HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJ_3IITauvlb3L3jNdB5d88&google_cver=1&google_push=AaAOQGFshWKF0vlpkEQtXvYv1sk6sp9BGg2j_jiHETk01jVNjgnsoh24FnzsiFagr-dyCGJ6ato1uYWh1wi8Zm4OJmDIFCnKUbkEodw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFshWKF0vlpkEQtXvYv1sk6sp9BGg2j_jiHETk01jVNjgnsoh24FnzsiFagr-dyCGJ6ato1uYWh1wi8Zm4OJmDIFCnKUbkEodw&google_hm=H2fmiiGGR32XqaF5qZnf_g==

Request Chain 202

https://d5p.de17a.com/cookies/google?google_gid=CAESEFFRfcolEgXxDstP77HBniI&google_cver=1&google_push=AaAOQGFqN0S0c3jEsWc6vSs5Px5JlYMkXrCmq0Gm3ONYFAp5mJpgNxO29IUwTVxIFdcuymhiUZpm_dr0WHSA9YY6ueyMl39VROxUyj0 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFFRfcolEgXxDstP77HBniI&google_cver=1&google_push=AaAOQGFqN0S0c3jEsWc6vSs5Px5JlYMkXrCmq0Gm3ONYFAp5mJpgNxO29IUwTVxIFdcuymhiUZpm_dr0WHSA9YY6ueyMl39VROxUyj0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFqN0S0c3jEsWc6vSs5Px5JlYMkXrCmq0Gm3ONYFAp5mJpgNxO29IUwTVxIFdcuymhiUZpm_dr0WHSA9YY6ueyMl39VROxUyj0

Request Chain 229

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMUbkQr2p8QtpUN-bsBUkX4&google_cver=1&google_push=AaAOQGGsEAOv-NT9JGFHPcBXgTjvjYJng8_R3ijlvBTrV1DVlWGOXM_h9mdzbzcS8umXNoT-1thryWqk9EfRsRe5d0rulELn77lbBg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjYyMzA3NzkyNTk0OTc4MDc3Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMUbkQr2p8QtpUN-bsBUkX4&google_cver=1

Request Chain 231

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI9y7bZOq_LmqnMD7FERq2o&google_cver=1&google_push=AaAOQGHH4EeVXvtqP8V8THmhBMfEjwQdSrH3zIjn3WxKBRLutsaOPiNhSvcmgtPw3eZYtcV_sgFsVWjopXQ-2TkBrAYzjLWc72S6Mt0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=R28yTURCSTUxUWYxRTU1&google_gid=CAESEI9y7bZOq_LmqnMD7FERq2o&google_cver=1&google_push=AaAOQGHH4EeVXvtqP8V8THmhBMfEjwQdSrH3zIjn3WxKBRLutsaOPiNhSvcmgtPw3eZYtcV_sgFsVWjopXQ-2TkBrAYzjLWc72S6Mt0

Request Chain 232

https://a.tribalfusion.com/i.match?p=b6&u=CAESELxiwG_dPwbjo7FoNRm-fcw&google_cver=1&google_push=AaAOQGE8Pf44ryhP_oANblY726lBcozCzL058TtkGcCEdrbjzF_9UP9HdWGF7hy76th8i-Zv5SrGJ9ikLaDJs7MoBMTJOU0RJp9RoA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE8Pf44ryhP_oANblY726lBcozCzL058TtkGcCEdrbjzF_9UP9HdWGF7hy76th8i-Zv5SrGJ9ikLaDJs7MoBMTJOU0RJp9RoA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELxiwG_dPwbjo7FoNRm-fcw&google_cver=1&google_push=AaAOQGE8Pf44ryhP_oANblY726lBcozCzL058TtkGcCEdrbjzF_9UP9HdWGF7hy76th8i-Zv5SrGJ9ikLaDJs7MoBMTJOU0RJp9RoA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE8Pf44ryhP_oANblY726lBcozCzL058TtkGcCEdrbjzF_9UP9HdWGF7hy76th8i-Zv5SrGJ9ikLaDJs7MoBMTJOU0RJp9RoA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 235

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMHQE2GBkOCvxQxspzf23Oo&google_cver=1&google_push=AaAOQGEXYF-Hor0F5tPar0qb-ZTQ06RlHIA-eoSMXWGtbSU-zauXlDGDSHv7F-x_4YAEAEHnNXLaZugdJIEY2K2FYfFV8wBEiUJ7ZbAb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGEXYF-Hor0F5tPar0qb-ZTQ06RlHIA-eoSMXWGtbSU-zauXlDGDSHv7F-x_4YAEAEHnNXLaZugdJIEY2K2FYfFV8wBEiUJ7ZbAb HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

308 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x6uf5z9e3262.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 504ms
120ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1324
Content-MD5: XPHdOVCmWyxrVVstkB9xGw==
Content-Type: text/html
Date: Fri, 30 Jun 2023 00:05:47 GMT
ETag: 0x8DB5ED08476F0C5
Last-Modified: Sat, 27 May 2023 16:36:27 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 55e08586-001e-0011-47e6-aad8b9000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 122ms
121ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-request-id: 55e08690-001e-0011-49e6-aad8b9000000
Date: Fri, 30 Jun 2023 00:05:47 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 382ms
129ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 30 Jun 2023 00:05:48 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: 55e088bf-001e-0011-67e6-aad8b9000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 252ms
131ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 30 Jun 2023 00:05:47 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: 55e087a5-001e-0011-59e6-aad8b9000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 743 B
681 B 1148ms
493ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x6uf5z9e3262
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:49 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 404

GET
H2 200 nv.php Show response
www.cloakan.co/ 232 B
385 B 370ms
200ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:50 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 112

GET
H2 200 / Show response
ye-mek.net/ Frame EBC1 77 KB
77 KB 274ms
80ms Document
text/html 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/
Requested by: Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 502f09b7adc6f1ff2c01cba95a7a9384a1ae0a5ae7fa370e858fd25bd8678ea5

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 79086
content-type: text/html; charset=utf-8
date: Fri, 30 Jun 2023 00:05:49 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame EBC1 90 KB
33 KB 119ms
35ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 17:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 17:06:24 GMT

GET
H2 200 yemeknet.js Show response
ye-mek.net/js/ Frame EBC1 10 KB
2 KB 93ms
92ms Script
application/javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/js/yemeknet.js?v=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Fri, 30 Jun 2023 00:05:51 GMT
content-encoding: br
last-modified: Tue, 20 Aug 2019 13:15:54 GMT
server: Microsoft-IIS/10.0
etag: "0a144655957d51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2179

GET
H2 200 maincss.css
cdn.ye-mek.net/ Frame EBC1 40 KB
12 KB 176ms
58ms Stylesheet
text/css 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ye-mek.net/maincss.css?v=434
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 575591
x-accel-date: 1687507960
x-77-nzt: AcO1ryfK2Av/Z8gIAA
x-accel-expires: @1719043960
last-modified: Tue, 24 Nov 2020 00:00:32 GMT
server: CDN77-Turbo
etag: W/"5fbc4d20-9e5b"
x-77-nzt-ray: 25b0213131c84f145f1c9e6491f23c05
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame EBC1 211 KB
76 KB 118ms
44ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6B70JBQEWN

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82d72c348754f7515045419416dacb9f5db260eccbb80cfac9e1ad25d9bb46fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77544
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 30 Jun 2023 00:05:51 GMT

GET
H2 200 WebResource.axd Show response
ye-mek.net/ Frame EBC1 23 KB
23 KB 91ms
90ms Script
application/x-javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/WebResource.axd?d=YeedoL8dFzo5gymDuarFXngFaaXpLN8jYlixY-HzMyr_r8lEwXsCQefYQgi2kFzYfrVacpu_9us1eVTBWQamZuI0ynrH9LDfafZF-A5wZF41&t=637811837229275428
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Fri, 30 Jun 2023 00:05:51 GMT
last-modified: Wed, 23 Feb 2022 00:28:42 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/x-javascript
cache-control: public
content-length: 23063
expires: Fri, 28 Jun 2024 21:32:10 GMT

GET
H2 200 searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame EBC1 542 B
895 B 51ms
42ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6274151
x-accel-date: 1681809400
content-length: 542
x-77-nzt: AcO1ryfKVjn/Z7xfAA
x-accel-expires: @1713345400
last-modified: Sat, 22 Oct 2022 20:00:57 GMT
server: CDN77-Turbo
etag: "63544bf9-21e"
x-77-nzt-ray: 25b0213131c84f145f1c9e648d626f09
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ara.png
cdn.ye-mek.net/App_UI/Img/ Frame EBC1 2 KB
2 KB 55ms
44ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6274110
x-accel-date: 1681809441
content-length: 1651
x-77-nzt: AcO1rydZ63//PrxfAA
x-accel-expires: @1713345441
last-modified: Mon, 14 May 2018 22:41:08 GMT
server: CDN77-Turbo
etag: "5afa1084-673"
x-77-nzt-ray: 25b0213131c84f145f1c9e64d590bb09
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 soguk-kahve-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame EBC1 10 KB
10 KB 67ms
56ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/soguk-kahve-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 66f57830eba3793b6d407a90dc0636b5e5e028f466bec6045ebc0813acaf7afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 8860
x-accel-date: 1688074691
content-length: 9818
x-77-nzt: AcO1ryeqT57/nCIAAA
x-accel-expires: @1719610691
last-modified: Thu, 29 Jun 2023 21:14:19 GMT
server: CDN77-Turbo
etag: "649df42b-265a"
x-77-nzt-ray: 25b0213131c84f145f1c9e642350c009
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mangal-icin-et-marinesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame EBC1 14 KB
15 KB 85ms
74ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/mangal-icin-et-marinesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6501e50ffffdc89ec56c93111f32c70f697610d4af971fb38ae964b5824c7eb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 92524
x-accel-date: 1687991027
content-length: 14815
x-77-nzt: AcO1rydYC67/bGkBAA
x-accel-expires: @1719527027
last-modified: Wed, 28 Jun 2023 22:12:14 GMT
server: CDN77-Turbo
etag: "649cb03e-39df"
x-77-nzt-ray: 25b0213131c84f145f1c9e64d250c909
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ic-baklali-enginar-salatasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame EBC1 15 KB
16 KB 105ms
94ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ic-baklali-enginar-salatasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: eab1145c02ae44ca45370dbdb689a98d1756fe3726fde675886a95730fee691d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 180656
x-accel-date: 1687902895
content-length: 15738
x-77-nzt: AcO1ryfVy9L/sMECAA
x-accel-expires: @1719438895
last-modified: Tue, 27 Jun 2023 21:35:10 GMT
server: CDN77-Turbo
etag: "649b560e-3d7a"
x-77-nzt-ray: 25b0213131c84f145f1c9e640612cf09
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sucuklu-bezelye-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame EBC1 13 KB
14 KB 125ms
114ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/sucuklu-bezelye-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 75c5dcb0b1839bbb85275b03f330dd59c04167b59fe68b07cedad9f8292040f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 268895
x-accel-date: 1687814656
content-length: 13665
x-77-nzt: AcO1ryfzNW//XxoEAA
x-accel-expires: @1719350656
last-modified: Mon, 26 Jun 2023 15:19:38 GMT
server: CDN77-Turbo
etag: "6499ac8a-3561"
x-77-nzt-ray: 25b0213131c84f145f1c9e6429f7d909
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 citir-tavuk-kanatlari-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame EBC1 15 KB
16 KB 125ms
114ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/citir-tavuk-kanatlari-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3c2fc0614d14f19c7b68d795bbd361ec0baa28f2f72f7fd645cb7967f380af07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2427426
x-accel-date: 1685656125
content-length: 15552
x-77-nzt: AcO1ryeG/h//IgolAA
x-accel-expires: @1717192125
last-modified: Thu, 01 Jun 2023 21:24:53 GMT
server: CDN77-Turbo
etag: "64790ca5-3cc0"
x-77-nzt-ray: 25b0213131c84f145f1c9e649fc6dc09
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hunkar-begendi-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/03/ Frame EBC1 12 KB
13 KB 125ms
114ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/03/hunkar-begendi-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ca52a0eec13c48696bf05cbe5e76a0b67c73967c1f8825cfe4b733e24a775580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6273415
x-accel-date: 1681810136
content-length: 12532
x-77-nzt: AcO1rydy7v//h7lfAA
x-accel-expires: @1713346136
last-modified: Wed, 01 May 2019 23:32:05 GMT
server: CDN77-Turbo
etag: "5cca2c75-30f4"
x-77-nzt-ray: 25b0213131c84f145f1c9e64cf4adf09
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 macar-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/04/ Frame EBC1 14 KB
15 KB 125ms
115ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/04/macar-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 68bbcab002cfe978fe70454b240f442046de6170bdef247b98f4819f1e7f2417

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6274042
x-accel-date: 1681809509
content-length: 14810
x-77-nzt: AcO1ryeWkG7/+rtfAA
x-accel-expires: @1713345509
last-modified: Fri, 24 Apr 2020 23:44:43 GMT
server: CDN77-Turbo
etag: "5ea379eb-39da"
x-77-nzt-ray: 25b0213131c84f145f1c9e640223ef09
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-sehzade-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/04/ Frame EBC1 16 KB
16 KB 125ms
115ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/04/tavuklu-sehzade-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7d7862e6fbf2d69229da6a29919581daccb5fda185e6d92171147b42184eb460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 586490
x-accel-date: 1687497061
content-length: 16490
x-77-nzt: AcO1ryd0+qn/+vIIAA
x-accel-expires: @1719033061
last-modified: Thu, 29 Apr 2021 23:52:25 GMT
server: CDN77-Turbo
etag: "608b46b9-406a"
x-77-nzt-ray: 25b0213131c84f145f1c9e6407b3740a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 toyga-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/03/ Frame EBC1 13 KB
13 KB 125ms
115ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/03/toyga-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 147c0a445950fa29f9fc3784910f112bdc6dc232412915e1162da9e7ea36ad51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6273907
x-accel-date: 1681809644
content-length: 13360
x-77-nzt: AcO1rycOvGD/c7tfAA
x-accel-expires: @1713345644
last-modified: Wed, 01 May 2019 23:45:46 GMT
server: CDN77-Turbo
etag: "5cca2faa-3430"
x-77-nzt-ray: 25b0213131c84f145f1c9e649204830a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 samsira-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/10/ Frame EBC1 13 KB
13 KB 125ms
115ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/10/samsira-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8206b7cb4977df1646b35835886cc5ad752365263197f15f0581d41c3751aa0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 565868
x-accel-date: 1687517683
content-length: 13330
x-77-nzt: AcO1ryf5tKj/bKIIAA
x-accel-expires: @1719053683
last-modified: Mon, 28 Oct 2019 22:24:00 GMT
server: CDN77-Turbo
etag: "5db76a80-3412"
x-77-nzt-ray: 25b0213131c84f145f1c9e64181f860a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 karmaca-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/11/ Frame EBC1 15 KB
16 KB 125ms
115ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/11/karmaca-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2eb2914e0253d3d949c2aad28f6f109c7b3a67ef37696a4496592837c0f9d7a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 575176
x-accel-date: 1687508375
content-length: 15740
x-77-nzt: AcO1ryemohv/yMYIAA
x-accel-expires: @1719044375
last-modified: Mon, 15 Nov 2021 22:38:31 GMT
server: CDN77-Turbo
etag: "6192e167-3d7c"
x-77-nzt-ray: 25b0213131c84f145f1c9e64dab7900a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 cerkez-pilavi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/04/ Frame EBC1 16 KB
16 KB 126ms
116ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/04/cerkez-pilavi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 298e30cd4e01948d540e8aff796e294da1ae095578b2403f2b97280e3b969a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6274043
x-accel-date: 1681809508
content-length: 16373
x-77-nzt: AcO1rydOZEL/+7tfAA
x-accel-expires: @1713345508
last-modified: Tue, 11 Apr 2023 16:32:39 GMT
server: CDN77-Turbo
etag: "64358ba7-3ff5"
x-77-nzt-ray: 25b0213131c84f145f1c9e645137980a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-orman-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/05/ Frame EBC1 12 KB
12 KB 126ms
116ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/05/firinda-orman-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d5544013c9c882cd032a4ed06f6f8338f6fce934e82311a1267f59b5e717c4c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 731036
x-accel-date: 1687352515
content-length: 12058
x-77-nzt: AcO1ryd5BA//nCcLAA
x-accel-expires: @1718888515
last-modified: Wed, 01 May 2019 23:34:49 GMT
server: CDN77-Turbo
etag: "5cca2d19-2f1a"
x-77-nzt-ray: 25b0213131c84f145f1c9e64860a9b0a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 isvec-koftesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/10/ Frame EBC1 12 KB
12 KB 126ms
116ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/10/isvec-koftesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 64af7a328ead4e6e3e77587ae81c88a4156eea6f476df565496f8f46d89d255f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6273449
x-accel-date: 1681810102
content-length: 12325
x-77-nzt: AcO1ryePXlT/qblfAA
x-accel-expires: @1713346102
last-modified: Fri, 09 Oct 2020 23:18:38 GMT
server: CDN77-Turbo
etag: "5f80efce-3025"
x-77-nzt-ray: 25b0213131c84f145f1c9e64c06da40a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sultan-kebabi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2014/08/ Frame EBC1 13 KB
14 KB 126ms
116ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2014/08/sultan-kebabi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 479da794610042c07a692cc82df9f0dcd96e46dd83b103761d7f0387f2ac2f1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6273520
x-accel-date: 1681810031
content-length: 13608
x-77-nzt: AcO1rye3CuP/8LlfAA
x-accel-expires: @1713346031
last-modified: Wed, 01 May 2019 22:27:29 GMT
server: CDN77-Turbo
etag: "5cca1d51-3528"
x-77-nzt-ray: 25b0213131c84f145f1c9e649022a70a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kofteli-sehzade-kebabi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame EBC1 15 KB
15 KB 126ms
117ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/kofteli-sehzade-kebabi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 93877a4648f07d0a209913c6a05dcdc1810fe91fb41c96320aea06de80b708c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6274020
x-accel-date: 1681809531
content-length: 15437
x-77-nzt: AcO1ryfutW//5LtfAA
x-accel-expires: @1713345531
last-modified: Fri, 30 Apr 2021 23:49:24 GMT
server: CDN77-Turbo
etag: "608c9784-3c4d"
x-77-nzt-ray: 25b0213131c84f145f1c9e649064aa0a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mantar-soslu-tavuk-bonfile-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/12/ Frame EBC1 12 KB
13 KB 126ms
117ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/12/mantar-soslu-tavuk-bonfile-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e47fe684eeb5978f6c7437edacdbe8f33a60d89a68403c3e58c0128bfe36a52d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 123057
x-accel-date: 1687960494
content-length: 12780
x-77-nzt: AcO1rydsSqr/seABAA
x-accel-expires: @1719496494
last-modified: Mon, 27 Dec 2021 23:35:26 GMT
server: CDN77-Turbo
etag: "61ca4dbe-31ec"
x-77-nzt-ray: 25b0213131c84f145f1c9e64781db10a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-tavuk-but-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/11/ Frame EBC1 17 KB
17 KB 126ms
117ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/11/firinda-tavuk-but-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 96aa3667db041dd0f9351d85ca19b7485bf1dad1832ae2099c65cd5a11841275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6273785
x-accel-date: 1681809766
content-length: 17402
x-77-nzt: AcO1ryeE6gn/+bpfAA
x-accel-expires: @1713345766
last-modified: Tue, 09 Nov 2021 21:00:38 GMT
server: CDN77-Turbo
etag: "618ae176-43fa"
x-77-nzt-ray: 25b0213131c84f145f1c9e644542b80a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuk-fajita-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/04/ Frame EBC1 12 KB
12 KB 126ms
117ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/04/tavuk-fajita-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d966ecd46380ed5fdc36aadcd4b5a4bbd65ba852833ce5e834a4e37380ac9535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6270559
x-accel-date: 1681812992
content-length: 12005
x-77-nzt: AcO1rycdCAb/X65fAA
x-accel-expires: @1713348992
last-modified: Wed, 01 May 2019 23:32:42 GMT
server: CDN77-Turbo
etag: "5cca2c9a-2ee5"
x-77-nzt-ray: 25b0213131c84f145f1c9e645e34c00a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 soya-soslu-tavuk-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/02/ Frame EBC1 14 KB
15 KB 127ms
118ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/02/soya-soslu-tavuk-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5061ede8e14dd075136fdcf6a3879f4b42a692eeaa605e2c5aa5f354e753fa61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6273453
x-accel-date: 1681810098
content-length: 14545
x-77-nzt: AcO1rydONMf/rblfAA
x-accel-expires: @1713346098
last-modified: Wed, 16 Feb 2022 22:31:56 GMT
server: CDN77-Turbo
etag: "620d7b5c-38d1"
x-77-nzt-ray: 25b0213131c84f145f1c9e64e505ca0a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 zeytinyagli-havuclu-taze-fasulye-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/09/ Frame EBC1 14 KB
14 KB 127ms
118ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/09/zeytinyagli-havuclu-taze-fasulye-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 372e646203759b4bf2ddab1f01469d03dd8bc920f187a3a09bb316f4edf6d604

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6271600
x-accel-date: 1681811951
content-length: 14135
x-77-nzt: AcO1ryfcaFn/cLJfAA
x-accel-expires: @1713347951
last-modified: Sat, 11 Sep 2021 20:22:26 GMT
server: CDN77-Turbo
etag: "613d1002-3737"
x-77-nzt-ray: 25b0213131c84f145f1c9e640352d10a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-misir-unlu-patates-kizartmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/12/ Frame EBC1 13 KB
13 KB 127ms
118ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/12/firinda-misir-unlu-patates-kizartmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3be63679d6ca5fd205bdbc6dc4e6caf8d376a09decaea16226da1bae6d24fad6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6269387
x-accel-date: 1681814164
content-length: 12804
x-77-nzt: AcO1ryf5krL/y6lfAA
x-accel-expires: @1713350164
last-modified: Wed, 01 May 2019 23:43:18 GMT
server: CDN77-Turbo
etag: "5cca2f16-3204"
x-77-nzt-ray: 25b0213131c84f145f1c9e6447b5d80a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kasarli-karnabahar-koftesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame EBC1 15 KB
15 KB 127ms
118ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/kasarli-karnabahar-koftesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a9e0c3f2f8aa72179351f0b5edcde6cfcf708285785c4a358331e05da8bff5a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6273785
x-accel-date: 1681809766
content-length: 14949
x-77-nzt: AcO1ryd/83r/+bpfAA
x-accel-expires: @1713345766
last-modified: Wed, 09 Dec 2020 00:07:17 GMT
server: CDN77-Turbo
etag: "5fd01535-3a65"
x-77-nzt-ray: 25b0213131c84f145f1c9e6491a0e10a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-besamel-soslu-kiymali-karnabahar-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/01/ Frame EBC1 13 KB
13 KB 127ms
119ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/01/firinda-besamel-soslu-kiymali-karnabahar-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 385b19d8c7f7bedac5169d996fa57206b3a35b608518dfd0aa4669f7d3a7b7de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6274041
x-accel-date: 1681809510
content-length: 12867
x-77-nzt: AcO1rydhoC//+btfAA
x-accel-expires: @1713345510
last-modified: Wed, 01 May 2019 22:53:33 GMT
server: CDN77-Turbo
etag: "5cca236d-3243"
x-77-nzt-ray: 25b0213131c84f145f1c9e6436d1ea0a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 lokanta-usulu-ezogelin-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/05/ Frame EBC1 12 KB
12 KB 127ms
119ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/05/lokanta-usulu-ezogelin-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1a6d6ecc5afe8b370681181e0077b6c838310f74f8473a1f36527577d5a1fab7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6273844
x-accel-date: 1681809707
content-length: 11911
x-77-nzt: AcO1ryd4xEj/NLtfAA
x-accel-expires: @1713345707
last-modified: Wed, 01 May 2019 22:58:45 GMT
server: CDN77-Turbo
etag: "5cca24a5-2e87"
x-77-nzt-ray: 25b0213131c84f145f1c9e64cfd8ec0a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 muradiye-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/04/ Frame EBC1 11 KB
11 KB 127ms
119ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/04/muradiye-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 43204d58f6a24cdd36d594f28e4dc0f9ab0f5ad29b4a166bb6d5f3c16756636f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6272449
x-accel-date: 1681811102
content-length: 11241
x-77-nzt: AcO1ryfIWi3/wbVfAA
x-accel-expires: @1713347102
last-modified: Wed, 01 May 2019 23:47:00 GMT
server: CDN77-Turbo
etag: "5cca2ff4-2be9"
x-77-nzt-ray: 25b0213131c84f145f1c9e64f1daee0a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 korili-karnabahar-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/12/ Frame EBC1 11 KB
11 KB 127ms
119ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/12/korili-karnabahar-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 51571e6e49d9d1243db244dd3bb1790047c7b566dabc9400564dd7f74432ffc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6273507
x-accel-date: 1681810044
content-length: 11094
x-77-nzt: AcO1rye572D/47lfAA
x-accel-expires: @1713346044
last-modified: Sun, 19 Dec 2021 23:06:47 GMT
server: CDN77-Turbo
etag: "61bfbb07-2b56"
x-77-nzt-ray: 25b0213131c84f145f1c9e64d8fdf00a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hidiv-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/02/ Frame EBC1 11 KB
12 KB 128ms
119ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/02/hidiv-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 842c88bbde71118e56fc313dbe3ad3d9e5dd9b3b9913960838734a29e5982b7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 568653
x-accel-date: 1687514898
content-length: 11592
x-77-nzt: AcO1rydVGoD/Ta0IAA
x-accel-expires: @1719050898
last-modified: Wed, 22 Feb 2023 19:26:52 GMT
server: CDN77-Turbo
etag: "63f66c7c-2d48"
x-77-nzt-ray: 25b0213131c84f145f1c9e64b505510b
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sade-un-helvasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/02/ Frame EBC1 9 KB
10 KB 128ms
120ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/02/sade-un-helvasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: cb70a0b5ac2b1a8d8e5f0e0b91b99d95723392847800eb91f42673794ce38e5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6269089
x-accel-date: 1681814462
content-length: 9502
x-77-nzt: AcO1ryfiaG3/oahfAA
x-accel-expires: @1713350462
last-modified: Wed, 12 Feb 2020 21:37:39 GMT
server: CDN77-Turbo
etag: "5e447023-251e"
x-77-nzt-ray: 25b0213131c84f145f1c9e64897ca50b
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ispanakli-kek-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/03/ Frame EBC1 14 KB
15 KB 128ms
120ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/03/ispanakli-kek-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c25e33aaf9d908bb036672ed26b9af74032d7cb464d5e3f3b9b67e868798290a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6268827
x-accel-date: 1681814724
content-length: 14836
x-77-nzt: AcO1ryd0rAn/m6dfAA
x-accel-expires: @1713350724
last-modified: Wed, 01 May 2019 22:56:15 GMT
server: CDN77-Turbo
etag: "5cca240f-39f4"
x-77-nzt-ray: 25b0213131c84f145f1c9e64cc22090c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 soguk-serbetli-irmik-helvasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/01/ Frame EBC1 12 KB
12 KB 128ms
120ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/01/soguk-serbetli-irmik-helvasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ec88c9de3a44165db5e410d072fee68874d371d17eeac4ea36c5325d485b3f7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 293673
x-accel-date: 1687789878
content-length: 12086
x-77-nzt: AcO1ryd1ia3/KXsEAA
x-accel-expires: @1719325878
last-modified: Thu, 02 Jan 2020 19:20:42 GMT
server: CDN77-Turbo
etag: "5e0e428a-2f36"
x-77-nzt-ray: 25b0213131c84f145f1c9e64c7cc0f0c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 keskul-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/10/ Frame EBC1 14 KB
14 KB 128ms
120ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/10/keskul-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d5907d04f8aa7cc029868fb441fd2a02dce10b72e3a68d6294aa7a2debf90440

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6273074
x-accel-date: 1681810477
content-length: 14166
x-77-nzt: AcO1rycZV6j/MrhfAA
x-accel-expires: @1713346477
last-modified: Sat, 03 Oct 2020 18:58:33 GMT
server: CDN77-Turbo
etag: "5f78c9d9-3756"
x-77-nzt-ray: 25b0213131c84f145f1c9e6491811a0c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-somun-ekmek-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/03/ Frame EBC1 11 KB
11 KB 128ms
120ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/03/firinda-somun-ekmek-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 58fa8288d109b6525ab6ced54d659e79cc4e2a925f61d6c76da140f0a689ef59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 40005
x-accel-date: 1688043546
content-length: 11344
x-77-nzt: AcO1rydBpr7/RZwAAA
x-accel-expires: @1719579546
last-modified: Mon, 23 Mar 2020 22:17:36 GMT
server: CDN77-Turbo
etag: "5e793580-2c50"
x-77-nzt-ray: 25b0213131c84f145f1c9e6434641d0c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ev-yapimi-seftali-receli-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/06/ Frame EBC1 14 KB
14 KB 128ms
121ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/06/ev-yapimi-seftali-receli-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5af02ce6b5997fabe156a5cf9e0dfdf4901a0552a78732b587d1ca38ffc2e4f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6269407
x-accel-date: 1681814144
content-length: 14292
x-77-nzt: AcO1rycypoT/36lfAA
x-accel-expires: @1713350144
last-modified: Wed, 01 May 2019 22:44:02 GMT
server: CDN77-Turbo
etag: "5cca2132-37d4"
x-77-nzt-ray: 25b0213131c84f145f1c9e645d17280c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 cokelek-salatasi-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/02/ Frame EBC1 14 KB
15 KB 128ms
121ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/02/cokelek-salatasi-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1bd2603da78c0513ae07dff23bf8925d95683b782d9eaabc18e003d3167b8dc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 574517
x-accel-date: 1687509034
content-length: 14757
x-77-nzt: AcO1rye50Cr/NcQIAA
x-accel-expires: @1719045034
last-modified: Fri, 14 Feb 2020 22:35:21 GMT
server: CDN77-Turbo
etag: "5e4720a9-39a5"
x-77-nzt-ray: 25b0213131c84f145f1c9e64e1d02e0c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pizza-pogaca-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/08/ Frame EBC1 15 KB
15 KB 127ms
121ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/08/pizza-pogaca-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d41d07189295595e39267e87a880138ce04d72fe0ba272a91c07c735db7d2092

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 574721
x-accel-date: 1687508830
content-length: 15270
x-77-nzt: AcO1ryfxFof/AcUIAA
x-accel-expires: @1719044830
last-modified: Wed, 01 May 2019 23:21:59 GMT
server: CDN77-Turbo
etag: "5cca2a17-3ba6"
x-77-nzt-ray: 25b0213131c84f145f1c9e644729370c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 _dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame EBC1 5 KB
6 KB 139ms
41ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:51 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "8ae3cdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1688083551.cds343.fr8.hn,1688083551.cds153.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length: 5605

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame EBC1 56 B
361 B 700ms
35ms Script
text/javascript 23.206.208.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-114.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 00:05:51 GMT
server: Oracle API Gateway
opc-request-id: /CB43F9C685B5C1010DA1583F2BB4D1BA/3DA0DBA1A026A1431B1DF1443DEDE79D
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ Frame EBC1 465 B
585 B 141ms
43ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:51 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1688083551.cds343.fr8.hn,1688083551.cds057.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ Frame EBC1 75 KB
26 KB 391ms
87ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19538
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 66413d92e3b48b21f37de7968a4c6ee6dafb956f4963d0557959a3d10db2c492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:51 GMT
content-encoding: gzip
last-modified: Fri, 23 Jun 2023 06:55:07 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame EBC1 3 KB
2 KB 106ms
29ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7cb9607232edfca6ad4bf5b7c972b2803abf66aa2a9b2c653a18ba24369e45a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 00:05:51 GMT
content-md5: GERYC6wTBtJNNJRUTh9VzQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: Sows3WoZoi9X5trEeeEyaLZE2cWmgkjbsfTZewbPAcuQcYbHlZ20x++glgoxYs+dJZrH8OgNkTBRKuGZLQPYAQ==
x-fb-content-md5: 19cff9c58b89e119d5fcf83b6ba203cb
cross-origin-opener-policy: same-origin-allow-popups
etag: "8945bec84cb13b37fe23cbfe6ac95146"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:23:34 GMT

GET
H2 200 sprite_3.png
cdn.ye-mek.net/grafik/ Frame EBC1 21 KB
21 KB 127ms
121ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by: Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ye-mek.net/maincss.css?v=434
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 30 Jun 2023 00:05:51 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6274109
x-accel-date: 1681809442
content-length: 21525
x-77-nzt: AcO1rydOpkb/PbxfAA
x-accel-expires: @1713345442
last-modified: Mon, 14 May 2018 20:55:05 GMT
server: CDN77-Turbo
etag: "5af9f7a9-5415"
x-77-nzt-ray: 25b0213131c84f145f1c9e64e7613f0c
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H3 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame EBC1 307 KB
87 KB 64ms
32ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=359015cc8c6b07bb69e37f980633a279

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

32d3eb1192068d0e46808e657f8141b7459818e623b3e5ca0600472b3a6621a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 00:05:51 GMT
content-md5: YtnuLL7FE/l5ppNpdFNE2Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88849
x-fb-debug: GfdCjzrGDJZcQysZJpygPotiIiLj6jonaPPs7/Hr1yZaWtsr4+qdk3JqRwlRHsJ13/fyAVYJIkks5RBWhmvclg==
x-fb-content-md5: b7c768ee6d574a51810fb0d8059ca5b4
cross-origin-opener-policy: same-origin-allow-popups
etag: "aa5b1dc91bac0b661242a80fedcd2bef"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 28 Jun 2024 21:36:32 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EBC1 76 KB
26 KB 163ms
47ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

502d7649e4e83f1d07e6634e9e2915227d7130e16193d58eda18ff0a307cc65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26089
x-xss-protection: 0
server: cafe
etag: 487 / 19538 / m202306270101 / config-hash: 327100832698525116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:51 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame EBC1 120 B
306 B 92ms
91ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19538
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:51 GMT
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame 462E 891 B
1 KB 93ms
92ms Document
text/html 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19538
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Fri, 30 Jun 2023 00:05:51 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame EBC1 141 KB
49 KB 146ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8616a80730f771eec28aa190e0e4e50c6329256025a00fc75d526fbddb42f827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49355
x-xss-protection: 0
server: cafe
etag: 7198398146249504449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:51 GMT

GET
H2 200 prebid7.38.0.js Show response
static.virgul.com/theme/mockups/outside/ Frame EBC1 489 KB
182 KB 102ms
102ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19538
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:51 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:56:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame EBC1 236 KB
58 KB 177ms
54ms Script
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19538
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 23:35:01 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 82fdc4c167a56caabe3a8a99b02abee4.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 21:03:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, MUC50-P2
age: 1851
x-amz-server-side-encryption: AES256
etag: W/"9352f20e556bff9fea6fd0461aac850d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: e23vxN8B5vtp_RtK2elW9J_TmRhK1wd9BxSJQEkCRXSy6A2bBg8EVg==

GET
H2 200 pageview Show response
ng.virgul.com/ Frame EBC1 37 KB
7 KB 256ms
133ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1688083551646&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.23094228533029004
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19538
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d4a188612de0a4f19200f9ce0ef87a48184810883848e320e1fc401013a161da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:51 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/fallback/ Frame EBC1 12 KB
2 KB 92ms
92ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19538
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19538
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:51 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 21:45:07 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 hb Show response
ng.virgul.com/ Frame EBC1 50 KB
5 KB 250ms
133ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=468912
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19538
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 197ffcfe361bf002c5b4d07ab57fe0682528d864cf82f4423d5018fc48da96d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:51 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ Frame EBC1 392 KB
125 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 20:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11511
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127740
x-xss-protection: 0
server: cafe
etag: 1744020965594933375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 28 Jun 2024 20:54:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/ Frame EBC1 346 KB
119 KB 112ms
56ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31075573

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c3ffafe2bad86136dc0d54b7dbb154328b343075788dfaa8cd72242e55179a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121738
x-xss-protection: 0
server: cafe
etag: 15698148493363838636
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:51 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/ Frame 3920 10 KB
5 KB 90ms
26ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 07:34:18 GMT
etag: 12368291122986407432
expires: Thu, 13 Jul 2023 07:34:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame EBC1 0
305 B 42ms
41ms XHR
text/plain 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 22:01:47 GMT
via: 1.1 82fdc4c167a56caabe3a8a99b02abee4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MUC50-P2
age: 7443
x-cache: Hit from cloudfront
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 3IPS6kStdmnaERcQVpMrr2_Y5yvxZgoTNNYjVQ69BUEI7clCdeM8qg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame EBC1 6 KB
3 KB 124ms
42ms XHR
application/javascript 108.138.37.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-37-209.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
date: Thu, 29 Jun 2023 05:29:09 GMT
x-amz-cf-pop: MUC50-P2
age: 67003
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: kaW0UTn5okT7Fn6V2fl7I-eLD40lkpA3n6GzlEzoM0NjwMGF3tlZEA==

GET
H2 200 empowerwebplayer3.js Show response
static.virgul.com/theme/mockups/outside/ Frame EBC1 10 KB
3 KB 73ms
73ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:51 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 13:36:40 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/sites/ Frame EBC1 11 KB
5 KB 75ms
74ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=468912
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19538
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:51 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 09:08:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ Frame EBC1 17 KB
5 KB 110ms
33ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19538
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 23:09:58 GMT
content-encoding: gzip
age: 3353
x-guploader-uploadid: ADPycdusILK5JKw9Ku4LyXoS41bbodLjADk_0p55Qh2qL2JrHlzFD8x1zxrmVJTBJBW4hSY0tBgSpB14iWCFniYmxTNq6Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5009
last-modified: Mon, 05 Jun 2023 16:36:50 GMT
server: UploadServer
etag: "47a886353056caf33a998c6041e20896"
vary: Accept-Encoding
x-goog-generation: 1685983010517890
x-goog-hash: crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 5009
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ Frame EBC1 0
209 B 74ms
73ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1688083551909&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnet9d5164c0-5aa0-42da-b925-50691b3557f3&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.21413829775027393
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 30 Jun 2023 00:05:51 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame EBC1 23 B
459 B 496ms
364ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=01DGlq9PgHRGh&cb=0&ws=1600x1200&v=23.612.1758&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: QPRCQC94K1Q0F1DCMPZS
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Kes9aE9GMWHwYt9nBHssIQVQ8iBXvnJAgZtiRNv13nYRghbshB5WlA==

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame EBC1 107 B
456 B 105ms
34ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EBC1 28 KB
12 KB 257ms
257ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2858433892420268&correlator=2051320108660047&eid=31075594&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688083551646%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet9d5164c0-5aa0-42da-b925-50691b3557f3%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet9d5164c05aa042dab92550691b3557f3&sc=1&cdm=ye-mek.net&abxe=1&dt=1688083551988&lmt=1688083551&dlt=1688083550965&idt=978&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=q4i77jcfsdvf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=31328747.1688083552&ga_sid=1688083552&ga_hid=27575131&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f093d3916d4317f3dfd3476ee92fc3344e423f703459ba07825fb855ed3e14f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11880
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425583957
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9101 6 KB
3 KB 141ms
34ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:52 GMT
expires: Sat, 29 Jun 2024 00:05:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ Frame EBC1 7 KB
3 KB 370ms
72ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19538
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 07 Jul 2023 00:05:52 GMT

GET
H2 200 zoneview
ng.virgul.com/ Frame EBC1 0
209 B 71ms
71ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1688083552021&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnet9d5164c0-5aa0-42da-b925-50691b3557f3&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.42992841549494454
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 30 Jun 2023 00:05:52 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 tag Show response
feed.pghub.io/ Frame E073 13 B
257 B 126ms
43ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Fri, 30 Jun 2023 00:05:52 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A0DF 603 B
218 B 51ms
50ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083551854&bpp=3&bdt=888&idt=180&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&nras=1&correlator=7875039385869&frm=24&ife=1&pv=2&ga_vid=31328747.1688083552&ga_sid=1688083552&ga_hid=27575131&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C31075630%2C44759875%2C31075573%2C42531644%2C44788442&oid=2&pvsid=2858433892420268&tmod=954131232&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.inbk0utdcyru&fsb=1&dtd=195

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31075573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 83AB 6 KB
3 KB 26ms
25ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:52 GMT
expires: Sat, 29 Jun 2024 00:05:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 83AB 24 KB
7 KB 93ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 83AB 140 KB
48 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6a0ca72c9b155770d4111755eca7f6e1e83b0e921ad15bce37a68ad69a50918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Origin: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49095
x-xss-protection: 0
server: cafe
etag: 15634827439377347106
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83AB 179 KB
57 KB 114ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame EBC1 361 KB
121 KB 127ms
44ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ Frame EBC1 398 KB
128 KB 82ms
82ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=6/30/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19538
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2023 18:51:56 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 07 Jul 2023 00:05:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 83AB 0
0 67ms
66ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvap0XqqgXLLec7bVfj3fKsY1sfoBw6465sMvPLcYFQmpJFtX_Ydggyk16llQ-JRl0t16kbbXtVKqOETF-xs_SX5htLrCY9GCkaXtHPiqbVCd9lrVtaB5JhSNjfwFD9S0LBIlWY-MvCytg4fmQ3aQLLjR83gTCa-0reGXJ13JGUxPFeAmCRdYYLg9UxU59BXLMV7AK0xUekkp9VYFmjrmL4u7KyZg5h0Rs69p_Fu97G7cXS7OvGGsmGXqfBAxuhTT9cWxxW51i_2hj-JjoZl6iFyy1bQTSe7nlXL7McIYw1olg1EmceydpWCHm3Vrf_xM2yAFnaKbc31i_Bwixxe4dW7924jyLhza_0bU5jAHVJqDPhhUn9WkkZuw&sai=AMfl-YSJmPii7AG57puAUlVYdjiRBTdKr2SVD9dIFVcq8beh-KASz2DzhNWgr0pZku2WIzhhmeDF4Sa4M_TiWaHLprp-a1OmIjkGtdKyXhgkn_0&sig=Cg0ArKJSzGc1sbCFOUw9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306210101/ Frame 83AB 346 KB
119 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cedb0ce25b5eb96e700ecbe768fae70737cd5de3756473d709d45fcfba3f6d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121608
x-xss-protection: 0
server: cafe
etag: 2169546182373672939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame EBC1 107 B
165 B 33ms
32ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EBC1 28 KB
12 KB 349ms
348ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2858433892420268&correlator=1713101610658305&eid=31075594%2C31074824&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=3&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688083551646%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet9d5164c0-5aa0-42da-b925-50691b3557f3%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet9d5164c05aa042dab92550691b3557f3&sc=1&cdm=ye-mek.net&abxe=1&dt=1688083552509&lmt=1688083552&dlt=1688083550965&idt=978&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=dm806wctda2m&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABnkTfCY7CUwzq3Z8xwNX8opTYveTtFawVMMLsGDk4CiHFleYCzCBqRlvXNr6a0fNDGMe_MjWv1KLfg9F9KTqSA1Uw&ga_vid=31328747.1688083552&ga_sid=1688083552&ga_hid=27575131&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dbce0e1c2a59678db57393129d17d22c034e0a494fe805794f57c3d2f91bea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12207
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425583933
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EBC1 65 KB
14 KB 353ms
352ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2858433892420268&correlator=3323563197498908&eid=31075594%2C31074824&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160%7C640x205&fluid=height&ifi=4&adks=3050045420&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688083551646%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet9d5164c0-5aa0-42da-b925-50691b3557f3%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet9d5164c05aa042dab92550691b3557f3&sc=1&cdm=ye-mek.net&abxe=1&dt=1688083552514&lmt=1688083552&dlt=1688083550965&idt=978&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=9x5fmyrlqn6n&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=996x0&msz=996x0&fws=388&ohw=1600&psts=ABnkTfCY7CUwzq3Z8xwNX8opTYveTtFawVMMLsGDk4CiHFleYCzCBqRlvXNr6a0fNDGMe_MjWv1KLfg9F9KTqSA1Uw&ga_vid=31328747.1688083552&ga_sid=1688083552&ga_hid=27575131&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4009f01ab6ab2381cfe6fcb016f07bbeaf4e1ae86e637051a51bd4657eaa799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14361
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EBC1 28 KB
12 KB 288ms
287ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2858433892420268&correlator=2024953429018648&eid=31075594%2C31074824&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=5&adks=3203893797&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688083551646%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet9d5164c0-5aa0-42da-b925-50691b3557f3%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet9d5164c05aa042dab92550691b3557f3&sc=1&cdm=ye-mek.net&abxe=1&dt=1688083552517&lmt=1688083552&dlt=1688083550965&idt=978&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=xpk31c20e9mk&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABnkTfCY7CUwzq3Z8xwNX8opTYveTtFawVMMLsGDk4CiHFleYCzCBqRlvXNr6a0fNDGMe_MjWv1KLfg9F9KTqSA1Uw&ga_vid=31328747.1688083552&ga_sid=1688083552&ga_hid=27575131&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64c6e4e181eb970a8564feb89c1185dda149557bc9c9723d711dca9e83004756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425927365
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EBC1 40 KB
16 KB 294ms
292ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2858433892420268&correlator=3135708105082367&eid=31075594%2C31074824&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=6&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688083551646%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet9d5164c0-5aa0-42da-b925-50691b3557f3%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet9d5164c05aa042dab92550691b3557f3&sc=1&cdm=ye-mek.net&abxe=1&dt=1688083552520&lmt=1688083552&dlt=1688083550965&idt=978&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=u1jdivkbb32l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABnkTfCY7CUwzq3Z8xwNX8opTYveTtFawVMMLsGDk4CiHFleYCzCBqRlvXNr6a0fNDGMe_MjWv1KLfg9F9KTqSA1Uw&ga_vid=31328747.1688083552&ga_sid=1688083552&ga_hid=27575131&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce508f1bf6d59a897546f6c5e8769992d8b1e4ea195f081c0b0f4ad8281c0224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16467
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EBC1 28 KB
12 KB 280ms
279ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2858433892420268&correlator=988660117987101&eid=31075594%2C31074824&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688083551646%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet9d5164c0-5aa0-42da-b925-50691b3557f3%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet9d5164c05aa042dab92550691b3557f3&sc=1&cdm=ye-mek.net&abxe=1&dt=1688083552523&lmt=1688083552&dlt=1688083550965&idt=978&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=3nlqgz75n5pz&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABnkTfCY7CUwzq3Z8xwNX8opTYveTtFawVMMLsGDk4CiHFleYCzCBqRlvXNr6a0fNDGMe_MjWv1KLfg9F9KTqSA1Uw&ga_vid=31328747.1688083552&ga_sid=1688083552&ga_hid=27575131&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e855cb8c849e4075bcfb14c9468cc38148f3e9a333dd9d71bc166665cac07f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11897
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425219174
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EBC1 28 KB
12 KB 304ms
303ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2858433892420268&correlator=1875106956790136&eid=31075594%2C31074824&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=8&adks=3299242717&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688083551646%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet9d5164c0-5aa0-42da-b925-50691b3557f3%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet9d5164c05aa042dab92550691b3557f3&sc=1&cdm=ye-mek.net&abxe=1&dt=1688083552527&lmt=1688083552&dlt=1688083550965&idt=978&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=wfvydvdfqu9h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABnkTfCY7CUwzq3Z8xwNX8opTYveTtFawVMMLsGDk4CiHFleYCzCBqRlvXNr6a0fNDGMe_MjWv1KLfg9F9KTqSA1Uw&ga_vid=31328747.1688083552&ga_sid=1688083552&ga_hid=27575131&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bf120f7967a92726dc1224897555cce082f2af6fbb65ea725e70de845d17afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11823
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425516693
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 83AB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b995cc283857cb5396b94e36deb47341469cdeed3d92e0e22a2cd3cf0900fd9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 83AB 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 09E5 0
16 B 144ms
143ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083552430&bpp=14&bdt=129&idt=141&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&nras=1&correlator=6928388214132&frm=8&ife=1&pv=2&ga_vid=614855064.1688083553&ga_sid=1688083553&ga_hid=1633166938&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075643%2C44788442&oid=2&pvsid=3739099639002629&tmod=2108198827&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.f91f2hlp2qve&fsb=1&dtd=161

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE5A 33 KB
14 KB 237ms
236ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083552444&bpp=2&bdt=143&idt=153&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6928388214132&frm=8&ife=1&pv=1&ga_vid=614855064.1688083553&ga_sid=1688083553&ga_hid=1633166938&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075643%2C44788442&oid=2&pvsid=3739099639002629&tmod=2108198827&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.evnvmnazx6qd&fsb=1&dtd=158

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

602d96b74c1b4b2a0117991948e6dd9fa24c74596a9c20bb1a04c930f544c426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14718
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:52 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5ed7638be4b07a92411bbffe
ng2.virgul.com/tck/imp/ Frame EBC1 0
209 B 297ms
124ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7638be4b07a92411bbffe?g=1&t=gb&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1688083551646&userId=vnet9d5164c0-5aa0-42da-b925-50691b3557f3
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 30 Jun 2023 00:05:53 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 container.html Show response
94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8ACD 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:52 GMT
expires: Sat, 29 Jun 2024 00:05:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 672E 6 KB
3 KB 23ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:52 GMT
expires: Sat, 29 Jun 2024 00:05:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7ED1 6 KB
3 KB 25ms
25ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:52 GMT
expires: Sat, 29 Jun 2024 00:05:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AC45 6 KB
3 KB 28ms
27ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:52 GMT
expires: Sat, 29 Jun 2024 00:05:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame EE5A 3 KB
2 KB 111ms
33ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzI0LyAvTkRoaE1ERXhNamt0WlRGaE5TMWtZbVJoTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg3NDYyMzgyNzkzNTA0MDM5MDcvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1eVR3eE8wQ2hYNE1VSHp2YkdyS3V0US8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NzQ2MjM4Mjc5MzUwNDAzOTA3L2Ftcy8wLzEwNS84Lzk5OS8xNjIvMjAwMToxYjYwOjI6Oi8wLjAwMC8xNjg4MDgzNTUyLzE2ODgwOTYxNTIvNC9wdWItNjU5MzUyMzIxMDAxMDE1NC8xLw/YtdWSkZr7GChworhrVgyX0RZZ3k&nodeid=3286&group=cdg&auctionid=8746238279350403907&pbs_auctionid=8746238279350403907&shardkey=8746238279350403907&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.60&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMOyNYByeZKyRJ4-X6wSZkomYB8-HjptcwIbZgsYCwI23ARABIABgleqYgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmoAwHIAwKqBLEBT9Am3alfwwuD18NaT_rfkzHOUHLQkdb8aiBwTSyyteWr0k3tgAuRnhGzx3PU2JHEEhBn2h7nnfoN8X9SW2_Jr4DjvArh4RDq6RVDszqe1w7-vFSkXih7hP6MNogGFS1zFab5HwK7XOOlS2qx5jRDGIL6Ovuti75Q--z54BPHo7P98X9Yx5hz92LWQVWIWJVYZqCR_CFY634NgtJtbj0wAIvaPMkYZAUkggCVpsSohOxhgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VwfEHQlA5PzfMWOcIcZmrCy7h8w%26client%3Dca-pub-6593523210010154%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083552444&bpp=2&bdt=143&idt=153&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6928388214132&frm=8&ife=1&pv=1&ga_vid=614855064.1688083553&ga_sid=1688083553&ga_hid=1633166938&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075643%2C44788442&oid=2&pvsid=3739099639002629&tmod=2108198827&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.evnvmnazx6qd&fsb=1&dtd=158
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.393.0 /
Resource Hash: fdec13a2a5ff3cde6d10cd7c5ebaccb4e587e1464f5869c99566d794136977c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 00:05:52 GMT
x-mm-nodeid: 3286
Content-Encoding: gzip
x-mm-bid-request-time: 1688083552
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Fri, 30 Jun 2023 00:05:52 GMT
Server: MMBD/3.393.0
x-mm-latency: 0 (0)
x-mm-notify-action-done: LD5wfw
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: cdg-router-x50, cdg-bidder-x141
x-mm-lag: 0
Expires: Fri, 30 Jun 2023 00:05:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame EE5A 3 KB
1 KB 31ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083552444&bpp=2&bdt=143&idt=153&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6928388214132&frm=8&ife=1&pv=1&ga_vid=614855064.1688083553&ga_sid=1688083553&ga_hid=1633166938&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075643%2C44788442&oid=2&pvsid=3739099639002629&tmod=2108198827&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.evnvmnazx6qd&fsb=1&dtd=158

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame EE5A 20 KB
8 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame EE5A 0
0 84ms
32ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRmd4e2vFCYbtywP2XEQvWid9NWm9vs5Nt9wMX8oxO0zDoTU0tfHLIVS3szoHHkV7N58vrv4W0czFgm0sWaUW38Pq9sNA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083552444&bpp=2&bdt=143&idt=153&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6928388214132&frm=8&ife=1&pv=1&ga_vid=614855064.1688083553&ga_sid=1688083553&ga_hid=1633166938&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075643%2C44788442&oid=2&pvsid=3739099639002629&tmod=2108198827&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.evnvmnazx6qd&fsb=1&dtd=158
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE5A 179 KB
56 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE5A 0
0 68ms
68ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGMgmYByeZKyRJ4-X6wSZkomYB8-HjptcwIbZgsYCwI23ARABIABgleqYgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmoAwHIAwKqBK4BT9Am3alfwwuD18NaT_rfkzHOUHLQkdb8aiBwTSyyteWr0k3tgAuRnhGzx3PU2JHEEhBn2h7nnfoN8X9SW2_Jr4DjvArh4RDq6RVDszqe1w7-vFSkXih7hP6MNogGFS1zFab5HwK7XOOlS2qx5jRDGIL6Ovuti75Q--z54BPHo7P98X9Yx5hz9yDUYMck5DFf6wTZV_kYRI4QltjRZBMo4TYafGbixRsImq4MGsMlgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY1OTM1MjMyMTAwMTAxNTQYAA&sigh=rOPwRfZtZpY&uach_m=[UACH]&cid=CAQSKQBygQiDgIcOlvBsWL9zqpApKcBLv4h38v64FHlKs5FuV93aRGSTRGLDGAE&tpd=AGWhJmtgH7QgS9olxRjOcl27C6QexbdU6SPlsMhZB1TdmqZMAhYt--yTwKAQGox6-ONRpMgPfKHnK2Y6VHZDn-tLy4YbzXn_pSFVXQuYTidv8V3T7PcuLR8IwNv0KUBv02TQp8CXecllEfj_tg8EdodEOxJfb-qdO6-dTxR26-LUpsZRmhrl-ApymTod9J1TxAY37d4GlfsVxpFbK5KKthOj8D5x3J_aAUny-27tk0FVj8rbL2o917mWmyKCZnq8trGIzxc5MVMbEr-4rjZrhp5kW-Vo5Iv-ZHkmCDH-OD63K8_U4GDtTYJjPAPW7PsWXlzAgjJAoLCPhi-Tnk6J0GTOQEezH5K8g8V5S4VkomGysQUqXHhtrXXhiuSAt1CXQPjVRmXlexUbxwupAzcwhqOwMRdFTHyAt1GMNkozdts_IMPL57LwZdxmAO19vXy84Cbq9TUk9iY0fEqy9oRtruJabT2GDi82nk3V4IulJzAbCzXo-6_YXg1KLD_IaXJjoi_7U-9O51g0VBsFwH8kf1v9AHe8BBupNclD8ycF8bxUOreNQxK6dmannKPdSpxJTSGzm1SG1zIi602qDQh0GjnJdoJqmmAbsBgp7JUm6gpUGnjQMDl_xIDKsAzSmC1Xb2bBWPlkWOo_jjd7cJiECoV31dJDGdlDCjxUDwBgYwZiJvCTbOWg9q4vM0ZbOElKisKOVAPEBoJMgqg9gM4FedL3-SblqGvjsSK4gtVJoxiIeB4EXe0UoTpoJneGxaBweBhmHyw0Lrj-9QktynezWSgJOHAsRyyfZj2oxNKeHUevJtxd0YLYdEG3iUfQF4ORxCDulEaAmGYKhUVVMIGbg3zhz23TWimTHJT-VenrENoDExB7fyoaP1IyMoqVR_92UiJW6ELvGbxmpcjZQS-NEb-UOnm-6FHZGzcH3XTqVA8ngoa5B9lNQ8QANuqhvvu0rzml63cLwyH6HeDw2ARVwC9wHfnJBWzSZ1EOHAWYz1CCexiKB2G09mWOwbVO-WG04urtW7qDwuz5gg8MUjjXfe0nM-bhi0IpJikR59ODUjp2qH1H0iFAiB9mZBQbHqFxWPr8zSjF3B1MrBdhgGHmC50naN1zDI7BOsMavkmC0K0OJzJwovD-_Xc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083552444&bpp=2&bdt=143&idt=153&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6928388214132&frm=8&ife=1&pv=1&ga_vid=614855064.1688083553&ga_sid=1688083553&ga_hid=1633166938&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075643%2C44788442&oid=2&pvsid=3739099639002629&tmod=2108198827&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.evnvmnazx6qd&fsb=1&dtd=158
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 30 Jun 2023 00:05:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8ACD 24 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8ACD 140 KB
48 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

306265f641d816f20c6d8ef355fde44bc5a1a8d4211768eb431908bdb928b7f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Origin: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49200
x-xss-protection: 0
server: cafe
etag: 12104767259290617026
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8ACD 179 KB
56 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
H3 200 container.html Show response
94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C692 6 KB
3 KB 25ms
24ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:52 GMT
expires: Sat, 29 Jun 2024 00:05:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306200257000/ Frame 65BC 222 KB
61 KB 189ms
104ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20f091e39a994eac247abb2db8c48d424cb5f3ea8280cea2194168c2bf5f437e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 283947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61862
x-xss-protection: 0
server: sffe
etag: "bf95dc6813023782"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 65BC 15 KB
5 KB 236ms
151ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db6c8330efd6e6bfd20dbed90de2e76fe0bac473c76abe90aaa91fac7bb067c6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 283947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5232
x-xss-protection: 0
server: sffe
etag: "b6c1e0819a00bf67"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 65BC 94 KB
28 KB 238ms
154ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8169070527736f2296d9d72e169101428b2f9821205614dc54cd16d3130c70f8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 283947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28873
x-xss-protection: 0
server: sffe
etag: "75041cf86819093a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 65BC 5 KB
2 KB 237ms
153ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e5a28a902c7f1edfc9c082269da365300b36ceb1eed186bf26523d6867ed986

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 283947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5f86339daf79d63d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 65BC 40 KB
13 KB 232ms
148ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306200257000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d660119d70fde473f7720a43fb960d95c8ff46768e67d762f9557179709b8942

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Jun 2023 17:13:26 GMT
age: 283947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "bf1167c9eaa58b59"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jun 2024 17:13:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 65BC 14 KB
2 KB 181ms
120ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 23:05:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
H3 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 65BC 3 KB
3 KB 27ms
23ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 19:49:55 GMT
x-content-type-options: nosniff
server: cafe
age: 15357
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3057
x-xss-protection: 0
expires: Fri, 30 Jun 2023 19:49:55 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 65BC 344 B
368 B 25ms
21ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 18123
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Fri, 30 Jun 2023 19:03:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 65BC 0
0 47ms
33ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkU6kZUObjVpjxW_5Kxg4BaZhThqQ5ErvRgHDvSk0-U-mS7ci5LCy1kYLk5lZ2aBu-xtCxMRTFi8oR_snn3KnaoUcm2Q
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 65BC 0
0 74ms
71ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cu-JYYByeZJGnJNqhjuwPsvygwAiwsOa-b6y4roS7DWQQASDAsoJrYJXqmIKsB6AB152T-QPIAQmpAj2aHS-2PbI-4AIAqAMByAMKqgTfAU_Q9AfUshMGPSbA0ksLTZ9hD1ZXqjUovLG1OA8-I3Z8jb-3n901id5ii5D8nYuGxPK-1xFOK6eX-_3DrRoDMqV_sbbMHXncwSzfE41rK2YCZErTUpzM7a5B6xheF50Voyl9axiWcbeBOSDR2fQbD3AVU8FcbyO_jpDabfiNVvJ9yPDDEUD6gbHqZKdk_4vYsC6zwLQoFvpMPnpeIkGp0cLubOfHEnibj7MfpP93oHGN-OLqNn4qW-3-aDzugeoo5xNEwU_Fs17dESPRWxd5Nry8EGv2rAzWsbjg24aVxo3ABNbm5tbIA-AEAZIFBAgEGAGSBQQIBRgEoAYugAeR4uwGqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQr94E0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA8gLAdgTDYgUCNAVAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=FOO0bF088yE&uach_m=[UACH]&cid=CAQSOwBygQiDrVu3dy69cFnovEEofiU32Ir75lwIMfjHAWrCzWLqAPrlpZdciqvL8cTeNniOKwA0yGDkSQQPGAE&template_id=5000
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 672E 24 KB
6 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 672E 138 KB
48 KB 50ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4c6130b626673b7bbfd3900d511a3ab1514cd562f464361e2023cfdabf70e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Origin: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48737
x-xss-protection: 0
server: cafe
etag: 3189113597629293377
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 672E 179 KB
56 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
H3 200 3514131790483889263
tpc.googlesyndication.com/simgad/16040059693358808964/ Frame 65BC 29 KB
29 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16040059693358808964/3514131790483889263?w=600&h=314

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053f6645c56aa4f258cd0614a9e4409d01c5e9ae9a6dcc5ba7816ec5dd6f4737

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 08:08:13 GMT
x-content-type-options: nosniff
age: 230259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29867
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 13:52:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 26 Jun 2024 08:08:13 GMT

GET
DATA 200
OK truncated
/ Frame 65BC 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 65BC 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 65BC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ecd7c4a208e0987d0bb448bdd98f67c3ef12ed83ad939c80420841d3f012490

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame 7ED1 5 KB
2 KB 206ms
23ms Script
application/javascript 2600:9000:2251:8c00:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRK8N4Rwai&btid=NEMzNDdBRTY1ODMzMDMzN0U5MDEzQ0QxNTY3RkEyODV8R0ZoNThBQ2xiSXwxNjg4MDgzNTUyNjg2fDF8WG1FS1o4a2t0eHxYUks4TjRSd2FpfC0yNjEwOTkyOTFfRVh8Mjg3MjV8fHx8LjBQfFVTRA&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEI9y7bZOq_LmqnMD7FERq2o&spidu=GOOGLE&pidu=15222&hmpvu=6f1f5733-8042-44e3-82ff-63332c841ce5&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRK8N4Rwai&

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:8c00:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
date: Wed, 28 Jun 2023 05:53:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 151951
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: _U5Ll0UFpXvVKNO3srfSZf5YlgEiKXLYHP8EojVGntUa5odIkIzB2w==

GET
H2 200 XassetJtVGFj2g.png
ads.w55c.net/t/d/ Frame 7ED1 29 KB
30 KB 218ms
41ms Image
image/png 2600:9000:2491:9e00:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetJtVGFj2g.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=NEMzNDdBRTY1ODMzMDMzN0U5MDEzQ0QxNTY3RkEyODV8R0ZoNThBQ2xiSXwxNjg4MDgzNTUyNjg2fDF8WG1FS1o4a2t0eHxYUks4TjRSd2FpfC0yNjEwOTkyOTFfRVh8Mjg3MjV8fHx8LjBQfFVTRA&ei=GOOGLE&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCOCMwLjcxMjk1NDM0fElBQjgtOCMwLjYwMDY5MDM2fElBQjgtNyMwLjA1ODMyNDg3Mw&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fye-mek.net&ts=1688083552694&c=DE&r=NI&m=0&pc=37127&epid=R0wxNTIyMg&mi=d2Vi&wp_exchange=NWP
Requested by: Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:9e00:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c5275956fa1bf68a0418dddb092a5881af6b6be10f6dca54dfacda6ba41992a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 8SPBXJhT_RiSNmerbyVsLrwEkkTx88nO
date: Thu, 29 Jun 2023 05:47:17 GMT
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 65917
x-amz-server-side-encryption: AES256
x-amz-meta-width: 728
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 29942
x-amz-meta-height: 90
content-length: 29942
last-modified: Thu, 15 Jun 2023 15:29:43 GMT
server: AmazonS3
etag: "1ff110a85bc3d8deeb9bac4954656b3b"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 4TxYApKsw8hvUzWui29cNToMZdPA3p6lu8wccUoFOyv1O1qrXWhrZQ==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame 7ED1 95 B
916 B 322ms
55ms Image
image/png 154.58.197.185
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=2749803578415526
Requested by: Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 , Indonesia, ASN174 (COGENT-174, US),
Reverse DNS: staticip-hv4m185.hispavista.com
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 00:05:53 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Mon, 27 Jun 2033 00:05:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 7ED1 3 KB
1 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 7ED1 20 KB
8 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7ED1 0
0 34ms
30ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQg1nCyd-vJhDn9dzLDbDCX7Vr0aV0zu3X_JkLnQHYfOG1vVJ8TliR8XG4wxrigenJ7vQiiBjeYh0Hg2En6CLQfbOxe9g
Requested by: Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7ED1 24 KB
6 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7ED1 179 KB
56 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AC45 24 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AC45 138 KB
48 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d91481553e284386311fae54b5522f69c2313c8d101f4683eabf8315a14e240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Origin: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48723
x-xss-protection: 0
server: cafe
etag: 2512724348572606734
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC45 179 KB
56 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C692 24 KB
6 KB 119ms
119ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C692 138 KB
48 KB 119ms
117ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00a922a959966b9a9b1b1374fd75223adae28868fbd53ee1cc705bf9e53fa562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Origin: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48718
x-xss-protection: 0
server: cafe
etag: 198758947256006727
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C692 179 KB
56 KB 130ms
128ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8ACD 0
0 151ms
150ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCU99zXLjGhgmpBvCrV_LjIkPhBzMruerSiH98u-EwwgjZ9hBQ6iFH00_tMv3v53mwoBzxkJAPOWNqnGQgiqdmXaJxHKjcqFE9-cmQErCfILeV012p8zjy_5riBP3vbQMoNpRIBpPgAbuqv3rOYX7gXpF-Pl7APzmuPQcmt1IEW3cB9cC5ua1E7JaqlYDBbiZHN25N-MSx8QYmpgxzw2peY8WcFKJm5nVOnDMRI3qNE4qdYQykVX2lLrBovvhM30xhM6yWn0fb-3XXJHcezUANZySFjd8agOhKDES5zGlvYhTt1yE36sfSnTej9j9vlyrPbuymGHOxMBJSuiA_vC0lLs0PJ3K4zm0-dakSzCEpAGwHGfdMUcM8tg&sai=AMfl-YSNmnC1lyCvdqq19_Z0ADIlCOEIg5vOVFbqaJ41Fgtv5SNaToCrfHj2jQXRWVVmVmzmGuyIG371vwKXAs0C0zjB3imQiHfEeEBpb30LN8-o_jEdTF620PSZfVywNg&sig=Cg0ArKJSzEhRq1g7APJzEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 672E 0
0 121ms
121ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2vOkS-KJUzkm714TSk4u5D5WaAWW3fIdIvZW7kr0WkHaxhNloqdyHsB9LXJdZBibKAWiIFOOrqCMlgykv46VPf5ILwxoJjx4U4TyKzh7cGXwSO9EswpMzG0x8lOcHOvH0hpVnLnotMPjrfJAW2EtV-rPiY6gMmyS21kS9JyuyLZTr2hkC0UAveVWBuw38IUl1q3p7Kc8W2Vev2Yam_yC7DSFAFo-9KliXkakK_C5cE1PB8BkgMiq-UWgJtzn5ahLeVGz1TyU1YYPYhzIqo9y-rHShrK8wqYSmLgk-KHKUoY3jKRXUvsUCbv8h7b-yFVTwgta7Igzhaqqs65IfloTsMw&sai=AMfl-YQ9mTb4k4GBcoEMMOLGgA2wNVvawrrWBvuh55v84iBNWFlStBrA3Hl1XeJtjR4n8Y7SGsU_J--OpPD2RFwsZiMoFnWbzAcKfRbjx65Wwq-Y0KapBRnz2Fe8POmmyQ&sig=Cg0ArKJSzPxn7XLzxTcIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/ Frame 8ACD 346 KB
119 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com&bust=31075573

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40a67093d212103e112d6f42a2dfd049ea1d30f91572c4339aa6b2b07142e819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121749
x-xss-protection: 0
server: cafe
etag: 13682312218925171889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
DATA 200
OK truncated
/ Frame 8ACD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce36a0c17313e768dbae07f9a28563a71067c71fc6fec5446b770eb2096a98e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ajk4xlebn4mw Show response
hal9000.redintelligence.net/zone/ Frame EE5A 10 KB
3 KB 116ms
35ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=8746238279350403907&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3De0PkFpcZVaU6-fWwI77huw%26exch_seat%3D20035004448%26mt_aid%3D8746238279350403907%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0ef7649e-1c60-4701-b371-4c2f3dcb95d0%26mt_cid%3D0ef7649e-1c60-4701-b371-4c2f3dcb95d0%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMOyNYByeZKyRJ4-X6wSZkomYB8-HjptcwIbZgsYCwI23ARABIABgleqYgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmoAwHIAwKqBLEBT9Am3alfwwuD18NaT_rfkzHOUHLQkdb8aiBwTSyyteWr0k3tgAuRnhGzx3PU2JHEEhBn2h7nnfoN8X9SW2_Jr4DjvArh4RDq6RVDszqe1w7-vFSkXih7hP6MNogGFS1zFab5HwK7XOOlS2qx5jRDGIL6Ovuti75Q--z54BPHo7P98X9Yx5hz92LWQVWIWJVYZqCR_CFY634NgtJtbj0wAIvaPMkYZAUkggCVpsSohOxhgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0VwfEHQlA5PzfMWOcIcZmrCy7h8w%2526client%253Dca-pub-6593523210010154%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 3ccd5b7c21f3517c84885228c27a798e72fa9167f71f9df6e67cd1b3f1c4159e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 00:05:53 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3336
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame EE5A 49 B
330 B 108ms
31ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=8746238279350403907&node_id=3286&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzI0LyAvTkRoaE1ERXhNamt0WlRGaE5TMWtZbVJoTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg3NDYyMzgyNzkzNTA0MDM5MDcvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1eVR3eE8wQ2hYNE1VSHp2YkdyS3V0US8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NzQ2MjM4Mjc5MzUwNDAzOTA3L2Ftcy8wLzEwNS84Lzk5OS8xNjIvMjAwMToxYjYwOjI6Oi8wLjAwMC8xNjg4MDgzNTUyLzE2ODgwOTYxNTIvNC9wdWItNjU5MzUyMzIxMDAxMDE1NC8xLw/YtdWSkZr7GChworhrVgyX0RZZ3k&nodeid=3286&group=cdg&auctionid=8746238279350403907&pbs_auctionid=8746238279350403907&shardkey=8746238279350403907&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.60&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMOyNYByeZKyRJ4-X6wSZkomYB8-HjptcwIbZgsYCwI23ARABIABgleqYgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmoAwHIAwKqBLEBT9Am3alfwwuD18NaT_rfkzHOUHLQkdb8aiBwTSyyteWr0k3tgAuRnhGzx3PU2JHEEhBn2h7nnfoN8X9SW2_Jr4DjvArh4RDq6RVDszqe1w7-vFSkXih7hP6MNogGFS1zFab5HwK7XOOlS2qx5jRDGIL6Ovuti75Q--z54BPHo7P98X9Yx5hz92LWQVWIWJVYZqCR_CFY634NgtJtbj0wAIvaPMkYZAUkggCVpsSohOxhgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VwfEHQlA5PzfMWOcIcZmrCy7h8w%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.393.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 00:05:53 GMT
Server: MMBD/3.393.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x94, cdg-bidder-x141
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame EE5A 43 B
418 B 121ms
38ms Image
image/gif 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=8746238279350403907&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzI0LyAvTkRoaE1ERXhNamt0WlRGaE5TMWtZbVJoTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg3NDYyMzgyNzkzNTA0MDM5MDcvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1eVR3eE8wQ2hYNE1VSHp2YkdyS3V0US8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NzQ2MjM4Mjc5MzUwNDAzOTA3L2Ftcy8wLzEwNS84Lzk5OS8xNjIvMjAwMToxYjYwOjI6Oi8wLjAwMC8xNjg4MDgzNTUyLzE2ODgwOTYxNTIvNC9wdWItNjU5MzUyMzIxMDAxMDE1NC8xLw/YtdWSkZr7GChworhrVgyX0RZZ3k&nodeid=3286&group=cdg&auctionid=8746238279350403907&pbs_auctionid=8746238279350403907&shardkey=8746238279350403907&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.60&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMOyNYByeZKyRJ4-X6wSZkomYB8-HjptcwIbZgsYCwI23ARABIABgleqYgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmoAwHIAwKqBLEBT9Am3alfwwuD18NaT_rfkzHOUHLQkdb8aiBwTSyyteWr0k3tgAuRnhGzx3PU2JHEEhBn2h7nnfoN8X9SW2_Jr4DjvArh4RDq6RVDszqe1w7-vFSkXih7hP6MNogGFS1zFab5HwK7XOOlS2qx5jRDGIL6Ovuti75Q--z54BPHo7P98X9Yx5hz92LWQVWIWJVYZqCR_CFY634NgtJtbj0wAIvaPMkYZAUkggCVpsSohOxhgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VwfEHQlA5PzfMWOcIcZmrCy7h8w%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master cdg cdg-pixel-x29 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 00:05:53 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x29 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame EE5A 49 B
330 B 109ms
31ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=8746238279350403907&st=4562306&time=1688083552&nodeid=3286
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzI0LyAvTkRoaE1ERXhNamt0WlRGaE5TMWtZbVJoTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg3NDYyMzgyNzkzNTA0MDM5MDcvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1eVR3eE8wQ2hYNE1VSHp2YkdyS3V0US8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NzQ2MjM4Mjc5MzUwNDAzOTA3L2Ftcy8wLzEwNS84Lzk5OS8xNjIvMjAwMToxYjYwOjI6Oi8wLjAwMC8xNjg4MDgzNTUyLzE2ODgwOTYxNTIvNC9wdWItNjU5MzUyMzIxMDAxMDE1NC8xLw/YtdWSkZr7GChworhrVgyX0RZZ3k&nodeid=3286&group=cdg&auctionid=8746238279350403907&pbs_auctionid=8746238279350403907&shardkey=8746238279350403907&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.60&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMOyNYByeZKyRJ4-X6wSZkomYB8-HjptcwIbZgsYCwI23ARABIABgleqYgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmoAwHIAwKqBLEBT9Am3alfwwuD18NaT_rfkzHOUHLQkdb8aiBwTSyyteWr0k3tgAuRnhGzx3PU2JHEEhBn2h7nnfoN8X9SW2_Jr4DjvArh4RDq6RVDszqe1w7-vFSkXih7hP6MNogGFS1zFab5HwK7XOOlS2qx5jRDGIL6Ovuti75Q--z54BPHo7P98X9Yx5hz92LWQVWIWJVYZqCR_CFY634NgtJtbj0wAIvaPMkYZAUkggCVpsSohOxhgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VwfEHQlA5PzfMWOcIcZmrCy7h8w%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.393.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 00:05:53 GMT
Server: MMBD/3.393.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x42, cdg-bidder-x141
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 30 Jun 2023 00:05:52 GMT

GET
DATA 200
OK truncated
/ Frame 672E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67af5b443685a6e71d0d33a38beb6f3aeaef60e145acef7e0e712116d6702fde

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/ Frame 672E 344 KB
118 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com&bust=31075665

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0e8db56334f15624f91438dbc8c6c32294a4213b441e3552543439c42d95025

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121155
x-xss-protection: 0
server: cafe
etag: 8052615753773548862
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AC45 0
0 64ms
63ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUmhYyDRYlkf0UOHsx-4p6Tk0fL5kQ8t59Uk6kAEwSejnJMnL7edo1gU9QvoWWDvXNitj74L_cM13i9vZWSIk7GnDqVv1EKEHj-YZcLDve_qeN4yGroTCAk4vvDp0OBbmz43jW1CXCObAx2x5YT3dkr9OsPuUh_SpdM5oLFLE_jQld_0T6LuopPueLXEpcfgih455sAfjdjyvWwPRQ2ZZ5ob8KmB7suirnv8iv07q1rTiZFTsNjr2HPfU3OC9kT8o0ruZg2SfXhLuFj2CnPHs1ubc6BWwma-ZI6g7739TK4aImqHmIz05p_bV-0DVKltTzrW8uNNxRcwpN6o3x08_m&sai=AMfl-YSJSJXGTGaKEeFaEH8ZSgOnRD-zo5mBNQcJuy3oBqHqgqBDP7pcfDBUz7zjTWS-mCFKdd2DFQf8awVEOSN8sfOQ_nCF3qZzC7XRI0bCp3h_nnxrvU5tSpm0ofi9uQ&sig=Cg0ArKJSzFMRoG6It0fGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C692 0
0 62ms
62ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmV0R-Kr-8Z7Q_3qnki18xH-kUGYPVPtoEpao4MJW0Pb49KncahjBFkDje7XIzNT3cArktR731gpaOkIkMPL5Bzkv8RSiXZHNCNWKhe7UOV8z7iDWGZ7PqPpjYHFO6b6_AD5EPKqpT3DALdMy4l0T0Eg2YTPdKzCkFTjKBYMRjXoftfS1tCceevnzEpLWTc60QGzszOuOZCkg_qLnHPf5PT5Hx55Be5b-mT5iFoHAmmxjN9s5zsd8kTjBPJAcxbU8jjaW-9sNCVCsJNGpxQ1Iw3P12vtGy21wVPLxoXLcnM4H0et6OLB3UPKi1capU7r5WIFP44Huc3UdNAY4gZRqPIjDh7_pFxmoL5Q9XLkroSDA&sai=AMfl-YTp4Ts4mbhROxZ4sgRlCKBiR2fUXL_SW4a0Hf_uCU2QGdHGZD7JdwduNStPMpHMwd2WyKwLTCAl34yOjdWsH7jIqXWYHBES01TvqYmCmYNSTpuDTiNFKi-v2XIhqA&sig=Cg0ArKJSzHYvC_pYoLpBEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306230101/ Frame AC45 344 KB
118 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com&bust=31075624

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9d34ac2bd494ee57840df7cb57233ab722eb492cc619e6deb7a5b5e4773df0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120897
x-xss-protection: 0
server: cafe
etag: 15648162841977129781
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 65BC 33 KB
34 KB 81ms
23ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 190596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 19:09:17 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306230101/ Frame C692 344 KB
118 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e539500752069c624d4c1c9719b0cd75bf0e88923c78017e42ceb8e095596ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120898
x-xss-protection: 0
server: cafe
etag: 9597987923561657142
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
DATA 200
OK truncated
/ Frame AC45 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95ab958ba5d0941d068134f13dfbf40f0b9cea7779f6869f406dc5415b803b03

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK request.php Show response
hal900022.redintelligence.net/ Frame EE5A 3 KB
2 KB 151ms
85ms Script
application/x-javascript 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=b9f39b0e77&subid=&uid=0f2c06991a8f4bf8&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3De0PkFpcZVaU6-fWwI77huw%26exch_seat%3D20035004448%26mt_aid%3D8746238279350403907%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0ef7649e-1c60-4701-b371-4c2f3dcb95d0%26mt_cid%3D0ef7649e-1c60-4701-b371-4c2f3dcb95d0%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMOyNYByeZKyRJ4-X6wSZkomYB8-HjptcwIbZgsYCwI23ARABIABgleqYgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmoAwHIAwKqBLEBT9Am3alfwwuD18NaT_rfkzHOUHLQkdb8aiBwTSyyteWr0k3tgAuRnhGzx3PU2JHEEhBn2h7nnfoN8X9SW2_Jr4DjvArh4RDq6RVDszqe1w7-vFSkXih7hP6MNogGFS1zFab5HwK7XOOlS2qx5jRDGIL6Ovuti75Q--z54BPHo7P98X9Yx5hz92LWQVWIWJVYZqCR_CFY634NgtJtbj0wAIvaPMkYZAUkggCVpsSohOxhgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0VwfEHQlA5PzfMWOcIcZmrCy7h8w%2526client%253Dca-pub-6593523210010154%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6593523210010154%26output%3Dhtml%26h%3D90%26slotname%3D9586219513%26adk%3D1165138949%26adf%3D4198790052%26pi%3Dt.ma~as.9586219513%26w%3D728%26format%3D728x90%26url%3Dhttps%253A%252F%252Fye-mek.net%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1688083552444%26bpp%3D2%26bdt%3D143%26idt%3D153%26shv%3Dr20230627%26mjsv%3Dm202306210101%26ptt%3D9%26saldr%3Daa%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D6928388214132%26frm%3D8%26ife%3D1%26pv%3D1%26ga_vid%3D614855064.1688083553%26ga_sid%3D1688083553%26ga_hid%3D1633166938%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D728%26ish%3D90%26ifk%3D798537779%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759842%252C31075643%252C44788442%26oid%3D2%26pvsid%3D3739099639002629%26tmod%3D2108198827%26uas%3D0%26nvt%3D1%26top%3Dhttps%253A%252F%252Fpcloak.blob.core.windows.net%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3D2.evnvmnazx6qd%26fsb%3D1%26dtd%3D158&ancestorOrigins=null&random=5809786195654&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=8746238279350403907&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3De0PkFpcZVaU6-fWwI77huw%26exch_seat%3D20035004448%26mt_aid%3D8746238279350403907%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0ef7649e-1c60-4701-b371-4c2f3dcb95d0%26mt_cid%3D0ef7649e-1c60-4701-b371-4c2f3dcb95d0%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMOyNYByeZKyRJ4-X6wSZkomYB8-HjptcwIbZgsYCwI23ARABIABgleqYgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmoAwHIAwKqBLEBT9Am3alfwwuD18NaT_rfkzHOUHLQkdb8aiBwTSyyteWr0k3tgAuRnhGzx3PU2JHEEhBn2h7nnfoN8X9SW2_Jr4DjvArh4RDq6RVDszqe1w7-vFSkXih7hP6MNogGFS1zFab5HwK7XOOlS2qx5jRDGIL6Ovuti75Q--z54BPHo7P98X9Yx5hz92LWQVWIWJVYZqCR_CFY634NgtJtbj0wAIvaPMkYZAUkggCVpsSohOxhgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0VwfEHQlA5PzfMWOcIcZmrCy7h8w%2526client%253Dca-pub-6593523210010154%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 21f24eae79340f1a36dada3b1d3260564bdb2c4bece85794020bcf78f8a48e06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 00:05:53 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 14442100006165600951389012371022
Connection: close
Content-Length: 1123
Expires: Fri, 30 Jun 2023 01:05:53 +0200

GET
DATA 200
OK truncated
/ Frame C692 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e944a7fb9c1dee528bebcf33ee94ecdc006ffc5d94687f35fd5366c61cde73f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 672E 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com&bust=31075665

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 04FE 0
16 B 138ms
138ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407281013&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553094&bpp=3&bdt=214&idt=193&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&nras=1&correlator=8000988199809&frm=8&ife=1&pv=2&ga_vid=702332168.1688083553&ga_sid=1688083553&ga_hid=1969111112&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=600&ifk=2666847685&scr_x=-12245933&scr_y=-12245933&eid=42532277%2C42532279%2C44759875%2C44759926%2C44759842%2C31075665%2C44788441%2C44795921&oid=2&pvsid=1784709798459888&tmod=1527713210&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.sw7go0sqh43z&fsb=1&dtd=212

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8ACD 107 B
122 B 30ms
29ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E650 0
16 B 135ms
135ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407280060&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553057&bpp=4&bdt=185&idt=255&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&nras=1&correlator=1321895833783&frm=8&ife=1&pv=2&ga_vid=211358570.1688083553&ga_sid=1688083553&ga_hid=340539151&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C42532278%2C44759876%2C44759927%2C42532280%2C31075573%2C31075645%2C42531706%2C44788441&oid=2&pvsid=2057020523386192&tmod=167058370&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.3xbt7sgxb8w7&fsb=1&dtd=270

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7719 1 KB
643 B 20ms
20ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 07:36:12 GMT
etag: 48472445140208031
expires: Fri, 30 Jun 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7ED1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e1747a7175083627662ac91bb268ebea8834c015965caf8d0db787686cf6a9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 46AB 436 B
233 B 253ms
252ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=5799287242&adk=343538185&adf=4198791702&pi=t.ma~as.5799287242&w=120&fwrn=16&format=120x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553097&bpp=1&bdt=217&idt=274&shv=r20230627&mjsv=m202306260101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8000988199809&frm=8&ife=1&pv=1&ga_vid=702332168.1688083553&ga_sid=1688083553&ga_hid=1969111112&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=600&ifk=2666847685&scr_x=-12245933&scr_y=-12245933&eid=42532277%2C42532279%2C44759875%2C44759926%2C44759842%2C31075665%2C44788441%2C44795921&oid=2&pvsid=1784709798459888&tmod=1527713210&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.qn48sh63fynv&fsb=1&dtd=277

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d168f964eab6e8b0e68b4182baa1c008a0cf4c67304306b1cd697f2f6fd6d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:53 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 16CA 436 B
232 B 222ms
222ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553061&bpp=1&bdt=190&idt=319&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1321895833783&frm=8&ife=1&pv=1&ga_vid=211358570.1688083553&ga_sid=1688083553&ga_hid=340539151&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C42532278%2C44759876%2C44759927%2C42532280%2C31075573%2C31075645%2C42531706%2C44788441&oid=2&pvsid=2057020523386192&tmod=167058370&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.4vhurvaw2jbr&fsb=1&dtd=323

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09085d5e7f77f13f8cf961051f351964870214013b289c7b3c5b5e347a12bdd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:53 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame AC45 107 B
122 B 30ms
29ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com&bust=31075624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EA18 0
16 B 139ms
138ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407278883&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553127&bpp=3&bdt=197&idt=272&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&nras=1&correlator=7684227612873&frm=8&ife=1&pv=2&ga_vid=1014192176.1688083553&ga_sid=1688083553&ga_hid=312899483&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2680693957&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C44759875%2C44759926%2C42532277%2C44759842%2C31075624%2C31075644%2C42531705%2C44788441%2C44769662&oid=2&pvsid=1075566652487531&tmod=1190392790&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.suwnc94kh86y&fsb=1&dtd=287

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55F6 33 KB
14 KB 240ms
239ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198785760&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553130&bpp=1&bdt=199&idt=297&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7684227612873&frm=8&ife=1&pv=1&ga_vid=1014192176.1688083553&ga_sid=1688083553&ga_hid=312899483&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2680693957&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C44759875%2C44759926%2C42532277%2C44759842%2C31075624%2C31075644%2C42531705%2C44788441%2C44769662&oid=2&pvsid=1075566652487531&tmod=1190392790&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.g6z2jcqqear2&fsb=1&dtd=300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a2fbf4ca779e72439de3ed7feddc6990a43b54325da1115376a6a622e5635d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14016
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:53 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame C692 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A662 0
16 B 103ms
102ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=2659805833&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553205&bpp=4&bdt=241&idt=231&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&nras=1&correlator=6123828671159&frm=8&ife=1&pv=2&ga_vid=2013041692.1688083553&ga_sid=1688083553&ga_hid=1572280062&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31075624%2C31075645%2C42531706%2C44788442&oid=2&pvsid=2593432463506537&tmod=508350695&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.hvgz1qhxv0mk&fsb=1&dtd=247

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7ED1 0
0 68ms
67ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJO2BYByeZM_TI46D3wOVl4M4uoi0j1yc1-7uqQjAjbcBEAEgAGCV6piCrAeCARdjYS1wdWItNzk4MzY1MTI1NzgzODI4MsgBCeACAKgDAcgDAqoE9wFP0Gm4Z2B6KHGwNsuL0e8V1zRW7by8JZGhnDfjEmOsc1d0S8Xx8FR-ELUx5IBWYjd9_35OlgBWuu2fDpuRpp6J1jkDhvA-LMPGYt7hZk_xdlbeIBpE8u7xOVCXiX1QtIXwqvmJUEtoTGwtWPmVILGMWi7Q2HZeoEtN2o5rezK378EJFfY9A0kUg-JSBJkPjPjB8zQpr1dwRuYHDrlr1kJSFkVUrHfJ8tGjvOqeo7cxNOtaYQ_4TfSlUsHFAT-0kW6YKIka14-PwzKn82VKyyp9VHBvP5tJipE7YWBODemtSgjzHgfESTv1DVXHfCCGxwBICkgsz_nX4AQBgAa2ufLw3vTjxIsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc5ODM2NTEyNTc4MzgyODIY6sFt&sigh=bcE3AY9t6Qg&uach_m=[UACH]&cid=CAQSOwBygQiDCTOBO7pRZ-dZS3I-81LSrWpZx41fbrY8wnxxCaSvqLTnWKMxgbIxBVvcesTe82UDvCbVxER6GAE&cbvp=2&vis=1
Requested by: Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200 a.gif
i.w55c.net/ Frame 7ED1 42 B
582 B 104ms
23ms Image
image/gif 35.156.85.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=NEMzNDdBRTY1ODMzMDMzN0U5MDEzQ0QxNTY3RkEyODV8R0ZoNThBQ2xiSXwxNjg4MDgzNTUyNjg2fDF8WG1FS1o4a2t0eHxYUks4TjRSd2FpfC0yNjEwOTkyOTFfRVh8Mjg3MjV8fHx8LjBQfFVTRA&ei=GOOGLE&wp_exchange=ZJ4cYAAI6c8Kd8GOAADLlXtLW1c2KT_cOJqVCQ&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCOCMwLjcxMjk1NDM0fElBQjgtOCMwLjYwMDY5MDM2fElBQjgtNyMwLjA1ODMyNDg3Mw&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=ye-mek.net&s=https%3A%2F%2Fye-mek.net&ts=1688083552694&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=NI&m=0&pc=37127&rnd=2749803578415526&epid=R0wxNTIyMg&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1udVZVV21Ndg&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=0&euid=Q0FFU0VJOXk3YlpPcV9MbXFuTUQ3RkVScTJv&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=yjqY7LwPxzgYIVISknyJWg&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEI9y7bZOq_LmqnMD7FERq2o&spidu=GOOGLE&pidu=15222&hmpvu=6f1f5733-8042-44e3-82ff-63332c841ce5&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRK8N4Rwai&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif&cbvp=2

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.85.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-85-133.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-008a7b4f528d14c6d@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 00:05:52 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-008a7b4f528d14c6d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A869 436 B
234 B 300ms
298ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=3171367898&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553209&bpp=1&bdt=245&idt=258&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6123828671159&frm=8&ife=1&pv=1&ga_vid=2013041692.1688083553&ga_sid=1688083553&ga_hid=1572280062&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31075624%2C31075645%2C42531706%2C44788442&oid=2&pvsid=2593432463506537&tmod=508350695&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.fafwfiq42gks&fsb=1&dtd=262

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c19881dee95b08b032cca453f14f08c950cab16c3295d2dd129cc25b90680c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:53 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7719
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI9y7bZOq_LmqnMD7FERq2o&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI9y7bZOq_LmqnMD7FERq2o&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=R28yTURCSTUxUWYxRTU1&google_gid=CAESEI9y7bZOq_LmqnMD7FERq2o&google_cver=1&google_push=AaAOQGHc8QpE-4Kwy9Mi-ToUN1QX6_WoPAGEeD4sLW57C_4...

170 B
188 B

49ms
36ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=R28yTURCSTUxUWYxRTU1&google_gid=CAESEI9y7bZOq_LmqnMD7FERq2o&google_cver=1&google_push=AaAOQGHc8QpE-4Kwy9Mi-ToUN1QX6_WoPAGEeD4sLW57C_4FLMbIiWwm95O69rDQaMmbZ_HYJU-vq71RWkDN0vwEmkMheTZgAEw

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 00:05:52 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-0caa68a19e3c1fdac@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=R28yTURCSTUxUWYxRTU1&google_gid=CAESEI9y7bZOq_LmqnMD7FERq2o&google_cver=1&google_push=AaAOQGHc8QpE-4Kwy9Mi-ToUN1QX6_WoPAGEeD4sLW57C_4FLMbIiWwm95O69rDQaMmbZ_HYJU-vq71RWkDN0vwEmkMheTZgAEw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 7719 70 B
265 B 156ms
50ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI2OoI35Z_wYIi-MOKtaNek&google_cver=1&google_push=AaAOQGGCZ00n-tddpbOrGAiBXQy9nvWwfDPyxmrjNoQmHdt7fR-5Ckej7J6OJLdExMEA4GNf_GW6bji76kmIYBh6ltaZ3HwyFHqE
Requested by: Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7719
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFFRfcolEgXxDstP77HBniI&google_cver=1&google_push=AaAOQGFsoftRyGgNhesOVwCpnVS9kRKnvLJbXQl-a2UgSkx8xBeD0aGwMsZcWqbAMBlfGkCIZAfrYiZkvVf9Y95eMVvvrB_...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFFRfcolEgXxDstP77HBniI&google_cver=1&google_push=AaAOQGFsoftRyGgNhesOVwCpnVS9kRKnvLJbXQl-a2UgSkx8xBeD0aGwMsZcWqbAMBlfGkCIZAfrYiZkvVf9Y95eMVvvr...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFsoftRyGgNhesOVwCpnVS9kRKnvLJbXQl-a2UgSkx8xBeD0aGwMsZcWqbAMBlfGkCIZAfrYiZkvVf9Y95eMVvvrB_QMG9Y

170 B
188 B

39ms
38ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFsoftRyGgNhesOVwCpnVS9kRKnvLJbXQl-a2UgSkx8xBeD0aGwMsZcWqbAMBlfGkCIZAfrYiZkvVf9Y95eMVvvrB_QMG9Y

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFsoftRyGgNhesOVwCpnVS9kRKnvLJbXQl-a2UgSkx8xBeD0aGwMsZcWqbAMBlfGkCIZAfrYiZkvVf9Y95eMVvvrB_QMG9Y
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 7719 43 B
363 B 113ms
32ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEMKLjan5SjWP49EMGi38dBU&google_cver=1&google_push=AaAOQGE2L9ulBTlhe2WS249aUlHXAo5NMRh00TjdEXyNMDTTAuGUpQmR5zlYLGQmQYUiMCT04-nElCwKNDHKZH5eyKpuRBm-Mvth

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:52 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 218168
expires: Fri, 30 Jun 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7719
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKQhOZWfBikrXc8OeAL7mxA&google_cver=1&google_push=AaAOQGH9dLUVeY9_GjdLLk1vPaq5YnJ90MIZGW40WUhjzXc5L2gghMNra943-n1xg-eh6XjDyzm...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpIVEQyNTgtMVItNVNINA==&google_push=AaAOQGH9dLUVeY9_GjdLLk1vPaq5YnJ90MIZGW40WUhjzXc5L2gghMNra943-n1xg-eh6XjDyzm6BZCHgnLkQGQMqvict3mubIDo

170 B
329 B

42ms
42ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpIVEQyNTgtMVItNVNINA==&google_push=AaAOQGH9dLUVeY9_GjdLLk1vPaq5YnJ90MIZGW40WUhjzXc5L2gghMNra943-n1xg-eh6XjDyzm6BZCHgnLkQGQMqvict3mubIDo

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpIVEQyNTgtMVItNVNINA==&google_push=AaAOQGH9dLUVeY9_GjdLLk1vPaq5YnJ90MIZGW40WUhjzXc5L2gghMNra943-n1xg-eh6XjDyzm6BZCHgnLkQGQMqvict3mubIDo
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7719
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDoLKsMwTKKCozp0OrNJSWk&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDoLKsMwTKKCozp0OrNJSWk&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDoLKsMwTKKCozp0OrNJSWk&google_hm=ZJ4cYYWNCvOBonLqJF451AAAFLQAAAIB&google_nid=index&google_push=AaAOQGH-SH7FJUmsM8Aq3TNf84iteee8LLctG...

170 B
188 B

37ms
36ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDoLKsMwTKKCozp0OrNJSWk&google_hm=ZJ4cYYWNCvOBonLqJF451AAAFLQAAAIB&google_nid=index&google_push=AaAOQGH-SH7FJUmsM8Aq3TNf84iteee8LLctGVSJL0hCt3Faw1Ph4onNFewv2qMm35hEMQvVERGxz1f2uxBkAej236fxNYtUmeSk

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 00:05:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDoLKsMwTKKCozp0OrNJSWk&google_hm=ZJ4cYYWNCvOBonLqJF451AAAFLQAAAIB&google_nid=index&google_push=AaAOQGH-SH7FJUmsM8Aq3TNf84iteee8LLctGVSJL0hCt3Faw1Ph4onNFewv2qMm35hEMQvVERGxz1f2uxBkAej236fxNYtUmeSk
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7719
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKvqZUKdA3QyUsK1sqHF82I&google_cver=1&google_push=AaAOQGEcbUf85ytxj...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEKvqZUKdA3QyUsK1sqHF82I%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjQyNDgzMjYyMDc0MzI4MjczMw%3D%3D&google_gid=CAESEKvqZUKdA3QyUsK1sqHF82I&google_cver=1&google_push=AaAOQGEcbUf85ytxjo_eFemD1UhBv9THeW...

170 B
188 B

37ms
35ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjQyNDgzMjYyMDc0MzI4MjczMw%3D%3D&google_gid=CAESEKvqZUKdA3QyUsK1sqHF82I&google_cver=1&google_push=AaAOQGEcbUf85ytxjo_eFemD1UhBv9THeWQL1QCy4LW2vvcIe4vgVtXxN0pA8Q1Mj8tlmjNM3P2t47AMLMn9zbpTvgpL18kGXHsfrQ

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Jun 2023 00:05:53 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d7f85359-b145-45d9-9495-1a05b2cbd978
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjQyNDgzMjYyMDc0MzI4MjczMw%3D%3D&google_gid=CAESEKvqZUKdA3QyUsK1sqHF82I&google_cver=1&google_push=AaAOQGEcbUf85ytxjo_eFemD1UhBv9THeWQL1QCy4LW2vvcIe4vgVtXxN0pA8Q1Mj8tlmjNM3P2t47AMLMn9zbpTvgpL18kGXHsfrQ
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7719 0
130 B 100ms
32ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LW_Mn-lUq0iKDxL4F53IAdOAqM7q5aoOZyR53CS5qsQqUuAqeEGkLUJMXaZEG-6djCjSLOYA

Requested by

Host: 94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
URL: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame 0F70 0
366 B 179ms
89ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=14442100006165600951389012371022&t=htlp&gdpr=1&consent=1&gdpr_consent=li

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=b9f39b0e77&subid=&uid=0f2c06991a8f4bf8&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3De0PkFpcZVaU6-fWwI77huw%26exch_seat%3D20035004448%26mt_aid%3D8746238279350403907%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0ef7649e-1c60-4701-b371-4c2f3dcb95d0%26mt_cid%3D0ef7649e-1c60-4701-b371-4c2f3dcb95d0%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMOyNYByeZKyRJ4-X6wSZkomYB8-HjptcwIbZgsYCwI23ARABIABgleqYgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmoAwHIAwKqBLEBT9Am3alfwwuD18NaT_rfkzHOUHLQkdb8aiBwTSyyteWr0k3tgAuRnhGzx3PU2JHEEhBn2h7nnfoN8X9SW2_Jr4DjvArh4RDq6RVDszqe1w7-vFSkXih7hP6MNogGFS1zFab5HwK7XOOlS2qx5jRDGIL6Ovuti75Q--z54BPHo7P98X9Yx5hz92LWQVWIWJVYZqCR_CFY634NgtJtbj0wAIvaPMkYZAUkggCVpsSohOxhgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0VwfEHQlA5PzfMWOcIcZmrCy7h8w%2526client%253Dca-pub-6593523210010154%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6593523210010154%26output%3Dhtml%26h%3D90%26slotname%3D9586219513%26adk%3D1165138949%26adf%3D4198790052%26pi%3Dt.ma~as.9586219513%26w%3D728%26format%3D728x90%26url%3Dhttps%253A%252F%252Fye-mek.net%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1688083552444%26bpp%3D2%26bdt%3D143%26idt%3D153%26shv%3Dr20230627%26mjsv%3Dm202306210101%26ptt%3D9%26saldr%3Daa%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D6928388214132%26frm%3D8%26ife%3D1%26pv%3D1%26ga_vid%3D614855064.1688083553%26ga_sid%3D1688083553%26ga_hid%3D1633166938%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D728%26ish%3D90%26ifk%3D798537779%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759842%252C31075643%252C44788442%26oid%3D2%26pvsid%3D3739099639002629%26tmod%3D2108198827%26uas%3D0%26nvt%3D1%26top%3Dhttps%253A%252F%252Fpcloak.blob.core.windows.net%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3D2.evnvmnazx6qd%26fsb%3D1%26dtd%3D158&ancestorOrigins=null&random=5809786195654&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Content-Type: application/javascript; charset=utf-8
Date: Fri, 30 Jun 2023 00:05:53 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: D972DA18:D8EA_91EFC182:01BB_649E1C61_59E92C5:25BD0

GET
H2 200 / Show response
adv.office-partner.de/ Frame 8C62 930 B
931 B 104ms
24ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=b9f39b0e77&subid=&uid=0f2c06991a8f4bf8&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3De0PkFpcZVaU6-fWwI77huw%26exch_seat%3D20035004448%26mt_aid%3D8746238279350403907%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0ef7649e-1c60-4701-b371-4c2f3dcb95d0%26mt_cid%3D0ef7649e-1c60-4701-b371-4c2f3dcb95d0%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMOyNYByeZKyRJ4-X6wSZkomYB8-HjptcwIbZgsYCwI23ARABIABgleqYgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmoAwHIAwKqBLEBT9Am3alfwwuD18NaT_rfkzHOUHLQkdb8aiBwTSyyteWr0k3tgAuRnhGzx3PU2JHEEhBn2h7nnfoN8X9SW2_Jr4DjvArh4RDq6RVDszqe1w7-vFSkXih7hP6MNogGFS1zFab5HwK7XOOlS2qx5jRDGIL6Ovuti75Q--z54BPHo7P98X9Yx5hz92LWQVWIWJVYZqCR_CFY634NgtJtbj0wAIvaPMkYZAUkggCVpsSohOxhgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0VwfEHQlA5PzfMWOcIcZmrCy7h8w%2526client%253Dca-pub-6593523210010154%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6593523210010154%26output%3Dhtml%26h%3D90%26slotname%3D9586219513%26adk%3D1165138949%26adf%3D4198790052%26pi%3Dt.ma~as.9586219513%26w%3D728%26format%3D728x90%26url%3Dhttps%253A%252F%252Fye-mek.net%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1688083552444%26bpp%3D2%26bdt%3D143%26idt%3D153%26shv%3Dr20230627%26mjsv%3Dm202306210101%26ptt%3D9%26saldr%3Daa%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D6928388214132%26frm%3D8%26ife%3D1%26pv%3D1%26ga_vid%3D614855064.1688083553%26ga_sid%3D1688083553%26ga_hid%3D1633166938%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D728%26ish%3D90%26ifk%3D798537779%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759842%252C31075643%252C44788442%26oid%3D2%26pvsid%3D3739099639002629%26tmod%3D2108198827%26uas%3D0%26nvt%3D1%26top%3Dhttps%253A%252F%252Fpcloak.blob.core.windows.net%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3D2.evnvmnazx6qd%26fsb%3D1%26dtd%3D158&ancestorOrigins=null&random=5809786195654&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 30 Jun 2023 00:05:53 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 07 Jul 2023 00:05:53 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame A991
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=14442100006165600951389012371022&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2832901481

350 B
401 B

106ms
28ms

Document
text/html

49.12.22.42
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2832901481
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=b9f39b0e77&subid=&uid=0f2c06991a8f4bf8&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3De0PkFpcZVaU6-fWwI77huw%26exch_seat%3D20035004448%26mt_aid%3D8746238279350403907%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0ef7649e-1c60-4701-b371-4c2f3dcb95d0%26mt_cid%3D0ef7649e-1c60-4701-b371-4c2f3dcb95d0%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMOyNYByeZKyRJ4-X6wSZkomYB8-HjptcwIbZgsYCwI23ARABIABgleqYgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmoAwHIAwKqBLEBT9Am3alfwwuD18NaT_rfkzHOUHLQkdb8aiBwTSyyteWr0k3tgAuRnhGzx3PU2JHEEhBn2h7nnfoN8X9SW2_Jr4DjvArh4RDq6RVDszqe1w7-vFSkXih7hP6MNogGFS1zFab5HwK7XOOlS2qx5jRDGIL6Ovuti75Q--z54BPHo7P98X9Yx5hz92LWQVWIWJVYZqCR_CFY634NgtJtbj0wAIvaPMkYZAUkggCVpsSohOxhgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0VwfEHQlA5PzfMWOcIcZmrCy7h8w%2526client%253Dca-pub-6593523210010154%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6593523210010154%26output%3Dhtml%26h%3D90%26slotname%3D9586219513%26adk%3D1165138949%26adf%3D4198790052%26pi%3Dt.ma~as.9586219513%26w%3D728%26format%3D728x90%26url%3Dhttps%253A%252F%252Fye-mek.net%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1688083552444%26bpp%3D2%26bdt%3D143%26idt%3D153%26shv%3Dr20230627%26mjsv%3Dm202306210101%26ptt%3D9%26saldr%3Daa%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D6928388214132%26frm%3D8%26ife%3D1%26pv%3D1%26ga_vid%3D614855064.1688083553%26ga_sid%3D1688083553%26ga_hid%3D1633166938%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D728%26ish%3D90%26ifk%3D798537779%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759842%252C31075643%252C44788442%26oid%3D2%26pvsid%3D3739099639002629%26tmod%3D2108198827%26uas%3D0%26nvt%3D1%26top%3Dhttps%253A%252F%252Fpcloak.blob.core.windows.net%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3D2.evnvmnazx6qd%26fsb%3D1%26dtd%3D158&ancestorOrigins=null&random=5809786195654&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-3.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 30 Jun 2023 00:05:53 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2832901481
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame EE5A 2 KB
2 KB 187ms
88ms Script
text/html 13.42.188.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=14442100006165600951389012371022&nw=1
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.188.208 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-188-208.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: f4a8148176f74bae4907a5c9af2d61b96e267e1f83c5ea5d2f4e5031b0754efd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
last-modified: Fri, 30 Jun 2023 00:05:53 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 30 Jun 2023 00:06:53 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900022.redintelligence.net/ Frame 423A 7 KB
2 KB 83ms
32ms Document
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request_content.php?s=14442100006165600951389012371022&a=a3bc504e
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=b9f39b0e77&subid=&uid=0f2c06991a8f4bf8&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3De0PkFpcZVaU6-fWwI77huw%26exch_seat%3D20035004448%26mt_aid%3D8746238279350403907%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0ef7649e-1c60-4701-b371-4c2f3dcb95d0%26mt_cid%3D0ef7649e-1c60-4701-b371-4c2f3dcb95d0%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCMOyNYByeZKyRJ4-X6wSZkomYB8-HjptcwIbZgsYCwI23ARABIABgleqYgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmoAwHIAwKqBLEBT9Am3alfwwuD18NaT_rfkzHOUHLQkdb8aiBwTSyyteWr0k3tgAuRnhGzx3PU2JHEEhBn2h7nnfoN8X9SW2_Jr4DjvArh4RDq6RVDszqe1w7-vFSkXih7hP6MNogGFS1zFab5HwK7XOOlS2qx5jRDGIL6Ovuti75Q--z54BPHo7P98X9Yx5hz92LWQVWIWJVYZqCR_CFY634NgtJtbj0wAIvaPMkYZAUkggCVpsSohOxhgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0VwfEHQlA5PzfMWOcIcZmrCy7h8w%2526client%253Dca-pub-6593523210010154%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6593523210010154%26output%3Dhtml%26h%3D90%26slotname%3D9586219513%26adk%3D1165138949%26adf%3D4198790052%26pi%3Dt.ma~as.9586219513%26w%3D728%26format%3D728x90%26url%3Dhttps%253A%252F%252Fye-mek.net%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1688083552444%26bpp%3D2%26bdt%3D143%26idt%3D153%26shv%3Dr20230627%26mjsv%3Dm202306210101%26ptt%3D9%26saldr%3Daa%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D6928388214132%26frm%3D8%26ife%3D1%26pv%3D1%26ga_vid%3D614855064.1688083553%26ga_sid%3D1688083553%26ga_hid%3D1633166938%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D728%26ish%3D90%26ifk%3D798537779%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759842%252C31075643%252C44788442%26oid%3D2%26pvsid%3D3739099639002629%26tmod%3D2108198827%26uas%3D0%26nvt%3D1%26top%3Dhttps%253A%252F%252Fpcloak.blob.core.windows.net%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3D2.evnvmnazx6qd%26fsb%3D1%26dtd%3D158&ancestorOrigins=null&random=5809786195654&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 414acf6cdba43fed1fad459df552d337745d80aeaec9642ced5b421e42424b0b

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2074
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 00:05:53 GMT
Expires: Fri, 30 Jun 2023 01:05:53 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame EE5A
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14442100006165600951389012371022&t=htlp&gdpr=1&consent=1&gdpr_consent=li
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14442100006165600951389012371022&t=htlp&gdpr=1&consent=1&gdpr_consent=li

43 B
382 B

167ms
104ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14442100006165600951389012371022&t=htlp&gdpr=1&consent=1&gdpr_consent=li

Requested by

Protocol

HTTP/1.1

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 00:05:53 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: D972DA18:D8EA_91EFC182:01BB_649E1C61_59E92C7:25BD0
X-IPLB-Instance: 40027
Content-Type: image/gif
Keep-Alive: timeout=20
Content-Length: 43
Proxy-Host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14442100006165600951389012371022&t=htlp&gdpr=1&consent=1&gdpr_consent=li
date: Fri, 30 Jun 2023 00:05:53 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 24A5 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 07:36:12 GMT
etag: 48472445140208031
expires: Fri, 30 Jun 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EE5A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7166d43ad652c8996151e69d54087c3493276bc67a280c875da63dfa67507390

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 24A5 0
104 B 292ms
73ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJbQ65pW4KaMk6-qRX93y3Y&google_cver=1&google_push=AaAOQGFmmjrdLNxjL2snaEaAtMxqxdRKjq-Ev7ReQiADI_TAq_aeY-VeI_8GNRjtwlmtNqm1oV9hMLkq9KLiZx3zibNVKPOimZEOgOQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083552444&bpp=2&bdt=143&idt=153&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6928388214132&frm=8&ife=1&pv=1&ga_vid=614855064.1688083553&ga_sid=1688083553&ga_hid=1633166938&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075643%2C44788442&oid=2&pvsid=3739099639002629&tmod=2108198827&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.evnvmnazx6qd&fsb=1&dtd=158
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 24A5
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESELxiwG_dPwbjo7FoNRm-fcw&google_cver=1&google_push=AaAOQGHRRB1vpd1YEpJ69u-4p8ukTm3eAosfidRJMBP63DKNLYl3JofKpzA-_A12rG6nLHSdHaV-H8HANE21CyK0ghpJsBh2a-6NZ...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELxiwG_dPwbjo7FoNRm-fcw&google_cver=1&google_push=AaAOQGHRRB1vpd1YEpJ69u-4p8ukTm3eAosfidRJMBP63DKNLYl3JofKpzA-_A12rG6nLHSdHaV-H8HANE21CyK0ghpJsBh2a-6...

43 B
441 B

217ms
195ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELxiwG_dPwbjo7FoNRm-fcw&google_cver=1&google_push=AaAOQGHRRB1vpd1YEpJ69u-4p8ukTm3eAosfidRJMBP63DKNLYl3JofKpzA-_A12rG6nLHSdHaV-H8HANE21CyK0ghpJsBh2a-6NZ7s&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHRRB1vpd1YEpJ69u-4p8ukTm3eAosfidRJMBP63DKNLYl3JofKpzA-_A12rG6nLHSdHaV-H8HANE21CyK0ghpJsBh2a-6NZ7s%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083552444&bpp=2&bdt=143&idt=153&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6928388214132&frm=8&ife=1&pv=1&ga_vid=614855064.1688083553&ga_sid=1688083553&ga_hid=1633166938&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075643%2C44788442&oid=2&pvsid=3739099639002629&tmod=2108198827&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.evnvmnazx6qd&fsb=1&dtd=158
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:54 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7df22903b9fb921d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 272
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELxiwG_dPwbjo7FoNRm-fcw&google_cver=1&google_push=AaAOQGHRRB1vpd1YEpJ69u-4p8ukTm3eAosfidRJMBP63DKNLYl3JofKpzA-_A12rG6nLHSdHaV-H8HANE21CyK0ghpJsBh2a-6NZ7s&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHRRB1vpd1YEpJ69u-4p8ukTm3eAosfidRJMBP63DKNLYl3JofKpzA-_A12rG6nLHSdHaV-H8HANE21CyK0ghpJsBh2a-6NZ7s%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7df22902496c921d-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 24A5 70 B
264 B 79ms
56ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI2OoI35Z_wYIi-MOKtaNek&google_cver=1&google_push=AaAOQGFhY5iWy4StDl87WpXgulwrAnaHHdefz-oJSvXbPKXAwUa2YgnpU-8vSxYNfEeke8xc9g27NhAWx0WCzc5n2UAsb8U1xlTkN7U
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083552444&bpp=2&bdt=143&idt=153&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6928388214132&frm=8&ife=1&pv=1&ga_vid=614855064.1688083553&ga_sid=1688083553&ga_hid=1633166938&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075643%2C44788442&oid=2&pvsid=3739099639002629&tmod=2108198827&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.evnvmnazx6qd&fsb=1&dtd=158
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 24A5
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHh80dC-5NFx-Ytjn4Lf5kA&google_cver=1&google_push=AaAOQGFOmAcd6EUG9Wj41kOaMIL2L8JJ6Wr5IDchu-lz9Ln1tzVco0kdX29mxiRLlNhfIXqw1_LpvcuajJE...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGFOmAcd6EUG9Wj41kOaMIL2L8JJ6Wr5IDchu-lz9Ln1tzVco0kdX29mxiRLlNhfIXqw1_LpvcuajJEHxcM2MC9EGj9BEsDUew8&google_hm=mTe6zUqSSomchUpJF...

170 B
188 B

44ms
38ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGFOmAcd6EUG9Wj41kOaMIL2L8JJ6Wr5IDchu-lz9Ln1tzVco0kdX29mxiRLlNhfIXqw1_LpvcuajJEHxcM2MC9EGj9BEsDUew8&google_hm=mTe6zUqSSomchUpJF4K7kBg

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGFOmAcd6EUG9Wj41kOaMIL2L8JJ6Wr5IDchu-lz9Ln1tzVco0kdX29mxiRLlNhfIXqw1_LpvcuajJEHxcM2MC9EGj9BEsDUew8&google_hm=mTe6zUqSSomchUpJF4K7kBg
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 24A5
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ_3IITauvlb3L3jNdB5d88&google_cver=1&google_push=AaAOQGFshWKF0vlpkEQtXvYv1sk6sp9BGg2j_jiHETk01jVNjgnsoh24FnzsiFagr-dyCGJ6ato1uYWh1wi8Zm4OJmDI...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJ_3IITauvlb3L3jNdB5d88&google_cver=1&google_push=AaAOQGFshWKF0vlpkEQtXvYv1sk6sp9BGg2j_jiHETk01jVNjgnsoh24FnzsiFagr-dyCGJ6ato1uYWh1wi8Zm...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFshWKF0vlpkEQtXvYv1sk6sp9BGg2j_jiHETk01jVNjgnsoh24FnzsiFagr-dyCGJ6ato1uYWh1wi8Zm4OJmDIFCnKUbkEodw&google_hm=H2fmiiGGR32XqaF5qZnf...

170 B
188 B

33ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFshWKF0vlpkEQtXvYv1sk6sp9BGg2j_jiHETk01jVNjgnsoh24FnzsiFagr-dyCGJ6ato1uYWh1wi8Zm4OJmDIFCnKUbkEodw&google_hm=H2fmiiGGR32XqaF5qZnf_g==

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFshWKF0vlpkEQtXvYv1sk6sp9BGg2j_jiHETk01jVNjgnsoh24FnzsiFagr-dyCGJ6ato1uYWh1wi8Zm4OJmDIFCnKUbkEodw&google_hm=H2fmiiGGR32XqaF5qZnf_g==
date: Fri, 30 Jun 2023 00:05:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 24A5
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFFRfcolEgXxDstP77HBniI&google_cver=1&google_push=AaAOQGFqN0S0c3jEsWc6vSs5Px5JlYMkXrCmq0Gm3ONYFAp5mJpgNxO29IUwTVxIFdcuymhiUZpm_dr0WHSA9YY6ueyMl39...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFFRfcolEgXxDstP77HBniI&google_cver=1&google_push=AaAOQGFqN0S0c3jEsWc6vSs5Px5JlYMkXrCmq0Gm3ONYFAp5mJpgNxO29IUwTVxIFdcuymhiUZpm_dr0WHSA9YY6ueyMl...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFqN0S0c3jEsWc6vSs5Px5JlYMkXrCmq0Gm3ONYFAp5mJpgNxO29IUwTVxIFdcuymhiUZpm_dr0WHSA9YY6ueyMl39VROxUyj0

170 B
188 B

38ms
37ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFqN0S0c3jEsWc6vSs5Px5JlYMkXrCmq0Gm3ONYFAp5mJpgNxO29IUwTVxIFdcuymhiUZpm_dr0WHSA9YY6ueyMl39VROxUyj0

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFqN0S0c3jEsWc6vSs5Px5JlYMkXrCmq0Gm3ONYFAp5mJpgNxO29IUwTVxIFdcuymhiUZpm_dr0WHSA9YY6ueyMl39VROxUyj0
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 24A5 43 B
362 B 34ms
31ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEMKLjan5SjWP49EMGi38dBU&google_cver=1&google_push=AaAOQGEdNNb8_KGm6iCW_msJ8cYcob1yJ_D4HYE9Xkbj-M5zMHznSgV2vJz0MLiGoFRaZgeiTdymDaSwfWaapk3s31GnDla6Jl3ntIw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:52 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 178504
expires: Fri, 30 Jun 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 24A5 0
49 B 35ms
32ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IzkFHba8z72VHaFaV6OPlx1KLB4gw1wHT9jbDVmzkwVXdCC4kSb0t4vsOXkGFvlXzMWQae

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ Frame 423A 2 KB
530 B 43ms
41ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=14442100006165600951389012371022&a=a3bc504e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 23:31:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 423A 16 KB
16 KB 169ms
108ms Image
image/png 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=14442100006165600951389012371022&a=a3bc504e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 0720b7d0957898e8e2a6519128eee57471abdb1da4c104fd9b869e92f6e8cfe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 00:05:53 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16228
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 423A 16 KB
16 KB 194ms
133ms Image
image/png 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=14442100006165600951389012371022&a=a3bc504e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: ca04adacbad7de15d851bfb67d82fd52e9a66e49eae71400a3b97ad8d7712e04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 00:05:53 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16513
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 423A 13 KB
13 KB 206ms
146ms Image
image/png 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=14442100006165600951389012371022&a=a3bc504e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: cdb0962ca5e5ebc9646e9b167b80f0ee830f85175f051c1d292d774f2272999f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 00:05:53 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12995
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 8C62 114 KB
44 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b055fd6b8e7a31ddb6f7356718a9c06093f1c00b5c122d61d0d4526f727362f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44685
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8ACD 0
0 121ms
66ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzlgr76t58P7nBm65PYEv-4JMFoGbo-tOuiJJOkf2rfSrMaM0GzuAaLydulBtow4CWWLlbSL8T9ph39mXtNYKhbQCHcESUM8lLONwGa2Q4DSXTmdpnQsFazm4VIJnIkyk374FVXkXIF2y0glkpoP4KTKoUEhae0w8Wfk02IpZsY-pOC3Ux9I0faaUJbb-Vf7iFxByMl58cuxsALr_JbcrX6h59gsQFRPcPeT6-O3Xl8nqPb7EU7SG7ehSRbOHTlJMeRTRWuOD0RGdj54-TB-Y961LgM50G3HsY44wxYd2Gu2ed1ois6yBNSkzALhy9FEeDMMezDQi0WxMfY_RXDhyLCZ-DfaitKz7pqtBGVxAkgtciJ0yk6Iur09vw&sai=AMfl-YTNUxN_K_2dYtzyidNcIAF6w7xWAnw-FiwERDhyxtgFst3_v6LaYKGKTSoutsN1Knl7RqJM6mDspLNl7f1_mRTckG8Htj_jnpFysk_PeoSdxwNb35V9g9f7xtV6xw&sig=Cg0ArKJSzH6i2rGs_40_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8ACD 15 KB
11 KB 52ms
50ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230627&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aac9542bbfc059decc4949c741f48aea729dd7afcbfd39f10868f2dc72964e41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11334
x-xss-protection: 0

GET
H/1.1 200
OK viewability Show response
hal900022.redintelligence.net/ Frame 423A 0
150 B 97ms
34ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/viewability?s=14442100006165600951389012371022&a=8b0b6657&vb=m
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=14442100006165600951389012371022&a=a3bc504e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/request_content.php?s=14442100006165600951389012371022&a=a3bc504e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 00:05:53 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 672E 0
0 103ms
64ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbNCXskxERlikLh97jo5Nkw4hOFnRPx-FjYjy2B934SH1lKOskkC6ZbFCkadH49_YxEkrkH4VPFhpS1SlA3fKijoa_rxbpSdHfN9zSihgGSwAx7JgEbg26CjDVhVdtJJkLSs_0AkltIKYI3uh7f_6IYvFEbH-hWtoTuochpMdPOD4Bjjd-IxvwBgqQ_S99HjOJCuGu4QJIkC-OGO8xmwRotiftW7dBGaIqVWOfsjmR084eBmUYzWl7X7JnNZKiToHpH3CO5yJQg6TV2WRz6mC5-CxgJPbcJ0JvWUxZ2A9gaCQeusJNkVsziiqwg_VZ5P0DOg0lfdL1w-8Um4UOG9-69cz1&sai=AMfl-YRt3bh51ngHeox59Bo9wjpv2q3qa-ST-6zioN_Lvymv2fsQppdBOyi6W5t1sSdKc8tsomjpZadXLt-hvY-zM2FoPE35npBGhkFYMy5q0yhcfInhFLd90bQzbbF2KQ&sig=Cg0ArKJSzCyf_L-_Hi05EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 672E 15 KB
11 KB 43ms
43ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230627&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

922ba9f92548fb6d5c1904bded334f97a8094e690149d3b986942395adead77e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11287
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 55F6 3 KB
1 KB 30ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198785760&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553130&bpp=1&bdt=199&idt=297&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7684227612873&frm=8&ife=1&pv=1&ga_vid=1014192176.1688083553&ga_sid=1688083553&ga_hid=312899483&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2680693957&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C44759875%2C44759926%2C42532277%2C44759842%2C31075624%2C31075644%2C42531705%2C44788441%2C44769662&oid=2&pvsid=1075566652487531&tmod=1190392790&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.g6z2jcqqear2&fsb=1&dtd=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 55F6 20 KB
8 KB 31ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55F6 179 KB
56 KB 38ms
32ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 55F6 0
0 77ms
72ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CleOBYRyeZIStHOSf78EP3-SA8AvJntKxXNWdkfdwwI23ARABIABgleqYgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAj2aHS-2PbI-qAMByAMCqgSvAU_QFg408j6DR3LYwYXTUM8z-ZYLHCVQwGag__TF1btjjw-PBaJGk60Nxkem5RvYL3flUs8LafwcEZR72l9WQQjFirI3JLBiZJRUzmi22CzXNBUVJakSFuF51K49xVsGYd3_vPjoVRklB77ii9pMbJVXD-nX_gDUcvcLuMCVT8tC-d6YL5BpSQvzfm1BgMUMbeapELkc6_-eP2FOmskk5gXMf_2uWU2sOYHmNMD3GUCABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjU5MzUyMzIxMDAxMDE1NBgA&sigh=SZgMklV-dcs&uach_m=[UACH]&cid=CAQSKQBygQiDrEnupknb27Wwl5JlRk7nvex1kT08SHw-gAovx21JmVi_x_KrGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198785760&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553130&bpp=1&bdt=199&idt=297&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7684227612873&frm=8&ife=1&pv=1&ga_vid=1014192176.1688083553&ga_sid=1688083553&ga_hid=312899483&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2680693957&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C44759875%2C44759926%2C42532277%2C44759842%2C31075624%2C31075644%2C42531705%2C44788441%2C44769662&oid=2&pvsid=1075566652487531&tmod=1190392790&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.g6z2jcqqear2&fsb=1&dtd=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 30 Jun 2023 00:05:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 55F6 0
0 131ms
35ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kLKVENyBMKAB2ASdg2ICAgAAALZfM18GP_-yEGEcnmQ7coUvgpfYhycjAAASAAAKCkFRVUJEd0VCRHc&wp=ZJ4cYQAHFoQCO8_kAAAyX0p-4Xzx5rUjMTzy4Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 171160
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame ECC0 191 KB
57 KB 196ms
103ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZJ4cYQAHFoQCO8_kAAAyX0p-4Xzx5rUjMTzy4Q&u=%7C3I8VUl17EUPJzNop02kBwBodnSsI5dHvlrkwxEoKtUE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zjiF9eUSIOuZLnA_GHCrq33Aq8L8-n9i6f2JnWUMEnPzCy2fCmA0TmEQxGU4aqjZ8OL73KXxCxP1vpj96yWlvZpRy1VA_bqAVBCYfdPyXVByeGV-QnTk5cP0tuPI49BX74vzGrjbv3f9_WH-EOFZ3j5GTDF_0dyYAt29bZO3j4V3dbX1K41SYD9tWv1sw-Olr9fO5xbVqyeWnUi5NoaWkZd2lBA8VWgLU0ROxTCbkBpLCL2Lpc1UQjfzaBFt3nSIF3Rt0t6x4t2Diwfi10NlGYAGKdGiOzc3-Mh_2LF0h253mm7N9Tu0engQxx5_05EthNIIZbDvoZ-6rq0DsNv_V7mVGJsIee2LTH2tAoQav8Vsjf0xOOzE_hGhApXL71HtYah_zkyl6pym99XLpZ353xzNZJHIpt4-BmQuARM5jwIIBK12HXiUTDSHHaXiwGsmWt1dg5eCCNgPzVBXnwbzfp6hEmmlO0dQxFKEKRTSEOK_p1tBeeCiL5zXe5P2-WoYAR_tz2sxbDOtlbIclA2-csgG1Vez4tYUYr-fTBs3e3_TyltO120GAkM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtWHcYRyeZIStHOSf78EP3-SA8AvJntKxXNWdkfdwwI23ARABIABgleqYgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAj2aHS-2PbI-qAMByAMCqgSyAU_QFg408j6DR3LYwYXTUM8z-ZYLHCVQwGag__TF1btjjw-PBaJGk60Nxkem5RvYL3flUs8LafwcEZR72l9WQQjFirI3JLBiZJRUzmi22CzXNBUVJakSFuF51K49xVsGYd3_vPjoVRklB77ii9pMbJVXD-nX_gDUcvcLuMCVT8tC-d6YL5BpSQvzPG9gEkKD8fUWjK2_O8I4x2hakH8uyB1OyzWT_78TJ63-sWpzCv_1xUWABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37hkJX12yU4Qcr4Wu3awZi7p6Nsg%26client%3Dca-pub-6593523210010154%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a5ffaea7ec1c6a9108483f6b5e68f29db9fba784edc72b2e2400780a26a367e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:53 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=H5RB0kXLoqpGUKGIsSFJryo8upWAQg-Hxzzrgn-sbNqajnHdMs9hhQrLAmDfoNKzFDE_MmDuBMIg7c6j7mNLkrCTScOS9bEai2nFElerHCrwulnXo5XraMp2x4Wc6HwGcEP2_iUvbqSx8YFrDw11H-1NuBt65QeZ-aYdX41q6EYBkAZa0wA5aXQb9j8Dmu6JmUe-_4lb0heA5Np13j_lLzqCar6tYpRJX042hdFRwAO_akExWERd5ohndrA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 62854674
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A159 1 KB
643 B 27ms
23ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 07:36:12 GMT
etag: 48472445140208031
expires: Fri, 30 Jun 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame A991 5 KB
5 KB 29ms
26ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2832901481
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame EE5A 85 KB
31 KB 135ms
26ms Script
text/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=14442100006165600951389012371022&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 12:41:10 GMT
content-encoding: gzip
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 41084
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 7dW3YKc54aoqWy8kuLKqIWakDo1dv1dD5dHx0mOnjDP7UZyCIfCUHw==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame EE5A 3 KB
3 KB 139ms
34ms Image
image/png 18.66.26.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1688083853&Signature=KC~j9C86q9Wx8f2cst2x2W2XeoBh0NmycvuCvMmTrbkkbuQ-kbcoZckIAWG7jnFgxjcZZBmF6VNeI4bQnJotQxUPj6SjJ9GK16TR1~keDzc8F1zrPkMsssFtARXDoa326RBnYZ-k0XKxhUJgX5rQCdumJqjQF7KWbikN~PZOW1C-i0E~EybBnAzaKM~jNWXfJ-QD5B9aDgeSmPVD-8CKBxH7M10BKq4Aen2kSSOPl8lzCIV7a94qTLMUDXfPUG7bQGFTbXXK79azBoGnhtXLvKAITFWGl~GBVkTqWNMLLRPA38alMCOJ7Zqn4BgxKKlVsFGIMWHwBcSAGsTvHszb2g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083552444&bpp=2&bdt=143&idt=153&shv=r20230627&mjsv=m202306210101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6928388214132&frm=8&ife=1&pv=1&ga_vid=614855064.1688083553&ga_sid=1688083553&ga_hid=1633166938&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=798537779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31075643%2C44788442&oid=2&pvsid=3739099639002629&tmod=2108198827&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.evnvmnazx6qd&fsb=1&dtd=158
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.26.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-26-126.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 29 Jun 2023 19:23:58 GMT
via: 1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 16981
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: 04pT7xjMz5fVw2nKuSbvml41cCHmgVFEDuASRf244YV-8YFUYtauiA==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8ACD 17 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 672E 17 KB
6 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
H2 200 5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame EBC1 0
209 B 73ms
73ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1688083551646&userId=vnet9d5164c0-5aa0-42da-b925-50691b3557f3
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 30 Jun 2023 00:05:53 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
DATA 200
OK truncated
/ Frame 55F6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f507bd6af40c79c1e544f1f41ff75bdab07617192a345e38bf70b7fdba96a256

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A159
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMUbkQr2p8QtpUN-bsBUkX4&google_cver=1&google_push=AaAOQGGsEAOv-NT9JGFHPcBXgTjvjYJng8_R3ijlvBTrV1DVlWGOXM_h9mdzbzcS8umXNoT-1thryWqk9EfRsRe5d0rulELn77lbBg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjYyMzA3NzkyNTk0OTc4MDc3Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMUbkQr2p8QtpUN-bsBUkX4&google_cver=1

43 B
398 B

86ms
29ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMUbkQr2p8QtpUN-bsBUkX4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198785760&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553130&bpp=1&bdt=199&idt=297&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7684227612873&frm=8&ife=1&pv=1&ga_vid=1014192176.1688083553&ga_sid=1688083553&ga_hid=312899483&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2680693957&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C44759875%2C44759926%2C42532277%2C44759842%2C31075624%2C31075644%2C42531705%2C44788441%2C44769662&oid=2&pvsid=1075566652487531&tmod=1190392790&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.g6z2jcqqear2&fsb=1&dtd=300
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMUbkQr2p8QtpUN-bsBUkX4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame A159 35 B
464 B 93ms
22ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMWgCGCEe2CZbrPVxo9mPhE&google_cver=1&google_push=AaAOQGGNa6EMsCm2wIAHjwFYEvb6NhV1Fih3-lMLAubf0ifEHj-_7xngeZjvpTxb9nvLONsYoCJtyFw7zh8g78mybJilxLg57Lvr9zo

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A159
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEI9y7bZOq_LmqnMD7FERq2o&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=R28yTURCSTUxUWYxRTU1&google_gid=CAESEI9y7bZOq_LmqnMD7FERq2o&google_cver=1&google_push=AaAOQGHH4EeVXvtqP8V8THmhBMfEjwQdSrH3zIjn3WxKBRL...

170 B
188 B

32ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=R28yTURCSTUxUWYxRTU1&google_gid=CAESEI9y7bZOq_LmqnMD7FERq2o&google_cver=1&google_push=AaAOQGHH4EeVXvtqP8V8THmhBMfEjwQdSrH3zIjn3WxKBRLutsaOPiNhSvcmgtPw3eZYtcV_sgFsVWjopXQ-2TkBrAYzjLWc72S6Mt0

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 00:05:53 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-036c9e308bb7e39b5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=R28yTURCSTUxUWYxRTU1&google_gid=CAESEI9y7bZOq_LmqnMD7FERq2o&google_cver=1&google_push=AaAOQGHH4EeVXvtqP8V8THmhBMfEjwQdSrH3zIjn3WxKBRLutsaOPiNhSvcmgtPw3eZYtcV_sgFsVWjopXQ-2TkBrAYzjLWc72S6Mt0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A159
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESELxiwG_dPwbjo7FoNRm-fcw&google_cver=1&google_push=AaAOQGE8Pf44ryhP_oANblY726lBcozCzL058TtkGcCEdrbjzF_9UP9HdWGF7hy76th8i-Zv5SrGJ9ikLaDJs7MoBMTJOU0RJp9Ro...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELxiwG_dPwbjo7FoNRm-fcw&google_cver=1&google_push=AaAOQGE8Pf44ryhP_oANblY726lBcozCzL058TtkGcCEdrbjzF_9UP9HdWGF7hy76th8i-Zv5SrGJ9ikLaDJs7MoBMTJOU0RJp9...

43 B
393 B

193ms
193ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELxiwG_dPwbjo7FoNRm-fcw&google_cver=1&google_push=AaAOQGE8Pf44ryhP_oANblY726lBcozCzL058TtkGcCEdrbjzF_9UP9HdWGF7hy76th8i-Zv5SrGJ9ikLaDJs7MoBMTJOU0RJp9RoA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE8Pf44ryhP_oANblY726lBcozCzL058TtkGcCEdrbjzF_9UP9HdWGF7hy76th8i-Zv5SrGJ9ikLaDJs7MoBMTJOU0RJp9RoA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198785760&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553130&bpp=1&bdt=199&idt=297&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7684227612873&frm=8&ife=1&pv=1&ga_vid=1014192176.1688083553&ga_sid=1688083553&ga_hid=312899483&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2680693957&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C44759875%2C44759926%2C42532277%2C44759842%2C31075624%2C31075644%2C42531705%2C44788441%2C44769662&oid=2&pvsid=1075566652487531&tmod=1190392790&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.g6z2jcqqear2&fsb=1&dtd=300
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:54 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7df22904aa64921d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 274
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELxiwG_dPwbjo7FoNRm-fcw&google_cver=1&google_push=AaAOQGE8Pf44ryhP_oANblY726lBcozCzL058TtkGcCEdrbjzF_9UP9HdWGF7hy76th8i-Zv5SrGJ9ikLaDJs7MoBMTJOU0RJp9RoA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE8Pf44ryhP_oANblY726lBcozCzL058TtkGcCEdrbjzF_9UP9HdWGF7hy76th8i-Zv5SrGJ9ikLaDJs7MoBMTJOU0RJp9RoA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7df2290339c8921d-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame A159 70 B
264 B 49ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI2OoI35Z_wYIi-MOKtaNek&google_cver=1&google_push=AaAOQGEF7nG79pnAj2lJfMuA3eItPyBIidgy9ivZICoESPxinZQgLfBb2TYJBdeBeuxfhgk0ooxwf9W8e8mKFbVvzqREjg41mUh4CA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198785760&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553130&bpp=1&bdt=199&idt=297&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7684227612873&frm=8&ife=1&pv=1&ga_vid=1014192176.1688083553&ga_sid=1688083553&ga_hid=312899483&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2680693957&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C44759875%2C44759926%2C42532277%2C44759842%2C31075624%2C31075644%2C42531705%2C44788441%2C44769662&oid=2&pvsid=1075566652487531&tmod=1190392790&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.g6z2jcqqear2&fsb=1&dtd=300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame A159 42 B
213 B 106ms
34ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEIipxDsDcrwE0sGcqv_rMNY&google_push=AaAOQGGLJraE4c9RXl1H9FkDNNwQ0rliV3Qcml04FG85l3HJOpBrTA0Ia8cdUpEYelTGo5jFChjqSDyng8Pzrlmp3uBUx439JNWcaIQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198785760&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553130&bpp=1&bdt=199&idt=297&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7684227612873&frm=8&ife=1&pv=1&ga_vid=1014192176.1688083553&ga_sid=1688083553&ga_hid=312899483&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2680693957&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C44759875%2C44759926%2C42532277%2C44759842%2C31075624%2C31075644%2C42531705%2C44788441%2C44769662&oid=2&pvsid=1075566652487531&tmod=1190392790&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.g6z2jcqqear2&fsb=1&dtd=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

report
sync.teads.tv/um/ Frame A159
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMHQE2GBkOCv...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGEXYF-Hor0F5tPar0qb-ZTQ06RlHIA-eoSMXWGtbSU-zauXlDGDSHv7F-x_4YAEAEHnNXLaZugdJIEY2K2FYfFV8wBEiUJ7ZbAb
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

49ms
48ms

Image
image/gif

2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198785760&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553130&bpp=1&bdt=199&idt=297&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7684227612873&frm=8&ife=1&pv=1&ga_vid=1014192176.1688083553&ga_sid=1688083553&ga_hid=312899483&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2680693957&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C44759875%2C44759926%2C42532277%2C44759842%2C31075624%2C31075644%2C42531705%2C44788441%2C44769662&oid=2&pvsid=1075566652487531&tmod=1190392790&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.g6z2jcqqear2&fsb=1&dtd=300
Protocol: H2
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Fri, 30 Jun 2023 00:05:54 GMT
pragma: no-cache
date: Fri, 30 Jun 2023 00:05:54 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A159 0
12 B 33ms
30ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQBohM9DZUitELUwyAZbIVVaWXd6r8HBp7u3LnyWe2J7IIrKWmeeZvxH6XH0lMZMSH8IjNPg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E9F1 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 59368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 07:36:25 GMT
expires: Fri, 28 Jun 2024 07:36:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4D9C 783 B
742 B 60ms
59ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8652a43e59c0f294f8471f923999ebf4a49279ba778601931afaa81fd628c892

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hjP84lOcUNhqSMKLENnH-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-hjP84lOcUNhqSMKLENnH-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:53 GMT
expires: Fri, 30 Jun 2023 00:05:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E47 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 59368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 07:36:25 GMT
expires: Fri, 28 Jun 2024 07:36:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6EB9 783 B
998 B 30ms
30ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6677c8f5b549e47e5326de928ca869391c59fd2790a31d6c62da5ac304214710

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Wb_JAeBehBqfcnlDnJ42mQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Wb_JAeBehBqfcnlDnJ42mQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:53 GMT
expires: Fri, 30 Jun 2023 00:05:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C692 0
0 62ms
61ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvV-cw9d4qse4qtrV9zKTHAglm8f6_XKQ2xyaqWqionjtVFgrD_xSoeoOusefh4HQdzbQM9HyiiHFCfc-NftcY8lwd1Dm9wOeVVGmwMEwCbfdRCingQTf9K35ZmNu1RzNKsCGWgZc2itX2R0Te822ZSXQO0NNjh6CQftgqvehSQahW8dPDhGVnb1Ww5GNX6kJ90eoNqgDndoaVVfCLg6O8VHubULAtKysWj4VtTzURd9JDGTPlD4gotlDoy89S2M2m3WGqPXiMG_j4mBaRsoc1Kl84S1PYcp-0Q81iqKsZjaK7IVdmEInbniMWlXeo6cuUcZOGl_UVPm64BptxhytrGoL0bJVgCPPkcL7aqr-Atcf_bvQ&sai=AMfl-YTq_ZHy_62H_K0kV2FKIG6RzliiJby4_Bxx5yPuqZ4O4czmC8aMZkTBNJR9dWsl6eRvCXf8iI8-rt3yja2iE8_XlTPmXlN3jjJ4NYQW3qXgigjUE6D4k9TKTu2jQQ&sig=Cg0ArKJSzGTmOo2iEctpEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C692 15 KB
11 KB 38ms
37ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230627&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae9da6c82bac917e656f0ce20347294e4ecfb1561ad9da7b7dc5f3613ce2c2bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11406
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C692 17 KB
6 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame E9F1 38 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:02:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 18:02:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6EB9 0
0 54ms
53ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230627&jk=1784709798459888&rc=
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E47 38 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:02:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 18:02:27 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 83AB 0
0 60ms
59ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3gFtiZPJoYKA1H1SFWAYoxpo_sXYIL2nFSR_26JJgo57yGpyPlpN_jy_EQ6dMGm9JOhppy1pILhSb8SXln963tGKBmIQ-m0zMbMlcL3Ejg5UixpvzKCquwyyFY4oJoMPv2CxCZhP5Riz8BOIdDarMx7GQFP_TkmoWb8iWQp2P-6qRFrIR_6ned1PL_G7wQ9BbN4jQxMibX7CpYpqO1k5QgA1Nw0FTvuYjnHC2JjM9xlOhpN74Q_R-grO6mGmKr5RdlHr-kSZtW_zwHCDKknJ9OOjdhgn8oYNnhMacd_1zo0I97kuC1iDCMmUopTTPTjpKd6BwCrDPiWhVr0_4gcMHLPdFl8l8iQUULedEEhBKGUtkhQarmXCjUFdY&sai=AMfl-YTGUnMPdqo7mzFDntxIcTMqS8m94AFmnhU8GAydfy2cGGvuKiyK700K4O-g16891xDbZjErSgva0IKYztByzg-_skR8Cu7WejrlE_Php5I&sig=Cg0ArKJSzMmDUKeWMjt0EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 83AB 15 KB
11 KB 38ms
37ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230627&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17a3a645fb713231fdb2599fa8005842efa49885014840d5b8db6b3e728962f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11401
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4D9C 0
0 54ms
54ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230627&jk=2057020523386192&rc=
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame ECC0 2 KB
1 KB 117ms
38ms Image
image/svg+xml 2a02:2638:d::2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZJ4cYQAHFoQCO8_kAAAyX0p-4Xzx5rUjMTzy4Q&u=%7C3I8VUl17EUPJzNop02kBwBodnSsI5dHvlrkwxEoKtUE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zjiF9eUSIOuZLnA_GHCrq33Aq8L8-n9i6f2JnWUMEnPzCy2fCmA0TmEQxGU4aqjZ8OL73KXxCxP1vpj96yWlvZpRy1VA_bqAVBCYfdPyXVByeGV-QnTk5cP0tuPI49BX74vzGrjbv3f9_WH-EOFZ3j5GTDF_0dyYAt29bZO3j4V3dbX1K41SYD9tWv1sw-Olr9fO5xbVqyeWnUi5NoaWkZd2lBA8VWgLU0ROxTCbkBpLCL2Lpc1UQjfzaBFt3nSIF3Rt0t6x4t2Diwfi10NlGYAGKdGiOzc3-Mh_2LF0h253mm7N9Tu0engQxx5_05EthNIIZbDvoZ-6rq0DsNv_V7mVGJsIee2LTH2tAoQav8Vsjf0xOOzE_hGhApXL71HtYah_zkyl6pym99XLpZ353xzNZJHIpt4-BmQuARM5jwIIBK12HXiUTDSHHaXiwGsmWt1dg5eCCNgPzVBXnwbzfp6hEmmlO0dQxFKEKRTSEOK_p1tBeeCiL5zXe5P2-WoYAR_tz2sxbDOtlbIclA2-csgG1Vez4tYUYr-fTBs3e3_TyltO120GAkM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtWHcYRyeZIStHOSf78EP3-SA8AvJntKxXNWdkfdwwI23ARABIABgleqYgqwHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAj2aHS-2PbI-qAMByAMCqgSyAU_QFg408j6DR3LYwYXTUM8z-ZYLHCVQwGag__TF1btjjw-PBaJGk60Nxkem5RvYL3flUs8LafwcEZR72l9WQQjFirI3JLBiZJRUzmi22CzXNBUVJakSFuF51K49xVsGYd3_vPjoVRklB77ii9pMbJVXD-nX_gDUcvcLuMCVT8tC-d6YL5BpSQvzPG9gEkKD8fUWjK2_O8I4x2hakH8uyB1OyzWT_78TJ63-sWpzCv_1xUWABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37hkJX12yU4Qcr4Wu3awZi7p6Nsg%26client%3Dca-pub-6593523210010154%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Jun 2024 00:05:53 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame ECC0 2 KB
1 KB 116ms
37ms Image
image/svg+xml 2a02:2638:d::2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Jun 2024 00:05:53 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame ECC0 308 B
637 B 101ms
37ms Image
image/svg+xml 2a02:2638:d::2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 24 Jun 2024 00:05:53 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame ECC0 293 B
621 B 102ms
38ms Image
image/svg+xml 2a02:2638:d::2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 24 Jun 2024 00:05:53 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame ECC0 43 B
348 B 103ms
33ms Image
image/gif 178.250.1.6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Q1so4BeUw4MBT1HRpGldwOpbyUk4pezV-8BlrOEiJL2Rxukoe8FnRSa_or_13Vpu4tmfbcQok2PRqffzjrWfD1f4IpTPs7X4XIad_RZgqWg5wG_2-HpS1Ek9YBVXXw6RwncQe0DNRb_a1XWhYAXNqbOIR2XK1D8Uliedu4T_qV0trvuDvF4s-flleZHdnYnIggEgWln3yd41rcrnBVI3Xwcw6GEsC_iiQdtFPmvmA_adcXgCU8N5iSgQXM53IslDZZNDYKjEceUOjntPivEAmVYZulj6AcYDgPepCQCFAUTUU2yAS_Zoayqq2ctS8_tJ8-now08BcMTpmEgRcTniMu6Juffd6QyTY5_bm05TmBRALWH4GH-GMujxRuaIg-nR3mxxqEHtt94pKemVis0PX2aKeUWNKnSZHR6kub8h4LWavLGt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1730921
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame ECC0 60 B
60 B 148ms
32ms Image
image/gif 213.202.235.9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=15&extPu=13929-criteo&extLi=264882&consent_string=&iab=1&rnd=649e1c616fc46f0dd4e15bf225b15855

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 00:05:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 30 Jun 2023 12:05:54 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1051
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 83AB 17 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 00:05:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 06FC 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 59368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 07:36:25 GMT
expires: Fri, 28 Jun 2024 07:36:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F752 783 B
534 B 47ms
46ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3036df13e61974b0edf8c0b2fa5cc0a793088c1f9b595d6ff8a0510d79ca3cc2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VdRsDywMN0RvXzTf-XnXRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-VdRsDywMN0RvXzTf-XnXRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:53 GMT
expires: Fri, 30 Jun 2023 00:05:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame ECC0 12 KB
5 KB 81ms
28ms Script
application/javascript 2606:4700::6811:190e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 587149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPUBpV1e6hQzymEHbt2jJRSRk5usTyC58Y6OFaDfi5oNvqSF6vVxpiPF5Q8hwN33Eu4asML6aU8kHtXatfw5ntMmkw4Z5D%2BmrZ7a43BnnvrrfSQIfVXl5KKt%2BG1fHY75suUyzlHoEf9nKk%2FND%2F%2Bfmn7x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7df229049d1f2c42-FRA
expires: Wed, 19 Jun 2024 00:05:54 GMT

GET
H2 200 c1d096976dd24cf8af55f5aef2a3900d_sofiapro-regular-webfont.woff
static.criteo.net/design/dt/ Frame ECC0 31 KB
31 KB 142ms
72ms Font
application/octet-stream 2a02:2638:d::2

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/c1d096976dd24cf8af55f5aef2a3900d_sofiapro-regular-webfont.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

267037fe49ce85195ae3cfe5f7e4039076293f0b6778f6b943130c7940c8335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 May 2018 05:53:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5af13b73-7bb4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Jun 2024 00:05:54 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame ECC0 12 KB
6 KB 39ms
38ms Script
text/javascript 2a02:2638:d::2

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Jun 2024 00:05:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame ECC0 16 KB
16 KB 190ms
114ms Image
image/png 2a02:2638:3::10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=108&m=0&partner=8721&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F151110%2Fb36c36e292dd46478a893899a4e21a5f_breuninger_de_all.png&v=3&w=316&s=BBG6gXoPR6otMbvNtt7wqFsC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

ec769bb205286ebe3a86b8d7559f61dab024e4597b14b8a00e8d734dfd08ce82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 16167
expires: Tue, 11 Jun 2024 05:40:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame ECC0 139 KB
139 KB 204ms
128ms Image
image/webp 2a02:2638:3::10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=8721&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F230428%2F6be6afbafabd4e34874c0438c4796d73_img_vertical_1.jpg&v=3&w=1200&s=r-6kpizfZZ_F-Z85QqyOPWNh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

2a28c7a71fa4755b9f4a35f9d3ea53791518abbe56a6887c145aa540c81d93c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 141896
expires: Sun, 23 Jun 2024 07:39:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame ECC0 23 KB
24 KB 144ms
69ms Image
image/webp 2a02:2638:3::10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F1%2F100139648818700_0_1672732941540.jpg&v=3&w=400&s=av7-20YbZROBl_Boa7NVq0vL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

8e9bd74e03f0f26deb4bea9ca16f450edc33fa53ce09a56751d3bfb10912281b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
content-length: 23940
expires: Sun, 17 Sep 2023 04:36:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame ECC0 9 KB
9 KB 194ms
119ms Image
image/webp 2a02:2638:3::10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F3%2F100143400918700_0_1679313952694.jpg&v=3&w=400&s=3voNMmEvq-FLSQL7flT6R-Da&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

0ab40538194a4016ff70bed550970d3e7b3ca9235851f820e66bba279b5017d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
content-length: 9498
expires: Tue, 12 Sep 2023 16:04:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame ECC0 15 KB
15 KB 168ms
93ms Image
image/webp 2a02:2638:3::10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F11%2F100141839118700_0_1669042905807.jpg&v=3&w=400&s=jAAA6gh2KakD9nsUsEgPfB_m&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

8516588c3ecb776a98a9e3925c84d36050a0e839bb9b5d46b22c41a487fe9dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
content-length: 15678
expires: Wed, 06 Sep 2023 04:27:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame ECC0 10 KB
10 KB 168ms
94ms Image
image/webp 2a02:2638:3::10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F4%2F100150390618700_0_1682067830756.jpg&v=3&w=400&s=xqxpfDLduT5KMbSEvjoUM7mR&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

08ca95f28f7a2373c671778c6c7403c6d4656685d23a3c99dd269c5defd8f809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
content-length: 10118
expires: Sun, 24 Sep 2023 15:51:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame ECC0 17 KB
17 KB 124ms
123ms Image
image/webp 2a02:2638:3::10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F4%2F100143136717000_0_1681224418160.jpg&v=3&w=400&s=CpLkd6WAmoXTLUDDUj22ovJH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

db5399ad06ea0d394fc5a0ad43f63ab0574ff82cba560f4246a10ddf18cb8b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
content-length: 17544
expires: Mon, 11 Sep 2023 21:54:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame ECC0 5 KB
5 KB 123ms
123ms Image
image/webp 2a02:2638:3::10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F2%2F100115069311002_0_1677062875293.jpg&v=3&w=400&s=4k_ictm-Gjs0NKC-gMwHAG_r&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

eb702187321e9dc673166d6bbbc07cd65b2ec08e614758542f8fa388238d358e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
content-length: 4928
expires: Sun, 17 Sep 2023 13:34:18 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame ECC0 0
128 B 106ms
33ms Ping
text/plain 2a02:2638:d::11

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=H5RB0kXLoqpGUKGIsSFJryo8upWAQg-Hxzzrgn-sbNqajnHdMs9hhQrLAmDfoNKzFDE_MmDuBMIg7c6j7mNLkrCTScOS9bEai2nFElerHCrwulnXo5XraMp2x4Wc6HwGcEP2_iUvbqSx8YFrDw11H-1NuBt65QeZ-aYdX41q6EYBkAZa0wA5aXQb9j8Dmu6JmUe-_4lb0heA5Np13j_lLzqCar6tYpRJX042hdFRwAO_akExWERd5ohndrA&sds=2&rev=87270&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 30 Jun 2023 00:05:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame ECC0 2 KB
1 KB 34ms
33ms Image
image/svg+xml 2a02:2638:d::2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Jun 2024 00:05:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame ECC0 2 KB
1 KB 35ms
35ms Image
image/svg+xml 2a02:2638:d::2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Jun 2024 00:05:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4C51 13 KB
5 KB 25ms
23ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 59369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 07:36:25 GMT
expires: Fri, 28 Jun 2024 07:36:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1869 783 B
536 B 32ms
31ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dd2963f109103a2ae0c7b8c5aad0298984664d92c042e675b9150aad5990dbe5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fVbkt3QnCrGO6x9Yxfq7aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-fVbkt3QnCrGO6x9Yxfq7aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:54 GMT
expires: Fri, 30 Jun 2023 00:05:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E9F1 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_u8MVg
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F752 0
0 54ms
53ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230627&jk=2593432463506537&rc=
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 06FC 38 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:02:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 18:02:27 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2E47 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jWfG1g
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1869 0
0 54ms
54ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230627&jk=3739099639002629&rc=
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7ED1 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUYler3LBFND1bTzWLMkr9nJGCLST1O4L1nYdj3QoyzD0lv7CI9bCJ-hSIFZtDsHmEVfvPYQhrKTeXRILaNHVUw52K&sig=Cg0ArKJSzC1ZaXS4e2F4EAE&id=lidar2&mcvt=1146&p=0,0,90,728&mtos=1146,1146,1146,1146,1146&tos=1146,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688083552852&rpt=510&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AC45 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjkM8i2xAknPe_2M1kcoqYFGD2XRkoj4TOVRM1JvYZgcrgYiNwsiba4pLnB8EEjanibO7m1oCxj_Qb4wW8B6hDy3hXHL-PBZRnJvQtqy_oAvM-j60sY1HGoJ76pbXNT2ucAIskpdideAOQLym6-vGnUsssjcaGldMKT3g3eHTCMOywZIyw7xAV4BQi1PM86XPazqMRdnQF59NVIK3YyBzwUF7qQu3by2usGJIkyMr6k9CL2v_drbL_P86WsXo-e9yW9o0bLJEHCmQG7H0NltiKYwPvJcatqnRXR0vgYWXiOtUPyUi4XJBhKGWtjMPQLomOMizhqbYeFb5RoGwFMWjRSq4&sai=AMfl-YSiwsKIj-5EayBavWuvUTrRONjoN05lyShT9Cpf_tfgegGyeLOJN5NvyJ2WBcIhGQLnrbqbvgP7tyRLmc4bJ0XyTzxD9xSJ_VZkSQgbydpgOuURJYi8NP5KqmCLYQ&sig=Cg0ArKJSzADMgLHb_g34EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 00:05:54 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AC45 15 KB
11 KB 36ms
36ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230627&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46d061e34605140dc09853bc6874e09548f20c2bfa6d64d519088c5706c93b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11332
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EBC1 15 KB
11 KB 44ms
44ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed1d135e92589e0eac27bf34455002a980e00c22c6ea9a9dfbb8209262f53c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11408
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AC45 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 00:05:54 GMT

GET
H2 200 5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame EBC1 0
209 B 64ms
63ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1688083551646&userId=vnet9d5164c0-5aa0-42da-b925-50691b3557f3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 30 Jun 2023 00:05:54 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C51 38 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:02:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 18:02:27 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EBC1 17 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 00:05:54 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 65BC 42 B
64 B 69ms
68ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEeJhjVjR_xM5IG_8jUBDcCsoY8v0GXBikJ66XWCxQIHfInmE20T9h0haJaWqoEji4sufafdRwsi-44IfrtIsScHi_pUnvibG3ZOWxUTNL5DgaAsTf8dogUpHKAnmx9suEL7bSQXYs5B9WwPawSmLRdgXpSkQR-tNnjGHgXvY&sai=AMfl-YSByIhcJMCYaGS-YS3YYZh__DrWsgHVcpfZ-2I7a7Bpa6z6m7eoiQoXVpn1yxuliW8z0NQS2WaN-GNMk6fnf3HAvJZHmFqqjp_DflElN-h2Xvt_a7qWTSSy__E&sig=Cg0ArKJSzLJgZFnAXa6IEAE&cid=CAQSOwBygQiDrVu3dy69cFnovEEofiU32Ir75lwIMfjHAWrCzWLqAPrlpZdciqvL8cTeNniOKwA0yGDkSQQPGAE&id=ampim&o=0,251&d=996,250&ss=1600,1200&bs=996,250&mcvt=1090&mtos=0,0,0,1090,1090&tos=0,0,0,1090,0&tfs=618&tls=1708&g=100&h=100&tt=1708&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 672E 42 B
64 B 63ms
62ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstulFrHDdGqa8Qm5PmJRd-RKC9uY9uN7tlRQlJJDyNibf8lSvxenQ4zvo7169OgG5PHVQeQErBNXiOdMFD7MnuUjCAAGS2NPmBx2MnvjD74RfkV5kDU&sig=Cg0ArKJSzOiX7A6f4pa2EAE&id=lidar2&mcvt=1064&p=0,0,600,120&mtos=1064,1064,1064,1064,1064&tos=1064,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3203893797&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688083552838&rpt=817&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame EE5A 16 B
209 B 119ms
119ms Fetch
application/json 18.168.234.149

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.234.149 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Jun 2023 00:05:55 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 231ms
41ms Preflight 18.168.234.149

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.234.149 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 30 Jun 2023 00:05:54 GMT
server: nginx

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7A1C 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 59369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 07:36:25 GMT
expires: Fri, 28 Jun 2024 07:36:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2924 783 B
535 B 34ms
33ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a66d540cbec090e29b160d6d0d551c3b98f8e3b95ae0840abea0d72c16c5b5ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RPurhSuLvbWyjxG7sjK6IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-RPurhSuLvbWyjxG7sjK6IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:54 GMT
expires: Fri, 30 Jun 2023 00:05:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 412C 13 KB
5 KB 26ms
24ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 59369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 07:36:25 GMT
expires: Fri, 28 Jun 2024 07:36:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F725 783 B
536 B 34ms
33ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9cdf303ac2192eda30f0df8726e7963820a33e9102a6246801e29530e74f8edd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yhf_qF52OUuLdRJzgQ3l2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Yhf_qF52OUuLdRJzgQ3l2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 00:05:54 GMT
expires: Fri, 30 Jun 2023 00:05:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 06FC 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Y_vkSQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 55F6 42 B
64 B 60ms
59ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmyzCleZlmg7Xj73NpJ8X5qv7uh3Uz5tlBX6LHKoPWlMjgL_HRZQgV5tg-6_XGEuGIvwFqHtHrZZKtIwptZMrIvqo&sig=Cg0ArKJSzKa3e1RX9y0KEAE&id=lidar2&mcvt=1025&p=0,0,600,160&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4174262319&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688083553431&rpt=347&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2924 0
0 56ms
56ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230627&jk=1075566652487531&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A1C 38 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:02:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 18:02:27 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4C51 0
10 B 23ms
23ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qpooUw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 5ed7638be4b07a92411bbffe
ng.virgul.com/tck/i_vb2/ Frame EBC1 0
209 B 65ms
65ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed7638be4b07a92411bbffe?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1688083554911&userId=vnet9d5164c0-5aa0-42da-b925-50691b3557f3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 30 Jun 2023 00:05:54 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame EBC1 0
209 B 66ms
65ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1688083554911&userId=vnet9d5164c0-5aa0-42da-b925-50691b3557f3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 30 Jun 2023 00:05:54 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame EBC1 0
209 B 66ms
65ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1688083554911&userId=vnet9d5164c0-5aa0-42da-b925-50691b3557f3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 30 Jun 2023 00:05:54 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame EBC1 0
209 B 66ms
66ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1688083554911&userId=vnet9d5164c0-5aa0-42da-b925-50691b3557f3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 30 Jun 2023 00:05:54 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F725 0
0 136ms
135ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306270101&jk=2858433892420268&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 412C 38 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 18:02:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 194607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 18:02:27 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7A1C 0
11 B 56ms
56ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CFpB2g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame ECC0 0
127 B 42ms
42ms Ping
text/plain 2a02:2638:d::11

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 30 Jun 2023 00:05:54 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 412C 0
11 B 25ms
25ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?443Zcg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 00:05:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8ACD 0
0 62ms
62ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230627&jk=2057020523386192&bg=!AwClAFTNAAb90kgr3dI7ADkAdvg8Wg1ve8RwgT8tHv6tJBIXBS5czqh_uWGnP-YkOOlJXqGiWhZuYAJg3UvaWu5z2Kh1Ehib77YCAAAClVIAAAACaAEHCgAZrUskxPiWx4da7ilz3gRsWRP8ZALBnWGv9ZkDEpd2kQaVrIsZEyMlFAQxG8h6OYebDBq_e8A16S6bqgBirRTR4yHTqM2n1vbEQjDB5rEtpC9jTpoQmCkcrA_AfqoRpdQn3vhsYygXyS4vhu64wao2sRM7RVwaqxaf0w8hXES96mI-5oMSqJ4CA-Ygjkt3_3qeTjhT8i5ourKWVWn9y-17SqFnJQ62vB3EtBDxsbWrdxsCxRUlMdEVxrNtobYeIkiJGeFTYUs4c1c_HSxCuWfmEkJdlxcHahTY292-ByH2Pi-sJVJ_w5aYhoO4FoWXEhmNQPnxbTisKK5dWDr8V8AkDjS3H7YidkviUvGMCTBKaCpzXA4-q1rUqFEdQ5Aqbk7QR66Cx_JkK4PkQsJrWS-1HhT4haVD6pvH2_Ez52Vzh3FDtg72yDyv4GciLAbauy09vxK1xIJdYGESp4Led727HWZUVP7EyiZCPoXtXUNtZVwzh5VSUNYKajGkws64Ufqb18mKNEKi4di2XVYorZVATKCUp19VEABgCuyXwVkrSMmyh87yMvDMhOrot6GmeQQv6tjy0Z5lC7HhNmXex7h4cshZfm_GRoTwHnH0bef1Uk_n-8womf7AWazsWWlEH12jJy7N_4qHvxBO0FOrszlhwwD3t4KNdvk3VcqxwBFWwxjW9QosgDuzeZxQEIfZJ5o2Cw5ukyWbkAMwGfLDJbB65t6Zv5BpTTFX91q0BmtV8UHWn__DvZnuQ4ztTiGju_-6-daF57f8Ccn0tHRMO3YnQcVqKSN8OMzeaidymqs9vAX3ob-7jZRv0z3SCYkNN6hvwhLD4BZje9TAltDuaSTRQXEXaGyznolOYJOO3CLdaJgZ1PpPd-qIE4LMNwIelxDRO9gmY475rhlwazXrYLFoV2RvBnV0v62MLh9VgGPKjqr51A6WKxRszLwjjW_obT6ix5kT8m6Hc9C5wCp3e3O_L5mCCGDBNazSO3zpeaLcgAnOIFfjCBt5-Im80W5buw7AK552Ubpah_joNH2wDUCzgKyOEUxjbovGitYVM6vzR6V4Z2hn1XEdaXPbR6EKAA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 672E 0
0 62ms
62ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230627&jk=1784709798459888&bg=!qqmlqf3NAAb90kgr3dI7ADkAdvg8Wv5w4nyMKUO4bWoMwBqDT0M3VZhwEZmFacUmebMUK6XJq359Q22yK8DJuOPj8-8G33FyH6ECAAACzlIAAAAEaAEHmQMUsklWg_YS6Lw8G3LGHbW7FFxPKY4VJa-8I8jqw8I_NiWMbixJQzXy2araIZzGEPeC8Ni5DKQiFhe4rTV0AXdGoSnGVzJspv-3V98xHyV4IgAcvaqr9WfuKFGfex1aWOTc4SOOLTbz-Txsg5cDkVU9C3S-mT6r9kivg7kuyX9yPd6iWDhHpac1v9S4s05f0rnIXvwpFGYYygJN1nP85J3tcrwdwS3VpANO4C-XC-BD1Yp1VW5OI84VAgAeTouEm--RBB2qZRFLrglDuTfiMfX1D0JyRwB6GJDHfDPADdtv7iItArbz3J7eezxebV5EP2Q9TTINF5A6mR80eI5va36-JNDiAGz8sgIh33ZmdkHWBMoHQK8_9Le27ckp-DDToSa3XnBCmyO5WBp3h-rTQsmMDYnRsKHoRONote0F_ulciRThw-ZtDIYeVRVrwkwTR4wGp6plXEc1d49NJpz9PbCU3JK50O4q9CToR5FGmNpLgX8W4R6ozey1IhI8EQ-tr_QELchYeR7s1ZAcVUQOAVkbofDAW6C9ZBtZo4Z00jgVaEKVZZjdylZUuLSUr_G9kNgnEoK_CVmMzdxXi90RF8Nz_z2dmeRuvFMOYOB17CwYa1gZ91bxSpoIWjJMqqPoSTuYEnkFOmGNVYVPrkNkaKwa7s5Rdv-KgvmBgq_PERHhtFxKj1vtXjwzl2yUPZVqLFg91nDGSGorHSNSiyFn8iNGKFd7zmb6-alMpXaIRIMUUTygNThfpKPNb6b4YAL0rKExunKC_-pjdkYj5Sjt0ql_jZf57Q1wbWDDZfotSJt2K9DS9jJx0uvPaYBpjHv8ljwntTQD6hxpXclPVBx63x1PNsX7ebhPKNXuWby5WjVJfQLOemsPcM1Hw8d9jaCjgaPmY6fpzdNjfT5RHNFpB4x8rWB07z-swNdlLgcSn6x7BM1NnZpGnCSM15ZnHTq0GyvID1ZiGu9WL0KjnmDsTqI4bZJNlnEFHdVuTn8Bh0CdN1_H1kBnnLaGPSvHoLSlCOPIz7dBd3kmJf4Ao-CumxlyI891KT4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C692 0
0 58ms
58ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230627&jk=2593432463506537&bg=!ubqluu7NAAb90kgr3dI7ADkAdvg8WkP682yJedYToTM9pJOPk6OL342dToxuA0TY2DfwVFapuj6_HyxrZNNaSKwkUrJIufW2L5cCAAAAzlIAAAADaAEHCgBG18KdGW4JCOsJcOdpkvz97ZzX54nhKzYnxqMnq_5IhShVrE1KADCKRerpJoou1d1QQtY7LX6fobmGuPyr1pIRx45HvzjbnpkDGHem5voJDtXotVS-_yKfwyuJvMC6jdc3K0bgq5LOU29sBcDgvgVQ0q9OkLjyYqNOeUY7fhJMRlNM9rKKxQdV6CAKDaMhTl7Ysj3sw89jI3bjIG5iqOPCabELjclS73aBMTF9rhJKvre7lfjoQ6Kza3oeT6S4LMYxdPA2trP5DGfEglFnb24ZXH7t67-9q4eL0i-89W302Ta3sswbrP50ZQXrUFZ_s1Pqf8fJauYkDiVsCOWwxewuedmjiLmHZwc3rt6AXwhGH7YHgbE0aA-H9K3Gn9FxpkQpXW1fu0JLsqS-qkggDTajL3SHSqpEqzx8kDo__jYPA172sHmPr3sgik6e6_-jQNsr5E-2Yq3x5NbXICe57upD24KklMBLLZS2JiCnOufGW5t8I0PXlNihh36VgfMtXw9v7b7ODbrHgg8awch5llpO9z9KvTM4gDmOpbcMT0AE0XD5tHJGSQAG2uL0jhkkDkXvbzBYMMYhkmFcsSoTG44LRWKaOq8j2Lum4E6vQ8m5Wo4_2L8nUDxEUwTH6qPFdnA86tgGDtQGQP3nKZtMz9Dy8BOoXcqvKyUaFygGoHDVvL-CuaMcCL3y-x-wlI0J5rG2t5S4vHBBxORIdwCiGaJ-sIej9MGFguvCk6H8jAOXqaNhaEotCSv9sOyPJC-P3bvo_oZWRXqcYrWw50kjSn684o-Tu2aVJMrqmz_dD_cdFem50TwYaRuuGnAcMvEw1jpnsOkQqncEDXm7qqXPMAvUrZe1wc1EiyHROSRiUAy78_9t9eKtxjh0wH9HUNQXmxx8q3JfwhtJE_KpqgOXUAmPtq4A1EksVRLhjG6bPjKP6gFMh5yO49aoWgUycy7VqkAM_5qNNnM19L3qzZ-lLxmsNgAHvAP_iga8bn82UCCYGvxSl-Bs42w2nXiMQtUTNhOUYxthAt7JlNws3DENXe6wy7ml_jpDwQSnXykKklGqofwqSbc5ynnMPilWPKxsC4eAU1bHIQvyIUZvCU7PTp0FuRKBdFsrY6RVji0eXZRVzOr0CBvrxjVRqj-2F4-mmWFKZQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 83AB 0
0 57ms
57ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230627&jk=3739099639002629&bg=!v7ylvOjNAAb90kgr3dI7ADkAdvg8WqQvJtzjXLvDA8Xeodt4ACWxpQ8Z2gfjDYnHgmX8qPx9QfhSjA7yZQ0_i5iX0J7cLqP3LVQCAAAAfVIAAAADaAEHmQMJrhxYcrY5hlRwHZGjDL-BmaNQBmw_6wMhin6LsXFI_oz5CmUBj21H0UOcXIv22Aw9njrklFDw7nTiDn6uZvQVdP8rv1UVO_exbFlrgkRLHyqcx-TV_eMG1UUiHDEao7muAAkziAVJQc8aUjke4wL2roetlQpixekC0YGthQUbpydj3lcDxPDN1lq0bxaEa9lDb5aIvgLY8IGdt-HeSWaL6u0OxDgErBahlhDpEMioAWUSr8f7fvU7rO7ndBM9iSCM0gXNbiSzh9ghrGipZnmWhadwNQNLvB1V6vqLfQR9qkg_jZqTbkpY_-Oft9CwZJ6-w4aoulawTbagVAIw3bHujvwCXTjJPmxO3bu5mpkDCrBFwDnabkMK9YBPyavcm9cgxXcth3JciVNsktyX7f6oWU1mgBmyHuGfOlycytfSGujMnzPEjNEziK6c558BprwFwHwyVKmHzoTmU5Dt2m79lgGWWlwANfIo1resc-PXePDZcYnEecLz_5ELBLk4jjl0ePGv1rnK_L4OQZXIbaQ_5_KZhCm_mS4mtJvnjXBmTKbQv712FM62cjaOzc719rGy-NJUARo5JKCntgW5wnhvA1PWdnOtcFZPKp9Hrptkxt-kyGr0XbQ3TOvny8FVxc08463wMaGJ-TwndSlgRuwHY2auRXLylpTIh42uiIzasJJZmshKvJJZOIJKTIm045o19E9KJn-8WKqbMiG67ujxa7h6WZc6kgc7vSKvvDFump7fHHwboI-RKbXc6YhqNu2-AwPCuzazWTdCNcB8KsJ8D5YfO7_oUEn40o9Q9wJqvPKGLfu2r4bczDiLb3XTfsxUKgb4ZQtnbSZVyTSKfFT0yjT_9Z0vSyK_iXOYzyNlH5DvL5a9x54jIG51UPdP9KhqhCXOwiv0WM4RNl8qSyjSmMdiRx2R1GlrSY63ip4Gr2GSltN045v11enzId5YdHCnkOZghWbe-wtxJCB5yt2OwGU_L3l23Zq4BwbbTyBI3wMAutSkSN_bdrHJgtm52AkYFFcFs0yTqcHC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame EBC1 0
209 B 61ms
61ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1688083551646&userId=vnet9d5164c0-5aa0-42da-b925-50691b3557f3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Fri, 30 Jun 2023 00:05:55 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AC45 0
0 58ms
57ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230627&jk=1075566652487531&bg=!BwSlBFDNAAb90kgr3dI7ADkAdvg8Wn_ZHCMmCF9pJuSLxhR2HaU0OziPZ5mo3AEp2lAQBBE6D8eFGldQB1en8nY3mhXbUcGa8YwCAAAAilIAAAAKaAEHmQMJdUA8xMKEL6cV4lOR-htm4N9FYBBSeP1dXuBt8Zfszd4Ko7Gpu706vICWxClAwP3U2mF2bgNpI08Ue88NU0RpNku1anAgC7MNRk56RCuukqeqp4KIeLecrX2aIIAeTwwq53y8E8cfJphSEbOQwFDCczekkCwXPJC6_KoNYNtQJiOm4dDNJp91uavu-REEfnjscQ7RmcCRVQoPbqRdXlQ9DpQLL7INvvIL5Uf8sRrJkptmY58OwfrmeoMKuoxajizxS0Cz__DYda0etcdg318-4jxX8Vd_8tsKeGAvwEBiHTRnFAmlBwWdyTfWhiyn3YAkUBzNyvvKVzJ_fF37eoNt-BHUM4h1wIsg3lTyEXff8nk5vCNXXWEIhTg-OdWCVbp5sZ39jPb3bQao_vUWqducp8-6a9MwjEmGzQ1h_sQnbOpPz1ejMIHq2AjlwxBVvYk2FF4cZqETbdp8lDz4qHJaVl-zKbqg4MNZKF9ogD-yij_aVjGNQmrpSjQ8_XZfmMnKB0s-eblMJltMaglvKxSm9hRRfskuUnRS47IWUz5BZd6f9n6iNRrlk3bOh-oAYGaZ6KBB37dvLDLSmgA3wu7TNaCGzeDY4Uea7dWgkulEgNTDjnRbFwDDcfe0kTZKFSigjrbYcQPbT7_j-D_XrHWU1RUnATKYgbCTKMXxYCFYKhcCbzP_2LH8kW1k2Ydd1BMx7a5up9cQEhz9m59j9gRysH-gUmoMRDyNAIC44c4TYZKWEa7xJ-3nbVmJTHk7YxzqMX9w0qX93YXf8rbhNkozOLWtgQquaoFRE37RG-zAXZtj3aWWwe0fQHrAmgi2rl6-EeEm06koR24_OoJiv7En2CiwD41_Ibo2glsc8PbOY6HPIytoo56kwMGyw6bWgK8i8ff9lYLAyJSVUVmsvGaGC63WRucZVNuZaqf08QOjeKy6TVol75E4yMPiH-x2TGQg6HEA_ieBzdHR9AyUchsA2Hync9AD3q0W0Zx3KZnRk4T6UwxJ6nKp-oa0OlQY1eSemPPUVVh7QEcY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AC45 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFoMousg1P6_XEwdKNWqxaBE86jAHwIPA0MJ9gzf8JlQoppg2sRZY8hmh1q_DOqJTi7E-szlqn6HPC2VM7QOE7d7W-k4DKdPSG9942r-zHredHKAP4&sig=Cg0ArKJSzFt52L_aC923EAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3299242717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688083552861&rpt=1711&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 00:05:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EBC1 0
0 58ms
57ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306270101&jk=2858433892420268&bg=!QUKlQhbNAAb90kgr3dI7ADkAdvg8WgBP_ADTikwYpCfJuHFWkL_3c6ckFxSiId8b8-CT839_IYkbaT-Uk1s6Y1QBReQHr782WB4CAAAAflIAAAAFaAEHmQLEugjpCgr6Pzx8xa4XzYkuxD_Z1qfIeefAK7D24Sp_JYw6qNc0OCJr3fqT7sIO7PkD_snYyZkhtf959JvUCzG68EnXqef3F8F8MaucErvxZ9Eo1MGHorjJsXOYec6_efNEBlu1l-WQfTBAdrAF-lLC1NYTDIfAOP3iAgWe0fkC2Mt01HMWXrbqwuANmQKFANay6rJ549bEK8I5TBIeahgGK0BFfJIJ80NmFVbe7VQhuFc28QEF1bRhw6YgOmyrudaeJtxccFt7NBBh-Md3ukoHPzjwL-93Gs4y2-sGTnJ92HfPpfTdMWLmkHI8zpLH-XBa3QrUcxMmDuT5ufwWRLkVj5CIZTCdxev5aI-rkizrPKTPkNgW9NKF8LA9G_QwptiuSYxgDqZbFlkXhTXDzkC7mD5V-invhszkMLNs7t1qiBI1iv_rfOxeTax4yCAuS1vn2mj4FHFakEIEDLR-F8woHK23-X1NSAZCO-r-vfBITXXHYuRKDSGfQua-3jIBQ7pTHzd_SaFdc86ShUsiNfrD9HlmbPfo_NyTxWVwvZRjvOYAkVrz3zXjdZmXkbkW1ovwjN1QjCR1NP3Xgsovmd3q1cec-9bLuO2Gmte0pc_phB0toCNSEoReheHhrzSSWhSSUr19n0KdsdUfJK5GkTsCcaz1rb-pHV8Q5j5u3-mFQazEgoS6efNpBfBvFIQxHAqCpQqnkWfrdUfm7LX6uM86OLFDAL6yN4epgpjulCnOY5hYrNaxfufo9V-Vg05j2XMhRLAByUDEA_fZQOYvckkVEi5fFP7ftGP0b_wY3xGfo_AG-vxwbt6ywEEkunzQYUh2SN_aFsEhiJ1wPSAZORjCQQPH2CTshaRYfUTzL3smnCHV1oQLu-ITPfxaa7yNCnujkKAEYYFMRfbBXztlKi89MWlBJzB5ol9W4r1mvX0IsRtAoiiq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 22:16:19	Name: IDE Value: AHWqTUkiChw9CBbCahKXtOetDdZXCNk7RT_PT8LIO7qfhHcDQvHoGFpQZ1dKhvPPQ8U
.mathtag.com/	1970-01-20 21:40:19	Name: uuid Value: 0ef7649e-1c60-4701-b371-4c2f3dcb95d0
.hspvst.com/	1969-12-31 23:59:59	Name: VI2677 Value: %7B%22time%22%3A1688083553%2C%22utid%22%3A%22d05abb22773fafe1d393b2ae20348138%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/	1969-12-31 23:59:59	Name: VIP2677 Value: 1
.retailads.net/	1970-01-20 13:37:55	Name: ppb2172 Value: 2832901481
.w55c.net/	1970-01-20 22:24:57	Name: wfivefivec Value: Go2MDBI51Qf1E55
.casalemedia.com/	1970-01-20 21:40:19	Name: CMID Value: ZJ4cYYWNCvOBonLqJF451AAA
.casalemedia.com/	1970-01-20 15:04:19	Name: CMPS Value: 5300
.casalemedia.com/	1970-01-20 15:04:19	Name: CMPRO Value: 5300
.adnxs.com/	1970-01-20 15:04:19	Name: uuid2 Value: 6424832620743282733
.w55c.net/	1970-01-20 13:37:55	Name: matchgoogle Value: 5
.de17a.com/	1970-01-20 21:33:07	Name: guid Value: 1.3838199872097575944
.ctnsnet.com/	1970-01-20 21:40:19	Name: gid_CAESEHh80dC-5NFx-Ytjn4Lf5kA Value: 1
.ctnsnet.com/	1970-01-20 21:40:19	Name: cid_9937bacd4a924a899c854a491782bb90 Value: 1
.office-partner.de/	1970-01-20 22:30:43	Name: source Value: {"webgains_webgains":{"timestamp":1688083553678,"clickCookie":false}}
.bidswitch.net/	1970-01-20 21:40:19	Name: tuuid Value: 1f67e68a-2186-477d-97a9-a179a999dffe
.bidswitch.net/	1970-01-20 21:40:19	Name: c Value: 1688083553
.bidswitch.net/	1970-01-20 21:40:19	Name: tuuid_lu Value: 1688083553
.futalis.de/	1970-01-20 14:21:07	Name: raSIDb Value: 2832901481
.bidswitch.net/	1970-01-20 12:54:43	Name: google_push Value: AaAOQGFshWKF0vlpkEQtXvYv1sk6sp9BGg2j_jiHETk01jVNjgnsoh24FnzsiFagr-dyCGJ6ato1uYWh1wi8Zm4OJmDIFCnKUbkEodw
.quantserve.com/	1970-01-20 15:04:19	Name: d Value: EBwBCQGtKYEA
.quantserve.com/	1970-01-20 22:24:57	Name: mc Value: 649e1c61-d29d6-0f20b-88a76
.turn.com/	1970-01-20 17:13:55	Name: uid Value: 2623077925949780777
.tribalfusion.com/	1970-01-20 15:04:19	Name: ANON_ID Value: annoeUoZdUQtR2HpbwrpOfvsqXPTHrZdSEOptCP70d

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript	error	URL: https://ye-mek.net/(Line 39) Message: Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083551854&bpp=3&bdt=888&idt=180&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&nras=1&correlator=7875039385869&frm=24&ife=1&pv=2&ga_vid=31328747.1688083552&ga_sid=1688083552&ga_hid=27575131&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C31075630%2C44759875%2C31075573%2C42531644%2C44788442&oid=2&pvsid=2858433892420268&tmod=954131232&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.inbk0utdcyru&fsb=1&dtd=195 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198785760&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688083553130&bpp=1&bdt=199&idt=297&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7684227612873&frm=8&ife=1&pv=1&ga_vid=1014192176.1688083553&ga_sid=1688083553&ga_hid=312899483&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2680693957&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C44759875%2C44759926%2C42532277%2C44759842%2C31075624%2C31075644%2C42531705%2C44788441%2C44769662&oid=2&pvsid=1075566652487531&tmod=1190392790&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.g6z2jcqqear2&fsb=1&dtd=300 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

94974fec659c5059af3f248bc602db70.safeframe.googlesyndication.com
a.tribalfusion.com
aax.amazon-adsystem.com
ad.turn.com
ads.eu.criteo.com
ads.w55c.net
adservice.google.com
adv.office-partner.de
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
c.amazon-adsystem.com
c1.imgiz.com
cat.nl3.eu.criteo.com
cdn.ampproject.org
cdn.retailads.net
cdn.track.production.webgains.team
cdn.ye-mek.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csm.eu.criteo.net
cti.w55c.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
futalis.de
gcm.ctnsnet.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900022.redintelligence.net
i.w55c.net
imageproxy.eu.criteo.net
images.dmca.com
imasdk.googleapis.com
m.exactag.com
match.adsrvr.org
medialead.de
ng.virgul.com
ng2.virgul.com
odr.mookie1.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pghub.io
pixel.mathtag.com
pixel.rubiconproject.com
pm.w55c.net
pv.medialead.de
r.turn.com
rtb.fr3.eu.criteo.com
s.tribalfusion.com
s7.addthis.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
static.virgul.com
sync.teads.tv
t.hspvst.com
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
www.cloakan.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ye-mek.net
108.138.37.209
108.138.9.235
13.42.188.208
144.76.104.53
145.239.193.130
15.197.193.217
151.139.128.10
154.58.197.185
172.217.18.2
178.250.1.6
178.250.1.9
18.168.234.149
18.66.147.120
18.66.26.126
185.29.134.249
185.7.176.221
185.7.176.222
185.80.39.216
185.89.211.116
2.18.161.51
20.60.220.36
2001:678:cb4:bbbb::11
213.155.156.168
213.202.235.9
23.206.208.114
2600:9000:2251:8c00:3:4706:a6c0:93a1
2600:9000:2491:9e00:1b:f040:3600:93a1
2606:4700::6811:190e
2606:4700::6812:18ad
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:803::200a
2a00:1450:4001:806::2001
2a00:1450:4001:806::2004
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a01:4f8:d0a:2321::2
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:d::11
2a02:2638:d::2
2a02:2638:d::c
2a02:6ea0:c700::11
2a02:fa8:8806:16::1400
2a03:2880:f084:d:face:b00c:0:3
2a0b:4d07:101::1
34.102.243.38
34.160.236.64
35.156.85.133
35.186.193.173
35.241.45.217
49.12.22.42
54.93.206.198
69.173.144.138
77.245.159.14
94.130.102.164
94.138.206.83
94.23.99.218
95.101.148.198
00a922a959966b9a9b1b1374fd75223adae28868fbd53ee1cc705bf9e53fa562
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
053f6645c56aa4f258cd0614a9e4409d01c5e9ae9a6dcc5ba7816ec5dd6f4737
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0720b7d0957898e8e2a6519128eee57471abdb1da4c104fd9b869e92f6e8cfe5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08ca95f28f7a2373c671778c6c7403c6d4656685d23a3c99dd269c5defd8f809
09085d5e7f77f13f8cf961051f351964870214013b289c7b3c5b5e347a12bdd0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ab40538194a4016ff70bed550970d3e7b3ca9235851f820e66bba279b5017d0
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3ffafe2bad86136dc0d54b7dbb154328b343075788dfaa8cd72242e55179a0
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
147c0a445950fa29f9fc3784910f112bdc6dc232412915e1162da9e7ea36ad51
17a3a645fb713231fdb2599fa8005842efa49885014840d5b8db6b3e728962f6
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
197ffcfe361bf002c5b4d07ab57fe0682528d864cf82f4423d5018fc48da96d5
1a6d6ecc5afe8b370681181e0077b6c838310f74f8473a1f36527577d5a1fab7
1bd2603da78c0513ae07dff23bf8925d95683b782d9eaabc18e003d3167b8dc9
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e5a28a902c7f1edfc9c082269da365300b36ceb1eed186bf26523d6867ed986
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
20f091e39a994eac247abb2db8c48d424cb5f3ea8280cea2194168c2bf5f437e
21f24eae79340f1a36dada3b1d3260564bdb2c4bece85794020bcf78f8a48e06
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
267037fe49ce85195ae3cfe5f7e4039076293f0b6778f6b943130c7940c8335f
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
298e30cd4e01948d540e8aff796e294da1ae095578b2403f2b97280e3b969a6f
2a28c7a71fa4755b9f4a35f9d3ea53791518abbe56a6887c145aa540c81d93c1
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2d168f964eab6e8b0e68b4182baa1c008a0cf4c67304306b1cd697f2f6fd6d40
2eb2914e0253d3d949c2aad28f6f109c7b3a67ef37696a4496592837c0f9d7a4
2ecd7c4a208e0987d0bb448bdd98f67c3ef12ed83ad939c80420841d3f012490
3036df13e61974b0edf8c0b2fa5cc0a793088c1f9b595d6ff8a0510d79ca3cc2
306265f641d816f20c6d8ef355fde44bc5a1a8d4211768eb431908bdb928b7f9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32d3eb1192068d0e46808e657f8141b7459818e623b3e5ca0600472b3a6621a5
372e646203759b4bf2ddab1f01469d03dd8bc920f187a3a09bb316f4edf6d604
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
385b19d8c7f7bedac5169d996fa57206b3a35b608518dfd0aa4669f7d3a7b7de
3be63679d6ca5fd205bdbc6dc4e6caf8d376a09decaea16226da1bae6d24fad6
3c2fc0614d14f19c7b68d795bbd361ec0baa28f2f72f7fd645cb7967f380af07
3ccd5b7c21f3517c84885228c27a798e72fa9167f71f9df6e67cd1b3f1c4159e
3cedb0ce25b5eb96e700ecbe768fae70737cd5de3756473d709d45fcfba3f6d6
3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
40a67093d212103e112d6f42a2dfd049ea1d30f91572c4339aa6b2b07142e819
414acf6cdba43fed1fad459df552d337745d80aeaec9642ced5b421e42424b0b
43204d58f6a24cdd36d594f28e4dc0f9ab0f5ad29b4a166bb6d5f3c16756636f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d061e34605140dc09853bc6874e09548f20c2bfa6d64d519088c5706c93b8c
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
479da794610042c07a692cc82df9f0dcd96e46dd83b103761d7f0387f2ac2f1e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e539500752069c624d4c1c9719b0cd75bf0e88923c78017e42ceb8e095596ef
502d7649e4e83f1d07e6634e9e2915227d7130e16193d58eda18ff0a307cc65b
502f09b7adc6f1ff2c01cba95a7a9384a1ae0a5ae7fa370e858fd25bd8678ea5
5061ede8e14dd075136fdcf6a3879f4b42a692eeaa605e2c5aa5f354e753fa61
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184
51571e6e49d9d1243db244dd3bb1790047c7b566dabc9400564dd7f74432ffc6
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
58fa8288d109b6525ab6ced54d659e79cc4e2a925f61d6c76da140f0a689ef59
5a2fbf4ca779e72439de3ed7feddc6990a43b54325da1115376a6a622e5635d4
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
5af02ce6b5997fabe156a5cf9e0dfdf4901a0552a78732b587d1ca38ffc2e4f4
5bf120f7967a92726dc1224897555cce082f2af6fbb65ea725e70de845d17afb
5e1747a7175083627662ac91bb268ebea8834c015965caf8d0db787686cf6a9c
602d96b74c1b4b2a0117991948e6dd9fa24c74596a9c20bb1a04c930f544c426
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64af7a328ead4e6e3e77587ae81c88a4156eea6f476df565496f8f46d89d255f
64c6e4e181eb970a8564feb89c1185dda149557bc9c9723d711dca9e83004756
6501e50ffffdc89ec56c93111f32c70f697610d4af971fb38ae964b5824c7eb1
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66413d92e3b48b21f37de7968a4c6ee6dafb956f4963d0557959a3d10db2c492
6677c8f5b549e47e5326de928ca869391c59fd2790a31d6c62da5ac304214710
66f57830eba3793b6d407a90dc0636b5e5e028f466bec6045ebc0813acaf7afa
67af5b443685a6e71d0d33a38beb6f3aeaef60e145acef7e0e712116d6702fde
68bbcab002cfe978fe70454b240f442046de6170bdef247b98f4819f1e7f2417
6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b
7166d43ad652c8996151e69d54087c3493276bc67a280c875da63dfa67507390
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75c5dcb0b1839bbb85275b03f330dd59c04167b59fe68b07cedad9f8292040f5
7d7862e6fbf2d69229da6a29919581daccb5fda185e6d92171147b42184eb460
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
8169070527736f2296d9d72e169101428b2f9821205614dc54cd16d3130c70f8
8206b7cb4977df1646b35835886cc5ad752365263197f15f0581d41c3751aa0a
82d72c348754f7515045419416dacb9f5db260eccbb80cfac9e1ad25d9bb46fe
842c88bbde71118e56fc313dbe3ad3d9e5dd9b3b9913960838734a29e5982b7e
8516588c3ecb776a98a9e3925c84d36050a0e839bb9b5d46b22c41a487fe9dd9
8616a80730f771eec28aa190e0e4e50c6329256025a00fc75d526fbddb42f827
8652a43e59c0f294f8471f923999ebf4a49279ba778601931afaa81fd628c892
8c19881dee95b08b032cca453f14f08c950cab16c3295d2dd129cc25b90680c0
8c5275956fa1bf68a0418dddb092a5881af6b6be10f6dca54dfacda6ba41992a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbce0e1c2a59678db57393129d17d22c034e0a494fe805794f57c3d2f91bea7
8e9bd74e03f0f26deb4bea9ca16f450edc33fa53ce09a56751d3bfb10912281b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
922ba9f92548fb6d5c1904bded334f97a8094e690149d3b986942395adead77e
93877a4648f07d0a209913c6a05dcdc1810fe91fb41c96320aea06de80b708c5
95ab958ba5d0941d068134f13dfbf40f0b9cea7779f6869f406dc5415b803b03
96aa3667db041dd0f9351d85ca19b7485bf1dad1832ae2099c65cd5a11841275
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9cdf303ac2192eda30f0df8726e7963820a33e9102a6246801e29530e74f8edd
9d91481553e284386311fae54b5522f69c2313c8d101f4683eabf8315a14e240
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ffaea7ec1c6a9108483f6b5e68f29db9fba784edc72b2e2400780a26a367e0
a66d540cbec090e29b160d6d0d551c3b98f8e3b95ae0840abea0d72c16c5b5ee
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a9d34ac2bd494ee57840df7cb57233ab722eb492cc619e6deb7a5b5e4773df0d
a9e0c3f2f8aa72179351f0b5edcde6cfcf708285785c4a358331e05da8bff5a3
aac9542bbfc059decc4949c741f48aea729dd7afcbfd39f10868f2dc72964e41
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
ae9da6c82bac917e656f0ce20347294e4ecfb1561ad9da7b7dc5f3613ce2c2bf
b055fd6b8e7a31ddb6f7356718a9c06093f1c00b5c122d61d0d4526f727362f9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b995cc283857cb5396b94e36deb47341469cdeed3d92e0e22a2cd3cf0900fd9d
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c25e33aaf9d908bb036672ed26b9af74032d7cb464d5e3f3b9b67e868798290a
c7cb9607232edfca6ad4bf5b7c972b2803abf66aa2a9b2c653a18ba24369e45a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca04adacbad7de15d851bfb67d82fd52e9a66e49eae71400a3b97ad8d7712e04
ca52a0eec13c48696bf05cbe5e76a0b67c73967c1f8825cfe4b733e24a775580
cb70a0b5ac2b1a8d8e5f0e0b91b99d95723392847800eb91f42673794ce38e5f
cdb0962ca5e5ebc9646e9b167b80f0ee830f85175f051c1d292d774f2272999f
ce36a0c17313e768dbae07f9a28563a71067c71fc6fec5446b770eb2096a98e8
ce508f1bf6d59a897546f6c5e8769992d8b1e4ea195f081c0b0f4ad8281c0224
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d41d07189295595e39267e87a880138ce04d72fe0ba272a91c07c735db7d2092
d4a188612de0a4f19200f9ce0ef87a48184810883848e320e1fc401013a161da
d5544013c9c882cd032a4ed06f6f8338f6fce934e82311a1267f59b5e717c4c7
d5907d04f8aa7cc029868fb441fd2a02dce10b72e3a68d6294aa7a2debf90440
d660119d70fde473f7720a43fb960d95c8ff46768e67d762f9557179709b8942
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d966ecd46380ed5fdc36aadcd4b5a4bbd65ba852833ce5e834a4e37380ac9535
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
db5399ad06ea0d394fc5a0ad43f63ab0574ff82cba560f4246a10ddf18cb8b4d
db6c8330efd6e6bfd20dbed90de2e76fe0bac473c76abe90aaa91fac7bb067c6
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc
dd2963f109103a2ae0c7b8c5aad0298984664d92c042e675b9150aad5990dbe5
e0e8db56334f15624f91438dbc8c6c32294a4213b441e3552543439c42d95025
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47fe684eeb5978f6c7437edacdbe8f33a60d89a68403c3e58c0128bfe36a52d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
e855cb8c849e4075bcfb14c9468cc38148f3e9a333dd9d71bc166665cac07f45
e944a7fb9c1dee528bebcf33ee94ecdc006ffc5d94687f35fd5366c61cde73f2
eab1145c02ae44ca45370dbdb689a98d1756fe3726fde675886a95730fee691d
eb702187321e9dc673166d6bbbc07cd65b2ec08e614758542f8fa388238d358e
ec769bb205286ebe3a86b8d7559f61dab024e4597b14b8a00e8d734dfd08ce82
ec88c9de3a44165db5e410d072fee68874d371d17eeac4ea36c5325d485b3f7b
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ed1d135e92589e0eac27bf34455002a980e00c22c6ea9a9dfbb8209262f53c9f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f093d3916d4317f3dfd3476ee92fc3344e423f703459ba07825fb855ed3e14f9
f4009f01ab6ab2381cfe6fcb016f07bbeaf4e1ae86e637051a51bd4657eaa799
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f4a8148176f74bae4907a5c9af2d61b96e267e1f83c5ea5d2f4e5031b0754efd
f4c6130b626673b7bbfd3900d511a3ab1514cd562f464361e2023cfdabf70e72
f507bd6af40c79c1e544f1f41ff75bdab07617192a345e38bf70b7fdba96a256
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
f6a0ca72c9b155770d4111755eca7f6e1e83b0e921ad15bce37a68ad69a50918
fdec13a2a5ff3cde6d10cd7c5ebaccb4e587e1464f5869c99566d794136977c9

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

308 Requests

95 %HTTPS

45 %IPv6

46 Domains

72 Subdomains

61 IPs

10 Countries

4126 kBTransfer

10115 kBSize

24 Cookies

0 Outgoing links

Redirected requests

308 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

308
Requests

95 %
HTTPS

45 %
IPv6

46
Domains

72
Subdomains

61
IPs

10
Countries

4126 kB
Transfer

10115 kB
Size

24
Cookies

308 HTTP transactions
11 data transactions