pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1

Request Chain 106

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJcHe2qyqHXyfmbl-7.U8wAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1&google_hm=2

Request Chain 107

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEDWZvbXPgpkJNYKPXPKfuGQ&google_cver=1

Request Chain 108

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4OTM5MjUwODkxMjczODQ4OQ%3D%3D

Request Chain 159

• https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
• https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 161

• https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
• https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 163

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1

Request Chain 164

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJcHe2qyqHXyfmbl-7.U8wAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1&google_hm=2

Request Chain 165

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEDWZvbXPgpkJNYKPXPKfuGQ&google_cver=1

Request Chain 166

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4OTM5MjUwODkxMjczODQ4OQ%3D%3D

Request Chain 167

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1

Request Chain 168

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJcHe2qyqHXyfmbl-7.U8wAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1&google_hm=2

Request Chain 169

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEDWZvbXPgpkJNYKPXPKfuGQ&google_cver=1

Request Chain 170

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4OTM5MjUwODkxMjczODQ4OQ%3D%3D

Request Chain 171

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1

Request Chain 172

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJcHe2qyqHXyfmbl-7.U8wAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1&google_hm=2

Request Chain 173

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEDWZvbXPgpkJNYKPXPKfuGQ&google_cver=1

Request Chain 174

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4OTM5MjUwODkxMjczODQ4OQ%3D%3D

Request Chain 183

• https://hal900027.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d6c88edf11&subid=&uid=5a6bbf115a9b8c18&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9fs6eweXZIKnEb2NmLAPjdWG-A6m5b2gaYWVnKfJD_AuEAEgwLKCa2CV4pGCoAfIAQmpAjbE8JEfR7I-qAMByAObBKoE2QFP0OFgxl554VCllujyzqckTM1RzhghwCXqlMugupink9avzun4vtC1EUv0KP5mSjD4ATlO6pTADpnw3ihx-xzq1Fv0Nlc6U8_bQsFGaSBcKClbhUt5DhodF0Bt3it0JcPykHj1BJsybV5LDS0s4i_ljqfw8uEUcHxx_g0dikkpiLmqq9OkuSYUx1ul7mddMb6BCHspTShkbvdbEH3Htk8I058EWTFVP3dTz3oZO3yRxCKV85nS7ctJE4jnpLtUNmk9cFoOQUWs-xLMqVN2eY6Fg8ClFdKtz5KuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSbQBygQiDEMUeGIMyqjiBxK0RVzVRTBtM1JhQ13KtMONl9xzRmkEf8qu5HE_gGS8O6q6rA3lPnJkGQZ6Q5D5MSIieiD3ESKZF71fs0PD5jOnFe9niUoFviCyaepERJYApNrwxFRMPB5pOlEfDsHgYAQ%26sig%3DAOD64_0iWJDOdrmEX1zpQPhent2QyGdweg%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-D70RhzOk2EYmDjvLYeEbGDJPEEmpObijQXBcFJsSVNOj7a2WB_W51CMXpuWkM9s3UdLmJpFycgJh_rFllVd3f5Fq7yYlLnDR1q2904FJ9KQvYLWJSl9RtS-2DWd95D5SsEJwZvBfPBz9apAcczJQY3m0WVA0IscBWIJhrMpGvDrsKXE24%26cry%3D1%26dbm_d%3DAKAmf-CW__8_YOxFtjxOkGLFHc10eHuyfwLWSwj_rp94-6D1b8jlinVLqmXwXgNWZrh1uLY1LTNQuuy4STCrpW6SwYUN9kDb1TemRgwNrw50efakrUEaZX0FKxVod_auxMvSk7i750Ms1tg5_bkdUUBhxToWaGdFpJKGTZYV3XNrvM6Qiia2HYD9uno3t1w0xREy_HT_WCLqKhednlEECNTv7rrdXx632-G7w56CvAomCdp5ZSynBYga2N3KU2Po53CR8noR5uQHAWs7amAzOMfncT9FuYjD0xSK8RznX301CVlW4LMaHAQgV87rzj-mOlEl8aYMJKCAunRW_soco2xGMopKQ6Qcoqv1MZSOiOV_l1NdalVWIQfsvXSLZATO59Pmdu98ZbJhmx74d1ViJRnEIuSYxPMMjySVL54YpztKBikuLlCxNYy4LNXrqyBBezadkFb6NLXdu-U08tToVlAHhoGNgbQu84jgJsCbpB806v9ZnjtTuoSKvp27JKNigHxJRsijiOi7BQCLa1z0-PtdXG1ASEfPY-_StVuihXFDrHcjcZjDjp8%26adurl%3D&documentReferer=https%3A%2F%2Fye-mek.net%2F&ancestorOrigins=https%3A%2F%2Fye-mek.net%2Chttps%3A%2F%2Fpcloak.blob.core.windows.net&random=3989046750841&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal900027.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d6c88edf11&subid=&uid=5a6bbf115a9b8c18&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9fs6eweXZIKnEb2NmLAPjdWG-A6m5b2gaYWVnKfJD_AuEAEgwLKCa2CV4pGCoAfIAQmpAjbE8JEfR7I-qAMByAObBKoE2QFP0OFgxl554VCllujyzqckTM1RzhghwCXqlMugupink9avzun4vtC1EUv0KP5mSjD4ATlO6pTADpnw3ihx-xzq1Fv0Nlc6U8_bQsFGaSBcKClbhUt5DhodF0Bt3it0JcPykHj1BJsybV5LDS0s4i_ljqfw8uEUcHxx_g0dikkpiLmqq9OkuSYUx1ul7mddMb6BCHspTShkbvdbEH3Htk8I058EWTFVP3dTz3oZO3yRxCKV85nS7ctJE4jnpLtUNmk9cFoOQUWs-xLMqVN2eY6Fg8ClFdKtz5KuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSbQBygQiDEMUeGIMyqjiBxK0RVzVRTBtM1JhQ13KtMONl9xzRmkEf8qu5HE_gGS8O6q6rA3lPnJkGQZ6Q5D5MSIieiD3ESKZF71fs0PD5jOnFe9niUoFviCyaepERJYApNrwxFRMPB5pOlEfDsHgYAQ%26sig%3DAOD64_0iWJDOdrmEX1zpQPhent2QyGdweg%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-D70RhzOk2EYmDjvLYeEbGDJPEEmpObijQXBcFJsSVNOj7a2WB_W51CMXpuWkM9s3UdLmJpFycgJh_rFllVd3f5Fq7yYlLnDR1q2904FJ9KQvYLWJSl9RtS-2DWd95D5SsEJwZvBfPBz9apAcczJQY3m0WVA0IscBWIJhrMpGvDrsKXE24%26cry%3D1%26dbm_d%3DAKAmf-CW__8_YOxFtjxOkGLFHc10eHuyfwLWSwj_rp94-6D1b8jlinVLqmXwXgNWZrh1uLY1LTNQuuy4STCrpW6SwYUN9kDb1TemRgwNrw50efakrUEaZX0FKxVod_auxMvSk7i750Ms1tg5_bkdUUBhxToWaGdFpJKGTZYV3XNrvM6Qiia2HYD9uno3t1w0xREy_HT_WCLqKhednlEECNTv7rrdXx632-G7w56CvAomCdp5ZSynBYga2N3KU2Po53CR8noR5uQHAWs7amAzOMfncT9FuYjD0xSK8RznX301CVlW4LMaHAQgV87rzj-mOlEl8aYMJKCAunRW_soco2xGMopKQ6Qcoqv1MZSOiOV_l1NdalVWIQfsvXSLZATO59Pmdu98ZbJhmx74d1ViJRnEIuSYxPMMjySVL54YpztKBikuLlCxNYy4LNXrqyBBezadkFb6NLXdu-U08tToVlAHhoGNgbQu84jgJsCbpB806v9ZnjtTuoSKvp27JKNigHxJRsijiOi7BQCLa1z0-PtdXG1ASEfPY-_StVuihXFDrHcjcZjDjp8%26adurl%3D&documentReferer=https%3A%2F%2Fye-mek.net%2F&ancestorOrigins=https%3A%2F%2Fye-mek.net%2Chttps%3A%2F%2Fpcloak.blob.core.windows.net&random=3989046750841&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 197

• https://fw.adsafeprotected.com/rfw/bgd/1352960/70224227/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-AivqQPI5VKg9-wTaQPI9yV1G1b3TcvIfGGRr9_QJbmOQ3JuqnIyDv0n-abq4g0Bz9FcEGfvln4sv37fZNia41pyygKlnYTEFkWUb73h4C2f1Fb2qEHdGIs2mWaJ4RtQQxHcQvYRPEyBo9p0fZxQOSZs1hX4E7zgouoU3oMDT3uKqnUMdYSqRUAoCZ_4M7nqvs1oNrWie-cKDSsZc0mc53D1fze5iA9MDpACODzs6xW5-YUjrgBraWfDrT0Vn4YEKeqKJhwKCdphhBoEe5DL9aIu0YmgNehoEag5mzry7jC-_L1tciPFP8xRgjKyMosfAWVRsnNAda0BtzrzvzYx5nnupeAsqS4wmBWKP5No4-jZ4RV-RCPPjOVLhgoxDLZJ7UKNaTV9nPw8Nj2hE9bq9e8IMq4VJje_722J9FMDxF_-C3YgTc8wGzEVuMmIC8XA3Y0qjRFeH9Ol-ipz4ho6cE_aZeHuuEw6b5uZmmKvzaS5uI_lpwjBudwUMLSgmwXhYESJW7Em11VxlfmdU9eq52QYiEfX_u5x_parKb1Qg_3lTJsVxeirv074JWVeP-xRqsEim5A-azhZuQ_f5jZq_kxW8VV5g0KqbHDjQPc7cM1k-McjjNRQ2dTJdAgcKszeZ_aRprxrliKOPoRhKOQQSpkdB1Lq8iLH39_h7gfVoNH9qwFye8JbJ367MAWwnrlD2OLGxevubXWZ94VshqIdX1e2ANFcFN6Mg37puRbkjM5Vmuq6avTXq7Clc81nOQ0ncyKc6Mei-X93_atdNImhJ92uMddFEcoN0xzV535Ax563NFOTSfMcl0Qx9p7qJgdjcV4xNyeme_ImZngdudS1--VOT46Xxpu5nKGQeJW7nHYly6SC8n-8jHXlLL9-jN9Kn6Bpmw0Np_wPlS5w_2hFLcrGYfa28ktan70vzHBZOt-7QlK3TR1j5uxsT1U5gOYGD9viYzuotgCKoIWpYLeiqOIzt3CGkq2zG_iuPwQ9YFtZizSLECwXLseDnImPp_qzP1ArJhuKmVazNJusVD3-z7jdVW38KiPLB9N7krzQyzt6NAzdrGV0zshHqTAC8M13ymW9WR86_7AvzywAozV935GkabouSJTKF-ND00fhs4bNDE53QO_0D3V2j48YpvghW6Z8iD5XKjBdp-RK04wi4aWC5wha8VtUyEbx6usXd5VBzm-My0FJlar5-qFwaONtYN__wBof_KJfT6gjVpkefHy6REqQ8lzJVgejTKhOOl34PNei9p3uTLvNEN-_24_XkUk-nFbrzFqwwrEUcyIy4kl6Bh_mBOtf75nu4Juqk7JrHxJmNZwQaU-VFPkE1xzmgaqMnkLlmWJ4m6Jf1qd1b9xLyBm3u2U_h8Mpt-AB9VqmR0NIeOaJ5M8W7tuMv2GAK5T-TKDi2UHbMfcVUnu9AdKuVD0dHxwJy2j1GnMazWTCCeLiodkW88hU55muZj--wwFz-lhPKXFIji-2-d6Bri347NAtISdar6jrksMxY-WDq09wFSnjSIwglzffTzdgrSEOW7bIvYIBtnTsSEgQN4owPt3z6h8bkWA8har2XUK1yXXc7WS8tMhMNbZGmy2cVcghrRELw_EcXa3UDtgJ5dDvTC6V9QWQjJiumm--b8Y9EjALleUtOcUuYn9VMIJYKUQcoYr57Odfg64nFMd5gv_ZRFr3zJ6ETwnf1CzYsDyPnar-go4KRxd8yKre9XXtqBabnkUBgKIhA5wov_pbipflK9A6N9tmijOcr9D_1EmkYXX-nbKW762Ndrv3u5n9PbtRGe93-SSSXV2cqEfzXBlP5zXuQ0x-GDjoiAk5m6COomIfw81K9Mq7KdCCEwjHSysa8VuviSguUaJaucKGb2ylA4jevEKnJgOrb3tQ7AheWzLGa4x-MaJ8RqKobUgBkO9Z3NaEAktl2GKr-BTkywKCbcVcn8eJO3SBcbAEpXtxOKWnkGvITSJ1etc8O21oTuU0vG2Q2mISbelNbfIpv2ZQFji1NJoZPNlYGlLojeryHGu5sXa0Pbod3i9D1CQttRHmBlpBrrYMfTdd6PJ6aeqY8VtVwXdDNeShdZf0k4akaWvJ_EodBqFNlY7-fqCPY0JgYs9NVWd7AT0eRYrWFbJG4sewKA2XgChzHcvJ7mY0LSAHUDGhPk9z-HP34k6BSahp6fjAiRCnXECCgXJo1ffOO2LT-cKJgYqUKCFLn859kAx76AkPsVurR5k3ZRfT6j3bA6qBRVaRDen3HBwIm_21yveUP4jrkUrbkGBZYFMPnj_AGT_VyAAnfZlwSJg5-OHyO3aKrQRaaFkr8Ona_AsO0zN5MizFhq5v4-GbCSuC1UESc0N6A4AUxuIKelTYkop_NY_CKO9iDSqxUtP0ZYEKihjqWBOGWqzTCsYQBAxecM8iGZnjvO5LvdklDyK_KWW62bCWi7slAOugiz8mk77SNLG3U0lr8HHtftQYOVhxXe3MZ5T0jLBXF6qgb-kVV6XgWZX76KVv6fr-ZTrSfAXpJ0Ds3xn4c-Hxmy4Sl1sUs2AytsEJpSoMzp2AWwI43glKP9ybiK1MF3MX3kEb_haukrPvLAYz3MAElBOQshEFZrIIc0GPvYZbmE6c8FPue4JHsNOfbshhv-PxFeZZpRR-2mK8F1SishBdN9qlQ53Bjlsw8aemtF4mNo496IoHFKgai6D2J4UU7Wzxnyqxp2RDZUi6DcfbzoK4jsHFcMIIZnUxrycQPq_5_cxOump1v9agV6r3_Mq-u1uGsh8qpD3F_QlHQ9QtO7x_Ze96xGl6_R171t-Uua6d7I5cG6Cdy66rPTAy3Lt2__WiipBwY-3GL0A_4P4r1CnSQb6obmhDnnMgFj0kROFB8mK5RLIfETX74Csh62nTtuXk5shvQ7wy-BpcDif89gbDeSoi3RFCIInliSzq-Yw8C69jKSHAt7BtsG8aLIjR7HARb1DsrjFFnFrlV7LUKZnn9hlKQsfgZ5J5X8ZG0BKgkx0Cn_CahqN9utsrNVlJ6HqfRl3Ui8NLC-VjfmjlaYP_80oNwqnatgyzfJIOFrwOQUXgKXApUYfP6zT5ck8GHeX0RFJ82FkMoMGW8hoCDh9AVK18AJ5-fNL7HtvbvOQ2z2x3gZJGio7FVBuRIqoNGJC76V6dRXzzFp0RK7kz2ZTGFLyHyRx4ZicWKl9HnUK7307E5sGswRwduKEBGDDEifUvuBqJpbzalGOYag4vuX7_e0Z0CH_w4rFuSlOJA5J2_aBn0zZyxvA1JJ0rFzGYQUQ6VAyj0F2Rv7GGI7ha1RAtNF5o0e10BalIwB6T_d_i5cQ1DREfSu9YEbF9Yg-LAfKJr9EKW3MkvvtmNJGY0phcYHkPOcwnwevdRxh2VFh5f1ktZ4Yns_S_U4nutfwKYqwmeNi3AwGUR0LhUAZa36mezTwmrr0LvXzjnCUgWZdTcCKB6sLvWBHwtNQqqvrQiFgO0etOwZgUOqTIoEqLl7D1DR2p33bH2Y2xEPG411l0xHLjY5JHku-eG_CiK9wL6dQY8steVLpONd9q3odTVfmXWShdP55VICvm-iy84ZswA-kzMKP-kHDFronuQdj4jFyO2xj324zg839CXXYBUL8_ohSwSh1Y58QsWqnBJL7sUf179qaTU9ST-_qnlZC1bbIeQcMRmPPMptkkyag1x_-9Gp9XCxst3Ekhu0vWwdUHy64a4TlUn-cYM0MhwwURRmxM7rmA0X2sqeWWRtzH4Er_2C9jFpnMKgNfK7cY5y1UVENXBM4SrFepNV6eBjgrQTFd-mv3H45S40i_07QnPqnAK6gxnxkKBpzCAQSbQBygQiDg-wr4CTft0WWBkb6lK9qvkCvtkXEZRd5tm7OdkNGIbG42UdNMHOJm3pApSFRnip7ipsXFqITjSRO_1owZMiupIf5OkV1VWtz87Eswef9Rb_x1lDGih4MT6RiF9owA_FGLkR3ltWydDoYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782081104&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gy-pacOXyuEf-Mi_tWlDdU&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fe3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fe3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:315ff81f-3483-8faf-ac1d-43f4ca54c81e,c:gt6LDP,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-664b4f8f74-dgvgl,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tI6XeCW+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C1172%7C118*.1352960-70224227%7C1181%7C1191%7C11a1%7C11b1%7C11c,idMap:118*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:20,oid:4efcaa01-12a1-11ee-934d-22fdcad9fd18,v:19.8.421,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-AivqQPI5VKg9-wTaQPI9yV1G1b3TcvIfGGRr9_QJbmOQ3JuqnIyDv0n-abq4g0Bz9FcEGfvln4sv37fZNia41pyygKlnYTEFkWUb73h4C2f1Fb2qEHdGIs2mWaJ4RtQQxHcQvYRPEyBo9p0fZxQOSZs1hX4E7zgouoU3oMDT3uKqnUMdYSqRUAoCZ_4M7nqvs1oNrWie-cKDSsZc0mc53D1fze5iA9MDpACODzs6xW5-YUjrgBraWfDrT0Vn4YEKeqKJhwKCdphhBoEe5DL9aIu0YmgNehoEag5mzry7jC-_L1tciPFP8xRgjKyMosfAWVRsnNAda0BtzrzvzYx5nnupeAsqS4wmBWKP5No4-jZ4RV-RCPPjOVLhgoxDLZJ7UKNaTV9nPw8Nj2hE9bq9e8IMq4VJje_722J9FMDxF_-C3YgTc8wGzEVuMmIC8XA3Y0qjRFeH9Ol-ipz4ho6cE_aZeHuuEw6b5uZmmKvzaS5uI_lpwjBudwUMLSgmwXhYESJW7Em11VxlfmdU9eq52QYiEfX_u5x_parKb1Qg_3lTJsVxeirv074JWVeP-xRqsEim5A-azhZuQ_f5jZq_kxW8VV5g0KqbHDjQPc7cM1k-McjjNRQ2dTJdAgcKszeZ_aRprxrliKOPoRhKOQQSpkdB1Lq8iLH39_h7gfVoNH9qwFye8JbJ367MAWwnrlD2OLGxevubXWZ94VshqIdX1e2ANFcFN6Mg37puRbkjM5Vmuq6avTXq7Clc81nOQ0ncyKc6Mei-X93_atdNImhJ92uMddFEcoN0xzV535Ax563NFOTSfMcl0Qx9p7qJgdjcV4xNyeme_ImZngdudS1--VOT46Xxpu5nKGQeJW7nHYly6SC8n-8jHXlLL9-jN9Kn6Bpmw0Np_wPlS5w_2hFLcrGYfa28ktan70vzHBZOt-7QlK3TR1j5uxsT1U5gOYGD9viYzuotgCKoIWpYLeiqOIzt3CGkq2zG_iuPwQ9YFtZizSLECwXLseDnImPp_qzP1ArJhuKmVazNJusVD3-z7jdVW38KiPLB9N7krzQyzt6NAzdrGV0zshHqTAC8M13ymW9WR86_7AvzywAozV935GkabouSJTKF-ND00fhs4bNDE53QO_0D3V2j48YpvghW6Z8iD5XKjBdp-RK04wi4aWC5wha8VtUyEbx6usXd5VBzm-My0FJlar5-qFwaONtYN__wBof_KJfT6gjVpkefHy6REqQ8lzJVgejTKhOOl34PNei9p3uTLvNEN-_24_XkUk-nFbrzFqwwrEUcyIy4kl6Bh_mBOtf75nu4Juqk7JrHxJmNZwQaU-VFPkE1xzmgaqMnkLlmWJ4m6Jf1qd1b9xLyBm3u2U_h8Mpt-AB9VqmR0NIeOaJ5M8W7tuMv2GAK5T-TKDi2UHbMfcVUnu9AdKuVD0dHxwJy2j1GnMazWTCCeLiodkW88hU55muZj--wwFz-lhPKXFIji-2-d6Bri347NAtISdar6jrksMxY-WDq09wFSnjSIwglzffTzdgrSEOW7bIvYIBtnTsSEgQN4owPt3z6h8bkWA8har2XUK1yXXc7WS8tMhMNbZGmy2cVcghrRELw_EcXa3UDtgJ5dDvTC6V9QWQjJiumm--b8Y9EjALleUtOcUuYn9VMIJYKUQcoYr57Odfg64nFMd5gv_ZRFr3zJ6ETwnf1CzYsDyPnar-go4KRxd8yKre9XXtqBabnkUBgKIhA5wov_pbipflK9A6N9tmijOcr9D_1EmkYXX-nbKW762Ndrv3u5n9PbtRGe93-SSSXV2cqEfzXBlP5zXuQ0x-GDjoiAk5m6COomIfw81K9Mq7KdCCEwjHSysa8VuviSguUaJaucKGb2ylA4jevEKnJgOrb3tQ7AheWzLGa4x-MaJ8RqKobUgBkO9Z3NaEAktl2GKr-BTkywKCbcVcn8eJO3SBcbAEpXtxOKWnkGvITSJ1etc8O21oTuU0vG2Q2mISbelNbfIpv2ZQFji1NJoZPNlYGlLojeryHGu5sXa0Pbod3i9D1CQttRHmBlpBrrYMfTdd6PJ6aeqY8VtVwXdDNeShdZf0k4akaWvJ_EodBqFNlY7-fqCPY0JgYs9NVWd7AT0eRYrWFbJG4sewKA2XgChzHcvJ7mY0LSAHUDGhPk9z-HP34k6BSahp6fjAiRCnXECCgXJo1ffOO2LT-cKJgYqUKCFLn859kAx76AkPsVurR5k3ZRfT6j3bA6qBRVaRDen3HBwIm_21yveUP4jrkUrbkGBZYFMPnj_AGT_VyAAnfZlwSJg5-OHyO3aKrQRaaFkr8Ona_AsO0zN5MizFhq5v4-GbCSuC1UESc0N6A4AUxuIKelTYkop_NY_CKO9iDSqxUtP0ZYEKihjqWBOGWqzTCsYQBAxecM8iGZnjvO5LvdklDyK_KWW62bCWi7slAOugiz8mk77SNLG3U0lr8HHtftQYOVhxXe3MZ5T0jLBXF6qgb-kVV6XgWZX76KVv6fr-ZTrSfAXpJ0Ds3xn4c-Hxmy4Sl1sUs2AytsEJpSoMzp2AWwI43glKP9ybiK1MF3MX3kEb_haukrPvLAYz3MAElBOQshEFZrIIc0GPvYZbmE6c8FPue4JHsNOfbshhv-PxFeZZpRR-2mK8F1SishBdN9qlQ53Bjlsw8aemtF4mNo496IoHFKgai6D2J4UU7Wzxnyqxp2RDZUi6DcfbzoK4jsHFcMIIZnUxrycQPq_5_cxOump1v9agV6r3_Mq-u1uGsh8qpD3F_QlHQ9QtO7x_Ze96xGl6_R171t-Uua6d7I5cG6Cdy66rPTAy3Lt2__WiipBwY-3GL0A_4P4r1CnSQb6obmhDnnMgFj0kROFB8mK5RLIfETX74Csh62nTtuXk5shvQ7wy-BpcDif89gbDeSoi3RFCIInliSzq-Yw8C69jKSHAt7BtsG8aLIjR7HARb1DsrjFFnFrlV7LUKZnn9hlKQsfgZ5J5X8ZG0BKgkx0Cn_CahqN9utsrNVlJ6HqfRl3Ui8NLC-VjfmjlaYP_80oNwqnatgyzfJIOFrwOQUXgKXApUYfP6zT5ck8GHeX0RFJ82FkMoMGW8hoCDh9AVK18AJ5-fNL7HtvbvOQ2z2x3gZJGio7FVBuRIqoNGJC76V6dRXzzFp0RK7kz2ZTGFLyHyRx4ZicWKl9HnUK7307E5sGswRwduKEBGDDEifUvuBqJpbzalGOYag4vuX7_e0Z0CH_w4rFuSlOJA5J2_aBn0zZyxvA1JJ0rFzGYQUQ6VAyj0F2Rv7GGI7ha1RAtNF5o0e10BalIwB6T_d_i5cQ1DREfSu9YEbF9Yg-LAfKJr9EKW3MkvvtmNJGY0phcYHkPOcwnwevdRxh2VFh5f1ktZ4Yns_S_U4nutfwKYqwmeNi3AwGUR0LhUAZa36mezTwmrr0LvXzjnCUgWZdTcCKB6sLvWBHwtNQqqvrQiFgO0etOwZgUOqTIoEqLl7D1DR2p33bH2Y2xEPG411l0xHLjY5JHku-eG_CiK9wL6dQY8steVLpONd9q3odTVfmXWShdP55VICvm-iy84ZswA-kzMKP-kHDFronuQdj4jFyO2xj324zg839CXXYBUL8_ohSwSh1Y58QsWqnBJL7sUf179qaTU9ST-_qnlZC1bbIeQcMRmPPMptkkyag1x_-9Gp9XCxst3Ekhu0vWwdUHy64a4TlUn-cYM0MhwwURRmxM7rmA0X2sqeWWRtzH4Er_2C9jFpnMKgNfK7cY5y1UVENXBM4SrFepNV6eBjgrQTFd-mv3H45S40i_07QnPqnAK6gxnxkKBpzCAQSbQBygQiDg-wr4CTft0WWBkb6lK9qvkCvtkXEZRd5tm7OdkNGIbG42UdNMHOJm3pApSFRnip7ipsXFqITjSRO_1owZMiupIf5OkV1VWtz87Eswef9Rb_x1lDGih4MT6RiF9owA_FGLkR3ltWydDoYAWAB&cry=1&bundleId=

Request Chain 210

• https://fw.adsafeprotected.com/rfw/bgd/1352960/70224227/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-CDcGVXmqxeoUalaDnV0d5SBPdG3sGXbHYj23Dm5gV7WIxwuQUnBxxF_0LfPRJLaeSnzOUgn3iP0vKX3RhjIxLmQnsbIDh-BCw5J9Qsr7uQYmB8rEd6hVl-6YVBiZge8R166jIEao413gwuc1JtiYdW4rfcnwGcW8YVwuVstzmbq1Ut67ESqRUAoCZ_4Bn2sgsDL4Hkbpr9S1PevmFKhE3-gWhuAIiutft17ytdsci3Wpk4yHmHtu0RtU58N5mhHZuyawZIwccVw0jCuRfC-XnPBZEiKvtYnskBqbXT3VKAbKY89NDzHcHZXE40WAy0rkOxp6T-A_brpB5f8-7ElRTvEP1w3ZzB2D96LYAAPakY2oFldmT5e6aHtNtqR2hgQNcdj-FtjGAw3rQ9JMFRDvLUhCMWEBYJ5EQRA5BDojguiq7-YYzoa5skIQ_XEdSNu76Td950x7dTuP9fdfQYIxvLdx0izw_VGrikPqoV3KApB7zbL0iapvaZOtkpV-qyt0yInkOEdPQfEGXRs4LVporx-aeHxDoCiYO3kmcv-0QkgKyrEkRHuDxPGcztzK4RCFPFdVf4Pgtt5sjp7lMzWUkAJEhH5fKzSTMkMGjdbNpmq_jQYjT5NBcutP7avF-tA-RfWgIvIB07vN3Ag2U19jytDLbw6Tr-Sxygezj4bniIXrBWmbgMoCgikvMH36Iy9FRJs4QYc2O01DB7tkQO4bRNHSTdNXvoRKSQPb5hYs4e1Xu2G428MxU02zEV_nWSpRhyA1Mp805TQ17mJTAEWYvJLDJId3BbQrK-y24nRVDhTrDDhBRws42moAWQMASCozsQQWnVTZti8o7jeUrI7sbaUu9xbr44-qAZAI4QVeuefqJr-N6--BHB69qCYC_IWAzfrMo5fU-cm0aROax01Bj-V8YoO3izXuJ6Jt4OLMQFMcM3jP9l_83eG5K24wOqsoiAl1IJM1QwuUB-Oj_TyxgynLBMAE000WXqSG9r8VBNTUCOrflKy7UFOodxUVy3tD7f4VEGU3tx6-6WswGJX_BpfIgQ-aj-x7qTh6vvHhNnR1w9pS34dtvScp189uPJwayrqnX0EQjOHAGUbo3rjYu286WmRlE74E5x9luvm6xkh28-YXgmWVmZnUbg_GFSMDxbawXyyddHtOmog7-9FQfYQYHW7pbXZMHum9vEMzEKKjdNdvRED7vz2DMFMAHUm7-KxXbLtspFHjDZ3vR3R94NdLsC3sTdqnxxOox0yP5wnlOOOGUtaRL_waBizMDDhfN1dqlm1f-Xe1u_4VUhgyhS41etznZPC36eRhSjg9dmSvOb7-dgedppracyxSP55VrzPAe_0e6VZ965jiawzL9GqAO1wNTzjVfeBCIqc-VaOrS88B0YA5YN6N3JZe_suhIJ7OEFqufQl4igCyElS-61yn-tc2KOKW428tnVnvWoShRvNBqdccRKSKHwh5RNWGQeZG7hWlVdvMJWgh3DiXkNgvlZ2wCw5ZSDsg1XGZrH3mU7ZcZprMxa-Y6RN05LRxqaSK6XF-tIfsURU8wMM-CvWkNw98an2WRiFJ8Ak6hDCRAQ3GRXxgss_6MHIiRuDBb5Z-iZ6ahnjxREpfN3iegZV-IN33Hth7bkjsh3Yr9TYTMCX9bvlYzPawSNgsewQcqe9qOi5buztWjT7fD3debt0RuVvPRusxl6BxFzNv8Qq5nNYWb-4bPY--6tI9H9bb0RT21Jo0zZ6YrEtYmY7uwGjsDdJaUlu3tV93SaQGVXA9E70aIERJ6QJdeDfbPedeP_yE1DcPUyQyH5C1aocETs6uwqPbQ1-Yl39QO7FaBmNTVpWHfWqlNPc4sPbnxfbubpd1pgKXq0JNYu3MFIjUzPm2SBqRNiPqJfqMikt2jtsrC0RMV7fMe9E-imXIuSgFCMrrMfbc-QMqUqR8vyI-PjRQzS9iwCQHc7VjdEWpuoc7cEm3JreBMvyICGAWn4rU8bMmUF9TDLsmfIfqkhTe6_IGoUUtzbL-MCcRBLwUzFimqFQhKoXSpGnY_0YbPjhf8Qv5JRXT_yC-HjW8bEi62p4BM9q3M_XC18WOHkvHYzqJgmLlS7vV5euodyJMIrf6QH91B4DY1qNaZoa6d8WQ7V3AVvjyJFAR2f-9wRJLL8QoqMtiqkt4cY-NQoVZPuD02aQtx0pGI9DdHZffxVWxs1BtVphlzPbzIJ13lfDk1dTMc_kMZmGqL4ZzDdnRbPWcl-kWm06ODwpv93c-ImcpzIIQ_m_3TO9CF2ok-jXN-pqhtreySNmxIAu94qDKBRpim5hw8-2lxfsJRtN4Jc7-PWxO9TdufsjYe1oGo5VG78kKykUCzfd469-4eTNOlHY4ccFrEsgVGnUlME0zreCz1YKPF8X5ZbosYKhdCH6-lR4z7zperZlVeIgdBPOf273LXmPM-QcG8MvsSDQHRqaBNdKUkNL8WHxPrfwfgKTZE-kDUa-4cHeTlmET9qylEpmu2Zq-cHV0xqqW6jfhBLSQhMRrxREggVYgfy8nMtYImTbMMBwW1o1QUG--mAfCOdnlyRnXyOB1brJirWPquWG9HqcjAiY6w_Wz1WbK7DGUlKBW_5zLS4PYfYnOQ5KWAcqqAn2CQyMBm68eoeJkNoBJ5PwJcK0m4LwHQFBDA1o4FR-Aom1XGRzjjUk0dg0Kat_J1hfzADT6iCODNavCpT_y8lE3kJMAQE01tVBXACTkgda84oLryTNFQ2YBQyOfFO2Jzyi9Bf6885Q6tKFTSL5rZS4fDUfP2SxZbPiMEHk0pxvlL1TqhefCQXtJUnUfm_mWsISF72pCqQILYQz-YaWKPIhWXQ4DjOl8gYBDG8EHvgkr6xAUlcpLZ8ShWNOxL4BoDD2SUTuU7K3Y4XlawOWeZcsmF-C44DO_afFSdz5xy7mowdxXminjIXbGqXug4zETsKzQKzrzwO9Zna4ldeGgPJWiIbpodOq8KuPErVnesLu3pRpHW6P-PrM8si6iC8z3v_EWjIw55hp-14q1X3okEsmFEBLIAKiV5NAU1pAhC9tucroZo3rM2ccncbyn8mdBststp5JUtGTHPLuK00HbxwZXncZcprSIdBbvNe9r2w2wMQc_yowi5PZMnEf0BqCaqqgb-kYTRO9XFso5hyjiFAuuYYhC6YWJ6Zmkn4srgJp-ikNLBq7qGcur6GAiG81V8MhGM4cHt0EbtSbXPHh9XOazar99WTi27aL_nFKFjh3hLT_D_gx413TCBCzbjD_P_TNl8ZVd6TOEQPYihwAr3C7tN6a6182Z-oFMl3NlNnkgGo8vKsg1gLjv9SF0K7KyG4teSIeuYCWvTjZS-QvFghzw4XE8K6cthH6y-j6_lE30JxqAxBJ592KTmHxTAR1zQvTE00tSDDPUBmtLLQzJSRBlxw9PVTsk-XqGeQGmITUTFZc7pjpSFQ3HYSNXGAjtdAnicjA0HICjcDxoWKEG6lgXizQcyjnUJCBh-AYVB5yse3MeynkpJjiSAkEWhQj7Uqt_jvxZyG8dtUmtRWyN1TUPUubCrhBv4Xrcn8wHxGSWF2jMut1nRcmbdd-uz9NrELy5IQTdTacHdPieJkW17qj_6ZiUN03zP9jnE9wCoTgeusNcaS1ayvbUB9xWRbTf4TLCz0p9ycA_3AcRVMzg6ZTahZQ1ShM6SG7K-keopXowT5P7Uf1jEzNFwXix_G9Tp9hmxPekPQ8lm7rqf2EDfAFDFN5mz9Rcttv65Dv5gtgJNhD6iNbnScPKwklcUaSvco7xbQioUB8m7vpjpv_4ZUHxMMI3QPZqT_1i6UJR1_QRpzCAQSbQBygQiDesc4HT9I0TjrOnxgDaHiRDjntArQHT5bSnrBTO6yI2JNQsQOQ92udKfJ2lx4m6JJhI2jw78rj8gyqhPCsC__RnXXl6FLwSFxjkGwPUr0jZXoF4wJ4FPBXG6XAAWKFWimse6eChK2-CYYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782081104&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jUoieRiMq-u4MXzMUXose-&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fe3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fe3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:ebe5f00f-2a08-6f56-a9f8-f609d451617a,c:gt6LGz,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-664b4f8f74-tcn52,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tI6XeFC+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C11721%7C1181%7C1182%7C1183%7C119*.1352960-70224227%7C1191%7C11a1%7C11b1%7C11c1,idMap:119*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:24,oid:4efcaa2b-12a1-11ee-96ef-7e82db52e495,v:19.8.421,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-CDcGVXmqxeoUalaDnV0d5SBPdG3sGXbHYj23Dm5gV7WIxwuQUnBxxF_0LfPRJLaeSnzOUgn3iP0vKX3RhjIxLmQnsbIDh-BCw5J9Qsr7uQYmB8rEd6hVl-6YVBiZge8R166jIEao413gwuc1JtiYdW4rfcnwGcW8YVwuVstzmbq1Ut67ESqRUAoCZ_4Bn2sgsDL4Hkbpr9S1PevmFKhE3-gWhuAIiutft17ytdsci3Wpk4yHmHtu0RtU58N5mhHZuyawZIwccVw0jCuRfC-XnPBZEiKvtYnskBqbXT3VKAbKY89NDzHcHZXE40WAy0rkOxp6T-A_brpB5f8-7ElRTvEP1w3ZzB2D96LYAAPakY2oFldmT5e6aHtNtqR2hgQNcdj-FtjGAw3rQ9JMFRDvLUhCMWEBYJ5EQRA5BDojguiq7-YYzoa5skIQ_XEdSNu76Td950x7dTuP9fdfQYIxvLdx0izw_VGrikPqoV3KApB7zbL0iapvaZOtkpV-qyt0yInkOEdPQfEGXRs4LVporx-aeHxDoCiYO3kmcv-0QkgKyrEkRHuDxPGcztzK4RCFPFdVf4Pgtt5sjp7lMzWUkAJEhH5fKzSTMkMGjdbNpmq_jQYjT5NBcutP7avF-tA-RfWgIvIB07vN3Ag2U19jytDLbw6Tr-Sxygezj4bniIXrBWmbgMoCgikvMH36Iy9FRJs4QYc2O01DB7tkQO4bRNHSTdNXvoRKSQPb5hYs4e1Xu2G428MxU02zEV_nWSpRhyA1Mp805TQ17mJTAEWYvJLDJId3BbQrK-y24nRVDhTrDDhBRws42moAWQMASCozsQQWnVTZti8o7jeUrI7sbaUu9xbr44-qAZAI4QVeuefqJr-N6--BHB69qCYC_IWAzfrMo5fU-cm0aROax01Bj-V8YoO3izXuJ6Jt4OLMQFMcM3jP9l_83eG5K24wOqsoiAl1IJM1QwuUB-Oj_TyxgynLBMAE000WXqSG9r8VBNTUCOrflKy7UFOodxUVy3tD7f4VEGU3tx6-6WswGJX_BpfIgQ-aj-x7qTh6vvHhNnR1w9pS34dtvScp189uPJwayrqnX0EQjOHAGUbo3rjYu286WmRlE74E5x9luvm6xkh28-YXgmWVmZnUbg_GFSMDxbawXyyddHtOmog7-9FQfYQYHW7pbXZMHum9vEMzEKKjdNdvRED7vz2DMFMAHUm7-KxXbLtspFHjDZ3vR3R94NdLsC3sTdqnxxOox0yP5wnlOOOGUtaRL_waBizMDDhfN1dqlm1f-Xe1u_4VUhgyhS41etznZPC36eRhSjg9dmSvOb7-dgedppracyxSP55VrzPAe_0e6VZ965jiawzL9GqAO1wNTzjVfeBCIqc-VaOrS88B0YA5YN6N3JZe_suhIJ7OEFqufQl4igCyElS-61yn-tc2KOKW428tnVnvWoShRvNBqdccRKSKHwh5RNWGQeZG7hWlVdvMJWgh3DiXkNgvlZ2wCw5ZSDsg1XGZrH3mU7ZcZprMxa-Y6RN05LRxqaSK6XF-tIfsURU8wMM-CvWkNw98an2WRiFJ8Ak6hDCRAQ3GRXxgss_6MHIiRuDBb5Z-iZ6ahnjxREpfN3iegZV-IN33Hth7bkjsh3Yr9TYTMCX9bvlYzPawSNgsewQcqe9qOi5buztWjT7fD3debt0RuVvPRusxl6BxFzNv8Qq5nNYWb-4bPY--6tI9H9bb0RT21Jo0zZ6YrEtYmY7uwGjsDdJaUlu3tV93SaQGVXA9E70aIERJ6QJdeDfbPedeP_yE1DcPUyQyH5C1aocETs6uwqPbQ1-Yl39QO7FaBmNTVpWHfWqlNPc4sPbnxfbubpd1pgKXq0JNYu3MFIjUzPm2SBqRNiPqJfqMikt2jtsrC0RMV7fMe9E-imXIuSgFCMrrMfbc-QMqUqR8vyI-PjRQzS9iwCQHc7VjdEWpuoc7cEm3JreBMvyICGAWn4rU8bMmUF9TDLsmfIfqkhTe6_IGoUUtzbL-MCcRBLwUzFimqFQhKoXSpGnY_0YbPjhf8Qv5JRXT_yC-HjW8bEi62p4BM9q3M_XC18WOHkvHYzqJgmLlS7vV5euodyJMIrf6QH91B4DY1qNaZoa6d8WQ7V3AVvjyJFAR2f-9wRJLL8QoqMtiqkt4cY-NQoVZPuD02aQtx0pGI9DdHZffxVWxs1BtVphlzPbzIJ13lfDk1dTMc_kMZmGqL4ZzDdnRbPWcl-kWm06ODwpv93c-ImcpzIIQ_m_3TO9CF2ok-jXN-pqhtreySNmxIAu94qDKBRpim5hw8-2lxfsJRtN4Jc7-PWxO9TdufsjYe1oGo5VG78kKykUCzfd469-4eTNOlHY4ccFrEsgVGnUlME0zreCz1YKPF8X5ZbosYKhdCH6-lR4z7zperZlVeIgdBPOf273LXmPM-QcG8MvsSDQHRqaBNdKUkNL8WHxPrfwfgKTZE-kDUa-4cHeTlmET9qylEpmu2Zq-cHV0xqqW6jfhBLSQhMRrxREggVYgfy8nMtYImTbMMBwW1o1QUG--mAfCOdnlyRnXyOB1brJirWPquWG9HqcjAiY6w_Wz1WbK7DGUlKBW_5zLS4PYfYnOQ5KWAcqqAn2CQyMBm68eoeJkNoBJ5PwJcK0m4LwHQFBDA1o4FR-Aom1XGRzjjUk0dg0Kat_J1hfzADT6iCODNavCpT_y8lE3kJMAQE01tVBXACTkgda84oLryTNFQ2YBQyOfFO2Jzyi9Bf6885Q6tKFTSL5rZS4fDUfP2SxZbPiMEHk0pxvlL1TqhefCQXtJUnUfm_mWsISF72pCqQILYQz-YaWKPIhWXQ4DjOl8gYBDG8EHvgkr6xAUlcpLZ8ShWNOxL4BoDD2SUTuU7K3Y4XlawOWeZcsmF-C44DO_afFSdz5xy7mowdxXminjIXbGqXug4zETsKzQKzrzwO9Zna4ldeGgPJWiIbpodOq8KuPErVnesLu3pRpHW6P-PrM8si6iC8z3v_EWjIw55hp-14q1X3okEsmFEBLIAKiV5NAU1pAhC9tucroZo3rM2ccncbyn8mdBststp5JUtGTHPLuK00HbxwZXncZcprSIdBbvNe9r2w2wMQc_yowi5PZMnEf0BqCaqqgb-kYTRO9XFso5hyjiFAuuYYhC6YWJ6Zmkn4srgJp-ikNLBq7qGcur6GAiG81V8MhGM4cHt0EbtSbXPHh9XOazar99WTi27aL_nFKFjh3hLT_D_gx413TCBCzbjD_P_TNl8ZVd6TOEQPYihwAr3C7tN6a6182Z-oFMl3NlNnkgGo8vKsg1gLjv9SF0K7KyG4teSIeuYCWvTjZS-QvFghzw4XE8K6cthH6y-j6_lE30JxqAxBJ592KTmHxTAR1zQvTE00tSDDPUBmtLLQzJSRBlxw9PVTsk-XqGeQGmITUTFZc7pjpSFQ3HYSNXGAjtdAnicjA0HICjcDxoWKEG6lgXizQcyjnUJCBh-AYVB5yse3MeynkpJjiSAkEWhQj7Uqt_jvxZyG8dtUmtRWyN1TUPUubCrhBv4Xrcn8wHxGSWF2jMut1nRcmbdd-uz9NrELy5IQTdTacHdPieJkW17qj_6ZiUN03zP9jnE9wCoTgeusNcaS1ayvbUB9xWRbTf4TLCz0p9ycA_3AcRVMzg6ZTahZQ1ShM6SG7K-keopXowT5P7Uf1jEzNFwXix_G9Tp9hmxPekPQ8lm7rqf2EDfAFDFN5mz9Rcttv65Dv5gtgJNhD6iNbnScPKwklcUaSvco7xbQioUB8m7vpjpv_4ZUHxMMI3QPZqT_1i6UJR1_QRpzCAQSbQBygQiDesc4HT9I0TjrOnxgDaHiRDjntArQHT5bSnrBTO6yI2JNQsQOQ92udKfJ2lx4m6JJhI2jw78rj8gyqhPCsC__RnXXl6FLwSFxjkGwPUr0jZXoF4wJ4FPBXG6XAAWKFWimse6eChK2-CYYAWAB&cry=1&bundleId=

Request Chain 233

• https://fw.adsafeprotected.com/rfw/st/1484055/72040524/4.js?ias_dspID=64&adContainerId=brand_safety_fAeXZOrbCYqRjuwP7da76AY&cbFunctionName=goog_wrapCb_fAeXZOrbCYqRjuwP7da76AY&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fe3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fe3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:f26a5537-58ab-34cf-3ca7-733fe37bb058,c:gt6LL0,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-664b4f8f74-cplnd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tI6XeJH+111%7C112%7C113%7C114%7C115%7C1161%7C11621%7C11622%7C1171%7C11721%7C1173%7C1174%7C1181%7C1182%7C1183%7C1191%7C1192%7C1193%7C11a*.1484055-72040524%7C11a1%7C11b1%7C11c1,idMap:11a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:46,oid:4f3dd20a-12a1-11ee-b9f2-96dd001fcac8,v:19.8.421,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/4a.js

Request Chain 259

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECurcynna_2pPXqx-jNiRBg&google_cver=1&google_push=ATf1kGOHzQUsVAOk1mW5zqRzVDqk8b0YTcdh5BTAxdSgvfXAblAMmDv3kF8frB_fom2m-C-AbNY78PkIVIWuYXYuCepbN6eXjyp6HU8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECurcynna_2pPXqx-jNiRBg&google_push=ATf1kGOHzQUsVAOk1mW5zqRzVDqk8b0YTcdh5BTAxdSgvfXAblAMmDv3kF8frB_fom2m-C-AbNY78PkIVIWuYXYuCepbN6eXjyp6HU8

Request Chain 260

• https://d.agkn.com/pixel/2175/?google_gid=CAESEC4PR449Qc3XCSn4VA2-hmQ&google_cver=1&google_push=ATf1kGNQZLnfZWpeaQiuRDl8QjTOBE60ifsayUsCOC3bDsNUcFezxluIT59gBX_LEU2vGTqRbQZaXv1fUlwuWPgbDtRh25YoaK8KLGsH HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGNQZLnfZWpeaQiuRDl8QjTOBE60ifsayUsCOC3bDsNUcFezxluIT59gBX_LEU2vGTqRbQZaXv1fUlwuWPgbDtRh25YoaK8KLGsH&google_hm=Q0FFU0VDNFBSNDQ5UWMzWENTbjRWQTItaG1R

Request Chain 261

• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGPL-sQOemyf9yAadZBsguTU07wx0bMg8V3yJ-1_GG9SjOtsMBa8E9zdYitDojn4FMgJirvGa9cCFAOFZeDsk5_Nde8v_PN3oOp6&google_gid=CAESELTW7srwslTnJwagjKseJHM&google_cver=1 HTTP 302
• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGPL-sQOemyf9yAadZBsguTU07wx0bMg8V3yJ-1_GG9SjOtsMBa8E9zdYitDojn4FMgJirvGa9cCFAOFZeDsk5_Nde8v_PN3oOp6&google_gid=CAESELTW7srwslTnJwagjKseJHM&google_cver=1&rd=Y HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA2MjQxNTEwNTQwMDAxMTc5OTY2NTIxNA%3D%3D&google_push=ATf1kGPL-sQOemyf9yAadZBsguTU07wx0bMg8V3yJ-1_GG9SjOtsMBa8E9zdYitDojn4FMgJirvGa9cCFAOFZeDsk5_Nde8v_PN3oOp6

Request Chain 262

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHavlMy-KBNYAW4EKFu86cM&google_cver=1&google_push=ATf1kGOtFQxEU4h7bDslbilf-dWSBs0kFQxeTaynzIRV7UeK9I10ibh0tzbC0g_Wyf2IFiKm99_oCZM3P3FXG3FHLhRHZ3T0zhsuxWrn HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOtFQxEU4h7bDslbilf-dWSBs0kFQxeTaynzIRV7UeK9I10ibh0tzbC0g_Wyf2IFiKm99_oCZM3P3FXG3FHLhRHZ3T0zhsuxWrn&google_hm=eS1lS3dyblVaRTJwR0ZkNlJfeTlha0RNUlloMDY3RmdJaH5B

Request Chain 263

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFNRLNNQDkDJhkXYJs6FKgI&google_cver=1&google_push=ATf1kGPy97KfinXJ_rycAHuk8h4kKth-wObc094Q2Fqmim_j9va4hRWxVPz9GPP41LcoMCJHE3-DJfxi8Bo2Ac10jeX8DAlSTpB0ldgu HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFNRLNNQDkDJhkXYJs6FKgI&google_cver=1&google_push=ATf1kGPy97KfinXJ_rycAHuk8h4kKth-wObc094Q2Fqmim_j9va4hRWxVPz9GPP41LcoMCJHE3-DJfxi8Bo2Ac10jeX8DAlSTpB0ldgu HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE1MzcwMzUxNzM2NjU1MDM0MQ&google_push=ATf1kGPy97KfinXJ_rycAHuk8h4kKth-wObc094Q2Fqmim_j9va4hRWxVPz9GPP41LcoMCJHE3-DJfxi8Bo2Ac10jeX8DAlSTpB0ldgu

Request Chain 265

• https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPPcZvispcw1I7pGx6doTrQ&google_cver=1&google_push=ATf1kGO3CBkMmp6pygcwaLW1nHdH3nAaidQ-PinF2q4DQiBztjNWvXBJK9xuVTT4d3sUnVgwq9yrvWoBddR7z0zaP5LeOw7g2_WPwHIC-Q HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGO3CBkMmp6pygcwaLW1nHdH3nAaidQ-PinF2q4DQiBztjNWvXBJK9xuVTT4d3sUnVgwq9yrvWoBddR7z0zaP5LeOw7g2_WPwHIC-Q HTTP 302
• https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 268

• https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3476966648974.3223 HTTP 302
• https://8019191.fls.doubleclick.net/activityi;dc_pre=CPqMibCY3P8CFQ5Bwgodg98Pew;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3476966648974.3223

367 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
10 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 6x6uf5z9e3262.html Show response pcloak.blob.core.windows.net/web/	1 KB 2 KB	410ms 97ms	Document text/html	20.60.220.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Length 1324 Content-MD5 XPHdOVCmWyxrVVstkB9xGw== Content-Type text/html Date Sat, 24 Jun 2023 15:10:48 GMT ETag 0x8DB5ED08476F0C5 Last-Modified Sat, 27 May 2023 16:36:27 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-blob-type BlockBlob x-ms-lease-status unlocked x-ms-request-id a4ab251a-901e-0071-2bae-a6a426000000 x-ms-version 2009-09-19
GET H/1.1	404 The specified blob does not exist.	jquery.min.js pcloak.blob.core.windows.net/web/	0 0	95ms 94ms	Script application/xml	20.60.220.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pcloak.blob.core.windows.net/web/jquery.min.js Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-ms-request-id a4ab257d-901e-0071-08ae-a6a426000000 Date Sat, 24 Jun 2023 15:10:48 GMT x-ms-version 2009-09-19 Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-Length 215 Content-Type application/xml
GET H/1.1	200 OK	cloakan.js Show response pcloak.blob.core.windows.net/web/	308 B 717 B	288ms 96ms	Script text/javascript	20.60.220.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pcloak.blob.core.windows.net/web/cloakan.js Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a Request headers accept-language de-DE,de;q=0.9 Referer https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Sat, 24 Jun 2023 15:10:48 GMT Last-Modified Mon, 13 Jun 2022 14:36:49 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 zPiKctHo6j8i1UGOFPpInw== ETag 0x8DA4D4A263C11C2 Content-Type text/javascript x-ms-request-id a4ab2621-901e-0071-1eae-a6a426000000 x-ms-version 2009-09-19 Content-Length 308
GET H/1.1	200 OK	style.css pcloak.blob.core.windows.net/web/	166 B 568 B	190ms 95ms	Stylesheet text/css	20.60.220.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pcloak.blob.core.windows.net/web/style.css Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5 Request headers accept-language de-DE,de;q=0.9 Referer https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Sat, 24 Jun 2023 15:10:48 GMT Last-Modified Mon, 13 Jun 2022 14:36:49 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 9ruAIrm4XHnQO3/sM8J0AQ== ETag 0x8DA4D4A26527CA0 Content-Type text/css x-ms-request-id a4ab25c7-901e-0071-4cae-a6a426000000 x-ms-version 2009-09-19 Content-Length 166
GET H2	200	px.php Show response www.cloakan.co/	743 B 681 B	287ms 139ms	XHR text/html	77.245.159.14 NIOBEBILISIMHIZME...
General Check archive.org Show headers Download Go to Full URL https://www.cloakan.co/px.php?id=6x6uf5z9e3262 Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR), Reverse DNS stilgar.wlsrv.com Software LiteSpeed / PHP/7.3.33 Resource Hash 120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708 Request headers accept-language de-DE,de;q=0.9 Referer https://pcloak.blob.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:48 GMT content-encoding br server LiteSpeed x-powered-by PHP/7.3.33 vary Accept-Encoding,User-Agent content-type text/html; charset=UTF-8 access-control-allow-origin * alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000 content-length 404
GET H2	200	nv.php Show response www.cloakan.co/	232 B 385 B	253ms 133ms	Script text/html	77.245.159.14 NIOBEBILISIMHIZME...
General Check archive.org Show headers Download Go to Full URL https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/cloakan.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR), Reverse DNS stilgar.wlsrv.com Software LiteSpeed / PHP/7.3.33 Resource Hash 9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86 Request headers accept-language de-DE,de;q=0.9 Referer https://pcloak.blob.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:48 GMT content-encoding br server LiteSpeed x-powered-by PHP/7.3.33 vary Accept-Encoding,User-Agent content-type text/html; charset=UTF-8 alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000 content-length 112
GET H2	200	/ Show response ye-mek.net/ Frame 2BF5	76 KB 76 KB	213ms 56ms	Document text/html	94.138.206.83 AS49126
General Check archive.org Show headers Download Go to Full URL https://ye-mek.net/ Requested by Host: www.cloakan.co URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.138.206.83 , Turkey, ASN49126 (AS49126, TR), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 775ae37bbdaac699490e13908703f9fa724ad405a583c4d964c3a2705e25199a Request headers Referer https://pcloak.blob.core.windows.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache content-length 77353 content-type text/html; charset=utf-8 date Sat, 24 Jun 2023 15:10:49 GMT expires -1 pragma no-cache server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET x-powered-by-plesk PleskWin
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 2BF5	90 KB 33 KB	46ms 8ms	Script text/javascript	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 17:18:53 GMT content-encoding gzip x-content-type-options nosniff age 165117 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33018 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Jun 2024 17:18:53 GMT
GET H2	200	yemeknet.js Show response ye-mek.net/js/ Frame 2BF5	10 KB 2 KB	81ms 78ms	Script application/javascript	94.138.206.83 AS49126
General Check archive.org Show headers Download Go to Full URL https://ye-mek.net/js/yemeknet.js?v=1 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.138.206.83 , Turkey, ASN49126 (AS49126, TR), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Sat, 24 Jun 2023 15:10:49 GMT content-encoding br last-modified Tue, 20 Aug 2019 13:15:54 GMT server Microsoft-IIS/10.0 etag "0a144655957d51:0" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript cache-control max-age=691200 accept-ranges bytes content-length 2179
GET H2	200	maincss.css cdn.ye-mek.net/ Frame 2BF5	40 KB 12 KB	69ms 15ms	Stylesheet text/css	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.ye-mek.net/maincss.css?v=434 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT content-encoding gzip x-cache HIT x-77-cache HIT x-age 5810048 x-accel-date 1681809402 x-77-nzt AcO1rw6z43L/gKdYAA x-accel-expires @1713345402 last-modified Tue, 24 Nov 2020 00:00:32 GMT server CDN77-Turbo etag W/"5fbc4d20-9e5b" x-77-nzt-ray 90833930ec1015a27a0797641c84f61b vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 2BF5	121 KB 47 KB	59ms 29ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-38733763-1 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2bd7d426dae60dc240310b24f05b7653068ddaa2845136c5e50807cd7e436fcf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:50 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 47884 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 24 Jun 2023 15:10:50 GMT
GET H2	200	searchButton.png cdn.ye-mek.net/App_UI/Img/ Frame 2BF5	542 B 894 B	13ms 12ms	Image image/png	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/searchButton.png Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5810047 x-accel-date 1681809403 content-length 542 x-77-nzt AcO1rw5nXzX/f6dYAA x-accel-expires @1713345403 last-modified Sat, 22 Oct 2022 20:00:57 GMT server CDN77-Turbo etag "63544bf9-21e" x-77-nzt-ray 90833930ec1015a27a0797641ff2c01d content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	ara.png cdn.ye-mek.net/App_UI/Img/ Frame 2BF5	2 KB 2 KB	20ms 8ms	Image image/png	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/ara.png Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5810038 x-accel-date 1681809412 content-length 1651 x-77-nzt AcO1rw4f/qn/dqdYAA x-accel-expires @1713345412 last-modified Mon, 14 May 2018 22:41:08 GMT server CDN77-Turbo etag "5afa1084-673" x-77-nzt-ray 90833930ec1015a27a079764be733e1e content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	bezelyeli-enginar-yemegi-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 2BF5	13 KB 14 KB	29ms 14ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/bezelyeli-enginar-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash b28212f4baadf3c72472e06c83eeb9f674659bc3390f8279644cc35c2b3cca60 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 56144 x-accel-date 1687563306 content-length 13577 x-77-nzt AcO1rw6xrmr/UNsAAA x-accel-expires @1719099306 last-modified Fri, 23 Jun 2023 23:12:58 GMT server CDN77-Turbo etag "649626fa-3509" x-77-nzt-ray 90833930ec1015a27a079764c6f18d1e content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	cilek-kompostosu-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 2BF5	13 KB 13 KB	30ms 15ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/cilek-kompostosu-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 1c850554971fd0815ab530813c41947b41fd5485122fcc6ddad7e52554ca4c5f Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 145215 x-accel-date 1687474235 content-length 13316 x-77-nzt AcO1rw4k+Vn/PzcCAA x-accel-expires @1719010235 last-modified Thu, 22 Jun 2023 22:09:37 GMT server CDN77-Turbo etag "6494c6a1-3404" x-77-nzt-ray 90833930ec1015a27a079764e930931e content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	buzlukta-havuc-saklama-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 2BF5	15 KB 15 KB	34ms 20ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/buzlukta-havuc-saklama-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash c2b14f3faab1ff78bc25ec1143035f67f3653c08c243adfa3772e33e52502a1a Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 230561 x-accel-date 1687388889 content-length 14858 x-77-nzt AcO1rw6aq/n/oYQDAA x-accel-expires @1718924889 last-modified Wed, 21 Jun 2023 22:51:04 GMT server CDN77-Turbo etag "64937ed8-3a0a" x-77-nzt-ray 90833930ec1015a27a079764a713971e content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	kayisi-peltesi-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 2BF5	10 KB 10 KB	35ms 21ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/kayisi-peltesi-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 4fdc5391bf7f26b8640e050ae3e95ff1ea315746f0062053a894101b910f4049 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 318193 x-accel-date 1687301257 content-length 9934 x-77-nzt AcO1rw4k7d7/8doEAA x-accel-expires @1718837257 last-modified Tue, 20 Jun 2023 22:25:01 GMT server CDN77-Turbo etag "6492273d-26ce" x-77-nzt-ray 90833930ec1015a27a079764e4349a1e content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	et-sote-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2017/07/ Frame 2BF5	13 KB 13 KB	39ms 25ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2017/07/et-sote-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 7b74b15c0e0224974c8f830453f4141254e43fc02d4d95a8bce9c1a27a893079 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5189209 x-accel-date 1682430241 content-length 13282 x-77-nzt AcO1rw7GrEv/WS5PAA x-accel-expires @1713966241 last-modified Wed, 01 May 2019 23:21:08 GMT server CDN77-Turbo etag "5cca29e4-33e2" x-77-nzt-ray 90833930ec1015a27a079764f6c19d1e content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	nohutlu-misket-kofte-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2014/02/ Frame 2BF5	13 KB 13 KB	39ms 26ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2014/02/nohutlu-misket-kofte-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 50282fee83281adfa1bd8aa7771950d435a2799ca90959ae8f3a483ff4fb0be0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5808427 x-accel-date 1681811023 content-length 13272 x-77-nzt AcO1rw791hz/K6FYAA x-accel-expires @1713347023 last-modified Wed, 01 May 2019 22:22:18 GMT server CDN77-Turbo etag "5cca1c1a-33d8" x-77-nzt-ray 90833930ec1015a27a079764fd26a71e content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	cokertme-kebabi-resimli-yemek-tarifi(16).jpg cdn.ye-mek.net/App_UI/Img/out/270/2013/07/ Frame 2BF5	16 KB 16 KB	39ms 26ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2013/07/cokertme-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash de828c1de3b057a2132f7e790523411695d4c0189b0eaeb5f0f4f3d92462a540 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5808919 x-accel-date 1681810531 content-length 15954 x-77-nzt AcO1rw7Y7ZT/F6NYAA x-accel-expires @1713346531 last-modified Wed, 01 May 2019 22:16:47 GMT server CDN77-Turbo etag "5cca1acf-3e52" x-77-nzt-ray 90833930ec1015a27a07976471d0b21e content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	islim-kebabi-resimli-yemek-tarifi(20).jpg cdn.ye-mek.net/App_UI/Img/out/270/2018/05/ Frame 2BF5	12 KB 12 KB	39ms 27ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2018/05/islim-kebabi-resimli-yemek-tarifi(20).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 580dad1a7f46af3417b3d06e483f4cfb043ce1d9e443398a4c0d98b47947d6ec Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5807894 x-accel-date 1681811556 content-length 11900 x-77-nzt AcO1rw5ZUEn/Fp9YAA x-accel-expires @1713347556 last-modified Wed, 01 May 2019 23:34:43 GMT server CDN77-Turbo etag "5cca2d13-2e7c" x-77-nzt-ray 90833930ec1015a27a079764cdbcb41e content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	helle-corbasi-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2019/05/ Frame 2BF5	10 KB 11 KB	39ms 27ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2019/05/helle-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 1cea80ffc30d80158c46d24a373c07f3fd1f12b0964ec0960d54cc7476dbe5ae Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5809970 x-accel-date 1681809480 content-length 10666 x-77-nzt AcO1rw6W6yz/MqdYAA x-accel-expires @1713345480 last-modified Fri, 03 May 2019 21:45:18 GMT server CDN77-Turbo etag "5cccb66e-29aa" x-77-nzt-ray 90833930ec1015a27a0797646956b61e content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	salcali-pirincli-sulu-kofte-resimli-yemek-tarifi(16).jpg cdn.ye-mek.net/App_UI/Img/out/270/2014/08/ Frame 2BF5	13 KB 14 KB	39ms 27ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2014/08/salcali-pirincli-sulu-kofte-resimli-yemek-tarifi(16).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash b1701639174cb872a535071c10f17980f509ef1588d3a06bc7f8aad5ef0d25aa Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5807704 x-accel-date 1681811746 content-length 13484 x-77-nzt AcO1rw41HWb/WJ5YAA x-accel-expires @1713347746 last-modified Wed, 01 May 2019 22:27:36 GMT server CDN77-Turbo etag "5cca1d58-34ac" x-77-nzt-ray 90833930ec1015a27a079764eeeae11e content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	sivas-katmeri-resimli-yemek-tarifi(24).jpg cdn.ye-mek.net/App_UI/Img/out/270/2020/04/ Frame 2BF5	10 KB 11 KB	39ms 27ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2020/04/sivas-katmeri-resimli-yemek-tarifi(24).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 505c82241812470854d47dbfda8144e5326b3264363a233e75efced811a1a3e1 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 117847 x-accel-date 1687501603 content-length 10624 x-77-nzt AcO1rw48u27/V8wBAA x-accel-expires @1719037603 last-modified Thu, 09 Apr 2020 00:02:49 GMT server CDN77-Turbo etag "5e8e6629-2980" x-77-nzt-ray 90833930ec1015a27a0797648ad7e81e content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	uskup-boregi-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2020/08/ Frame 2BF5	13 KB 13 KB	39ms 27ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2020/08/uskup-boregi-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 75f2b3e1739c7ed8ee367a6990d7f5abdb0fd1040724273ee5a5f87489a41228 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5808913 x-accel-date 1681810537 content-length 12833 x-77-nzt AcO1rw657t3/EaNYAA x-accel-expires @1713346537 last-modified Sun, 23 Aug 2020 23:39:16 GMT server CDN77-Turbo etag "5f42fe24-3221" x-77-nzt-ray 90833930ec1015a27a0797646bc6ef1e content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	ciftlik-kebabi-resimli-yemek-tarifi(16).jpg cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame 2BF5	17 KB 18 KB	39ms 28ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ciftlik-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 0fb87da221f6bd6ca2145dbfdc42e0d7d4a73fe418fb409cc2b019ce0a3506d6 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5809987 x-accel-date 1681809463 content-length 17645 x-77-nzt AcO1rw6p2sz/Q6dYAA x-accel-expires @1713345463 last-modified Mon, 20 Mar 2023 20:46:38 GMT server CDN77-Turbo etag "6418c62e-44ed" x-77-nzt-ray 90833930ec1015a27a0797647e76f71e content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	tire-sis-kofte-resimli-yemek-tarifi(16).jpg cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame 2BF5	16 KB 16 KB	39ms 28ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/tire-sis-kofte-resimli-yemek-tarifi(16).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 89529d02905772e8146d7e1ff9addc92072c23e60bb3dc84b8d61c4e898e93d6 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5810038 x-accel-date 1681809412 content-length 16300 x-77-nzt AcO1rw4l+Z7/dqdYAA x-accel-expires @1713345412 last-modified Fri, 01 Apr 2022 17:34:02 GMT server CDN77-Turbo etag "6247378a-3fac" x-77-nzt-ray 90833930ec1015a27a07976494cef91e content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	ev-koftesi-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ Frame 2BF5	17 KB 17 KB	39ms 28ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ev-koftesi-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash a1a1863860f40862a7df0b5316bc3805f213fa1c9fb01060bbd994d91dc140ee Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5810030 x-accel-date 1681809420 content-length 17248 x-77-nzt AcO1rw7uFJ//bqdYAA x-accel-expires @1713345420 last-modified Sun, 25 Dec 2022 22:38:25 GMT server CDN77-Turbo etag "63a8d0e1-4360" x-77-nzt-ray 90833930ec1015a27a079764b1eafb1e content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	sebzeli-firinda-kofte-resimli-yemek-tarifi(16).jpg cdn.ye-mek.net/App_UI/Img/out/270/2019/05/ Frame 2BF5	12 KB 12 KB	39ms 28ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2019/05/sebzeli-firinda-kofte-resimli-yemek-tarifi(16).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 3785a64ea212b675fabed56a2d69b001dde3a875471a6bb395493bc2321103d8 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5807705 x-accel-date 1681811745 content-length 11965 x-77-nzt AcO1rw5OHg7/WZ5YAA x-accel-expires @1713347745 last-modified Tue, 14 May 2019 20:51:03 GMT server CDN77-Turbo etag "5cdb2a37-2ebd" x-77-nzt-ray 90833930ec1015a27a0797642aeafd1e content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	tavada-soslu-citir-tavuk-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2016/03/ Frame 2BF5	14 KB 14 KB	39ms 29ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2016/03/tavada-soslu-citir-tavuk-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 1e066beb1036ff4d1c6237858048930493e92415f9d6441b956c1133c6eafeef Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5808052 x-accel-date 1681811398 content-length 14041 x-77-nzt AcO1rw6bMdX/tJ9YAA x-accel-expires @1713347398 last-modified Wed, 01 May 2019 22:55:30 GMT server CDN77-Turbo etag "5cca23e2-36d9" x-77-nzt-ray 90833930ec1015a27a0797643ff1131f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	sebzeli-soslu-tavuk-yemegi-resimli-yemek-tarifi(24).jpg cdn.ye-mek.net/App_UI/Img/out/270/2021/03/ Frame 2BF5	16 KB 16 KB	39ms 29ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2021/03/sebzeli-soslu-tavuk-yemegi-resimli-yemek-tarifi(24).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 680026f318b1fd16bc8e7b24ba4e32073bc98978f5bd67f19c1b30019a6decf0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5809916 x-accel-date 1681809534 content-length 16450 x-77-nzt AcO1rw6MOsX//KZYAA x-accel-expires @1713345534 last-modified Mon, 22 Mar 2021 22:09:22 GMT server CDN77-Turbo etag "60591592-4042" x-77-nzt-ray 90833930ec1015a27a079764600d1a1f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	tavuk-burger-resimli-yemek-tarifi(16).jpg cdn.ye-mek.net/App_UI/Img/out/270/2022/02/ Frame 2BF5	11 KB 11 KB	39ms 29ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2022/02/tavuk-burger-resimli-yemek-tarifi(16).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 17fb6396682c034e75e55c2ca06f182c40b971281b0c219b049ea2d60f3e34de Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5809987 x-accel-date 1681809463 content-length 11270 x-77-nzt AcO1rw4Gyl3/Q6dYAA x-accel-expires @1713345463 last-modified Wed, 09 Feb 2022 23:06:28 GMT server CDN77-Turbo etag "620448f4-2c06" x-77-nzt-ray 90833930ec1015a27a079764ecab1b1f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	firinda-citir-tavuk-resimli-yemek-tarifi(16).jpg cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 2BF5	14 KB 14 KB	39ms 29ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/firinda-citir-tavuk-resimli-yemek-tarifi(16).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 6e517f1f2da440c36103d61ae698974db84ded6b3ac8635a8c24d8ac8652c10d Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 665118 x-accel-date 1686954332 content-length 14117 x-77-nzt AcO1rw6GAzj/HiYKAA x-accel-expires @1718490332 last-modified Fri, 16 Jun 2023 22:14:46 GMT server CDN77-Turbo etag "648cded6-3725" x-77-nzt-ray 90833930ec1015a27a07976479621d1f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	firinda-kremali-mantarli-pirasa-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2019/12/ Frame 2BF5	10 KB 11 KB	39ms 29ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2019/12/firinda-kremali-mantarli-pirasa-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash de1f5d1b2a64b34a33a3981dbd472b724437aad046625207654e4d2759c30d0e Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5808938 x-accel-date 1681810512 content-length 10442 x-77-nzt AcO1rw5TxgD/KqNYAA x-accel-expires @1713346512 last-modified Sun, 15 Dec 2019 22:16:23 GMT server CDN77-Turbo etag "5df6b0b7-28ca" x-77-nzt-ray 90833930ec1015a27a079764fb581f1f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	firinda-sebzeli-tavuk-yemegi-resimli-yemek-tarifi(20).jpg cdn.ye-mek.net/App_UI/Img/out/270/2016/12/ Frame 2BF5	15 KB 15 KB	39ms 30ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2016/12/firinda-sebzeli-tavuk-yemegi-resimli-yemek-tarifi(20).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 4f1949e21d597e282a24f9a971964cc38fea30c795c1b02d864f8e22988d4571 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5809023 x-accel-date 1681810427 content-length 14959 x-77-nzt AcO1rw5Ne+z/f6NYAA x-accel-expires @1713346427 last-modified Wed, 01 May 2019 23:10:01 GMT server CDN77-Turbo etag "5cca2749-3a6f" x-77-nzt-ray 90833930ec1015a27a0797643fff2c1f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	ic-bakla-yemegi-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 2BF5	16 KB 16 KB	39ms 30ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ic-bakla-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash fcc58cc9d4be09fdd40a74ca3a453622a269f2bdd1c598a863f54d2bd07a2126 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 3948273 x-accel-date 1683671177 content-length 16203 x-77-nzt AcO1rw4QKnP/8T48AA x-accel-expires @1715207177 last-modified Tue, 09 May 2023 22:05:32 GMT server CDN77-Turbo etag "645ac3ac-3f4b" x-77-nzt-ray 90833930ec1015a27a079764f9d12e1f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	butun-mantar-kavurmasi-resimli-yemek-tarifi(8).jpg cdn.ye-mek.net/App_UI/Img/out/270/2021/09/ Frame 2BF5	15 KB 16 KB	39ms 30ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2021/09/butun-mantar-kavurmasi-resimli-yemek-tarifi(8).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash a9813636d064a6c030d55ade3e86f5de6475ea07aa4bb75d2197f653bd8f60d9 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5809462 x-accel-date 1681809988 content-length 15573 x-77-nzt AcO1rw5d5Cf/NqVYAA x-accel-expires @1713345988 last-modified Thu, 16 Sep 2021 22:01:48 GMT server CDN77-Turbo etag "6143becc-3cd5" x-77-nzt-ray 90833930ec1015a27a079764565f301f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	sarimsakli-un-corbasi-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2023/01/ Frame 2BF5	14 KB 14 KB	39ms 30ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2023/01/sarimsakli-un-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 90bbc71f5c932fd82f6557834c468dd96219e535f4128c0838669f56cb35f1ab Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5806732 x-accel-date 1681812718 content-length 14437 x-77-nzt AcO1rw40aJv/jJpYAA x-accel-expires @1713348718 last-modified Sat, 28 Jan 2023 22:54:15 GMT server CDN77-Turbo etag "63d5a797-3865" x-77-nzt-ray 90833930ec1015a27a079764a1e4361f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	mahluta-corbasi-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2016/11/ Frame 2BF5	12 KB 13 KB	39ms 30ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2016/11/mahluta-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 837d63620657b055c980948022e01ba5c63c986d3d08ca7db80558411eab45d6 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5808780 x-accel-date 1681810670 content-length 12542 x-77-nzt AcO1rw4cWYf/jKJYAA x-accel-expires @1713346670 last-modified Wed, 01 May 2019 23:07:46 GMT server CDN77-Turbo etag "5cca26c2-30fe" x-77-nzt-ray 90833930ec1015a27a07976455173d1f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	sogan-corbasi-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2018/04/ Frame 2BF5	10 KB 10 KB	39ms 31ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2018/04/sogan-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 990889e9ed9332f77e31d1c92c63487d5333dc907946989bb977c33df515c32e Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5809073 x-accel-date 1681810377 content-length 9967 x-77-nzt AcO1rw5RNZH/saNYAA x-accel-expires @1713346377 last-modified Wed, 01 May 2019 23:32:56 GMT server CDN77-Turbo etag "5cca2ca8-26ef" x-77-nzt-ray 90833930ec1015a27a079764bfbe421f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	yogurtlu-yesil-mercimek-corbasi-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2021/04/ Frame 2BF5	12 KB 12 KB	39ms 31ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2021/04/yogurtlu-yesil-mercimek-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 870c6dba95d95d6be10a7bc73f718c786dd35c619864cd9b3754b30c0e377c58 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5809653 x-accel-date 1681809797 content-length 12218 x-77-nzt AcO1rw4Xkyn/9aVYAA x-accel-expires @1713345797 last-modified Mon, 12 Apr 2021 00:26:16 GMT server CDN77-Turbo etag "607393a8-2fba" x-77-nzt-ray 90833930ec1015a27a079764c3a04b1f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	sodali-kek-resimli-yemek-tarifi(16).jpg cdn.ye-mek.net/App_UI/Img/out/270/2020/01/ Frame 2BF5	17 KB 17 KB	39ms 31ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2020/01/sodali-kek-resimli-yemek-tarifi(16).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash eb5bff425311a4b245089f68cd39715e1c7d802e2ce30fd8c3d8caf90bc9a62c Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 1123550 x-accel-date 1686495900 content-length 17310 x-77-nzt AcO1rw4UJWn/3iQRAA x-accel-expires @1718031900 last-modified Sat, 04 Jan 2020 21:39:52 GMT server CDN77-Turbo etag "5e110628-439e" x-77-nzt-ray 90833930ec1015a27a079764dd454d1f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	klasik-revani-resimli-yemek-tarifi(16).jpg cdn.ye-mek.net/App_UI/Img/out/270/2017/04/ Frame 2BF5	8 KB 8 KB	39ms 31ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2017/04/klasik-revani-resimli-yemek-tarifi(16).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 466d84e17dc7459ae25cb60d72f1fddf8e574b1b0affd560332250b0ef75f41e Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5809579 x-accel-date 1681809871 content-length 8322 x-77-nzt AcO1rw5tN+j/q6VYAA x-accel-expires @1713345871 last-modified Wed, 01 May 2019 23:15:55 GMT server CDN77-Turbo etag "5cca28ab-2082" x-77-nzt-ray 90833930ec1015a27a0797643187651f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	havuclu-tart-kek-resimli-yemek-tarifi(16).jpg cdn.ye-mek.net/App_UI/Img/out/270/2022/05/ Frame 2BF5	15 KB 16 KB	39ms 31ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2022/05/havuclu-tart-kek-resimli-yemek-tarifi(16).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 951e603e21d6a04762e7712ece4db18412a25c2d3ad1196080add1df68597f26 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5378143 x-accel-date 1682241307 content-length 15636 x-77-nzt AcO1rw6Txr7/XxBSAA x-accel-expires @1713777307 last-modified Sun, 22 May 2022 22:50:57 GMT server CDN77-Turbo etag "628abe51-3d14" x-77-nzt-ray 90833930ec1015a27a0797647631671f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	sufle-resimli-yemek-tarifi(16).jpg cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 2BF5	13 KB 14 KB	39ms 32ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/sufle-resimli-yemek-tarifi(16).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 4595241cedd0561ea7df5dae27079da65aff6eea25ca9a06869c82524835bd44 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5809042 x-accel-date 1681810408 content-length 13763 x-77-nzt AcO1rw6E5zT/kqNYAA x-accel-expires @1713346408 last-modified Mon, 04 May 2020 00:10:13 GMT server CDN77-Turbo etag "5eaf5d65-35c3" x-77-nzt-ray 90833930ec1015a27a079764d754731f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	koy-ekmegi-resimli-yemek-tarifi(16).jpg cdn.ye-mek.net/App_UI/Img/out/270/2020/03/ Frame 2BF5	12 KB 12 KB	39ms 32ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2020/03/koy-ekmegi-resimli-yemek-tarifi(16).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 9fe178b3a246dfa8391758b6964ea91fa324fc0942c9d3fb8e7c652a47ab23da Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5802297 x-accel-date 1681817153 content-length 12085 x-77-nzt AcO1rw7tHa3/OYlYAA x-accel-expires @1713353153 last-modified Sat, 21 Mar 2020 22:47:47 GMT server CDN77-Turbo etag "5e769993-2f35" x-77-nzt-ray 90833930ec1015a27a0797643f36751f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	kahvaltilik-zeytin-kavurmasi-resimli-yemek-tarifi(12).jpg cdn.ye-mek.net/App_UI/Img/out/270/2023/01/ Frame 2BF5	18 KB 18 KB	39ms 32ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2023/01/kahvaltilik-zeytin-kavurmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash db57b06a6b88efaf8f7e7c4e7e8f252e5b2e53378734e84c3a5b220ae2209dbb Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 70805 x-accel-date 1687548645 content-length 18110 x-77-nzt AcO1rw4wTwH/lRQBAA x-accel-expires @1719084645 last-modified Sat, 07 Jan 2023 22:13:26 GMT server CDN77-Turbo etag "63b9ee86-46be" x-77-nzt-ray 90833930ec1015a27a07976435587e1f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	tirnak-pide-resimli-yemek-tarifi(20).jpg cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame 2BF5	18 KB 18 KB	39ms 32ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/tirnak-pide-resimli-yemek-tarifi(20).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 3c49765312e00e45feb2f6b420b62c5ea0b8e047c5e92cdb2588223a167b7886 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5809512 x-accel-date 1681809938 content-length 18065 x-77-nzt AcO1rw7ab0P/aKVYAA x-accel-expires @1713345938 last-modified Thu, 06 May 2021 00:58:27 GMT server CDN77-Turbo etag "60933f33-4691" x-77-nzt-ray 90833930ec1015a27a079764c05b871f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	karmaca-resimli-yemek-tarifi(16).jpg cdn.ye-mek.net/App_UI/Img/out/270/2021/11/ Frame 2BF5	15 KB 16 KB	40ms 32ms	Image image/jpeg	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/App_UI/Img/out/270/2021/11/karmaca-resimli-yemek-tarifi(16).jpg?w=270&h=202 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 2eb2914e0253d3d949c2aad28f6f109c7b3a67ef37696a4496592837c0f9d7a4 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5809027 x-accel-date 1681810423 content-length 15740 x-77-nzt AcO1rw7JyAP/g6NYAA x-accel-expires @1713346423 last-modified Mon, 15 Nov 2021 22:38:31 GMT server CDN77-Turbo etag "6192e167-3d7c" x-77-nzt-ray 90833930ec1015a27a079764efd38d1f content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	_dmca_premi_badge_5.png images.dmca.com/Badges/ Frame 2BF5	5 KB 6 KB	59ms 11ms	Image image/png	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:50 GMT last-modified Thu, 02 Jun 2011 03:26:26 GMT server Microsoft-IIS/10.0 etag "8ae3cdbd420cc1:0" x-powered-by ASP.NET x-hw 1687619450.cds332.fr8.hn,1687619450.cds153.fr8.c content-type image/png access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes link <https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical" content-length 5605
GET H2	200	addthis_widget.js Show response s7.addthis.com/js/300/ Frame 2BF5	56 B 360 B	474ms 10ms	Script text/javascript	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/js/300/addthis_widget.js Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software Oracle API Gateway / Resource Hash f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff date Sat, 24 Jun 2023 15:10:50 GMT server Oracle API Gateway opc-request-id /A77E1035A9008E26D75C09AADAAF27F6/6E7E873B684771A53B6864D0A1C486A4 x-frame-options sameorigin vary Accept-Encoding content-type text/javascript x-distribution 99 x-host s7.addthis.com content-length 76 x-xss-protection 1; mode=block
GET H2	200	DMCABadgeHelper.min.js Show response images.dmca.com/Badges/ Frame 2BF5	465 B 585 B	59ms 12ms	Script application/javascript	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://images.dmca.com/Badges/DMCABadgeHelper.min.js Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:50 GMT content-encoding gzip last-modified Fri, 21 Jun 2019 20:14:34 GMT server Microsoft-IIS/10.0 etag "26b181f16d28d51:0" x-powered-by ASP.NET x-hw 1687619450.cds332.fr8.hn,1687619450.cds057.fr8.c content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes link <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical" content-length 395
GET H2	200	outside.js Show response static.virgul.com/theme/mockups/adcode/ Frame 2BF5	75 KB 26 KB	284ms 56ms	Script application/javascript	185.7.176.221 SH
General Check archive.org Show headers Download Go to Full URL https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19532 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash 66413d92e3b48b21f37de7968a4c6ee6dafb956f4963d0557959a3d10db2c492 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:50 GMT content-encoding gzip last-modified Fri, 23 Jun 2023 06:55:07 GMT server openresty/1.15.8.3 vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=43200
GET H2	200	sdk.js Show response connect.facebook.net/tr_TR/ Frame 2BF5	3 KB 2 KB	51ms 8ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/tr_TR/sdk.js Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 96f0effac0b9d0c1b745156d6b7bfc60158535f653d7666a432d660d375ec52f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sat, 24 Jun 2023 15:10:50 GMT content-md5 K8sg+9iSn3nw24TxsBL8eg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1685 x-fb-debug zwYySQeSCnaxMmrDoS2jQvNsHZjVc4yEMxI8FyXfNuFF0w/B74iKk6lNUEOzcEVV5xDCB8CJyyb5EDlWBSAz2w== x-fb-content-md5 121b4a44694138a42d3f0471e95a2b8d cross-origin-opener-policy same-origin-allow-popups etag "3ada019b7f3d6ffe8615728f0f364948" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 24 Jun 2023 15:15:29 GMT
GET H2	200	sprite_3.png cdn.ye-mek.net/grafik/ Frame 2BF5	21 KB 21 KB	39ms 33ms	Image image/png	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ye-mek.net/grafik/sprite_3.png Requested by Host: cdn.ye-mek.net URL: https://cdn.ye-mek.net/maincss.css?v=434 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361 Request headers accept-language de-DE,de;q=0.9 Referer https://cdn.ye-mek.net/maincss.css?v=434 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-77-pop frankfurtDE date Sat, 24 Jun 2023 15:10:50 GMT x-cache HIT x-77-cache HIT x-age 5810048 x-accel-date 1681809402 content-length 21525 x-77-nzt AcO1rw7ungf/gKdYAA x-accel-expires @1713345402 last-modified Mon, 14 May 2018 20:55:05 GMT server CDN77-Turbo etag "5af9f7a9-5415" x-77-nzt-ray 90833930ec1015a27a0797640243941f content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 2BF5	52 KB 21 KB	39ms 8ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 24 Jun 2023 14:35:22 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 2128 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sat, 24 Jun 2023 16:35:22 GMT
GET H3	200	sdk.js Show response connect.facebook.net/tr_TR/ Frame 2BF5	301 KB 85 KB	20ms 9ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/tr_TR/sdk.js?hash=c130008fe6775878a4bc81bcd7eabdcb Requested by Host: connect.facebook.net URL: https://connect.facebook.net/tr_TR/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6c9dcffb96e109bf4506b5f68d6fb39a16c0613737a2986364d3ecff641cf396 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://ye-mek.net/ Origin https://ye-mek.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sat, 24 Jun 2023 15:10:50 GMT content-md5 VYw2VrQMtarljZEHgU/pfg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 87361 x-fb-debug 7ZrfYCGlAHZRs9zzELc1bF9o0jwW0gknYkzCmbM/vU4kwGYRBvHyKO2PFuai9B9hxi88nsqNrJLBONtXtAJSbQ== x-fb-content-md5 24101ff2d0eeaf605d48240c303cc8db cross-origin-opener-policy same-origin-allow-popups etag "63720c7ee4724e238cd4bca6130d8b93" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * priority u=3,i expires Sun, 23 Jun 2024 14:31:06 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame 2BF5	78 KB 27 KB	92ms 61ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: static.virgul.com URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19532 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8cc23f233b911a049394d4db6d593bf2437dc684a9517fc6f3940be0a3a33d0f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:50 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26699 x-xss-protection 0 server cafe etag 705 / 19532 / 31075569 / config-hash: 3635630053877940451 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 24 Jun 2023 15:10:50 GMT
GET H2	200	ads.js Show response static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 2BF5	120 B 306 B	50ms 49ms	Script application/javascript	185.7.176.221 SH
General Check archive.org Show headers Download Go to Full URL https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js Requested by Host: static.virgul.com URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19532 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:50 GMT last-modified Wed, 21 Dec 2022 18:47:42 GMT server openresty/1.15.8.3 content-type application/javascript access-control-allow-origin * cache-control max-age=5184000 accept-ranges bytes content-length 120
GET H2	200	str.html Show response static.virgul.com/theme/mockups/outside/ Frame 3F5E	891 B 1 KB	50ms 49ms	Document text/html	185.7.176.221 SH
General Check archive.org Show headers Download Go to Full URL https://static.virgul.com/theme/mockups/outside/str.html?v=2 Requested by Host: static.virgul.com URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19532 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f Request headers Referer https://ye-mek.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control max-age=5184000 content-length 891 content-type text/html date Sat, 24 Jun 2023 15:10:50 GMT last-modified Wed, 28 Sep 2022 10:07:57 GMT server openresty/1.15.8.3
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 2BF5	138 KB 48 KB	83ms 56ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154 Requested by Host: static.virgul.com URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19532 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 658b84bdcde45b119de3d6309aa0f9531d21d0d4d05931ba99c1f9517c2b25ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ye-mek.net/ Origin https://ye-mek.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:50 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48345 x-xss-protection 0 server cafe etag 12988284597020996107 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sat, 24 Jun 2023 15:10:50 GMT
GET H2	200	prebid7.38.0.js Show response static.virgul.com/theme/mockups/outside/ Frame 2BF5	489 KB 182 KB	54ms 54ms	Script application/javascript	185.7.176.221 SH
General Check archive.org Show headers Download Go to Full URL https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js Requested by Host: static.virgul.com URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19532 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:50 GMT content-encoding gzip last-modified Mon, 27 Mar 2023 14:56:06 GMT server openresty/1.15.8.3 vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=5184000
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/ Frame 2BF5	236 KB 58 KB	35ms 8ms	Script application/javascript	108.138.1.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: static.virgul.com URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19532 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.1.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-1-25.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 14:34:58 GMT content-encoding gzip via 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront), 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront) last-modified Thu, 15 Jun 2023 18:14:56 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA56-P6 age 2153 x-amz-server-side-encryption AES256 etag W/"9352f20e556bff9fea6fd0461aac850d" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-id djZgG--JsNzHBmMJEhJndLt-3ewePrpNifzhv3WHUtaEsW6FN0TdsQ==
GET H2	200	pageview Show response ng.virgul.com/ Frame 2BF5	37 KB 7 KB	185ms 80ms	Script application/javascript	185.7.176.221 SH
General Check archive.org Show headers Download Go to Full URL https://ng.virgul.com/pageview?c=site_geneli&mt=1687619450846&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.1153979864620398 Requested by Host: static.virgul.com URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19532 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash f5e2a1f1c25b18de3bca560f72162785635ea656bc3fdf97d0972ce4754d8d16 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip server openresty/1.15.8.3 vary Accept-Encoding p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT' access-control-allow-origin https://ye-mek.net content-type application/javascript access-control-allow-credentials true expires Tue, 04 Jan 2022 10:49:40 GMT
GET H2	200	yemek_net.js Show response static.virgul.com/theme/mockups/fallback/ Frame 2BF5	12 KB 2 KB	49ms 49ms	Script application/javascript	185.7.176.221 SH
General Check archive.org Show headers Download Go to Full URL https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19532 Requested by Host: static.virgul.com URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19532 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash 5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:50 GMT content-encoding gzip last-modified Tue, 20 Jun 2023 21:45:07 GMT server openresty/1.15.8.3 vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=5184000
GET H2	200	hb Show response ng.virgul.com/ Frame 2BF5	50 KB 5 KB	161ms 59ms	Script application/javascript	185.7.176.221 SH
General Check archive.org Show headers Download Go to Full URL https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=468783 Requested by Host: static.virgul.com URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19532 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash f4cea5a1ad718c6449237f433c5a67a4ca556fce532a0c646c31b1043fc9c617 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:50 GMT content-encoding gzip server openresty/1.15.8.3 vary Accept-Encoding p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT' access-control-allow-origin https://ye-mek.net content-type application/javascript cache-control max-age=3600 access-control-allow-credentials true
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/ Frame 2BF5	0 306 B	8ms 8ms	XHR text/plain	108.138.1.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.1.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-1-25.fra56.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 09:51:03 GMT via 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P6 age 19186 x-cache Hit from cloudfront access-control-allow-origin https://ye-mek.net cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id QLGMUK8paRGfxEDoE38nZd2223G6gtdl5WhbRcLxFEcEYn_aipIrlw==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2BF5	6 KB 3 KB	23ms 8ms	XHR application/javascript	108.138.1.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.1.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-1-25.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 09:19:15 GMT x-amz-version-id rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76 content-encoding gzip via 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P6 age 21096 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Sat, 24 Jun 2023 09:19:11 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id M5t9U9IHqf4R_uPArbPhnPxHLwFueXPR8lUKI6_fOdURgK4DfGAZPw==
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/ Frame 2BF5	393 KB 125 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3086c49956d51c2cba2562ba86a083aedf01d66f41c264f158f5d4f6e632c3eb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 12:12:53 GMT content-encoding br x-content-type-options nosniff age 10677 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 127939 x-xss-protection 0 server cafe etag 10569078359274256513 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sun, 23 Jun 2024 12:12:53 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/ Frame 2BF5	356 KB 119 KB	83ms 66ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 16c54187e81bc15c5d1499d7d968a10c9fcc36eddda8b77f680c63628d3bbfb1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 122033 x-xss-protection 0 server cafe etag 6202528171808566249 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 24 Jun 2023 15:10:51 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/ Frame 6EE0	10 KB 5 KB	30ms 7ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ye-mek.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 28864 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4540 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 07:09:47 GMT etag 15057649708203361565 expires Sat, 08 Jul 2023 07:09:47 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	empowerwebplayer3.js Show response static.virgul.com/theme/mockups/outside/ Frame 2BF5	10 KB 3 KB	51ms 50ms	Script application/javascript	185.7.176.221 SH
General Check archive.org Show headers Download Go to Full URL https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20 Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash 3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip last-modified Tue, 13 Jun 2023 13:36:40 GMT server openresty/1.15.8.3 vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=5184000
GET H2	200	bid Show response aax.amazon-adsystem.com/e/dtb/ Frame 2BF5	23 B 458 B	70ms 41ms	XHR text/javascript	108.138.9.235 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=k3o0sME9l4mI7&cb=0&ws=1600x1200&v=23.612.1758&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.9.235 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-9-235.fra56.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P6 x-amz-rid XAQM4EACM5RM36Y1JSJ6 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://ye-mek.net access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id au2xXk_6gIYU2i2qnlcUhZC4EQaZ9YaVPpz7e2608Re8KLkhKyAVmQ==
GET H2	200	yemek_net.js Show response static.virgul.com/theme/mockups/sites/ Frame 2BF5	11 KB 5 KB	51ms 50ms	Script application/javascript	185.7.176.221 SH
General Check archive.org Show headers Download Go to Full URL https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=468783 Requested by Host: static.virgul.com URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19532 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip last-modified Thu, 27 Apr 2023 09:08:06 GMT server openresty/1.15.8.3 vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=5184000
GET H2	200	pandg-sdk.js Show response pghub.io/js/ Frame 2BF5	17 KB 5 KB	48ms 8ms	Script application/javascript	35.241.45.217 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pghub.io/js/pandg-sdk.js Requested by Host: static.virgul.com URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19532 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 217.45.241.35.bc.googleusercontent.com Software UploadServer / Resource Hash 27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 14:37:18 GMT content-encoding gzip age 2013 x-guploader-uploadid ADPycdsZrY9Tso_4_BBKkCLDakjZp1WenAU9XC4bhiFbj3D7dtaqxse6gYv-6t2fu0fYOkYOukYizCV0GIUzXS2f9aTFtOdHaZNo x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5009 last-modified Mon, 05 Jun 2023 16:36:50 GMT server UploadServer etag "47a886353056caf33a998c6041e20896" vary Accept-Encoding x-goog-generation 1685983010517890 x-goog-hash crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg== access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin cache-control public,max-age=3600 x-goog-stored-content-length 5009 accept-ranges bytes content-type application/javascript
GET H2	200	zoneview ng.virgul.com/ Frame 2BF5	0 209 B	50ms 49ms	Image text/plain	185.7.176.221 SH
General Check archive.org Show headers Download Go to Show image Full URL https://ng.virgul.com/zoneview?c=&mt=1687619451061&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnet123931f3-5d4e-45ce-8bee-3e95e8876882&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.5411548283715746 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers access-control-allow-origin https://ye-mek.net date Sat, 24 Jun 2023 15:10:51 GMT access-control-allow-credentials true expires Tue, 04 Jan 2022 10:49:40 GMT server openresty/1.15.8.3 content-length 0 p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 2BF5	107 B 456 B	52ms 17ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 2BF5	27 KB 11 KB	337ms 335ms	XHR text/plain	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4316092289396185&correlator=2303247111840608&eid=31072020%2C31075484%2C31075569%2C31075148&output=ldjh&gdfp_req=1&vrg=202306220101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687619450846%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet123931f3-5d4e-45ce-8bee-3e95e8876882%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet123931f35d4e45ce8bee3e95e8876882&sc=1&cdm=ye-mek.net&abxe=1&dt=1687619451098&lmt=1687619451&dlt=1687619450406&idt=597&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=lm9mc4nct6m&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1047359790.1687619451&ga_sid=1687619451&ga_hid=2110977567&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 088f4f7dfb9e63411727db5a679f63307d3e46e21937ce96d91d659c7e51fb00 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11641 x-xss-protection 0 google-lineitem-id 6241543851 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138425583933 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ye-mek.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E49A	6 KB 3 KB	85ms 15ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ye-mek.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:51 GMT expires Sun, 23 Jun 2024 15:10:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	NoktaNpmPlayerApi.js Show response c1.imgiz.com/player_others/html5/ Frame 2BF5	7 KB 3 KB	334ms 51ms	Script application/javascript	185.7.176.221 SH
General Check archive.org Show headers Download Go to Full URL https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19532 Requested by Host: static.virgul.com URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip last-modified Wed, 13 Oct 2021 11:58:21 GMT server openresty/1.15.8.3 vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=604800 expires Sat, 01 Jul 2023 15:10:51 GMT
GET H2	200	tag Show response feed.pghub.io/ Frame C74F	13 B 257 B	59ms 19ms	Document text/html	34.102.243.38 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D Requested by Host: pghub.io URL: https://pghub.io/js/pandg-sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 38.243.102.34.bc.googleusercontent.com Software / Resource Hash b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628 Security Headers Name Value Content-Security-Policy default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org Strict-Transport-Security max-age=31536000 Request headers Referer https://ye-mek.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * access-control-max-age 300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-store content-security-policy default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org content-type text/html;charset=utf-8 date Sat, 24 Jun 2023 15:10:51 GMT strict-transport-security max-age=31536000 via 1.1 google
GET H2	200	zoneview ng.virgul.com/ Frame 2BF5	0 209 B	51ms 50ms	Image text/plain	185.7.176.221 SH
General Check archive.org Show headers Download Go to Show image Full URL https://ng.virgul.com/zoneview?c=&mt=1687619451157&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnet123931f3-5d4e-45ce-8bee-3e95e8876882&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.10184912852813754 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers access-control-allow-origin https://ye-mek.net date Sat, 24 Jun 2023 15:10:51 GMT access-control-allow-credentials true expires Tue, 04 Jan 2022 10:49:40 GMT server openresty/1.15.8.3 content-length 0 p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 2BF5	33 KB 12 KB	353ms 352ms	XHR text/plain	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4316092289396185&correlator=1574947796124316&eid=31072020%2C31075484%2C31075569%2C31075148&output=ldjh&gdfp_req=1&vrg=202306220101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=3&adks=3299242717&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687619450846%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet123931f3-5d4e-45ce-8bee-3e95e8876882%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet123931f35d4e45ce8bee3e95e8876882&sc=1&cdm=ye-mek.net&abxe=1&dt=1687619451180&lmt=1687619451&dlt=1687619450406&idt=597&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=i48qdgvjnec0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&ga_vid=1047359790.1687619451&ga_sid=1687619451&ga_hid=2110977567&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ffbd22d8f76cdca427d08a8af6618ab969bd6e219d59f75784e58d3ecd33b393 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12710 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ye-mek.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 2BF5	114 KB 36 KB	465ms 464ms	XHR text/plain	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4316092289396185&correlator=695276520348093&eid=31072020%2C31075484%2C31075569%2C31075148&output=ldjh&gdfp_req=1&vrg=202306220101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=4&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687619450846%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet123931f3-5d4e-45ce-8bee-3e95e8876882%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet123931f35d4e45ce8bee3e95e8876882&sc=1&cdm=ye-mek.net&abxe=1&dt=1687619451188&lmt=1687619451&dlt=1687619450406&idt=597&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=9f75l2r7wofj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1047359790.1687619451&ga_sid=1687619451&ga_hid=2110977567&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7e00eae3b9e2a3acd761d81d8a12ea287aef4901efe513e31aea24469a0de779 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37038 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ye-mek.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 2BF5	33 KB 12 KB	336ms 336ms	XHR text/plain	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4316092289396185&correlator=2852982417125373&eid=31072020%2C31075484%2C31075569%2C31075148&output=ldjh&gdfp_req=1&vrg=202306220101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=5&adks=3203893797&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687619450846%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet123931f3-5d4e-45ce-8bee-3e95e8876882%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet123931f35d4e45ce8bee3e95e8876882&sc=1&cdm=ye-mek.net&abxe=1&dt=1687619451194&lmt=1687619451&dlt=1687619450406&idt=597&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=wh95jdktwvpa&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&ga_vid=1047359790.1687619451&ga_sid=1687619451&ga_hid=2110977567&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a83e8352606bffbc034681d5d248627f94b27fcd80f2d6ef2de33c6b54793b72 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12717 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ye-mek.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 2BF5	116 KB 36 KB	415ms 415ms	XHR text/plain	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4316092289396185&correlator=1791453341651468&eid=31072020%2C31075484%2C31075569%2C31075148&output=ldjh&gdfp_req=1&vrg=202306220101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160%7C640x205&fluid=height&ifi=6&adks=3050045420&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687619450846%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet123931f3-5d4e-45ce-8bee-3e95e8876882%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet123931f35d4e45ce8bee3e95e8876882&sc=1&cdm=ye-mek.net&abxe=1&dt=1687619451198&lmt=1687619451&dlt=1687619450406&idt=597&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=maul8srr8v2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=996x0&msz=996x0&fws=388&ohw=1600&ga_vid=1047359790.1687619451&ga_sid=1687619451&ga_hid=2110977567&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2bc81c6edbb57c858e00251d95d072787df71e4ac7d39b4baf9fec7eee3f1889 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36968 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ye-mek.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 2BF5	21 KB 10 KB	354ms 353ms	XHR text/plain	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4316092289396185&correlator=1560465031912788&eid=31072020%2C31075484%2C31075569%2C31075148&output=ldjh&gdfp_req=1&vrg=202306220101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687619450846%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet123931f3-5d4e-45ce-8bee-3e95e8876882%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet123931f35d4e45ce8bee3e95e8876882&sc=1&cdm=ye-mek.net&abxe=1&dt=1687619451203&lmt=1687619451&dlt=1687619450406&idt=597&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=e2rlhmj45ok9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1047359790.1687619451&ga_sid=1687619451&ga_hid=2110977567&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2fbd5a341afc62a4f9ec34bb8549a9b1c869894de9749764b1ef6059ee49e982 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9713 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ye-mek.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 2BF5	24 KB 11 KB	275ms 275ms	XHR text/plain	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4316092289396185&correlator=77419052534405&eid=31072020%2C31075484%2C31075569%2C31075148&output=ldjh&gdfp_req=1&vrg=202306220101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=8&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687619450846%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet123931f3-5d4e-45ce-8bee-3e95e8876882%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet123931f35d4e45ce8bee3e95e8876882&sc=1&cdm=ye-mek.net&abxe=1&dt=1687619451208&lmt=1687619451&dlt=1687619450406&idt=597&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=dnigtmt3yiz1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1047359790.1687619451&ga_sid=1687619451&ga_hid=2110977567&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 62a407219f8a6741b36a94f8607af76ee1ff26d07a9e8ad26e5b68266fb88bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10812 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ye-mek.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 2BF5	107 B 165 B	18ms 17ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	403	ads Show response googleads.g.doubleclick.net/pagead/ Frame 8ACA	603 B 218 B	169ms 168ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619450965&bpp=4&bdt=559&idt=258&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&nras=1&correlator=1248137779370&frm=24&ife=1&pv=2&ga_vid=1047359790.1687619451&ga_sid=1687619451&ga_hid=2110977567&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31075465%2C42531706%2C44788442%2C44794790&oid=2&pvsid=4316092289396185&tmod=1150848786&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.puox42vpamlc&fsb=1&dtd=274 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ye-mek.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:51 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	container.html Show response e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A2CC	6 KB 3 KB	11ms 10ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ye-mek.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:51 GMT expires Sun, 23 Jun 2024 15:10:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/ Frame 2BF5	361 KB 121 KB	64ms 23ms	Script text/javascript	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: c1.imgiz.com URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19532 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 123120 x-xss-protection 0 expires Sat, 24 Jun 2023 15:10:51 GMT
GET H2	200	NoktaPlayer.js Show response c1.imgiz.com/player_others/html5/ Frame 2BF5	398 KB 128 KB	56ms 55ms	Script application/javascript	185.7.176.221 SH
General Check archive.org Show headers Download Go to Full URL https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=6/24/2023 Requested by Host: c1.imgiz.com URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19532 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip last-modified Mon, 29 May 2023 18:51:56 GMT server openresty/1.15.8.3 vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=604800 expires Sat, 01 Jul 2023 15:10:51 GMT
GET H3	200	container.html Show response e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 84F8	6 KB 3 KB	9ms 8ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ye-mek.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:51 GMT expires Sun, 23 Jun 2024 15:10:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A2CC	24 KB 7 KB	43ms 12ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 13:25:36 GMT content-encoding br x-content-type-options nosniff age 179115 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 21 Jun 2024 13:25:36 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/ Frame A2CC	137 KB 47 KB	59ms 57ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6d6ea05259e82e07ce736757ad5813245be6d5f0af26b0e8419b86a0a4988aee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Origin https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48163 x-xss-protection 0 server cafe etag 18002398816618070638 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sat, 24 Jun 2023 15:10:51 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame A2CC	179 KB 56 KB	51ms 19ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57242 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1687383875062185" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 24 Jun 2023 15:10:51 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 912C	624 B 246 B	50ms 48ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUF7C-M-ZHKO1mUgYcjHH-hh43qqfN6kq-tD9MPXldvjoWigjLVKZ1j8qq8YcPpGjLaz0P33LEEvM4kVfGG19sh4XYSsxHFYPVyo2QJv0jcfjnLaXuIgOJLlpVe_UC4MurzqWYV7gJGQPbAq1BRNO4HZx14FOySN_j_Oa0YkRDaUgb12_I Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:51 GMT expires Sat, 24 Jun 2023 15:10:51 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 84F8	78 KB 27 KB	78ms 77ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28042 x-xss-protection 0 server cafe etag 3261498652431352696 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Sat, 24 Jun 2023 15:10:51 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 84F8	42 B 63 B	43ms 42ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AgDtkWfUP6RPvCtRYy-kWexPvEPdUfrXhRNmsU0v6xGWoZ9jalixlzKo11Y86jL_5uUIUXf-Btpm_188KqUesu-Xsac9tpKekgsmYkGYJyY2Iv4D4 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 84F8	0 20 B	43ms 42ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4683820838116261228&x=1&ct=77 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 84F8	3 KB 2 KB	27ms 7ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 16:34:51 GMT content-encoding br x-content-type-options nosniff age 81360 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 16:34:51 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 84F8	19 KB 8 KB	30ms 11ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:11:55 GMT content-encoding br x-content-type-options nosniff age 71936 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8131 x-xss-protection 0 server cafe etag 7076601798724011321 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 19:11:55 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 84F8	179 KB 56 KB	52ms 31ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57242 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1687383875062185" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 24 Jun 2023 15:10:51 GMT
GET H3	200	container.html Show response e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 177F	6 KB 3 KB	23ms 7ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ye-mek.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:51 GMT expires Sun, 23 Jun 2024 15:10:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	container.html Show response e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0A67	6 KB 3 KB	23ms 8ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ye-mek.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:51 GMT expires Sun, 23 Jun 2024 15:10:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 912C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1	43 B 766 B	9ms 9ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUF7C-M-ZHKO1mUgYcjHH-hh43qqfN6kq-tD9MPXldvjoWigjLVKZ1j8qq8YcPpGjLaz0P33LEEvM4kVfGG19sh4XYSsxHFYPVyo2QJv0jcfjnLaXuIgOJLlpVe_UC4MurzqWYV7gJGQPbAq1BRNO4HZx14FOySN_j_Oa0YkRDaUgb12_I Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:51 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 912C Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJcHe2qyqHXyfmbl-7.U8wAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1&google_hm=2	43 B 766 B	11ms 9ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUF7C-M-ZHKO1mUgYcjHH-hh43qqfN6kq-tD9MPXldvjoWigjLVKZ1j8qq8YcPpGjLaz0P33LEEvM4kVfGG19sh4XYSsxHFYPVyo2QJv0jcfjnLaXuIgOJLlpVe_UC4MurzqWYV7gJGQPbAq1BRNO4HZx14FOySN_j_Oa0YkRDaUgb12_I Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:51 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=497 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1&google_hm=2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 912C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEDWZvbXPgpkJNYKPXPKfuGQ&google_cver=1	43 B 1 KB	48ms 14ms	Image image/gif	185.89.210.244 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEDWZvbXPgpkJNYKPXPKfuGQ&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUF7C-M-ZHKO1mUgYcjHH-hh43qqfN6kq-tD9MPXldvjoWigjLVKZ1j8qq8YcPpGjLaz0P33LEEvM4kVfGG19sh4XYSsxHFYPVyo2QJv0jcfjnLaXuIgOJLlpVe_UC4MurzqWYV7gJGQPbAq1BRNO4HZx14FOySN_j_Oa0YkRDaUgb12_I Protocol HTTP/1.1 Server 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:51 GMT AN-X-Request-Uuid 0dad7d2c-6e9e-4cc2-9577-9b7197bad54f Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 80.255.10.202; 80.255.10.202; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEDWZvbXPgpkJNYKPXPKfuGQ&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 912C Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4OTM5MjUwODkxMjczODQ4OQ%3D%3D	170 B 188 B	22ms 19ms	Image image/png	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4OTM5MjUwODkxMjczODQ4OQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUF7C-M-ZHKO1mUgYcjHH-hh43qqfN6kq-tD9MPXldvjoWigjLVKZ1j8qq8YcPpGjLaz0P33LEEvM4kVfGG19sh4XYSsxHFYPVyo2QJv0jcfjnLaXuIgOJLlpVe_UC4MurzqWYV7gJGQPbAq1BRNO4HZx14FOySN_j_Oa0YkRDaUgb12_I Protocol H3 Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Sat, 24 Jun 2023 15:10:51 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 80.255.10.202; 80.255.10.202; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid c04bb1bf-0b74-4088-8751-e5a502320e43 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4OTM5MjUwODkxMjczODQ4OQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	container.html Show response e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D03E	6 KB 3 KB	24ms 10ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ye-mek.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:51 GMT expires Sun, 23 Jun 2024 15:10:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	container.html Show response e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9DFA	6 KB 3 KB	23ms 11ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ye-mek.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:51 GMT expires Sun, 23 Jun 2024 15:10:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame A2CC	0 0	46ms 45ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHmNRD_aIURbjmeL-QnqfQzX2LOe0bq-bFMzhdQj9xJZ7V9E3VHeAD39IeiYLvSVryezAl-P2Jc2mIvELkVPx9uOQcUHUhbtuV3vH_W5NLoBgiODGa5EW8TvlOarIQcL99PevNiVihOh6i-awin0LkDz8lPB4jVRU3p9UkiyuQo_iOpMmU5uvlbnjH-VnV2ClzMNFBQUsch7wKBU-FFDbiHL2oP-tLxFLklvv8QjOGlZMXGQ9wI7sbUsd1PX59lX83DK-RvbRbz9nnWzhjyWARBkmAA7xAq4qENLaeJKzAtoyiiyrnyXnk-n0YurkIwPyzf9WEZ9RsBB2i_lKKV7aKwPp7rLku_UqoPsWNAWNBXpIQNi7Pgu78_w&sai=AMfl-YRy44bwMWbqx1RHpkRJwlzj5pxCkSlBgQI4lOTL62sta2uacZMuYluNKzv8JZEQLJeOVeSmzPioIq5m2na7gy5Jc74LYqUOHidsYMtPZBU&sig=Cg0ArKJSzEc8kGOzUWN6EAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 84F8	0 20 B	42ms 41ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8341753971322&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 84F8	0 20 B	42ms 42ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8341753971322&version=m202301230201&ct=77&x=1&cor=4683820838116261000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 84F8	15 KB 11 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbLb27q6W27HqJPbTTbwYcu-cvHlxA75VMjzS03QgZ12p2uOkalmacCF_OPT3JTP4Q9Q3qwkHKq2Ix1wgXwoN9aPy83i5ieHiipHYRjoQxfNM0G36nnpBY7_aYtDpLUyqA1U404LZ_33z7NXSC8Van2NZvGBM5feM5EGpYFcq03OKhRng&cry=1&dbm_d=AKAmf-CV5ASw5X4_frTpr0ufwRdaaTjTNuYJ9dwAVo-uiqEsOdX7H9p9jgk9Dnckl--BEKJzXah-8h7LPB3piZvXH9VZtUdgLiHfj-TMfQk6Mo0T36ZzO11AesbY-jml7ivRUF9xZQHlt9MZDuQ99j0LRBVpFnV-hqdnHvzCmgKlt3fQiKqh7vlVXapX3bvXsaoELDa7BjPGNu6izmhSMA7iq-hBNMl8ac1FbmRLDudFnW8FsOIYHZ_lq_hH779pcLbNy-bE8sQCW7F3cYVXGWVUSsdXMnfWushOQrA8W5J84MFZUzeDD8uXqrbLIVrIX2hHDvYkLEjPePrxArC8O7f8DUJKTilumY-uxwZ4TBcIY6yjA61HW1gYhNvBCegYaLVcZ-sn7b9FSB-Rw8W035K7Fl8uxrjz0SlDow3lJMthEUINCcGlsZUmqh9PmtzfaVJiQjeyRs8t2M-i_gS1-5eLsi_uob3IMHaY33E6SsgQMa2QAHRlHAIpWaB_abeDd-vxjcMjJzB2GeGy-cCt7VlADPTJgHTQhDMhBS8qG2st_XTLTliCHJnhiiTba1a9RaqgdfVUIpmntWzUJSShNjrJr3IAoC5WSfbnm4oxsi6FFdyGfz-X5kiJvGp5543nh-C5w5BS1-5EuqK9Q2ADbnTsguLmGNcfwaF71OZqi6z01FifU6CCWUNw55IVo6yYfuAoz5WbzSiBOUWQsAtvrZdYpm16EGddivulNyF8N7WoFI4QTIKp1rCl7mlBDv7O_w9wTV8QTAHTl0G-uPDtsanD4uvkaiswwqYoTKD6NDWG376xZFjavnthlgfgmhFkAXC8qhBtAxE5s4fVzBxjBxX5joP9Ur7vmPum6B3YQzFjpV_lnXYKy_cM1BHb3XNOjegneKZxhpM0IZSBJcmISqpyeesvboysKRrOqfq1B1-RKUqoqggb43CwxcaK_M82uQOf9SD8uPsUrkuDYvH1JYckw7oYLyS4DLQxz4xqn29JLVgqH2IvT7x_gn-nuMGyU0motAw_36YN_ruJuqoj0lS8Uj78w7rpzoBxnLWJuBtRZphb82lVUmZ-WrgJ9ZWiMSB0znNrtfPSGcBQqSJjg-QMP0y1V3j5vU2wIGMGqgFluchIZmCgjT2cYkxOnKJEz2WxCY6k1vAL7yBG1XZh2a59pZstucETwRq3MpJ-tvepfYkGLvRImBHY4IX-71M-IMmJ9pq1kXcdMmpYS1hVHUjYZmyWDosY7firD7OXvKxtvrXGNZnpUgi35Aaj_mMB9ToFW6ARm1zQsq1uVt1ZaQzDIEZUGKlGdwKtgnJviHZEcRUGMRfhiJ5AE5jkhrP1wEZwtdadyDwhU-QoU-xCkdORQMaNoaDZEDxLQD6WedjUXGxL5s6qT9ASeQBRv1AKl0amRY-4xmKLMZ2We1Xa1fDRcmP39jfMS9_QQW1Cxo9RUmVcWKQ8M0OLdgWAkNibm6mkcqT22_gIy92fXybLTcPAO5T8fWR1WGdQ9aEW4SPqAy0QAbzuUHpRMvi-AfkjABV9b-cTN8eNmwNh8nuqFX2QXxNcEirp6S0lPdEI2HtgQBBydIlqO9Xh-iiaoltuu34_IqzcmCIm9Z8nxkraRleKio0A0FyZeNdhpO6P9T4MCvIr4ZhoG0D5QjTzPvpzIenPHXGjWneDIcUPrAUl0KhsOcEtRuYpbC-_BE-jy6RHh28eInu3ORbtoVa_avm3WTHbfEVD-JXqzRAJz748tT7Je2UTFYyFGvKsLAFrQzBOoWXw_rjdLoqp2xkKv97bMJ0wDXij-V2B6Kh5XuDnIZnmxQgfoLGvmNTlIh2H69QQbUqqvwb_BpC7yPiZaWBXXmprADLJx1Bx7NWNdTMNVqdyS-lEMH5Ag9O9OrlXr7mGMFyUBZUXgfnO8pTDZs244bYy7meWODu8-Y5ubNs6E9Gfiqb5vlJyfan6FNa-DSzb1IhQqSHGOJXdkrpA1Inxo_Avi2Enp-llNpa2Mq-VrKJqnpsQLwupz6UBpoHyFKMgH13BybvpBd0DMes5IQkPHoZy5EpVIkVcI61xhaJysOG7xKQ9LNgizrnuDCx3ZkDM1wQXCRYiLEgAxFTfuOQuWfFGtsnIQJiAgWyHR5gCwV1vK8RHjsGlClfF6-wfWXctZc8W3t6bOlVgNicZw8_GOkW_PhjyMVUAxv864QnU6h2GtTKdUNEgiWuyueZZ3HEbcT8ZW6o6S6db1WoXcm2xd-aTAxRoUz8EFDq0_X4muMLCDCsyIH5RrWrjnJEkzmOKIgcPxpSSGIc51nKJZZ82ZkeGmjWllhGaDSWkN07Sx0xRfvfDm2X9Yrk1wgpNNCk1EtGKWOQpFGwlFUkoJthTFe510A58nVp-7dHaA7NglBrpBbtF2culM_8VS8Ok-E-zEgsaXAkHVv4cHlo1sjCbpPDHDBFEYRekn293ojr0R_61JO1p1kblX6HVbeJoxQamdlHQP0d15rCIeGAxiF0QMIaUig-4N4QCsp8-XMES9OqH8CHv5zXe3BoF7yQOEQAtFu8lDNOELq9ixOn0NjPQFY_C3bsfSl0HhPnzm6LZuYH6ST4hFnr5tiicgjyAG0avL1UYY3aznnHooyrQTPqvQzIo3y6-KnB59FgdjykTutij2ZEkj1CM-JTWCTWmSBqZz89QGS_btgmvpnGIV0XHOT58xHeeTuruVNY4zmz8cQXy3wiH29CXHS0jE-rN4dDBWu6i1ch5qjyv_8vnmDeY5oZWNJJHsbgrO5S69bL26lr4PMtkMCWeQLDcQkzJCyE8gKtJyT2acm1oVj84IzP8a7aV6Uu2tNH5VA9VoFO2T6Dd4JI-RgK2yQTfQiL6_gEM0uRgKdQbJemVenLKh4ki7OT_iZfT6GnVyadE3Cilbda-PEcl4UFUQ6V-AM03NrZH9EmiQuIzsV_5q89PBN3Acrpf0PTtUI-hQGg68b57XERWjHrW8gYKqIsdWjse6q8d8-Oyn92H_XvklvyWbsomcibxc3UJEzmgMl9P1H10NA62fwgFaGZ4IfvGgI-gA0vTvNwmj5EQiYe84_cliMo9Sk8TUb8oFVVSbptn-nnWq8VM6YOeB34IhzO_wUk14VeMOTRZvfAvYrrKtTsPydkCPhGedGrgdmtmpRRd7P6hYZC6yXQM2r9mqTlC6mwtdnWJuHAQgxFy-oHmtpV_7O5Y_9HCwH5BY9wNgHKByYPrLSw5O-Q0Q-jHcBvWEV5yWbmkIiIbFeNUzk1GAwssghmBu38r_dKnEngb02cKg0yHeVm2gcO7cW2MOZAzwZWCl8MnaQpuv5pjXmcZlbbKuAuVs3aklxLHK-cqHbWiSY19GxWzQWFVPNYqVaMlnwFRMNFdW8ZNB4q8hLmiYh6bIYWBtdwbEQrM0Yd97BCfZj0lJ6cBxKjElItGwAuiDehrKpQeVmQSV_NzZbsRlgClj9Bj_zkBDOHN8CnlvfspSywMZ0RQX9veRiRlpGoOW4ogrxkavonZGrjogc4hr7-Rxj5_lUNfplpDkXfXldcJwpBrI27ExDTdlFqBJcZ-GtHPHZSmDYc5O27lWyhziA2shxEQBSiS1RXENXFcJB0Qh-XNfzfEUfNYvboVuGHb0NZtb9zPoeVW4dFTfLqr-jyg1vPWqEoZpaC5oNbFTj6To5vy0boclmKGi6QQvQSz805d5pLJivO_ju_b171IxDPSF5llMQc1gFckUfg8OsAho6KprZe_5S-oZZf8OCgLvYVwj1vcYyLn3AFPSe2pc3zRLGuh7SpFdWMGr_8IT2QFCSGQMTTKfXmekl33oQ&cid=CAQSbQBygQiDEMUeGIMyqjiBxK0RVzVRTBtM1JhQ13KtMONl9xzRmkEf8qu5HE_gGS8O6q6rA3lPnJkGQZ6Q5D5MSIieiD3ESKZF71fs0PD5jOnFe9niUoFviCyaepERJYApNrwxFRMPB5pOlEfDsHgYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=4683820838116261000&adk=3887872403&idt=82&cac=0&dtd=17 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f87e25a368afc06a4d8760f67754df03d638d6ee0910cd3a6d61b286b365016f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11457 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame A2CC	207 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7e3e89b16303b9dc90bcb31af1e2fc8622ea4fcd68da4a0a06b360bbbb12c175 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/png
GET H3	200	container.html Show response e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 12EC	6 KB 3 KB	10ms 9ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ye-mek.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:51 GMT expires Sun, 23 Jun 2024 15:10:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/ Frame A2CC	356 KB 119 KB	70ms 69ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4e58bf4f63bd87d87eacbf152657fef7120915f96dc3808ef9d021d108572919 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 122033 x-xss-protection 0 server cafe etag 1089880895665051111 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 24 Jun 2023 15:10:51 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame D111	624 B 245 B	63ms 57ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYxYHo4gEwAQ&v=APEucNXfvlIg_dOSpnVt6-4SSclT402UN9OO1p0-StrBhvvPr_HuYuKrbb9IwZzU6jtljCAajf3eDE6Sxu6_FqeAKeAkm-UHDY_r28RCUGQbNKqviHoKFDjiMhfi3c0o5mEpOpv5HZYxvM-tzULWLkKAbsNRofvh7PKenZp2kEwT9nY7R0jL2cc Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:51 GMT expires Sat, 24 Jun 2023 15:10:51 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 177F	78 KB 27 KB	121ms 116ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28042 x-xss-protection 0 server cafe etag 3261498652431352696 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Sat, 24 Jun 2023 15:10:51 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 177F	42 B 63 B	49ms 43ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CQmZD5l2uI7rVX2siLJVVUAXUTuhczwwviNBteWWd301Jj8mF3uSYIwfa8_Ewcy6BHh5gL8ABgR4uiikrk9iDjlOlHCzlm03_dUYQYjP2Q7CZRbaA Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 177F	0 20 B	51ms 44ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5665225942590057874&x=1&ct=76 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adj Show response fw.adsafeprotected.com/rjss/bgd/1352960/70224227/xbbe/creative/ Frame 177F	253 KB 77 KB	183ms 92ms	Script application/javascript	63.35.89.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/bgd/1352960/70224227/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-AivqQPI5VKg9-wTaQPI9yV1G1b3TcvIfGGRr9_QJbmOQ3JuqnIyDv0n-abq4g0Bz9FcEGfvln4sv37fZNia41pyygKlnYTEFkWUb73h4C2f1Fb2qEHdGIs2mWaJ4RtQQxHcQvYRPEyBo9p0fZxQOSZs1hX4E7zgouoU3oMDT3uKqnUMdYSqRUAoCZ_4M7nqvs1oNrWie-cKDSsZc0mc53D1fze5iA9MDpACODzs6xW5-YUjrgBraWfDrT0Vn4YEKeqKJhwKCdphhBoEe5DL9aIu0YmgNehoEag5mzry7jC-_L1tciPFP8xRgjKyMosfAWVRsnNAda0BtzrzvzYx5nnupeAsqS4wmBWKP5No4-jZ4RV-RCPPjOVLhgoxDLZJ7UKNaTV9nPw8Nj2hE9bq9e8IMq4VJje_722J9FMDxF_-C3YgTc8wGzEVuMmIC8XA3Y0qjRFeH9Ol-ipz4ho6cE_aZeHuuEw6b5uZmmKvzaS5uI_lpwjBudwUMLSgmwXhYESJW7Em11VxlfmdU9eq52QYiEfX_u5x_parKb1Qg_3lTJsVxeirv074JWVeP-xRqsEim5A-azhZuQ_f5jZq_kxW8VV5g0KqbHDjQPc7cM1k-McjjNRQ2dTJdAgcKszeZ_aRprxrliKOPoRhKOQQSpkdB1Lq8iLH39_h7gfVoNH9qwFye8JbJ367MAWwnrlD2OLGxevubXWZ94VshqIdX1e2ANFcFN6Mg37puRbkjM5Vmuq6avTXq7Clc81nOQ0ncyKc6Mei-X93_atdNImhJ92uMddFEcoN0xzV535Ax563NFOTSfMcl0Qx9p7qJgdjcV4xNyeme_ImZngdudS1--VOT46Xxpu5nKGQeJW7nHYly6SC8n-8jHXlLL9-jN9Kn6Bpmw0Np_wPlS5w_2hFLcrGYfa28ktan70vzHBZOt-7QlK3TR1j5uxsT1U5gOYGD9viYzuotgCKoIWpYLeiqOIzt3CGkq2zG_iuPwQ9YFtZizSLECwXLseDnImPp_qzP1ArJhuKmVazNJusVD3-z7jdVW38KiPLB9N7krzQyzt6NAzdrGV0zshHqTAC8M13ymW9WR86_7AvzywAozV935GkabouSJTKF-ND00fhs4bNDE53QO_0D3V2j48YpvghW6Z8iD5XKjBdp-RK04wi4aWC5wha8VtUyEbx6usXd5VBzm-My0FJlar5-qFwaONtYN__wBof_KJfT6gjVpkefHy6REqQ8lzJVgejTKhOOl34PNei9p3uTLvNEN-_24_XkUk-nFbrzFqwwrEUcyIy4kl6Bh_mBOtf75nu4Juqk7JrHxJmNZwQaU-VFPkE1xzmgaqMnkLlmWJ4m6Jf1qd1b9xLyBm3u2U_h8Mpt-AB9VqmR0NIeOaJ5M8W7tuMv2GAK5T-TKDi2UHbMfcVUnu9AdKuVD0dHxwJy2j1GnMazWTCCeLiodkW88hU55muZj--wwFz-lhPKXFIji-2-d6Bri347NAtISdar6jrksMxY-WDq09wFSnjSIwglzffTzdgrSEOW7bIvYIBtnTsSEgQN4owPt3z6h8bkWA8har2XUK1yXXc7WS8tMhMNbZGmy2cVcghrRELw_EcXa3UDtgJ5dDvTC6V9QWQjJiumm--b8Y9EjALleUtOcUuYn9VMIJYKUQcoYr57Odfg64nFMd5gv_ZRFr3zJ6ETwnf1CzYsDyPnar-go4KRxd8yKre9XXtqBabnkUBgKIhA5wov_pbipflK9A6N9tmijOcr9D_1EmkYXX-nbKW762Ndrv3u5n9PbtRGe93-SSSXV2cqEfzXBlP5zXuQ0x-GDjoiAk5m6COomIfw81K9Mq7KdCCEwjHSysa8VuviSguUaJaucKGb2ylA4jevEKnJgOrb3tQ7AheWzLGa4x-MaJ8RqKobUgBkO9Z3NaEAktl2GKr-BTkywKCbcVcn8eJO3SBcbAEpXtxOKWnkGvITSJ1etc8O21oTuU0vG2Q2mISbelNbfIpv2ZQFji1NJoZPNlYGlLojeryHGu5sXa0Pbod3i9D1CQttRHmBlpBrrYMfTdd6PJ6aeqY8VtVwXdDNeShdZf0k4akaWvJ_EodBqFNlY7-fqCPY0JgYs9NVWd7AT0eRYrWFbJG4sewKA2XgChzHcvJ7mY0LSAHUDGhPk9z-HP34k6BSahp6fjAiRCnXECCgXJo1ffOO2LT-cKJgYqUKCFLn859kAx76AkPsVurR5k3ZRfT6j3bA6qBRVaRDen3HBwIm_21yveUP4jrkUrbkGBZYFMPnj_AGT_VyAAnfZlwSJg5-OHyO3aKrQRaaFkr8Ona_AsO0zN5MizFhq5v4-GbCSuC1UESc0N6A4AUxuIKelTYkop_NY_CKO9iDSqxUtP0ZYEKihjqWBOGWqzTCsYQBAxecM8iGZnjvO5LvdklDyK_KWW62bCWi7slAOugiz8mk77SNLG3U0lr8HHtftQYOVhxXe3MZ5T0jLBXF6qgb-kVV6XgWZX76KVv6fr-ZTrSfAXpJ0Ds3xn4c-Hxmy4Sl1sUs2AytsEJpSoMzp2AWwI43glKP9ybiK1MF3MX3kEb_haukrPvLAYz3MAElBOQshEFZrIIc0GPvYZbmE6c8FPue4JHsNOfbshhv-PxFeZZpRR-2mK8F1SishBdN9qlQ53Bjlsw8aemtF4mNo496IoHFKgai6D2J4UU7Wzxnyqxp2RDZUi6DcfbzoK4jsHFcMIIZnUxrycQPq_5_cxOump1v9agV6r3_Mq-u1uGsh8qpD3F_QlHQ9QtO7x_Ze96xGl6_R171t-Uua6d7I5cG6Cdy66rPTAy3Lt2__WiipBwY-3GL0A_4P4r1CnSQb6obmhDnnMgFj0kROFB8mK5RLIfETX74Csh62nTtuXk5shvQ7wy-BpcDif89gbDeSoi3RFCIInliSzq-Yw8C69jKSHAt7BtsG8aLIjR7HARb1DsrjFFnFrlV7LUKZnn9hlKQsfgZ5J5X8ZG0BKgkx0Cn_CahqN9utsrNVlJ6HqfRl3Ui8NLC-VjfmjlaYP_80oNwqnatgyzfJIOFrwOQUXgKXApUYfP6zT5ck8GHeX0RFJ82FkMoMGW8hoCDh9AVK18AJ5-fNL7HtvbvOQ2z2x3gZJGio7FVBuRIqoNGJC76V6dRXzzFp0RK7kz2ZTGFLyHyRx4ZicWKl9HnUK7307E5sGswRwduKEBGDDEifUvuBqJpbzalGOYag4vuX7_e0Z0CH_w4rFuSlOJA5J2_aBn0zZyxvA1JJ0rFzGYQUQ6VAyj0F2Rv7GGI7ha1RAtNF5o0e10BalIwB6T_d_i5cQ1DREfSu9YEbF9Yg-LAfKJr9EKW3MkvvtmNJGY0phcYHkPOcwnwevdRxh2VFh5f1ktZ4Yns_S_U4nutfwKYqwmeNi3AwGUR0LhUAZa36mezTwmrr0LvXzjnCUgWZdTcCKB6sLvWBHwtNQqqvrQiFgO0etOwZgUOqTIoEqLl7D1DR2p33bH2Y2xEPG411l0xHLjY5JHku-eG_CiK9wL6dQY8steVLpONd9q3odTVfmXWShdP55VICvm-iy84ZswA-kzMKP-kHDFronuQdj4jFyO2xj324zg839CXXYBUL8_ohSwSh1Y58QsWqnBJL7sUf179qaTU9ST-_qnlZC1bbIeQcMRmPPMptkkyag1x_-9Gp9XCxst3Ekhu0vWwdUHy64a4TlUn-cYM0MhwwURRmxM7rmA0X2sqeWWRtzH4Er_2C9jFpnMKgNfK7cY5y1UVENXBM4SrFepNV6eBjgrQTFd-mv3H45S40i_07QnPqnAK6gxnxkKBpzCAQSbQBygQiDg-wr4CTft0WWBkb6lK9qvkCvtkXEZRd5tm7OdkNGIbG42UdNMHOJm3pApSFRnip7ipsXFqITjSRO_1owZMiupIf5OkV1VWtz87Eswef9Rb_x1lDGih4MT6RiF9owA_FGLkR3ltWydDoYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782081104&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gy-pacOXyuEf-Mi_tWlDdU Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.35.89.158 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-35-89-158.eu-west-1.compute.amazonaws.com Software / Resource Hash 7e80d4e5309c998c6272d2208d294d754242564cb758509d0bdd7103a09fafd6 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 177F	3 KB 1 KB	24ms 12ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 16:34:51 GMT content-encoding br x-content-type-options nosniff age 81360 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 16:34:51 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 177F	19 KB 8 KB	21ms 10ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:11:55 GMT content-encoding br x-content-type-options nosniff age 71936 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8131 x-xss-protection 0 server cafe etag 7076601798724011321 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 19:11:55 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 177F	179 KB 56 KB	45ms 33ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57242 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1687383875062185" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 24 Jun 2023 15:10:51 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame A64D	624 B 245 B	60ms 55ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYxYHo4gEwAQ&v=APEucNUotPF_D3-2K6-8bEyTj5dTItXyy5HJw-BvAFg3dmwsAZHAyPtE_esLI2ujQEVS2nKIMHZf8fHwhy4nLWfN3qc7-sLkNg4hl01H3PaCOU1TLJ7CRzeZgBCeZdWqJDfnkgqkeQXd3od43i_8JQ4Jz2ltf3yNgZlM1YDq3fJ5GG0PotNPgfM Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:51 GMT expires Sat, 24 Jun 2023 15:10:51 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 0A67	78 KB 27 KB	247ms 243ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:52 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28042 x-xss-protection 0 server cafe etag 3261498652431352696 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Sat, 24 Jun 2023 15:10:52 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0A67	42 B 63 B	47ms 43ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3y4ZH441Rxh-3CHeOx5JGPzg2qYePyiXk0qKIS_NEfZShlDg4iDDlLdBOUEgRF5TmTC-Abqzx79CiVCqbJa_GeH7Tq88kTAmk1Rk-Ye-ivFgcN-Y Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0A67	0 20 B	48ms 43ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10650375088757840210&x=1&ct=76 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adj Show response fw.adsafeprotected.com/rjss/bgd/1352960/70224227/xbbe/creative/ Frame 0A67	253 KB 77 KB	118ms 31ms	Script application/javascript	63.35.89.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/bgd/1352960/70224227/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-CDcGVXmqxeoUalaDnV0d5SBPdG3sGXbHYj23Dm5gV7WIxwuQUnBxxF_0LfPRJLaeSnzOUgn3iP0vKX3RhjIxLmQnsbIDh-BCw5J9Qsr7uQYmB8rEd6hVl-6YVBiZge8R166jIEao413gwuc1JtiYdW4rfcnwGcW8YVwuVstzmbq1Ut67ESqRUAoCZ_4Bn2sgsDL4Hkbpr9S1PevmFKhE3-gWhuAIiutft17ytdsci3Wpk4yHmHtu0RtU58N5mhHZuyawZIwccVw0jCuRfC-XnPBZEiKvtYnskBqbXT3VKAbKY89NDzHcHZXE40WAy0rkOxp6T-A_brpB5f8-7ElRTvEP1w3ZzB2D96LYAAPakY2oFldmT5e6aHtNtqR2hgQNcdj-FtjGAw3rQ9JMFRDvLUhCMWEBYJ5EQRA5BDojguiq7-YYzoa5skIQ_XEdSNu76Td950x7dTuP9fdfQYIxvLdx0izw_VGrikPqoV3KApB7zbL0iapvaZOtkpV-qyt0yInkOEdPQfEGXRs4LVporx-aeHxDoCiYO3kmcv-0QkgKyrEkRHuDxPGcztzK4RCFPFdVf4Pgtt5sjp7lMzWUkAJEhH5fKzSTMkMGjdbNpmq_jQYjT5NBcutP7avF-tA-RfWgIvIB07vN3Ag2U19jytDLbw6Tr-Sxygezj4bniIXrBWmbgMoCgikvMH36Iy9FRJs4QYc2O01DB7tkQO4bRNHSTdNXvoRKSQPb5hYs4e1Xu2G428MxU02zEV_nWSpRhyA1Mp805TQ17mJTAEWYvJLDJId3BbQrK-y24nRVDhTrDDhBRws42moAWQMASCozsQQWnVTZti8o7jeUrI7sbaUu9xbr44-qAZAI4QVeuefqJr-N6--BHB69qCYC_IWAzfrMo5fU-cm0aROax01Bj-V8YoO3izXuJ6Jt4OLMQFMcM3jP9l_83eG5K24wOqsoiAl1IJM1QwuUB-Oj_TyxgynLBMAE000WXqSG9r8VBNTUCOrflKy7UFOodxUVy3tD7f4VEGU3tx6-6WswGJX_BpfIgQ-aj-x7qTh6vvHhNnR1w9pS34dtvScp189uPJwayrqnX0EQjOHAGUbo3rjYu286WmRlE74E5x9luvm6xkh28-YXgmWVmZnUbg_GFSMDxbawXyyddHtOmog7-9FQfYQYHW7pbXZMHum9vEMzEKKjdNdvRED7vz2DMFMAHUm7-KxXbLtspFHjDZ3vR3R94NdLsC3sTdqnxxOox0yP5wnlOOOGUtaRL_waBizMDDhfN1dqlm1f-Xe1u_4VUhgyhS41etznZPC36eRhSjg9dmSvOb7-dgedppracyxSP55VrzPAe_0e6VZ965jiawzL9GqAO1wNTzjVfeBCIqc-VaOrS88B0YA5YN6N3JZe_suhIJ7OEFqufQl4igCyElS-61yn-tc2KOKW428tnVnvWoShRvNBqdccRKSKHwh5RNWGQeZG7hWlVdvMJWgh3DiXkNgvlZ2wCw5ZSDsg1XGZrH3mU7ZcZprMxa-Y6RN05LRxqaSK6XF-tIfsURU8wMM-CvWkNw98an2WRiFJ8Ak6hDCRAQ3GRXxgss_6MHIiRuDBb5Z-iZ6ahnjxREpfN3iegZV-IN33Hth7bkjsh3Yr9TYTMCX9bvlYzPawSNgsewQcqe9qOi5buztWjT7fD3debt0RuVvPRusxl6BxFzNv8Qq5nNYWb-4bPY--6tI9H9bb0RT21Jo0zZ6YrEtYmY7uwGjsDdJaUlu3tV93SaQGVXA9E70aIERJ6QJdeDfbPedeP_yE1DcPUyQyH5C1aocETs6uwqPbQ1-Yl39QO7FaBmNTVpWHfWqlNPc4sPbnxfbubpd1pgKXq0JNYu3MFIjUzPm2SBqRNiPqJfqMikt2jtsrC0RMV7fMe9E-imXIuSgFCMrrMfbc-QMqUqR8vyI-PjRQzS9iwCQHc7VjdEWpuoc7cEm3JreBMvyICGAWn4rU8bMmUF9TDLsmfIfqkhTe6_IGoUUtzbL-MCcRBLwUzFimqFQhKoXSpGnY_0YbPjhf8Qv5JRXT_yC-HjW8bEi62p4BM9q3M_XC18WOHkvHYzqJgmLlS7vV5euodyJMIrf6QH91B4DY1qNaZoa6d8WQ7V3AVvjyJFAR2f-9wRJLL8QoqMtiqkt4cY-NQoVZPuD02aQtx0pGI9DdHZffxVWxs1BtVphlzPbzIJ13lfDk1dTMc_kMZmGqL4ZzDdnRbPWcl-kWm06ODwpv93c-ImcpzIIQ_m_3TO9CF2ok-jXN-pqhtreySNmxIAu94qDKBRpim5hw8-2lxfsJRtN4Jc7-PWxO9TdufsjYe1oGo5VG78kKykUCzfd469-4eTNOlHY4ccFrEsgVGnUlME0zreCz1YKPF8X5ZbosYKhdCH6-lR4z7zperZlVeIgdBPOf273LXmPM-QcG8MvsSDQHRqaBNdKUkNL8WHxPrfwfgKTZE-kDUa-4cHeTlmET9qylEpmu2Zq-cHV0xqqW6jfhBLSQhMRrxREggVYgfy8nMtYImTbMMBwW1o1QUG--mAfCOdnlyRnXyOB1brJirWPquWG9HqcjAiY6w_Wz1WbK7DGUlKBW_5zLS4PYfYnOQ5KWAcqqAn2CQyMBm68eoeJkNoBJ5PwJcK0m4LwHQFBDA1o4FR-Aom1XGRzjjUk0dg0Kat_J1hfzADT6iCODNavCpT_y8lE3kJMAQE01tVBXACTkgda84oLryTNFQ2YBQyOfFO2Jzyi9Bf6885Q6tKFTSL5rZS4fDUfP2SxZbPiMEHk0pxvlL1TqhefCQXtJUnUfm_mWsISF72pCqQILYQz-YaWKPIhWXQ4DjOl8gYBDG8EHvgkr6xAUlcpLZ8ShWNOxL4BoDD2SUTuU7K3Y4XlawOWeZcsmF-C44DO_afFSdz5xy7mowdxXminjIXbGqXug4zETsKzQKzrzwO9Zna4ldeGgPJWiIbpodOq8KuPErVnesLu3pRpHW6P-PrM8si6iC8z3v_EWjIw55hp-14q1X3okEsmFEBLIAKiV5NAU1pAhC9tucroZo3rM2ccncbyn8mdBststp5JUtGTHPLuK00HbxwZXncZcprSIdBbvNe9r2w2wMQc_yowi5PZMnEf0BqCaqqgb-kYTRO9XFso5hyjiFAuuYYhC6YWJ6Zmkn4srgJp-ikNLBq7qGcur6GAiG81V8MhGM4cHt0EbtSbXPHh9XOazar99WTi27aL_nFKFjh3hLT_D_gx413TCBCzbjD_P_TNl8ZVd6TOEQPYihwAr3C7tN6a6182Z-oFMl3NlNnkgGo8vKsg1gLjv9SF0K7KyG4teSIeuYCWvTjZS-QvFghzw4XE8K6cthH6y-j6_lE30JxqAxBJ592KTmHxTAR1zQvTE00tSDDPUBmtLLQzJSRBlxw9PVTsk-XqGeQGmITUTFZc7pjpSFQ3HYSNXGAjtdAnicjA0HICjcDxoWKEG6lgXizQcyjnUJCBh-AYVB5yse3MeynkpJjiSAkEWhQj7Uqt_jvxZyG8dtUmtRWyN1TUPUubCrhBv4Xrcn8wHxGSWF2jMut1nRcmbdd-uz9NrELy5IQTdTacHdPieJkW17qj_6ZiUN03zP9jnE9wCoTgeusNcaS1ayvbUB9xWRbTf4TLCz0p9ycA_3AcRVMzg6ZTahZQ1ShM6SG7K-keopXowT5P7Uf1jEzNFwXix_G9Tp9hmxPekPQ8lm7rqf2EDfAFDFN5mz9Rcttv65Dv5gtgJNhD6iNbnScPKwklcUaSvco7xbQioUB8m7vpjpv_4ZUHxMMI3QPZqT_1i6UJR1_QRpzCAQSbQBygQiDesc4HT9I0TjrOnxgDaHiRDjntArQHT5bSnrBTO6yI2JNQsQOQ92udKfJ2lx4m6JJhI2jw78rj8gyqhPCsC__RnXXl6FLwSFxjkGwPUr0jZXoF4wJ4FPBXG6XAAWKFWimse6eChK2-CYYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782081104&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jUoieRiMq-u4MXzMUXose- Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.35.89.158 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-35-89-158.eu-west-1.compute.amazonaws.com Software / Resource Hash edba3cdd0ff53fe456c140ca6d2171e9ffad0d9c502db94cb1e249124d60d339 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 0A67	3 KB 1 KB	22ms 13ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 16:34:51 GMT content-encoding br x-content-type-options nosniff age 81360 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 16:34:51 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 0A67	19 KB 8 KB	19ms 11ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:11:55 GMT content-encoding br x-content-type-options nosniff age 71936 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8131 x-xss-protection 0 server cafe etag 7076601798724011321 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 19:11:55 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 0A67	179 KB 56 KB	51ms 42ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57242 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1687383875062185" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 24 Jun 2023 15:10:51 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 79FE	624 B 245 B	53ms 52ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjihLbrATAB&v=APEucNW9pKOuHdb8OVSWOZUsZuffxqZich2caJ7ZUN-_qZJpJgx7hdcEStS50_WTvJjia7YrsJJqIrR8Yhlwn2W8L7-J9JbEFiZg8fw9YRQ3kwVBky-flHOKP8Mdzno5Z11T4QWouc1C1epZFQBH2DjZIkaQSZ8388lMvNQhz1l8AdZDl1ccTEE Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:51 GMT expires Sat, 24 Jun 2023 15:10:51 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame D03E	78 KB 27 KB	278ms 273ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:52 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28042 x-xss-protection 0 server cafe etag 3261498652431352696 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Sat, 24 Jun 2023 15:10:52 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame D03E	42 B 63 B	56ms 51ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dfl9QKxKwkDFYXGlXRkX8WuVKO0Cv3HPj25gdX_CjN-OOlE97KiUaSUCrXYoIhfntxBY5m-CZQg4dl_2lg03degIHy_HV7POWCJMAthHIHBZw8jI8 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame D03E	0 20 B	55ms 51ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3274816977669780280&x=1&ct=76 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame D03E	3 KB 1 KB	18ms 13ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 16:34:51 GMT content-encoding br x-content-type-options nosniff age 81360 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 16:34:51 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame D03E	19 KB 8 KB	16ms 11ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:11:55 GMT content-encoding br x-content-type-options nosniff age 71936 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8131 x-xss-protection 0 server cafe etag 7076601798724011321 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 19:11:55 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame D03E	179 KB 56 KB	49ms 44ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57242 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1687383875062185" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 24 Jun 2023 15:10:51 GMT
GET H2	200	css fonts.googleapis.com/ Frame 9DFA	4 KB 1 KB	47ms 17ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 24 Jun 2023 15:08:21 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 24 Jun 2023 15:10:51 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 9DFA	2 KB 945 B	8ms 8ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:11:55 GMT content-encoding br x-content-type-options nosniff age 71936 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 19:11:55 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 9DFA	0 0	55ms 54ms	Fetch text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CeE1ReweXZMnqENjX1gbBnYyAB72Npq9vj86vrL8OrayDrcwFEAEgwLKCa2CV4pGCoAegAbC6odcDyAEJqQI2xPCRH0eyPuACAKgDAcgDywSqBNwBT9BCNx7seWLC9jtE9nzYb4LeDftTVh3uzgzZxtX0GXLM_cr5zx2VXu_apeKvwv_gUhvaRY9GHPAvR_dpySVZPEbnp1zAZZAMjcOqox5Nz-wjHCOJoXVVgYdVENL97kTetSnq6exx_RyVwMrAdt-Qo65bebbQdz_v1aIB71gKxFOv6BieCFJTMkUnENo9EUjB0xAkf5wdpvCsLtLEIyunaayPYbpUokYJBnslRP_jr4sWeEOM9wliy4wU_YCIm9x18HS8Fhxj52lX_pWP38IGMfYaF-puY-ReYwnQX8AEmZ6pquAD4AQBkgUECAQYAZIFBAgFGASgBi6AB8X3rT6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ77EL0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA8gLAdgTDIgUAtAVAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=-iZGBMAbXNA&uach_m=[UACH]&cid=CAQSbQBygQiDt4Sp51CzHbXhJfJf3K2qHRYXrIffBS-gGuApr_aMF8_hbAWyHku1LzxXeNBw50ksIX0eq8z1UzevDALSZUM-DY_ldc0Ymaq8kQcS9oUV2wzSansrQBVZvz6QXlOwW01nMdaPiW5TASAYAQ&template_id=494 Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 9DFA	22 KB 9 KB	10ms 10ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 17:03:07 GMT content-encoding br x-content-type-options nosniff age 79664 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9007 x-xss-protection 0 server cafe etag 10216374826415589524 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 17:03:07 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 9DFA	3 KB 1 KB	10ms 10ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 16:34:51 GMT content-encoding br x-content-type-options nosniff age 81360 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 16:34:51 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 9DFA	19 KB 8 KB	13ms 7ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:11:55 GMT content-encoding br x-content-type-options nosniff age 71936 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8131 x-xss-protection 0 server cafe etag 7076601798724011321 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 19:11:55 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 9DFA	179 KB 56 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57242 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1687383875062185" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 24 Jun 2023 15:10:51 GMT
GET H2	200	b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response www.gstatic.com/mysidia/ Frame 9DFA	33 KB 14 KB	51ms 6ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 14:00:06 GMT content-encoding gzip x-content-type-options nosniff age 263445 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14011 x-xss-protection 0 last-modified Thu, 15 Jun 2023 21:12:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 19 Sep 2023 14:00:06 GMT
GET H2	200	css fonts.googleapis.com/ Frame 12EC	4 KB 728 B	19ms 18ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 24 Jun 2023 15:09:45 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 24 Jun 2023 15:10:51 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 12EC	2 KB 892 B	13ms 13ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:11:55 GMT content-encoding br x-content-type-options nosniff age 71936 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 19:11:55 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 12EC	0 0	54ms 53ms	Fetch text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CbzgHeweXZKOnD4PI1gbGnoG4A_nk6sVtzsDFt6YNzMeapv0IEAEgwLKCa2CV4pGCoAegAbC6odcDyAEJqQI2xPCRH0eyPuACAKgDAcgDywSqBNsBT9Aw8DonBwqsvCIaR6l3xCUnIRuoNakPpcQp0PPyKByavdo7l5dyj4ayb1fSBww3Hf5v0PLeDmfwwhu8g2ECz8cHvjPWyn1loLU9Cw1RwQAt5NWkOZk0B2Ytpam6Ftxq37rd5ivDftx9NKFvGDy1kr7D0RTRxbswnUOf8cymmK_FzGmFicvLdjoa9OHjOScey2u-W4xBKqyCNEVV3lkUf5i-v3V0svB-yA5p_Ruc20wfmRL7_B3Nc2puCUZhUHKNqNamwFHTUyW2XLKMn7gevQE2_9N056-g4XnOwASRq_3kogPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHv9m9YKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBC75wLSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=6dFR3zByFj0&uach_m=[UACH]&cid=CAQSbQBygQiDqqi8OwyU0BVr7i59aRcxRkgpQdPbzwHOxCpgJGzG_UPJZ0krrnh1Bv1MImUi6hVKpEL2tWCO81IFTgPjAfoBGDrx6nq8kv8MC8u-IqMS6lkSvubg1psz48fGjCXTBMBuDApgggKQbv8YAQ&template_id=494 Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 12EC	22 KB 9 KB	18ms 17ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 17:03:07 GMT content-encoding br x-content-type-options nosniff age 79664 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9007 x-xss-protection 0 server cafe etag 10216374826415589524 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 17:03:07 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 12EC	3 KB 1 KB	17ms 16ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 16:34:51 GMT content-encoding br x-content-type-options nosniff age 81360 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 16:34:51 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 12EC	19 KB 8 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:11:55 GMT content-encoding br x-content-type-options nosniff age 71936 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8131 x-xss-protection 0 server cafe etag 7076601798724011321 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 19:11:55 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 12EC	179 KB 56 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57242 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1687383875062185" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 24 Jun 2023 15:10:51 GMT
GET H2	200	b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response www.gstatic.com/mysidia/ Frame 12EC	33 KB 14 KB	34ms 5ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 14:00:06 GMT content-encoding gzip x-content-type-options nosniff age 263445 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14011 x-xss-protection 0 last-modified Thu, 15 Jun 2023 21:12:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 19 Sep 2023 14:00:06 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 84F8	41 KB 15 KB	19ms 10ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbLb27q6W27HqJPbTTbwYcu-cvHlxA75VMjzS03QgZ12p2uOkalmacCF_OPT3JTP4Q9Q3qwkHKq2Ix1wgXwoN9aPy83i5ieHiipHYRjoQxfNM0G36nnpBY7_aYtDpLUyqA1U404LZ_33z7NXSC8Van2NZvGBM5feM5EGpYFcq03OKhRng&cry=1&dbm_d=AKAmf-CV5ASw5X4_frTpr0ufwRdaaTjTNuYJ9dwAVo-uiqEsOdX7H9p9jgk9Dnckl--BEKJzXah-8h7LPB3piZvXH9VZtUdgLiHfj-TMfQk6Mo0T36ZzO11AesbY-jml7ivRUF9xZQHlt9MZDuQ99j0LRBVpFnV-hqdnHvzCmgKlt3fQiKqh7vlVXapX3bvXsaoELDa7BjPGNu6izmhSMA7iq-hBNMl8ac1FbmRLDudFnW8FsOIYHZ_lq_hH779pcLbNy-bE8sQCW7F3cYVXGWVUSsdXMnfWushOQrA8W5J84MFZUzeDD8uXqrbLIVrIX2hHDvYkLEjPePrxArC8O7f8DUJKTilumY-uxwZ4TBcIY6yjA61HW1gYhNvBCegYaLVcZ-sn7b9FSB-Rw8W035K7Fl8uxrjz0SlDow3lJMthEUINCcGlsZUmqh9PmtzfaVJiQjeyRs8t2M-i_gS1-5eLsi_uob3IMHaY33E6SsgQMa2QAHRlHAIpWaB_abeDd-vxjcMjJzB2GeGy-cCt7VlADPTJgHTQhDMhBS8qG2st_XTLTliCHJnhiiTba1a9RaqgdfVUIpmntWzUJSShNjrJr3IAoC5WSfbnm4oxsi6FFdyGfz-X5kiJvGp5543nh-C5w5BS1-5EuqK9Q2ADbnTsguLmGNcfwaF71OZqi6z01FifU6CCWUNw55IVo6yYfuAoz5WbzSiBOUWQsAtvrZdYpm16EGddivulNyF8N7WoFI4QTIKp1rCl7mlBDv7O_w9wTV8QTAHTl0G-uPDtsanD4uvkaiswwqYoTKD6NDWG376xZFjavnthlgfgmhFkAXC8qhBtAxE5s4fVzBxjBxX5joP9Ur7vmPum6B3YQzFjpV_lnXYKy_cM1BHb3XNOjegneKZxhpM0IZSBJcmISqpyeesvboysKRrOqfq1B1-RKUqoqggb43CwxcaK_M82uQOf9SD8uPsUrkuDYvH1JYckw7oYLyS4DLQxz4xqn29JLVgqH2IvT7x_gn-nuMGyU0motAw_36YN_ruJuqoj0lS8Uj78w7rpzoBxnLWJuBtRZphb82lVUmZ-WrgJ9ZWiMSB0znNrtfPSGcBQqSJjg-QMP0y1V3j5vU2wIGMGqgFluchIZmCgjT2cYkxOnKJEz2WxCY6k1vAL7yBG1XZh2a59pZstucETwRq3MpJ-tvepfYkGLvRImBHY4IX-71M-IMmJ9pq1kXcdMmpYS1hVHUjYZmyWDosY7firD7OXvKxtvrXGNZnpUgi35Aaj_mMB9ToFW6ARm1zQsq1uVt1ZaQzDIEZUGKlGdwKtgnJviHZEcRUGMRfhiJ5AE5jkhrP1wEZwtdadyDwhU-QoU-xCkdORQMaNoaDZEDxLQD6WedjUXGxL5s6qT9ASeQBRv1AKl0amRY-4xmKLMZ2We1Xa1fDRcmP39jfMS9_QQW1Cxo9RUmVcWKQ8M0OLdgWAkNibm6mkcqT22_gIy92fXybLTcPAO5T8fWR1WGdQ9aEW4SPqAy0QAbzuUHpRMvi-AfkjABV9b-cTN8eNmwNh8nuqFX2QXxNcEirp6S0lPdEI2HtgQBBydIlqO9Xh-iiaoltuu34_IqzcmCIm9Z8nxkraRleKio0A0FyZeNdhpO6P9T4MCvIr4ZhoG0D5QjTzPvpzIenPHXGjWneDIcUPrAUl0KhsOcEtRuYpbC-_BE-jy6RHh28eInu3ORbtoVa_avm3WTHbfEVD-JXqzRAJz748tT7Je2UTFYyFGvKsLAFrQzBOoWXw_rjdLoqp2xkKv97bMJ0wDXij-V2B6Kh5XuDnIZnmxQgfoLGvmNTlIh2H69QQbUqqvwb_BpC7yPiZaWBXXmprADLJx1Bx7NWNdTMNVqdyS-lEMH5Ag9O9OrlXr7mGMFyUBZUXgfnO8pTDZs244bYy7meWODu8-Y5ubNs6E9Gfiqb5vlJyfan6FNa-DSzb1IhQqSHGOJXdkrpA1Inxo_Avi2Enp-llNpa2Mq-VrKJqnpsQLwupz6UBpoHyFKMgH13BybvpBd0DMes5IQkPHoZy5EpVIkVcI61xhaJysOG7xKQ9LNgizrnuDCx3ZkDM1wQXCRYiLEgAxFTfuOQuWfFGtsnIQJiAgWyHR5gCwV1vK8RHjsGlClfF6-wfWXctZc8W3t6bOlVgNicZw8_GOkW_PhjyMVUAxv864QnU6h2GtTKdUNEgiWuyueZZ3HEbcT8ZW6o6S6db1WoXcm2xd-aTAxRoUz8EFDq0_X4muMLCDCsyIH5RrWrjnJEkzmOKIgcPxpSSGIc51nKJZZ82ZkeGmjWllhGaDSWkN07Sx0xRfvfDm2X9Yrk1wgpNNCk1EtGKWOQpFGwlFUkoJthTFe510A58nVp-7dHaA7NglBrpBbtF2culM_8VS8Ok-E-zEgsaXAkHVv4cHlo1sjCbpPDHDBFEYRekn293ojr0R_61JO1p1kblX6HVbeJoxQamdlHQP0d15rCIeGAxiF0QMIaUig-4N4QCsp8-XMES9OqH8CHv5zXe3BoF7yQOEQAtFu8lDNOELq9ixOn0NjPQFY_C3bsfSl0HhPnzm6LZuYH6ST4hFnr5tiicgjyAG0avL1UYY3aznnHooyrQTPqvQzIo3y6-KnB59FgdjykTutij2ZEkj1CM-JTWCTWmSBqZz89QGS_btgmvpnGIV0XHOT58xHeeTuruVNY4zmz8cQXy3wiH29CXHS0jE-rN4dDBWu6i1ch5qjyv_8vnmDeY5oZWNJJHsbgrO5S69bL26lr4PMtkMCWeQLDcQkzJCyE8gKtJyT2acm1oVj84IzP8a7aV6Uu2tNH5VA9VoFO2T6Dd4JI-RgK2yQTfQiL6_gEM0uRgKdQbJemVenLKh4ki7OT_iZfT6GnVyadE3Cilbda-PEcl4UFUQ6V-AM03NrZH9EmiQuIzsV_5q89PBN3Acrpf0PTtUI-hQGg68b57XERWjHrW8gYKqIsdWjse6q8d8-Oyn92H_XvklvyWbsomcibxc3UJEzmgMl9P1H10NA62fwgFaGZ4IfvGgI-gA0vTvNwmj5EQiYe84_cliMo9Sk8TUb8oFVVSbptn-nnWq8VM6YOeB34IhzO_wUk14VeMOTRZvfAvYrrKtTsPydkCPhGedGrgdmtmpRRd7P6hYZC6yXQM2r9mqTlC6mwtdnWJuHAQgxFy-oHmtpV_7O5Y_9HCwH5BY9wNgHKByYPrLSw5O-Q0Q-jHcBvWEV5yWbmkIiIbFeNUzk1GAwssghmBu38r_dKnEngb02cKg0yHeVm2gcO7cW2MOZAzwZWCl8MnaQpuv5pjXmcZlbbKuAuVs3aklxLHK-cqHbWiSY19GxWzQWFVPNYqVaMlnwFRMNFdW8ZNB4q8hLmiYh6bIYWBtdwbEQrM0Yd97BCfZj0lJ6cBxKjElItGwAuiDehrKpQeVmQSV_NzZbsRlgClj9Bj_zkBDOHN8CnlvfspSywMZ0RQX9veRiRlpGoOW4ogrxkavonZGrjogc4hr7-Rxj5_lUNfplpDkXfXldcJwpBrI27ExDTdlFqBJcZ-GtHPHZSmDYc5O27lWyhziA2shxEQBSiS1RXENXFcJB0Qh-XNfzfEUfNYvboVuGHb0NZtb9zPoeVW4dFTfLqr-jyg1vPWqEoZpaC5oNbFTj6To5vy0boclmKGi6QQvQSz805d5pLJivO_ju_b171IxDPSF5llMQc1gFckUfg8OsAho6KprZe_5S-oZZf8OCgLvYVwj1vcYyLn3AFPSe2pc3zRLGuh7SpFdWMGr_8IT2QFCSGQMTTKfXmekl33oQ&cid=CAQSbQBygQiDEMUeGIMyqjiBxK0RVzVRTBtM1JhQ13KtMONl9xzRmkEf8qu5HE_gGS8O6q6rA3lPnJkGQZ6Q5D5MSIieiD3ESKZF71fs0PD5jOnFe9niUoFviCyaepERJYApNrwxFRMPB5pOlEfDsHgYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=4683820838116261000&adk=3887872403&idt=82&cac=0&dtd=17 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 13:19:10 GMT content-encoding gzip x-content-type-options nosniff age 179501 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Jun 2024 13:19:10 GMT
GET DATA	200 OK	truncated / Frame 9DFA	287 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce Request headers Referer Origin https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	624907996767536446 tpc.googlesyndication.com/simgad/ Frame 9DFA Redirect Chain https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r https://tpc.googlesyndication.com/simgad/624907996767536446	8 KB 8 KB	21ms 21ms	Image image/png	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/624907996767536446 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 19:41:58 GMT x-content-type-options nosniff age 588533 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8502 x-xss-protection 0 last-modified Tue, 09 Apr 2019 09:00:52 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 16 Jun 2024 19:41:58 GMT Redirect headers date Sat, 24 Jun 2023 09:30:18 GMT x-content-type-options nosniff server cafe age 20433 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://tpc.googlesyndication.com/simgad/624907996767536446 content-type text/html; charset=UTF-8 cache-control public, max-age=2592000 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 24 Jul 2023 09:30:18 GMT
GET DATA	200 OK	truncated / Frame 12EC	287 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce Request headers Referer Origin https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	4091503581208051288 tpc.googlesyndication.com/simgad/ Frame 12EC Redirect Chain https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL https://tpc.googlesyndication.com/simgad/4091503581208051288	107 KB 107 KB	21ms 21ms	Image image/png	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/4091503581208051288 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 14:59:14 GMT x-content-type-options nosniff age 697 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 109931 x-xss-protection 0 last-modified Wed, 23 Oct 2019 12:45:40 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 23 Jun 2024 14:59:14 GMT Redirect headers date Fri, 23 Jun 2023 21:40:35 GMT x-content-type-options nosniff server cafe age 63016 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://tpc.googlesyndication.com/simgad/4091503581208051288 content-type text/html; charset=UTF-8 cache-control public, max-age=2592000 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 23 Jul 2023 21:40:35 GMT
GET H/1.1	200 OK	g72h7lz2c4az Show response hal9000.redintelligence.net/zone/ Frame 84F8	11 KB 4 KB	48ms 7ms	Script text/html	78.46.90.238 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1687619451283522&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9fs6eweXZIKnEb2NmLAPjdWG-A6m5b2gaYWVnKfJD_AuEAEgwLKCa2CV4pGCoAfIAQmpAjbE8JEfR7I-qAMByAObBKoE2QFP0OFgxl554VCllujyzqckTM1RzhghwCXqlMugupink9avzun4vtC1EUv0KP5mSjD4ATlO6pTADpnw3ihx-xzq1Fv0Nlc6U8_bQsFGaSBcKClbhUt5DhodF0Bt3it0JcPykHj1BJsybV5LDS0s4i_ljqfw8uEUcHxx_g0dikkpiLmqq9OkuSYUx1ul7mddMb6BCHspTShkbvdbEH3Htk8I058EWTFVP3dTz3oZO3yRxCKV85nS7ctJE4jnpLtUNmk9cFoOQUWs-xLMqVN2eY6Fg8ClFdKtz5KuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSbQBygQiDEMUeGIMyqjiBxK0RVzVRTBtM1JhQ13KtMONl9xzRmkEf8qu5HE_gGS8O6q6rA3lPnJkGQZ6Q5D5MSIieiD3ESKZF71fs0PD5jOnFe9niUoFviCyaepERJYApNrwxFRMPB5pOlEfDsHgYAQ%26sig%3DAOD64_0iWJDOdrmEX1zpQPhent2QyGdweg%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-D70RhzOk2EYmDjvLYeEbGDJPEEmpObijQXBcFJsSVNOj7a2WB_W51CMXpuWkM9s3UdLmJpFycgJh_rFllVd3f5Fq7yYlLnDR1q2904FJ9KQvYLWJSl9RtS-2DWd95D5SsEJwZvBfPBz9apAcczJQY3m0WVA0IscBWIJhrMpGvDrsKXE24%26cry%3D1%26dbm_d%3DAKAmf-CW__8_YOxFtjxOkGLFHc10eHuyfwLWSwj_rp94-6D1b8jlinVLqmXwXgNWZrh1uLY1LTNQuuy4STCrpW6SwYUN9kDb1TemRgwNrw50efakrUEaZX0FKxVod_auxMvSk7i750Ms1tg5_bkdUUBhxToWaGdFpJKGTZYV3XNrvM6Qiia2HYD9uno3t1w0xREy_HT_WCLqKhednlEECNTv7rrdXx632-G7w56CvAomCdp5ZSynBYga2N3KU2Po53CR8noR5uQHAWs7amAzOMfncT9FuYjD0xSK8RznX301CVlW4LMaHAQgV87rzj-mOlEl8aYMJKCAunRW_soco2xGMopKQ6Qcoqv1MZSOiOV_l1NdalVWIQfsvXSLZATO59Pmdu98ZbJhmx74d1ViJRnEIuSYxPMMjySVL54YpztKBikuLlCxNYy4LNXrqyBBezadkFb6NLXdu-U08tToVlAHhoGNgbQu84jgJsCbpB806v9ZnjtTuoSKvp27JKNigHxJRsijiOi7BQCLa1z0-PtdXG1ASEfPY-_StVuihXFDrHcjcZjDjp8%26adurl%3D Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.238.90.46.78.clients.your-server.de Software Apache / Resource Hash fe10583da8f0e249e294749064c55085c4f53f1927fd700fb540d21b364f3de7 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sat, 24 Jun 2023 15:10:51 GMT Content-Encoding gzip Server Apache Connection close Content-Length 4174 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame D111 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1	43 B 632 B	8ms 8ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYxYHo4gEwAQ&v=APEucNXfvlIg_dOSpnVt6-4SSclT402UN9OO1p0-StrBhvvPr_HuYuKrbb9IwZzU6jtljCAajf3eDE6Sxu6_FqeAKeAkm-UHDY_r28RCUGQbNKqviHoKFDjiMhfi3c0o5mEpOpv5HZYxvM-tzULWLkKAbsNRofvh7PKenZp2kEwT9nY7R0jL2cc Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:51 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame D111 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJcHe2qyqHXyfmbl-7.U8wAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1&google_hm=2	43 B 766 B	9ms 9ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYxYHo4gEwAQ&v=APEucNXfvlIg_dOSpnVt6-4SSclT402UN9OO1p0-StrBhvvPr_HuYuKrbb9IwZzU6jtljCAajf3eDE6Sxu6_FqeAKeAkm-UHDY_r28RCUGQbNKqviHoKFDjiMhfi3c0o5mEpOpv5HZYxvM-tzULWLkKAbsNRofvh7PKenZp2kEwT9nY7R0jL2cc Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:52 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=493 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1&google_hm=2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame D111 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEDWZvbXPgpkJNYKPXPKfuGQ&google_cver=1	43 B 1 KB	16ms 14ms	Image image/gif	185.89.210.244 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEDWZvbXPgpkJNYKPXPKfuGQ&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYxYHo4gEwAQ&v=APEucNXfvlIg_dOSpnVt6-4SSclT402UN9OO1p0-StrBhvvPr_HuYuKrbb9IwZzU6jtljCAajf3eDE6Sxu6_FqeAKeAkm-UHDY_r28RCUGQbNKqviHoKFDjiMhfi3c0o5mEpOpv5HZYxvM-tzULWLkKAbsNRofvh7PKenZp2kEwT9nY7R0jL2cc Protocol HTTP/1.1 Server 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:51 GMT AN-X-Request-Uuid fcc6ac67-f708-499b-a75a-cf75e04d1b72 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 80.255.10.202; 80.255.10.202; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEDWZvbXPgpkJNYKPXPKfuGQ&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame D111 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4OTM5MjUwODkxMjczODQ4OQ%3D%3D	170 B 188 B	19ms 19ms	Image image/png	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4OTM5MjUwODkxMjczODQ4OQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYxYHo4gEwAQ&v=APEucNXfvlIg_dOSpnVt6-4SSclT402UN9OO1p0-StrBhvvPr_HuYuKrbb9IwZzU6jtljCAajf3eDE6Sxu6_FqeAKeAkm-UHDY_r28RCUGQbNKqviHoKFDjiMhfi3c0o5mEpOpv5HZYxvM-tzULWLkKAbsNRofvh7PKenZp2kEwT9nY7R0jL2cc Protocol H3 Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Sat, 24 Jun 2023 15:10:51 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 80.255.10.202; 80.255.10.202; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid c58cb463-2d2a-4a10-bdd5-172a83c40615 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4OTM5MjUwODkxMjczODQ4OQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame A64D Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1	43 B 766 B	9ms 9ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYxYHo4gEwAQ&v=APEucNUotPF_D3-2K6-8bEyTj5dTItXyy5HJw-BvAFg3dmwsAZHAyPtE_esLI2ujQEVS2nKIMHZf8fHwhy4nLWfN3qc7-sLkNg4hl01H3PaCOU1TLJ7CRzeZgBCeZdWqJDfnkgqkeQXd3od43i_8JQ4Jz2ltf3yNgZlM1YDq3fJ5GG0PotNPgfM Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:51 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=494 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame A64D Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJcHe2qyqHXyfmbl-7.U8wAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1&google_hm=2	43 B 766 B	13ms 13ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYxYHo4gEwAQ&v=APEucNUotPF_D3-2K6-8bEyTj5dTItXyy5HJw-BvAFg3dmwsAZHAyPtE_esLI2ujQEVS2nKIMHZf8fHwhy4nLWfN3qc7-sLkNg4hl01H3PaCOU1TLJ7CRzeZgBCeZdWqJDfnkgqkeQXd3od43i_8JQ4Jz2ltf3yNgZlM1YDq3fJ5GG0PotNPgfM Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:52 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=492 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1&google_hm=2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame A64D Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEDWZvbXPgpkJNYKPXPKfuGQ&google_cver=1	43 B 1 KB	17ms 15ms	Image image/gif	185.89.210.244 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEDWZvbXPgpkJNYKPXPKfuGQ&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYxYHo4gEwAQ&v=APEucNUotPF_D3-2K6-8bEyTj5dTItXyy5HJw-BvAFg3dmwsAZHAyPtE_esLI2ujQEVS2nKIMHZf8fHwhy4nLWfN3qc7-sLkNg4hl01H3PaCOU1TLJ7CRzeZgBCeZdWqJDfnkgqkeQXd3od43i_8JQ4Jz2ltf3yNgZlM1YDq3fJ5GG0PotNPgfM Protocol HTTP/1.1 Server 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:51 GMT AN-X-Request-Uuid e2b6bda8-0180-431d-a8d6-39e78ae7a0a7 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 80.255.10.202; 80.255.10.202; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEDWZvbXPgpkJNYKPXPKfuGQ&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame A64D Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4OTM5MjUwODkxMjczODQ4OQ%3D%3D	170 B 188 B	26ms 25ms	Image image/png	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4OTM5MjUwODkxMjczODQ4OQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYxYHo4gEwAQ&v=APEucNUotPF_D3-2K6-8bEyTj5dTItXyy5HJw-BvAFg3dmwsAZHAyPtE_esLI2ujQEVS2nKIMHZf8fHwhy4nLWfN3qc7-sLkNg4hl01H3PaCOU1TLJ7CRzeZgBCeZdWqJDfnkgqkeQXd3od43i_8JQ4Jz2ltf3yNgZlM1YDq3fJ5GG0PotNPgfM Protocol H3 Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Sat, 24 Jun 2023 15:10:51 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 80.255.10.202; 80.255.10.202; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 5edbb3db-b505-4802-aab5-e44857e46db8 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4OTM5MjUwODkxMjczODQ4OQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 79FE Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1	43 B 632 B	8ms 8ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjihLbrATAB&v=APEucNW9pKOuHdb8OVSWOZUsZuffxqZich2caJ7ZUN-_qZJpJgx7hdcEStS50_WTvJjia7YrsJJqIrR8Yhlwn2W8L7-J9JbEFiZg8fw9YRQ3kwVBky-flHOKP8Mdzno5Z11T4QWouc1C1epZFQBH2DjZIkaQSZ8388lMvNQhz1l8AdZDl1ccTEE Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:51 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 79FE Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJcHe2qyqHXyfmbl-7.U8wAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1&google_hm=2	43 B 632 B	12ms 12ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjihLbrATAB&v=APEucNW9pKOuHdb8OVSWOZUsZuffxqZich2caJ7ZUN-_qZJpJgx7hdcEStS50_WTvJjia7YrsJJqIrR8Yhlwn2W8L7-J9JbEFiZg8fw9YRQ3kwVBky-flHOKP8Mdzno5Z11T4QWouc1C1epZFQBH2DjZIkaQSZ8388lMvNQhz1l8AdZDl1ccTEE Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:52 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDGJVL_uzpggqeXVaYsSWNk&google_cver=1&google_hm=2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 79FE Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEDWZvbXPgpkJNYKPXPKfuGQ&google_cver=1	43 B 1 KB	19ms 18ms	Image image/gif	185.89.210.244 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEDWZvbXPgpkJNYKPXPKfuGQ&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjihLbrATAB&v=APEucNW9pKOuHdb8OVSWOZUsZuffxqZich2caJ7ZUN-_qZJpJgx7hdcEStS50_WTvJjia7YrsJJqIrR8Yhlwn2W8L7-J9JbEFiZg8fw9YRQ3kwVBky-flHOKP8Mdzno5Z11T4QWouc1C1epZFQBH2DjZIkaQSZ8388lMvNQhz1l8AdZDl1ccTEE Protocol HTTP/1.1 Server 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:52 GMT AN-X-Request-Uuid 142ad45f-b60c-4faf-8fab-1531bfddb602 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 80.255.10.202; 80.255.10.202; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEDWZvbXPgpkJNYKPXPKfuGQ&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 79FE Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4OTM5MjUwODkxMjczODQ4OQ%3D%3D	170 B 188 B	25ms 24ms	Image image/png	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4OTM5MjUwODkxMjczODQ4OQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjihLbrATAB&v=APEucNW9pKOuHdb8OVSWOZUsZuffxqZich2caJ7ZUN-_qZJpJgx7hdcEStS50_WTvJjia7YrsJJqIrR8Yhlwn2W8L7-J9JbEFiZg8fw9YRQ3kwVBky-flHOKP8Mdzno5Z11T4QWouc1C1epZFQBH2DjZIkaQSZ8388lMvNQhz1l8AdZDl1ccTEE Protocol H3 Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Sat, 24 Jun 2023 15:10:51 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 80.255.10.202; 80.255.10.202; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 9d56b4dc-73b0-4d94-8a56-7072f3deedac Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ4OTM5MjUwODkxMjczODQ4OQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame A2CC	107 B 122 B	17ms 17ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:51 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 66E5	0 16 B	244ms 243ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451754&bpp=3&bdt=268&idt=187&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&nras=1&correlator=212345243548&frm=8&ife=1&pv=2&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.rqc4hsr64sq8&fsb=1&dtd=203 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:52 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame B0FA	36 KB 15 KB	447ms 445ms	Document text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6b2226557575f59356610965123ff635fc7427a78ee2a66bd6fc876781754262 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 15404 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:52 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame E6A3	22 KB 8 KB	8ms 7ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 56312 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 23 Jun 2023 23:32:19 GMT expires Sat, 22 Jun 2024 23:32:19 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 177F	0 20 B	41ms 41ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1682626414116&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 177F	0 20 B	42ms 41ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1682626414116&version=m202301230201&ct=76&x=1&cor=5665225942590057000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 177F	15 KB 11 KB	36ms 36ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DiaU2a-5fw97ckea-LDGC3A7bjPVKHcksdG5n5qmonTkI_6DPxIi8dIS89aE4LUJifJL1KukihxLmWZSxZTj4DYToBkG5wPNRG1Akp391bp6Mykh4QWncxdGyPMEfBcEAegNDX3bIvgnZnWja9WnPH7AGJPXmJO1xoqSY6GH8FVsPDJXo&cry=1&dbm_d=AKAmf-Ch2BMbZETW5Am9F1mu0-AhAH1IiBUfD0CZ5Vn5dGjN9XPY3RpI8_N2B37c6TqWBC86cAOhZpGYftXI9pzPfW5b5E12e9LZk5GDql1vfJ_5GwgaBwdFj4a6LRps3AFeKLlnIy2vTMauyChPoPBvV28AhD-mSbA2PQu3H096d4ldyX-os5WcX-TwVwZ9-24Uko2pvxiyicT3XgSz40x6Mls9w_iuvP_YKdhQzaTLW9NDTCV3VLswRA8FCYTJYaG_xn7E998e2orJdDPpBOoQp5kS-RTy2VM-01OS7s0WQJUKX4CnQtHPoee41BSBuux5R3E4usUZa8ZfpacLbXZDw-XGSitoHyvtucbeC59aDjEa5G4t3HDeAGS0JiwE0PyKjwubGYcSS_2zBnfAKd9RoeVCI8-i1pUj74zaEU8yZmRp4zJ-t0lSKwkCMa0Vq9QNEuTYDohHoZbBkXWno3Exdl-TrPet8aRiZ4MYV0AqXho5wbTLYjDbXTVH6kXsD2KTaOXnINHxVz94SAQ_hckqrMwnPJjcXq4EggzP-C-AEppljZsn688G3XZlNVT_BKO3tt6J-xPYm-mEiwBNc03FQlY3J0r8BpSKiFgbjRrHMVE5aKGw5GMKHyH13Sc3HGm2nf5yk64cIwP6qMByrBZxexi8PNpzGgzhQc4neZ2MNT4cJlEV_6lLyFz4Xt2jYT43RiocSh1xqC-poRLcUiKVdZrxUlUSLxoRT8NrcKUgNOnnsnwp4bLN5XVxsC_3Afdw8mT4DBpAu3pX02eHjbYNvlNW98e-Gi98EsigMOWdVJ_InbLMLCiFayEqzVI4AgBJnYcTYIqiqY2yb9zl-i4Z-6R7A4TQjknfzAHKIWV7dQ_cH3QnufsFEbymvNGi3W7YGl-U8k4OMiW026X_c0AAgorPWAHpXPM0kUaZB17dKizFIcciY8dmhmsNuRYEPJFpFzwlPkkI8LDAMNaWSAWWTzUSq8NKeB2DVkoo4E4UYkXDEKraCr9AwFUbOnVmYIv8Mg1hLhpMkqNMrzjnbB56M3oOWE0xsU9EkUi0KkpALmH-1InvNRBLpjuZlzC499Lj6S0yu3mAAAMHRy2eOXSmp6ugp54WJntOnzC3xzPRZu9gp6xLmi8qYrq0op_uXAnAKDp2brZV8CSLbF1NcwTTVyii4kOg3ClmYYDoGo-uoLMils3I2vAlQiJ9nD2OEw5IT38QL4l1gIA6KyUCS_kNY1F2vTAaS15v2Fucs5l64Lo3pED_nfDmrq_DsneiLF4FmY8ev3D31B1zIo_F-K1-8S3MFCbvrLwu0u73s2TY-vQLuVtzNz3YPJ6d1hVQVeJz-aywBbb4vO2ZDMo9Io4IZUDaTZTBlK12IEdX92XAhzjCydWmNzRmKY18voy1d85_E6McV28eq5PLnkFVjRDW3zise7P7jlZzo_3ImVgTVKPGCgSa_aU9nuFOQEcJJa4rhR057ckT-P9X6Qlyhmn8mj7HeWH0Gb7iHID5FnGBsi8CK8hBjQjKsy5d2XRk3C6Eo8V__MIIYsKgnOH-jyoXpAHvMj7MY23kR5dfkLQFvHnxbC5-srJH9YNADCXd1hlRjvby0j78ZEXQ3PzYPthjSQw_qY5bcz9KmyvqCZ8mL0K5UOt-yj-2oNhUCFrMnjAx81eZM3MVfYw7WfbWcmbi1IVq59zPxhuyW9Chl00Ps2i4JFa-AIz-9ES9e0aSQZ0wSJ_TCzeOhMpI86Upghs0V6oHqVZZLeWJwKW7Wn9p3xGkc_jBWkPLwxW8gvQrOOknlbsnUDog-lW-NXl5G9CVHbV2jb-hd5vxqwG5-flFQ-NGJOVZt8-0k_KzMTavPpQhgg1vNlj__vmdk_URJJpbqdr7XNtgXmz5vk4a2LH6LAcx4tlLZDMwQ_2sr3fHiWmrHM9cjZgJxYUguCcHZl10AU39ExHnpgSxFd6vjNVflXlViiNrkBbClLMvKMppg9a1_MnPkoGNdqGRVtv1T8GeGYYEnubZzhlsnKfPBIhZsY9NeSQrPFOT4NniWn-A4CswjI3UYhONtsigGIPox0GI2SvBVf0w8bDOIbbvhzMTZC4g3GYwi2u2LBEdUY17qoU9anwBiK3if2Cs0rS_eH7OggaKh81d9wXd41huqdktbQujRa3D7bgksP1hixhT9WZ06W8asaxXfMCISJyi6nV9c5im5e44rkqb3xFeSYslQW_diCqKi2TYSGFIihCh4Bf1hfuxHkrobXjZ2B48U65jFcu30P_Msrs96ORhYCdIyJMgKtxLkx22jwRLm7V1qIHR2TCrvzvSri8_Gi6ey6faJbBPvqllLaQN0FzF2K87n_1daJxWeqHor6ET0sHKtqvZJypK9Qgf7FPe_7DQOxeZ03OSkGUJmT9GPvcdpQ7w4gPDMN7YSar3qd55aPBoR3CPSBWV01Pw0IgoH7W1nRPBRU24IA_cJcgaTcNw1ArvWpOEwMI7BE9AabXyjY7rZgz6vex9SNGlCgzi00mWNgFKOC6wagchwKdEkYN0v_UywHyvKgGOBSf7x35c0PG1t1zp6-Qc6u9RP_8XT6YSyWLt-zN7lqmVwEEXq544M-LjvxRD0eRKgn-Joj1ODdf3mn3UhsrwNo4k8Jf14yPLfaS8n_vnzZoIje5LGrqfwLgzUHL0xgTyihG2Y4ew5te53980WSyhhni2RLfwp4h736HcIOzVCHw8Hid0iEmXMMkgC72qhn2_BBFkX4-mjugHe0jUQ2nrKDO7wob4qDT9b4Eq469zBvaL2xr2uSE0B0qWPP8fiVDQdWBg0NgGk-1t2CHpwBXMOnPt2GC57wwoqPdnzhpknnlYGZgw8KLbeirHyNEpNqlGMbDISOJd9ZtX-v_MjJ8Zjqs3IiR4dHQPHCCZvTx3nkSyiVmsTK4CxBiPh0EoKaHwrcOgSlcVS0wFJYqpRo-BELfccoNn9Bv3_C1mkL2TGm-T0BWGOFVJMNI4jG0vFrlQcELH6-bXByRbRQVP4_BkNY1dFToqCaSJ65rb5mxTamoSX71yLVQI8nF47LVI80n3CRm0K19x9MQcuicaOjrhVgyGIh3kiWFPRTMrkKo3GGEmwgjxoVszjji-1ga6ydeypB8&cid=CAQSbQBygQiDg-wr4CTft0WWBkb6lK9qvkCvtkXEZRd5tm7OdkNGIbG42UdNMHOJm3pApSFRnip7ipsXFqITjSRO_1owZMiupIf5OkV1VWtz87Eswef9Rb_x1lDGih4MT6RiF9owA_FGLkR3ltWydDoYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=5665225942590057000&adk=1599433117&idt=127&cac=0&dtd=25 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 740bd93e3436277359ffd2a9de51f8acf537579cb370e9058392d381a835c1f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11241 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame 9DFA	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f5c85c1015b59b6e40ac379df71cc43e38a98db2bcd64ac5fea8e73376a5f9ee Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	request.php Show response hal900027.redintelligence.net/ Frame 84F8 Redirect Chain https://hal900027.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d6c88edf11&subid=&uid=5a6bbf115a9b8c18&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900027.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d6c88edf11&subid=&uid=5a6bbf115a9b8c18&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	4 KB 2 KB	145ms 131ms	Script application/x-javascript	78.46.111.106 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900027.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d6c88edf11&subid=&uid=5a6bbf115a9b8c18&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9fs6eweXZIKnEb2NmLAPjdWG-A6m5b2gaYWVnKfJD_AuEAEgwLKCa2CV4pGCoAfIAQmpAjbE8JEfR7I-qAMByAObBKoE2QFP0OFgxl554VCllujyzqckTM1RzhghwCXqlMugupink9avzun4vtC1EUv0KP5mSjD4ATlO6pTADpnw3ihx-xzq1Fv0Nlc6U8_bQsFGaSBcKClbhUt5DhodF0Bt3it0JcPykHj1BJsybV5LDS0s4i_ljqfw8uEUcHxx_g0dikkpiLmqq9OkuSYUx1ul7mddMb6BCHspTShkbvdbEH3Htk8I058EWTFVP3dTz3oZO3yRxCKV85nS7ctJE4jnpLtUNmk9cFoOQUWs-xLMqVN2eY6Fg8ClFdKtz5KuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSbQBygQiDEMUeGIMyqjiBxK0RVzVRTBtM1JhQ13KtMONl9xzRmkEf8qu5HE_gGS8O6q6rA3lPnJkGQZ6Q5D5MSIieiD3ESKZF71fs0PD5jOnFe9niUoFviCyaepERJYApNrwxFRMPB5pOlEfDsHgYAQ%26sig%3DAOD64_0iWJDOdrmEX1zpQPhent2QyGdweg%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-D70RhzOk2EYmDjvLYeEbGDJPEEmpObijQXBcFJsSVNOj7a2WB_W51CMXpuWkM9s3UdLmJpFycgJh_rFllVd3f5Fq7yYlLnDR1q2904FJ9KQvYLWJSl9RtS-2DWd95D5SsEJwZvBfPBz9apAcczJQY3m0WVA0IscBWIJhrMpGvDrsKXE24%26cry%3D1%26dbm_d%3DAKAmf-CW__8_YOxFtjxOkGLFHc10eHuyfwLWSwj_rp94-6D1b8jlinVLqmXwXgNWZrh1uLY1LTNQuuy4STCrpW6SwYUN9kDb1TemRgwNrw50efakrUEaZX0FKxVod_auxMvSk7i750Ms1tg5_bkdUUBhxToWaGdFpJKGTZYV3XNrvM6Qiia2HYD9uno3t1w0xREy_HT_WCLqKhednlEECNTv7rrdXx632-G7w56CvAomCdp5ZSynBYga2N3KU2Po53CR8noR5uQHAWs7amAzOMfncT9FuYjD0xSK8RznX301CVlW4LMaHAQgV87rzj-mOlEl8aYMJKCAunRW_soco2xGMopKQ6Qcoqv1MZSOiOV_l1NdalVWIQfsvXSLZATO59Pmdu98ZbJhmx74d1ViJRnEIuSYxPMMjySVL54YpztKBikuLlCxNYy4LNXrqyBBezadkFb6NLXdu-U08tToVlAHhoGNgbQu84jgJsCbpB806v9ZnjtTuoSKvp27JKNigHxJRsijiOi7BQCLa1z0-PtdXG1ASEfPY-_StVuihXFDrHcjcZjDjp8%26adurl%3D&documentReferer=https%3A%2F%2Fye-mek.net%2F&ancestorOrigins=https%3A%2F%2Fye-mek.net%2Chttps%3A%2F%2Fpcloak.blob.core.windows.net&random=3989046750841&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol HTTP/1.1 Server 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.106.111.46.78.clients.your-server.de Software Apache / Resource Hash 9b3fa03dcabf576b6e39db595f8bc637712f625640fe09410d675376f01b6075 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:52 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type application/x-javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 11604300080079704444550012365027 Connection close Content-Length 1353 Expires Sat, 24 Jun 2023 16:10:52 +0200 Redirect headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:52 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d6c88edf11&subid=&uid=5a6bbf115a9b8c18&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9fs6eweXZIKnEb2NmLAPjdWG-A6m5b2gaYWVnKfJD_AuEAEgwLKCa2CV4pGCoAfIAQmpAjbE8JEfR7I-qAMByAObBKoE2QFP0OFgxl554VCllujyzqckTM1RzhghwCXqlMugupink9avzun4vtC1EUv0KP5mSjD4ATlO6pTADpnw3ihx-xzq1Fv0Nlc6U8_bQsFGaSBcKClbhUt5DhodF0Bt3it0JcPykHj1BJsybV5LDS0s4i_ljqfw8uEUcHxx_g0dikkpiLmqq9OkuSYUx1ul7mddMb6BCHspTShkbvdbEH3Htk8I058EWTFVP3dTz3oZO3yRxCKV85nS7ctJE4jnpLtUNmk9cFoOQUWs-xLMqVN2eY6Fg8ClFdKtz5KuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSbQBygQiDEMUeGIMyqjiBxK0RVzVRTBtM1JhQ13KtMONl9xzRmkEf8qu5HE_gGS8O6q6rA3lPnJkGQZ6Q5D5MSIieiD3ESKZF71fs0PD5jOnFe9niUoFviCyaepERJYApNrwxFRMPB5pOlEfDsHgYAQ%26sig%3DAOD64_0iWJDOdrmEX1zpQPhent2QyGdweg%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-D70RhzOk2EYmDjvLYeEbGDJPEEmpObijQXBcFJsSVNOj7a2WB_W51CMXpuWkM9s3UdLmJpFycgJh_rFllVd3f5Fq7yYlLnDR1q2904FJ9KQvYLWJSl9RtS-2DWd95D5SsEJwZvBfPBz9apAcczJQY3m0WVA0IscBWIJhrMpGvDrsKXE24%26cry%3D1%26dbm_d%3DAKAmf-CW__8_YOxFtjxOkGLFHc10eHuyfwLWSwj_rp94-6D1b8jlinVLqmXwXgNWZrh1uLY1LTNQuuy4STCrpW6SwYUN9kDb1TemRgwNrw50efakrUEaZX0FKxVod_auxMvSk7i750Ms1tg5_bkdUUBhxToWaGdFpJKGTZYV3XNrvM6Qiia2HYD9uno3t1w0xREy_HT_WCLqKhednlEECNTv7rrdXx632-G7w56CvAomCdp5ZSynBYga2N3KU2Po53CR8noR5uQHAWs7amAzOMfncT9FuYjD0xSK8RznX301CVlW4LMaHAQgV87rzj-mOlEl8aYMJKCAunRW_soco2xGMopKQ6Qcoqv1MZSOiOV_l1NdalVWIQfsvXSLZATO59Pmdu98ZbJhmx74d1ViJRnEIuSYxPMMjySVL54YpztKBikuLlCxNYy4LNXrqyBBezadkFb6NLXdu-U08tToVlAHhoGNgbQu84jgJsCbpB806v9ZnjtTuoSKvp27JKNigHxJRsijiOi7BQCLa1z0-PtdXG1ASEfPY-_StVuihXFDrHcjcZjDjp8%26adurl%3D&documentReferer=https%3A%2F%2Fye-mek.net%2F&ancestorOrigins=https%3A%2F%2Fye-mek.net%2Chttps%3A%2F%2Fpcloak.blob.core.windows.net&random=3989046750841&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Length 0 Expires Sat, 24 Jun 2023 16:10:52 +0200
GET H2	200	5ed7638be4b07a92411bbffe ng2.virgul.com/tck/imp/ Frame 2BF5	0 209 B	142ms 49ms	Image text/plain	185.7.176.221 SH
General Check archive.org Show headers Download Go to Show image Full URL https://ng2.virgul.com/tck/imp/5ed7638be4b07a92411bbffe?g=1&t=gb&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1687619450846&userId=vnet123931f3-5d4e-45ce-8bee-3e95e8876882 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers access-control-allow-origin https://ye-mek.net date Sat, 24 Jun 2023 15:10:52 GMT access-control-allow-credentials true expires Tue, 04 Jan 2022 10:49:40 GMT server openresty/1.15.8.3 content-length 0 p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
GET DATA	200 OK	truncated / Frame 12EC	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 26ea98151fc3ebbccd9b99cad0cd1a9530c6efd6a5ed5006d9310b94e5962ca0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/png
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0A67	0 20 B	42ms 41ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=848884243783&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0A67	0 20 B	43ms 42ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=848884243783&version=m202301230201&ct=76&x=1&cor=10650375088757840000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 0A67	15 KB 11 KB	47ms 47ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CL2D8j5mUpULvXerh7DDMRGCKSXAU34QO3YwM70xgxkMoWQbQ8fTZ4xBmVw02SxCY_dKekcqWtgI3Il_wezJGDreHyocZFFtD6AsPdNm1TrwgFI3IQfs4_tWDWQUCuWjsC-CGrPFplTIxN21XMRqT-k-dEKyk6OeokC7SU-Rj9mjzx6sk&cry=1&dbm_d=AKAmf-BXtrRa7YVv_I7rkxr6c4emgAYq0YxLoy7w-avtZa3CO6HI9FNHOwdpenPFJc0ZEqKwCFd6Gh6q_bpKEY_Ff7HqK_kwdAzWakTgmWJ-IhpgpOJ8Ja_VN1wmYRNLnmYfbFFDpMln6u4m_X5in6zWIMSGbmKgnNl095rvSbwKmzU7Sb675UXn6PTzaC7nqGI7wKdCdAMaTQ5HtsG5EU1EAEevt454kJrw2zUr4MqvTAkTBI95cOvbrKVycihFd3a0mAKPbkLClQnQ-JazIWh-IMx81DExByJDo_xddK6CNDMkk97Nui_hXmxaDQ0v7DxyKunXWTsgMknOhwrWFp9Mrn3FrGKbPCsY2I3pHGapbOJCWOlABQyL-LpRyHR8jn5ZR8UGTpTy48u8zVDPyq_XZdOqWh6Zl9z7ZI-GfoffF1Ss5p5Dgl1qMSCZhyMxW17-ENzrwLOwgbsmIB946Gt-wfO6H6OzjAw5tzmmXT5LkVMuqLObu6nOT6HTd0Lz9KKvXpTFe43s2GURHJxPadRVIB1zguzeihw7E49_593KG5aqMIXz3yR1ZIkZn3IQgMAdikpvEso-LyQ0Dqsbjx0Zu8N2JjKu5GnsvLAd2Z_ygPKf4uDqC65OZDC0fpFdalnNm-ktdQ-Bnhr6zNn7NiSkna-4A1LhFwLEfRTsG5vGnghj8Rc6CXUecI29BQygHactZxC79GTs97aywiuioxc6SYTDtrmGKR3-REtqnIjJRzXgLl2tMF6FT3HlDYUYrBD9aSu5jhE8qH46YZoYxDG6cL8ccA8sqWXTWvd9jQEUweLdnP6mfCA7rU3BDIRVPNsV2dM8EWEujtR1PXsMa-0dTqoW4ZS1ClCbhsN6yoeZujnE4Eq05MiGiA08Kg6Vg7Ee5ipZdX48SwS8nWUqWiCtRw9eSQghLsJfL_9ogdkEHr1eg7QZIJfzpaToktdLDHnG7xtvUosZK0MNipj6h_lmK75qDdRehQ8Jiv80AHCkiwKPVlHOZyLEzszmkgN3Ih9Qkp7fJeL6qu0dsuxgWoedMRX3ncM4Fir6_yK5iANj0J2HG48W-gmQRuxoniwWOcD1FNfO02SX1tmK5kMmlfihBd0VkKaMgLxerbDC_6vASaHD2h6q926q6To_HgTqWO0L-e5nScjrxiKdFSC5d0jXH3PQWB3GSv2x9pqXNj8atVo4Q0DwPYJyBHyXSA5FmCUL4A3bGe3s0OXxgaUVAibD3bQJ_AbbP37zwJ5wEmlg0Yt0RSUoI2OoOLnvkGRaB-cKZXnPITVQAV0BPW0fIh8b6KkJumLPO0tjHCodUQ40cjslwF8LajciWnq4q1OvXC00XO_Rjzhj8hzTZw0uRHjfdJKaR5hJcW69l3AGoqOAsixHRWd1DxiO_LJg3YGJUFCY02CUDoFXeUlkk_AjhI-qymbCyMiR-fXYOLQoQiu7LOa5PNWZ3E63m88lMLi0fIHuTkipdEjW5i88i6HhfQRQnkpnmFFqStok__hFE7SKANQvAhuM9tEmIwT8UJC5YmaWCNisNFyXpo33y69AmDYcsFIWeTPjiQbLTw1J3DSiWt_KF3NOU7EMpOzfyG2dlK1Iq3MKr3TcF8naLSV08fI-aPEcc3AzZj4O8jh4Zs7XtHwRqB2xwAcSCosT9GVUa2lq73NRWM1D0GIquYzNsZAeb0FFMklGMOjzV4XCVeCJ6pLkrdTew4nnx1uDTH8i_NWradOmHkMFbkwHj8DHsNvdK5b9g9WXaumlDyU4yPEKclol_KxlpVd83yGopHBrrnyCnf-Xysg7IE-bX8ZQL_xTDMPImRsvjJIhsWcS-4BXAb25SWYo8TQkP7FcWEEMiaSw2jH-vTHsoNDKalzX1WeRRIT14TpTveZAzJ1Lvg1Q0NcwgtaG-v07_vcpRRDRggTdYLmoluuqH8FZLDBDjH3S5vHtGr6STUMig3wu78IlmlSdj13OFMNU62aeWoNWYKdvpl2oLeY17adtsefV1ys5LvFykX9dt99InP42cHZfy4ZLQ0WYGeczcpyLtWVswz_ItMEe7TNpgmvfIjMq5bpg1ScXXvBlKpAe64g5QK4dTcYDZq73qCjMPQcJGJHOz8ky8R26FcNjSMgPnyl4bytaoLXrFWeSo8Orl2qFqgbhvy7pL4qXX6CR8f-BQpEIJuu_csKeNFqtAMv0vPIhOZwyCj4S8Z1_eltE0O-DXKOh8EJrDT_cQTPbNsRm5FxHCZYth-2ppPpf5q4Cpd_ypb-oqbZi7RpRJVyw-zbjCqsu-HURC4b3KgbrWqjcpMeKcX_ORfLMEg4L0ZTh7ISKdprzwaIxucF5_gXNA2YyZYh5R9pANwRSZbPVEqX3cnOyat4Mh7R7Ohzbs1uhtiXH9JQs-x6BJ-Nk633oyHNcWhI8hMNkZQOOw6M9A5_A9lzaBY93qpwbzNnTuXN2Kkl3X3KMV-HERkH8c8r5jKjxdr61rqcIGVL569EIofHIPgdeO-FHFQiV42z0zzMvCGrTzt6Enhb5c5kL7vms3KzLgTsBwrrikGJSfnhGy6tPUiz8Tzbt1cngFwYD7Ua2IcFijzxlmPesemy_V76BAV4QWNKXKDFV3-fS5ST4u15bD1Fvnmub2Z_yxtPBciGTBXKaTsu7D3pNLRBRVIS3pgHPS5T1zwKAOoK51URILro98r88njkDOrsBT2soWimrlaOMghXKVupm-8z0E9uA5kSfpqJR4Qxe4ZqZaO23cYzAHRc63yQ4pCkEI2AMOpU6w63SyPWipWopqKgdr1GB51oIzaT9DcLgjaHu53pDxRMYsbXF4N8Gb8VxKvxdM6UkihlpY-dmlDGADoklTiyJOPHA1B0C47UiINTqSsgqyXZ0QEd73wdffIbJyPBIt6lvF4_r3Eir8y3sDibiuymClXfDLm_pVpjZpRoayRI2QzeeDDlGcfIeZyXdZPOb17RI0P5rZR6fR67BSt7l5YCIj3MsYgjDxqhUUrZnZW-Xovs1Z1JyS4oj48pzyXWAOh2vggnbeKF84BZDtERYbWD_qUNgxd2-5yrJrZVqIsV1GSBfN2dw1Ga9YhLTaYzxmAD7z5bPOE8S1xn-PSAUsW1-iEHIq5wD-5PxGQxYcNE&cid=CAQSbQBygQiDesc4HT9I0TjrOnxgDaHiRDjntArQHT5bSnrBTO6yI2JNQsQOQ92udKfJ2lx4m6JJhI2jw78rj8gyqhPCsC__RnXXl6FLwSFxjkGwPUr0jZXoF4wJ4FPBXG6XAAWKFWimse6eChK2-CYYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=10650375088757840000&adk=2465470143&idt=252&cac=0&dtd=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 69c35446d0a01cea233ee8abd77448e3aa632ac3c43566d504babdc74680ee73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11197 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 9DFA	16 KB 16 KB	38ms 7ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 01:50:32 GMT x-content-type-options nosniff age 48020 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 23 Jun 2024 01:50:32 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 12EC	16 KB 16 KB	30ms 10ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 01:50:32 GMT x-content-type-options nosniff age 48020 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 23 Jun 2024 01:50:32 GMT
GET H3	200	IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response pagead2.googlesyndication.com/bg/ Frame E6A3	38 KB 14 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 19:10:38 GMT content-encoding br x-content-type-options nosniff age 158414 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14804 x-xss-protection 0 last-modified Mon, 19 Jun 2023 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 21 Jun 2024 19:10:38 GMT
GET H3	200	IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response pagead2.googlesyndication.com/bg/ Frame 8798	38 KB 14 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 19:10:38 GMT content-encoding br x-content-type-options nosniff age 158414 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14804 x-xss-protection 0 last-modified Mon, 19 Jun 2023 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 21 Jun 2024 19:10:38 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 177F	41 KB 15 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DiaU2a-5fw97ckea-LDGC3A7bjPVKHcksdG5n5qmonTkI_6DPxIi8dIS89aE4LUJifJL1KukihxLmWZSxZTj4DYToBkG5wPNRG1Akp391bp6Mykh4QWncxdGyPMEfBcEAegNDX3bIvgnZnWja9WnPH7AGJPXmJO1xoqSY6GH8FVsPDJXo&cry=1&dbm_d=AKAmf-Ch2BMbZETW5Am9F1mu0-AhAH1IiBUfD0CZ5Vn5dGjN9XPY3RpI8_N2B37c6TqWBC86cAOhZpGYftXI9pzPfW5b5E12e9LZk5GDql1vfJ_5GwgaBwdFj4a6LRps3AFeKLlnIy2vTMauyChPoPBvV28AhD-mSbA2PQu3H096d4ldyX-os5WcX-TwVwZ9-24Uko2pvxiyicT3XgSz40x6Mls9w_iuvP_YKdhQzaTLW9NDTCV3VLswRA8FCYTJYaG_xn7E998e2orJdDPpBOoQp5kS-RTy2VM-01OS7s0WQJUKX4CnQtHPoee41BSBuux5R3E4usUZa8ZfpacLbXZDw-XGSitoHyvtucbeC59aDjEa5G4t3HDeAGS0JiwE0PyKjwubGYcSS_2zBnfAKd9RoeVCI8-i1pUj74zaEU8yZmRp4zJ-t0lSKwkCMa0Vq9QNEuTYDohHoZbBkXWno3Exdl-TrPet8aRiZ4MYV0AqXho5wbTLYjDbXTVH6kXsD2KTaOXnINHxVz94SAQ_hckqrMwnPJjcXq4EggzP-C-AEppljZsn688G3XZlNVT_BKO3tt6J-xPYm-mEiwBNc03FQlY3J0r8BpSKiFgbjRrHMVE5aKGw5GMKHyH13Sc3HGm2nf5yk64cIwP6qMByrBZxexi8PNpzGgzhQc4neZ2MNT4cJlEV_6lLyFz4Xt2jYT43RiocSh1xqC-poRLcUiKVdZrxUlUSLxoRT8NrcKUgNOnnsnwp4bLN5XVxsC_3Afdw8mT4DBpAu3pX02eHjbYNvlNW98e-Gi98EsigMOWdVJ_InbLMLCiFayEqzVI4AgBJnYcTYIqiqY2yb9zl-i4Z-6R7A4TQjknfzAHKIWV7dQ_cH3QnufsFEbymvNGi3W7YGl-U8k4OMiW026X_c0AAgorPWAHpXPM0kUaZB17dKizFIcciY8dmhmsNuRYEPJFpFzwlPkkI8LDAMNaWSAWWTzUSq8NKeB2DVkoo4E4UYkXDEKraCr9AwFUbOnVmYIv8Mg1hLhpMkqNMrzjnbB56M3oOWE0xsU9EkUi0KkpALmH-1InvNRBLpjuZlzC499Lj6S0yu3mAAAMHRy2eOXSmp6ugp54WJntOnzC3xzPRZu9gp6xLmi8qYrq0op_uXAnAKDp2brZV8CSLbF1NcwTTVyii4kOg3ClmYYDoGo-uoLMils3I2vAlQiJ9nD2OEw5IT38QL4l1gIA6KyUCS_kNY1F2vTAaS15v2Fucs5l64Lo3pED_nfDmrq_DsneiLF4FmY8ev3D31B1zIo_F-K1-8S3MFCbvrLwu0u73s2TY-vQLuVtzNz3YPJ6d1hVQVeJz-aywBbb4vO2ZDMo9Io4IZUDaTZTBlK12IEdX92XAhzjCydWmNzRmKY18voy1d85_E6McV28eq5PLnkFVjRDW3zise7P7jlZzo_3ImVgTVKPGCgSa_aU9nuFOQEcJJa4rhR057ckT-P9X6Qlyhmn8mj7HeWH0Gb7iHID5FnGBsi8CK8hBjQjKsy5d2XRk3C6Eo8V__MIIYsKgnOH-jyoXpAHvMj7MY23kR5dfkLQFvHnxbC5-srJH9YNADCXd1hlRjvby0j78ZEXQ3PzYPthjSQw_qY5bcz9KmyvqCZ8mL0K5UOt-yj-2oNhUCFrMnjAx81eZM3MVfYw7WfbWcmbi1IVq59zPxhuyW9Chl00Ps2i4JFa-AIz-9ES9e0aSQZ0wSJ_TCzeOhMpI86Upghs0V6oHqVZZLeWJwKW7Wn9p3xGkc_jBWkPLwxW8gvQrOOknlbsnUDog-lW-NXl5G9CVHbV2jb-hd5vxqwG5-flFQ-NGJOVZt8-0k_KzMTavPpQhgg1vNlj__vmdk_URJJpbqdr7XNtgXmz5vk4a2LH6LAcx4tlLZDMwQ_2sr3fHiWmrHM9cjZgJxYUguCcHZl10AU39ExHnpgSxFd6vjNVflXlViiNrkBbClLMvKMppg9a1_MnPkoGNdqGRVtv1T8GeGYYEnubZzhlsnKfPBIhZsY9NeSQrPFOT4NniWn-A4CswjI3UYhONtsigGIPox0GI2SvBVf0w8bDOIbbvhzMTZC4g3GYwi2u2LBEdUY17qoU9anwBiK3if2Cs0rS_eH7OggaKh81d9wXd41huqdktbQujRa3D7bgksP1hixhT9WZ06W8asaxXfMCISJyi6nV9c5im5e44rkqb3xFeSYslQW_diCqKi2TYSGFIihCh4Bf1hfuxHkrobXjZ2B48U65jFcu30P_Msrs96ORhYCdIyJMgKtxLkx22jwRLm7V1qIHR2TCrvzvSri8_Gi6ey6faJbBPvqllLaQN0FzF2K87n_1daJxWeqHor6ET0sHKtqvZJypK9Qgf7FPe_7DQOxeZ03OSkGUJmT9GPvcdpQ7w4gPDMN7YSar3qd55aPBoR3CPSBWV01Pw0IgoH7W1nRPBRU24IA_cJcgaTcNw1ArvWpOEwMI7BE9AabXyjY7rZgz6vex9SNGlCgzi00mWNgFKOC6wagchwKdEkYN0v_UywHyvKgGOBSf7x35c0PG1t1zp6-Qc6u9RP_8XT6YSyWLt-zN7lqmVwEEXq544M-LjvxRD0eRKgn-Joj1ODdf3mn3UhsrwNo4k8Jf14yPLfaS8n_vnzZoIje5LGrqfwLgzUHL0xgTyihG2Y4ew5te53980WSyhhni2RLfwp4h736HcIOzVCHw8Hid0iEmXMMkgC72qhn2_BBFkX4-mjugHe0jUQ2nrKDO7wob4qDT9b4Eq469zBvaL2xr2uSE0B0qWPP8fiVDQdWBg0NgGk-1t2CHpwBXMOnPt2GC57wwoqPdnzhpknnlYGZgw8KLbeirHyNEpNqlGMbDISOJd9ZtX-v_MjJ8Zjqs3IiR4dHQPHCCZvTx3nkSyiVmsTK4CxBiPh0EoKaHwrcOgSlcVS0wFJYqpRo-BELfccoNn9Bv3_C1mkL2TGm-T0BWGOFVJMNI4jG0vFrlQcELH6-bXByRbRQVP4_BkNY1dFToqCaSJ65rb5mxTamoSX71yLVQI8nF47LVI80n3CRm0K19x9MQcuicaOjrhVgyGIh3kiWFPRTMrkKo3GGEmwgjxoVszjji-1ga6ydeypB8&cid=CAQSbQBygQiDg-wr4CTft0WWBkb6lK9qvkCvtkXEZRd5tm7OdkNGIbG42UdNMHOJm3pApSFRnip7ipsXFqITjSRO_1owZMiupIf5OkV1VWtz87Eswef9Rb_x1lDGih4MT6RiF9owA_FGLkR3ltWydDoYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=5665225942590057000&adk=1599433117&idt=127&cac=0&dtd=25 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 13:19:10 GMT content-encoding gzip x-content-type-options nosniff age 179502 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Jun 2024 13:19:10 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame D03E	0 20 B	41ms 41ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1993076610256&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame D03E	0 20 B	41ms 41ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1993076610256&version=m202301230201&ct=76&x=1&cor=3274816977669780500 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame D03E	103 KB 39 KB	57ms 53ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bk5H8zM2z2D5g-UdpbWY_3c54pdaMta6ljZDoSeqeQzRpiDIHYXqvM20yQdCYaVGmujaz76_i_Tv5Jd4TtZ38wBHYsV_Le1OvF_RmQT2Qr_krhyF1oo2ZMJDlTtAb-ZSgiRcreZGTmohI7EGVOxJde5wzfapg1KqlYbiQ7Jjdavhy-m-0&dbm_d=AKAmf-Cpn1mDSzZCiErrRQIH_PH4NF9O9wR0KimBrF4GRHnZDsnhzHfRlPm9w6ghW1DHzwuwsEeaCssdksSv273RU86r2J9dy-JDsoyiHp2J3nHVVH22ykTvbhjVbF8K-EI2A0TYx-RqUAp-_x0Pxn_k-d_-PHQRmwbbtCWFXk5P_CfjJ5aPaPEzVfQAXiCEmPKM76-gRPgDfvAaX74pKVq3oFiGWZtzf1U5VQub9gTHEea2SJZ2iD9bhqYcwv0y_dtBLqOPdSQVxkrZCRLLSqemHqg3PX1PwQE1nABx4hnljXhvFUvi8W0tA1ZC2sZfXWSuQ3MfK1fkdM4grehNjdnSn1h4HiCcH8P3ejCmoXb6H-eRQtb1A9m9rw0wik98OHwjYHYTYlM6Ds3YzhYqfxUibDFo0bz7OJS66uCj-4ta92JfUdOD-c2Ju7pv3DHqpE1I9NsyX01zJ7gQdkkBF5OdtMwVNkrGBmDFkV9rYpdcneiUX7Q3X5P5_RPC6wIguPJhnWFEZE1K511r4v26Vsm_6kv-Z-8wa8yRLQFbL3xob6JJMTYHGZbRm8kLj4SD6aRsDBg1E3Znu5i2xMXoltHE6cEo5AHyHZmzQbb-BSEDnJzGfyyLclizEiLnZn8rYqUCglDnAk7ZMY6hz1el3-eX4MNrEjuvp-gV716uoZO5O7Q1lqhHIsYXKhKj4Bbh_nxLPGOXiEXicYbghmpZ07eoxojFXHFHMYHwh5D80SUKGM9EdDpALKPX1I-0u61eXh3z88DzDTTIKTK_YaRy6U_7A3b-Y-_RWUAIj3z1Yy2Eoig3nmRnCoe403LBMrdhe5KXv7qtlc0vDSFYYiF4UMGhXZhOxUm2NARhTcmn48t-4tNda_Nht127fyLKejA_Ll2OIqN9zqQKtCsSX_olyc-CXLnV3Ow2K46wJdmr3TvTJ_B4Jt4aOh97yhn1MjOpyTbHcUQlRLibhTSdbCOxei1cFgv26rvHLfdX859AgjRSqZP_oVY37_9IOriqMF8glKX8iDohUedpMoVvRIMGIH0Wez5HajhFRbit4vLbwUN6m_FE11wULAbZu6P2zXFWkeM9Etvg8EmrqCQYXrfuVn5OB0RNXb_nFO9IuUt4ig7HzaRwSndYcY4n782wn7EfPS5_7ngHOHOsgXYoefEjVsSjWXzl8G6y_eWR-9L6FeFF_iSQaoVah1HO0ecs860dx22uQjG2g3_RdQrAASveYEabbeEPDhxG0YlF8jnmZUPR7yaiT11MBe9r23P0k8WbOXblJalhKAICLKDwrFfc7NGYvKG2Ez7FI-bgjiTod_O2COJcLJ8ea9f8whOKjBxa7sT4in6H895r29O77z0CXeeFxA5wpg7ZKarsW15gUilBvhYteAGBLPbXsho2_5GrHqFUGfK0IYMc5Tg19vsoJQFZ6GAQIvzh23J3dbrYdUSVYH_LxoQ4frWk7Mx8ePEex-_v-ivNsn-6IfJSGA1DrkupwGdtG0ZaMW_lx33U74NpAxd0rN4TIc161r0QkKaomKGCOwoZ-wUb8_QMrJAFZhbXGgTpLg3KknSnaP6f0E_K5-j0YmU4rAk-OExtvIBw0KHFjFPI08mhvb7eg5gPUvzSR_88SnRYeojCisvhEvYocVQBVxCVdfB9PdTR8Fl1Vknhc7sxkj9soxchCGRLgVKqlKLePh38eXqX3zEDc3j6EEo0OhuUneMUFQQVX4hkBgMwHV0gW934GgGI4COMvp6hiZwKygMxm3qPiaKs1N3j1OKPAR0VQgOLKkeAojd9aT9uv4fpWxjYsrxqcm-xJH9uI0DIr5KaoJ9Ic9SdYd7mDyGM71-TQu_nUxRcHzEt-Yz6v7JKrjuYq7JyvBBe4jhh0NmLhd7NzWyKUDls2hyWY_Dbj7IVa5WwNIA8asUOS5EfUZhW8cR_OGtpE0LMQeyovnyl5LtYIi36vdq0AwaOSHhx_706Ta-hP0KyKVeyLCcQrjWXauGDsQwsDt-s41pkoIr8migjsxYkCv7ItuLz_METlx8ZI3KVO2h9eSVFz7_PjCvkIn_DAodxg2aDBwrI-r4W7AZdxhDt2CGE_b28USr3HyKHUEIYv_t1P9Hqtf2iCSJe7HOfgm7Jpj9NsaeFHebuIvx1MJLX4JcI-6Lt5Si-mFQX8IhJLLiqPuHTXC5QorbmApT_fveBsJGphHKLjbNyfgI4dIXsidO5iVuP3U4blEmxPUkomeeNANXiLnljBvbp4WBwOA38ohuKEX9Xg_XHpMjbZMBt21W_9l3SNlUsQQKMmjlRwnOIhk3yUe0xpSdi6mdFIFoyb5bMfCj3TCUwb6Bf9aj_dkjm9p5pAY36uJcKmgjngl5JZMlQkEkn1zAFYtWRg2_Qzu7KIYqxTzZ6na0ex1R3rEfxlEQwpp_mg6Xh_k3ohupuadnjJd-A31L2i5eLmR5lR8QMWLSTYLKUlGBKgVtUtxET5eJpgWnVB44tOiqwlemMyXnow0JpYBAbZR1aNrbrbq9XFlZS6hghUGQbkL67Xj4jeHgmbDR6NoQ9Gkq43EPiLFmZqaQzGGoc15pRLXya3v6IkCi5NWE9nzEOnmKQQmWqmg8MMokWRoW6cAaHR1CKfSc8srxk5krsew2aINCXlHq_LBZYWWOlQnXoADm52Uw0xvkItwrMxGgi-ttBJnuB0iFJ3QFgApuKa5X8LlgCRVxD-uOQ9YL81tzFodvLZAz6xlSQYvt_ImHbgAeCLRNSyqXZIGX_DtsG0zC_KjXSbwaeY9uhJyTWj3B2T2ttI9YxGBhih3rwJOBisqwft3_PTGlFGh-s2EhS3_dsBZeSBtPjZBEL5uPIaPRc-mVwdnL6ETfet6YccoCEJNx3uZlRZWltUqdel-rUkeBTuRh-tTWmcYhBn9oqe-Uwmzs-THTCcoMmnvRuIxrzbqJWN3pVvHh_WxElQy9VqTFaU4dOMKZ_uJmHGwMGF_S0dpjEA1m7WbLn7Ps9J09cSyNRTNIohhcU3Yx_Wf383HW_pEOF_CEeS2YhKA7ozWY0Uf8zaN3cGZ6UQJXVj-kc6RVZ4Jp3powWxf0uXN1fmMMxufAfj-l4bcq4f04C1s3tBI-NJPVdvHIkWWyNVlacw2K9zjHFRMh5bxpXbPInlXzbL52cWdYG-y1gzSBKqP66bLEKLw79FgC_O_710pmwIICP4gfHVNAfMjQDRQyLinIdpsGq5zdnNakFZNC3L-VskQ7iNrrZfr7j1ckXFKudjNVVWA7tSH9r95AW2OymSFEpPm2z1b1NljC2vhLOZ_Av5rO_fMAuJEiUvJxsDyAhNz73T0EEEMqGVsk-TkQNrqgnKawgH5OfUGxWgze5ykWEPJNlueakLde49bMlTkwPAUUDoZc63Re5LBqDT_EqNOdnq5B1X8XpIV8Z6YA20ezbwrSPHgtPAivOE_OW7n1xYtV0aBe9zhyAVFfBDAV4iUat&cid=CAQSbQBygQiDLmVYNRBHL07lK15TOUXe-maDycFmFgIGsUozEdpLPsCyzOcyNkv9UWLMKXWN5PgMMqiGdRSlILF5FZ4cjCRbd2eNPmChQRDcgBv8-Jegu66GeTHRz2k1OCT4U9tXgix_FEMer6VX8JQYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=3274816977669780500&adk=212707235&idt=283&cac=0&dtd=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 520df657a67ea06d4396bb031eccf6e4404c859f162362182bc230421df40151 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 40082 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adj Show response bid.g.doubleclick.net/xbbe/creative/ Frame 177F Redirect Chain https://fw.adsafeprotected.com/rfw/bgd/1352960/70224227/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-AivqQPI5VKg9-wTaQPI9yV1G1b3TcvIfGGRr9_QJbmOQ3JuqnIyDv... https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-AivqQPI5VKg9-wTaQPI9yV1G1b3TcvIfGGRr9_QJbmOQ3JuqnIyDv0n-abq4g0Bz9FcEGfvln4sv37f...	75 KB 25 KB	106ms 57ms	Script text/javascript	74.125.133.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-AivqQPI5VKg9-wTaQPI9yV1G1b3TcvIfGGRr9_QJbmOQ3JuqnIyDv0n-abq4g0Bz9FcEGfvln4sv37fZNia41pyygKlnYTEFkWUb73h4C2f1Fb2qEHdGIs2mWaJ4RtQQxHcQvYRPEyBo9p0fZxQOSZs1hX4E7zgouoU3oMDT3uKqnUMdYSqRUAoCZ_4M7nqvs1oNrWie-cKDSsZc0mc53D1fze5iA9MDpACODzs6xW5-YUjrgBraWfDrT0Vn4YEKeqKJhwKCdphhBoEe5DL9aIu0YmgNehoEag5mzry7jC-_L1tciPFP8xRgjKyMosfAWVRsnNAda0BtzrzvzYx5nnupeAsqS4wmBWKP5No4-jZ4RV-RCPPjOVLhgoxDLZJ7UKNaTV9nPw8Nj2hE9bq9e8IMq4VJje_722J9FMDxF_-C3YgTc8wGzEVuMmIC8XA3Y0qjRFeH9Ol-ipz4ho6cE_aZeHuuEw6b5uZmmKvzaS5uI_lpwjBudwUMLSgmwXhYESJW7Em11VxlfmdU9eq52QYiEfX_u5x_parKb1Qg_3lTJsVxeirv074JWVeP-xRqsEim5A-azhZuQ_f5jZq_kxW8VV5g0KqbHDjQPc7cM1k-McjjNRQ2dTJdAgcKszeZ_aRprxrliKOPoRhKOQQSpkdB1Lq8iLH39_h7gfVoNH9qwFye8JbJ367MAWwnrlD2OLGxevubXWZ94VshqIdX1e2ANFcFN6Mg37puRbkjM5Vmuq6avTXq7Clc81nOQ0ncyKc6Mei-X93_atdNImhJ92uMddFEcoN0xzV535Ax563NFOTSfMcl0Qx9p7qJgdjcV4xNyeme_ImZngdudS1--VOT46Xxpu5nKGQeJW7nHYly6SC8n-8jHXlLL9-jN9Kn6Bpmw0Np_wPlS5w_2hFLcrGYfa28ktan70vzHBZOt-7QlK3TR1j5uxsT1U5gOYGD9viYzuotgCKoIWpYLeiqOIzt3CGkq2zG_iuPwQ9YFtZizSLECwXLseDnImPp_qzP1ArJhuKmVazNJusVD3-z7jdVW38KiPLB9N7krzQyzt6NAzdrGV0zshHqTAC8M13ymW9WR86_7AvzywAozV935GkabouSJTKF-ND00fhs4bNDE53QO_0D3V2j48YpvghW6Z8iD5XKjBdp-RK04wi4aWC5wha8VtUyEbx6usXd5VBzm-My0FJlar5-qFwaONtYN__wBof_KJfT6gjVpkefHy6REqQ8lzJVgejTKhOOl34PNei9p3uTLvNEN-_24_XkUk-nFbrzFqwwrEUcyIy4kl6Bh_mBOtf75nu4Juqk7JrHxJmNZwQaU-VFPkE1xzmgaqMnkLlmWJ4m6Jf1qd1b9xLyBm3u2U_h8Mpt-AB9VqmR0NIeOaJ5M8W7tuMv2GAK5T-TKDi2UHbMfcVUnu9AdKuVD0dHxwJy2j1GnMazWTCCeLiodkW88hU55muZj--wwFz-lhPKXFIji-2-d6Bri347NAtISdar6jrksMxY-WDq09wFSnjSIwglzffTzdgrSEOW7bIvYIBtnTsSEgQN4owPt3z6h8bkWA8har2XUK1yXXc7WS8tMhMNbZGmy2cVcghrRELw_EcXa3UDtgJ5dDvTC6V9QWQjJiumm--b8Y9EjALleUtOcUuYn9VMIJYKUQcoYr57Odfg64nFMd5gv_ZRFr3zJ6ETwnf1CzYsDyPnar-go4KRxd8yKre9XXtqBabnkUBgKIhA5wov_pbipflK9A6N9tmijOcr9D_1EmkYXX-nbKW762Ndrv3u5n9PbtRGe93-SSSXV2cqEfzXBlP5zXuQ0x-GDjoiAk5m6COomIfw81K9Mq7KdCCEwjHSysa8VuviSguUaJaucKGb2ylA4jevEKnJgOrb3tQ7AheWzLGa4x-MaJ8RqKobUgBkO9Z3NaEAktl2GKr-BTkywKCbcVcn8eJO3SBcbAEpXtxOKWnkGvITSJ1etc8O21oTuU0vG2Q2mISbelNbfIpv2ZQFji1NJoZPNlYGlLojeryHGu5sXa0Pbod3i9D1CQttRHmBlpBrrYMfTdd6PJ6aeqY8VtVwXdDNeShdZf0k4akaWvJ_EodBqFNlY7-fqCPY0JgYs9NVWd7AT0eRYrWFbJG4sewKA2XgChzHcvJ7mY0LSAHUDGhPk9z-HP34k6BSahp6fjAiRCnXECCgXJo1ffOO2LT-cKJgYqUKCFLn859kAx76AkPsVurR5k3ZRfT6j3bA6qBRVaRDen3HBwIm_21yveUP4jrkUrbkGBZYFMPnj_AGT_VyAAnfZlwSJg5-OHyO3aKrQRaaFkr8Ona_AsO0zN5MizFhq5v4-GbCSuC1UESc0N6A4AUxuIKelTYkop_NY_CKO9iDSqxUtP0ZYEKihjqWBOGWqzTCsYQBAxecM8iGZnjvO5LvdklDyK_KWW62bCWi7slAOugiz8mk77SNLG3U0lr8HHtftQYOVhxXe3MZ5T0jLBXF6qgb-kVV6XgWZX76KVv6fr-ZTrSfAXpJ0Ds3xn4c-Hxmy4Sl1sUs2AytsEJpSoMzp2AWwI43glKP9ybiK1MF3MX3kEb_haukrPvLAYz3MAElBOQshEFZrIIc0GPvYZbmE6c8FPue4JHsNOfbshhv-PxFeZZpRR-2mK8F1SishBdN9qlQ53Bjlsw8aemtF4mNo496IoHFKgai6D2J4UU7Wzxnyqxp2RDZUi6DcfbzoK4jsHFcMIIZnUxrycQPq_5_cxOump1v9agV6r3_Mq-u1uGsh8qpD3F_QlHQ9QtO7x_Ze96xGl6_R171t-Uua6d7I5cG6Cdy66rPTAy3Lt2__WiipBwY-3GL0A_4P4r1CnSQb6obmhDnnMgFj0kROFB8mK5RLIfETX74Csh62nTtuXk5shvQ7wy-BpcDif89gbDeSoi3RFCIInliSzq-Yw8C69jKSHAt7BtsG8aLIjR7HARb1DsrjFFnFrlV7LUKZnn9hlKQsfgZ5J5X8ZG0BKgkx0Cn_CahqN9utsrNVlJ6HqfRl3Ui8NLC-VjfmjlaYP_80oNwqnatgyzfJIOFrwOQUXgKXApUYfP6zT5ck8GHeX0RFJ82FkMoMGW8hoCDh9AVK18AJ5-fNL7HtvbvOQ2z2x3gZJGio7FVBuRIqoNGJC76V6dRXzzFp0RK7kz2ZTGFLyHyRx4ZicWKl9HnUK7307E5sGswRwduKEBGDDEifUvuBqJpbzalGOYag4vuX7_e0Z0CH_w4rFuSlOJA5J2_aBn0zZyxvA1JJ0rFzGYQUQ6VAyj0F2Rv7GGI7ha1RAtNF5o0e10BalIwB6T_d_i5cQ1DREfSu9YEbF9Yg-LAfKJr9EKW3MkvvtmNJGY0phcYHkPOcwnwevdRxh2VFh5f1ktZ4Yns_S_U4nutfwKYqwmeNi3AwGUR0LhUAZa36mezTwmrr0LvXzjnCUgWZdTcCKB6sLvWBHwtNQqqvrQiFgO0etOwZgUOqTIoEqLl7D1DR2p33bH2Y2xEPG411l0xHLjY5JHku-eG_CiK9wL6dQY8steVLpONd9q3odTVfmXWShdP55VICvm-iy84ZswA-kzMKP-kHDFronuQdj4jFyO2xj324zg839CXXYBUL8_ohSwSh1Y58QsWqnBJL7sUf179qaTU9ST-_qnlZC1bbIeQcMRmPPMptkkyag1x_-9Gp9XCxst3Ekhu0vWwdUHy64a4TlUn-cYM0MhwwURRmxM7rmA0X2sqeWWRtzH4Er_2C9jFpnMKgNfK7cY5y1UVENXBM4SrFepNV6eBjgrQTFd-mv3H45S40i_07QnPqnAK6gxnxkKBpzCAQSbQBygQiDg-wr4CTft0WWBkb6lK9qvkCvtkXEZRd5tm7OdkNGIbG42UdNMHOJm3pApSFRnip7ipsXFqITjSRO_1owZMiupIf5OkV1VWtz87Eswef9Rb_x1lDGih4MT6RiF9owA_FGLkR3ltWydDoYAWAB&cry=1&bundleId= Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Server 74.125.133.156 Nashville, United States, ASN15169 (GOOGLE, US), Reverse DNS wo-in-f156.1e100.net Software cafe / Resource Hash fa52bec52242568ca189c8ffee63a6e125ea4aee2fb3e59d2dade3353716f5db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25586 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT server nginx x-server-name app04.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-AivqQPI5VKg9-wTaQPI9yV1G1b3TcvIfGGRr9_QJbmOQ3JuqnIyDv0n-abq4g0Bz9FcEGfvln4sv37fZNia41pyygKlnYTEFkWUb73h4C2f1Fb2qEHdGIs2mWaJ4RtQQxHcQvYRPEyBo9p0fZxQOSZs1hX4E7zgouoU3oMDT3uKqnUMdYSqRUAoCZ_4M7nqvs1oNrWie-cKDSsZc0mc53D1fze5iA9MDpACODzs6xW5-YUjrgBraWfDrT0Vn4YEKeqKJhwKCdphhBoEe5DL9aIu0YmgNehoEag5mzry7jC-_L1tciPFP8xRgjKyMosfAWVRsnNAda0BtzrzvzYx5nnupeAsqS4wmBWKP5No4-jZ4RV-RCPPjOVLhgoxDLZJ7UKNaTV9nPw8Nj2hE9bq9e8IMq4VJje_722J9FMDxF_-C3YgTc8wGzEVuMmIC8XA3Y0qjRFeH9Ol-ipz4ho6cE_aZeHuuEw6b5uZmmKvzaS5uI_lpwjBudwUMLSgmwXhYESJW7Em11VxlfmdU9eq52QYiEfX_u5x_parKb1Qg_3lTJsVxeirv074JWVeP-xRqsEim5A-azhZuQ_f5jZq_kxW8VV5g0KqbHDjQPc7cM1k-McjjNRQ2dTJdAgcKszeZ_aRprxrliKOPoRhKOQQSpkdB1Lq8iLH39_h7gfVoNH9qwFye8JbJ367MAWwnrlD2OLGxevubXWZ94VshqIdX1e2ANFcFN6Mg37puRbkjM5Vmuq6avTXq7Clc81nOQ0ncyKc6Mei-X93_atdNImhJ92uMddFEcoN0xzV535Ax563NFOTSfMcl0Qx9p7qJgdjcV4xNyeme_ImZngdudS1--VOT46Xxpu5nKGQeJW7nHYly6SC8n-8jHXlLL9-jN9Kn6Bpmw0Np_wPlS5w_2hFLcrGYfa28ktan70vzHBZOt-7QlK3TR1j5uxsT1U5gOYGD9viYzuotgCKoIWpYLeiqOIzt3CGkq2zG_iuPwQ9YFtZizSLECwXLseDnImPp_qzP1ArJhuKmVazNJusVD3-z7jdVW38KiPLB9N7krzQyzt6NAzdrGV0zshHqTAC8M13ymW9WR86_7AvzywAozV935GkabouSJTKF-ND00fhs4bNDE53QO_0D3V2j48YpvghW6Z8iD5XKjBdp-RK04wi4aWC5wha8VtUyEbx6usXd5VBzm-My0FJlar5-qFwaONtYN__wBof_KJfT6gjVpkefHy6REqQ8lzJVgejTKhOOl34PNei9p3uTLvNEN-_24_XkUk-nFbrzFqwwrEUcyIy4kl6Bh_mBOtf75nu4Juqk7JrHxJmNZwQaU-VFPkE1xzmgaqMnkLlmWJ4m6Jf1qd1b9xLyBm3u2U_h8Mpt-AB9VqmR0NIeOaJ5M8W7tuMv2GAK5T-TKDi2UHbMfcVUnu9AdKuVD0dHxwJy2j1GnMazWTCCeLiodkW88hU55muZj--wwFz-lhPKXFIji-2-d6Bri347NAtISdar6jrksMxY-WDq09wFSnjSIwglzffTzdgrSEOW7bIvYIBtnTsSEgQN4owPt3z6h8bkWA8har2XUK1yXXc7WS8tMhMNbZGmy2cVcghrRELw_EcXa3UDtgJ5dDvTC6V9QWQjJiumm--b8Y9EjALleUtOcUuYn9VMIJYKUQcoYr57Odfg64nFMd5gv_ZRFr3zJ6ETwnf1CzYsDyPnar-go4KRxd8yKre9XXtqBabnkUBgKIhA5wov_pbipflK9A6N9tmijOcr9D_1EmkYXX-nbKW762Ndrv3u5n9PbtRGe93-SSSXV2cqEfzXBlP5zXuQ0x-GDjoiAk5m6COomIfw81K9Mq7KdCCEwjHSysa8VuviSguUaJaucKGb2ylA4jevEKnJgOrb3tQ7AheWzLGa4x-MaJ8RqKobUgBkO9Z3NaEAktl2GKr-BTkywKCbcVcn8eJO3SBcbAEpXtxOKWnkGvITSJ1etc8O21oTuU0vG2Q2mISbelNbfIpv2ZQFji1NJoZPNlYGlLojeryHGu5sXa0Pbod3i9D1CQttRHmBlpBrrYMfTdd6PJ6aeqY8VtVwXdDNeShdZf0k4akaWvJ_EodBqFNlY7-fqCPY0JgYs9NVWd7AT0eRYrWFbJG4sewKA2XgChzHcvJ7mY0LSAHUDGhPk9z-HP34k6BSahp6fjAiRCnXECCgXJo1ffOO2LT-cKJgYqUKCFLn859kAx76AkPsVurR5k3ZRfT6j3bA6qBRVaRDen3HBwIm_21yveUP4jrkUrbkGBZYFMPnj_AGT_VyAAnfZlwSJg5-OHyO3aKrQRaaFkr8Ona_AsO0zN5MizFhq5v4-GbCSuC1UESc0N6A4AUxuIKelTYkop_NY_CKO9iDSqxUtP0ZYEKihjqWBOGWqzTCsYQBAxecM8iGZnjvO5LvdklDyK_KWW62bCWi7slAOugiz8mk77SNLG3U0lr8HHtftQYOVhxXe3MZ5T0jLBXF6qgb-kVV6XgWZX76KVv6fr-ZTrSfAXpJ0Ds3xn4c-Hxmy4Sl1sUs2AytsEJpSoMzp2AWwI43glKP9ybiK1MF3MX3kEb_haukrPvLAYz3MAElBOQshEFZrIIc0GPvYZbmE6c8FPue4JHsNOfbshhv-PxFeZZpRR-2mK8F1SishBdN9qlQ53Bjlsw8aemtF4mNo496IoHFKgai6D2J4UU7Wzxnyqxp2RDZUi6DcfbzoK4jsHFcMIIZnUxrycQPq_5_cxOump1v9agV6r3_Mq-u1uGsh8qpD3F_QlHQ9QtO7x_Ze96xGl6_R171t-Uua6d7I5cG6Cdy66rPTAy3Lt2__WiipBwY-3GL0A_4P4r1CnSQb6obmhDnnMgFj0kROFB8mK5RLIfETX74Csh62nTtuXk5shvQ7wy-BpcDif89gbDeSoi3RFCIInliSzq-Yw8C69jKSHAt7BtsG8aLIjR7HARb1DsrjFFnFrlV7LUKZnn9hlKQsfgZ5J5X8ZG0BKgkx0Cn_CahqN9utsrNVlJ6HqfRl3Ui8NLC-VjfmjlaYP_80oNwqnatgyzfJIOFrwOQUXgKXApUYfP6zT5ck8GHeX0RFJ82FkMoMGW8hoCDh9AVK18AJ5-fNL7HtvbvOQ2z2x3gZJGio7FVBuRIqoNGJC76V6dRXzzFp0RK7kz2ZTGFLyHyRx4ZicWKl9HnUK7307E5sGswRwduKEBGDDEifUvuBqJpbzalGOYag4vuX7_e0Z0CH_w4rFuSlOJA5J2_aBn0zZyxvA1JJ0rFzGYQUQ6VAyj0F2Rv7GGI7ha1RAtNF5o0e10BalIwB6T_d_i5cQ1DREfSu9YEbF9Yg-LAfKJr9EKW3MkvvtmNJGY0phcYHkPOcwnwevdRxh2VFh5f1ktZ4Yns_S_U4nutfwKYqwmeNi3AwGUR0LhUAZa36mezTwmrr0LvXzjnCUgWZdTcCKB6sLvWBHwtNQqqvrQiFgO0etOwZgUOqTIoEqLl7D1DR2p33bH2Y2xEPG411l0xHLjY5JHku-eG_CiK9wL6dQY8steVLpONd9q3odTVfmXWShdP55VICvm-iy84ZswA-kzMKP-kHDFronuQdj4jFyO2xj324zg839CXXYBUL8_ohSwSh1Y58QsWqnBJL7sUf179qaTU9ST-_qnlZC1bbIeQcMRmPPMptkkyag1x_-9Gp9XCxst3Ekhu0vWwdUHy64a4TlUn-cYM0MhwwURRmxM7rmA0X2sqeWWRtzH4Er_2C9jFpnMKgNfK7cY5y1UVENXBM4SrFepNV6eBjgrQTFd-mv3H45S40i_07QnPqnAK6gxnxkKBpzCAQSbQBygQiDg-wr4CTft0WWBkb6lK9qvkCvtkXEZRd5tm7OdkNGIbG42UdNMHOJm3pApSFRnip7ipsXFqITjSRO_1owZMiupIf5OkV1VWtz87Eswef9Rb_x1lDGih4MT6RiF9owA_FGLkR3ltWydDoYAWAB&cry=1&bundleId= cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame D7DA	91 KB 23 KB	56ms 19ms	Script application/javascript	2600:9000:2450:cc00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2450:cc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 26 May 2023 01:06:44 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 b07ca4a88c1a9f9cf09555efc7865098.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P4 age 2556249 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id QtZteX6w1nBrQwxFF4AsJtNe3OfqGaPhWpgri2tC_QMIqG0GlhGQZA==
GET H2	200	dt dt.adsafeprotected.com/ Frame 177F	43 B 215 B	303ms 95ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=315ff81f-3483-8faf-ac1d-43f4ca54c81e&tv=%7Bc:gt6LEy,pingTime:-3,time:64,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:65,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tI6XeCW+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C1172%7C118*.1352960-70224227%7C1181%7C1191%7C11a1%7C11b1%7C11c,idMap:118*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&br=c Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT server nginx x-server-name dt16.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 177F	43 B 216 B	298ms 93ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=315ff81f-3483-8faf-ac1d-43f4ca54c81e&tv=%7Bc:gt6LEA,pingTime:-6,time:66,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:66,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tI6XeCW+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C1172%7C118*.1352960-70224227%7C1181%7C1191%7C11a1%7C11b1%7C11c,idMap:118*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&tpiLookup=ao:pcloak.blob.core.windows.net*%2Cye-mek.net*&br=c Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT server nginx x-server-name dt15.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response pagead2.googlesyndication.com/bg/ Frame D1CB	38 KB 14 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 19:10:38 GMT content-encoding br x-content-type-options nosniff age 158414 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14804 x-xss-protection 0 last-modified Mon, 19 Jun 2023 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 21 Jun 2024 19:10:38 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 0A67	41 KB 15 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CL2D8j5mUpULvXerh7DDMRGCKSXAU34QO3YwM70xgxkMoWQbQ8fTZ4xBmVw02SxCY_dKekcqWtgI3Il_wezJGDreHyocZFFtD6AsPdNm1TrwgFI3IQfs4_tWDWQUCuWjsC-CGrPFplTIxN21XMRqT-k-dEKyk6OeokC7SU-Rj9mjzx6sk&cry=1&dbm_d=AKAmf-BXtrRa7YVv_I7rkxr6c4emgAYq0YxLoy7w-avtZa3CO6HI9FNHOwdpenPFJc0ZEqKwCFd6Gh6q_bpKEY_Ff7HqK_kwdAzWakTgmWJ-IhpgpOJ8Ja_VN1wmYRNLnmYfbFFDpMln6u4m_X5in6zWIMSGbmKgnNl095rvSbwKmzU7Sb675UXn6PTzaC7nqGI7wKdCdAMaTQ5HtsG5EU1EAEevt454kJrw2zUr4MqvTAkTBI95cOvbrKVycihFd3a0mAKPbkLClQnQ-JazIWh-IMx81DExByJDo_xddK6CNDMkk97Nui_hXmxaDQ0v7DxyKunXWTsgMknOhwrWFp9Mrn3FrGKbPCsY2I3pHGapbOJCWOlABQyL-LpRyHR8jn5ZR8UGTpTy48u8zVDPyq_XZdOqWh6Zl9z7ZI-GfoffF1Ss5p5Dgl1qMSCZhyMxW17-ENzrwLOwgbsmIB946Gt-wfO6H6OzjAw5tzmmXT5LkVMuqLObu6nOT6HTd0Lz9KKvXpTFe43s2GURHJxPadRVIB1zguzeihw7E49_593KG5aqMIXz3yR1ZIkZn3IQgMAdikpvEso-LyQ0Dqsbjx0Zu8N2JjKu5GnsvLAd2Z_ygPKf4uDqC65OZDC0fpFdalnNm-ktdQ-Bnhr6zNn7NiSkna-4A1LhFwLEfRTsG5vGnghj8Rc6CXUecI29BQygHactZxC79GTs97aywiuioxc6SYTDtrmGKR3-REtqnIjJRzXgLl2tMF6FT3HlDYUYrBD9aSu5jhE8qH46YZoYxDG6cL8ccA8sqWXTWvd9jQEUweLdnP6mfCA7rU3BDIRVPNsV2dM8EWEujtR1PXsMa-0dTqoW4ZS1ClCbhsN6yoeZujnE4Eq05MiGiA08Kg6Vg7Ee5ipZdX48SwS8nWUqWiCtRw9eSQghLsJfL_9ogdkEHr1eg7QZIJfzpaToktdLDHnG7xtvUosZK0MNipj6h_lmK75qDdRehQ8Jiv80AHCkiwKPVlHOZyLEzszmkgN3Ih9Qkp7fJeL6qu0dsuxgWoedMRX3ncM4Fir6_yK5iANj0J2HG48W-gmQRuxoniwWOcD1FNfO02SX1tmK5kMmlfihBd0VkKaMgLxerbDC_6vASaHD2h6q926q6To_HgTqWO0L-e5nScjrxiKdFSC5d0jXH3PQWB3GSv2x9pqXNj8atVo4Q0DwPYJyBHyXSA5FmCUL4A3bGe3s0OXxgaUVAibD3bQJ_AbbP37zwJ5wEmlg0Yt0RSUoI2OoOLnvkGRaB-cKZXnPITVQAV0BPW0fIh8b6KkJumLPO0tjHCodUQ40cjslwF8LajciWnq4q1OvXC00XO_Rjzhj8hzTZw0uRHjfdJKaR5hJcW69l3AGoqOAsixHRWd1DxiO_LJg3YGJUFCY02CUDoFXeUlkk_AjhI-qymbCyMiR-fXYOLQoQiu7LOa5PNWZ3E63m88lMLi0fIHuTkipdEjW5i88i6HhfQRQnkpnmFFqStok__hFE7SKANQvAhuM9tEmIwT8UJC5YmaWCNisNFyXpo33y69AmDYcsFIWeTPjiQbLTw1J3DSiWt_KF3NOU7EMpOzfyG2dlK1Iq3MKr3TcF8naLSV08fI-aPEcc3AzZj4O8jh4Zs7XtHwRqB2xwAcSCosT9GVUa2lq73NRWM1D0GIquYzNsZAeb0FFMklGMOjzV4XCVeCJ6pLkrdTew4nnx1uDTH8i_NWradOmHkMFbkwHj8DHsNvdK5b9g9WXaumlDyU4yPEKclol_KxlpVd83yGopHBrrnyCnf-Xysg7IE-bX8ZQL_xTDMPImRsvjJIhsWcS-4BXAb25SWYo8TQkP7FcWEEMiaSw2jH-vTHsoNDKalzX1WeRRIT14TpTveZAzJ1Lvg1Q0NcwgtaG-v07_vcpRRDRggTdYLmoluuqH8FZLDBDjH3S5vHtGr6STUMig3wu78IlmlSdj13OFMNU62aeWoNWYKdvpl2oLeY17adtsefV1ys5LvFykX9dt99InP42cHZfy4ZLQ0WYGeczcpyLtWVswz_ItMEe7TNpgmvfIjMq5bpg1ScXXvBlKpAe64g5QK4dTcYDZq73qCjMPQcJGJHOz8ky8R26FcNjSMgPnyl4bytaoLXrFWeSo8Orl2qFqgbhvy7pL4qXX6CR8f-BQpEIJuu_csKeNFqtAMv0vPIhOZwyCj4S8Z1_eltE0O-DXKOh8EJrDT_cQTPbNsRm5FxHCZYth-2ppPpf5q4Cpd_ypb-oqbZi7RpRJVyw-zbjCqsu-HURC4b3KgbrWqjcpMeKcX_ORfLMEg4L0ZTh7ISKdprzwaIxucF5_gXNA2YyZYh5R9pANwRSZbPVEqX3cnOyat4Mh7R7Ohzbs1uhtiXH9JQs-x6BJ-Nk633oyHNcWhI8hMNkZQOOw6M9A5_A9lzaBY93qpwbzNnTuXN2Kkl3X3KMV-HERkH8c8r5jKjxdr61rqcIGVL569EIofHIPgdeO-FHFQiV42z0zzMvCGrTzt6Enhb5c5kL7vms3KzLgTsBwrrikGJSfnhGy6tPUiz8Tzbt1cngFwYD7Ua2IcFijzxlmPesemy_V76BAV4QWNKXKDFV3-fS5ST4u15bD1Fvnmub2Z_yxtPBciGTBXKaTsu7D3pNLRBRVIS3pgHPS5T1zwKAOoK51URILro98r88njkDOrsBT2soWimrlaOMghXKVupm-8z0E9uA5kSfpqJR4Qxe4ZqZaO23cYzAHRc63yQ4pCkEI2AMOpU6w63SyPWipWopqKgdr1GB51oIzaT9DcLgjaHu53pDxRMYsbXF4N8Gb8VxKvxdM6UkihlpY-dmlDGADoklTiyJOPHA1B0C47UiINTqSsgqyXZ0QEd73wdffIbJyPBIt6lvF4_r3Eir8y3sDibiuymClXfDLm_pVpjZpRoayRI2QzeeDDlGcfIeZyXdZPOb17RI0P5rZR6fR67BSt7l5YCIj3MsYgjDxqhUUrZnZW-Xovs1Z1JyS4oj48pzyXWAOh2vggnbeKF84BZDtERYbWD_qUNgxd2-5yrJrZVqIsV1GSBfN2dw1Ga9YhLTaYzxmAD7z5bPOE8S1xn-PSAUsW1-iEHIq5wD-5PxGQxYcNE&cid=CAQSbQBygQiDesc4HT9I0TjrOnxgDaHiRDjntArQHT5bSnrBTO6yI2JNQsQOQ92udKfJ2lx4m6JJhI2jw78rj8gyqhPCsC__RnXXl6FLwSFxjkGwPUr0jZXoF4wJ4FPBXG6XAAWKFWimse6eChK2-CYYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=10650375088757840000&adk=2465470143&idt=252&cac=0&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 13:19:10 GMT content-encoding gzip x-content-type-options nosniff age 179502 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Jun 2024 13:19:10 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 177F	43 B 215 B	284ms 96ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=315ff81f-3483-8faf-ac1d-43f4ca54c81e&tv=%7Bc:gt6LET,pingTime:-2,time:85,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:599,beZ:600,mfA:602,cmA:604,inA:604,inZ:608,prA:608,prZ:613,si:619,poA:620,poZ:642,cmZ:642,mfZ:642,loA:665,loZ:668,ltA:684,ltZ:684%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:85,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B78~0%5D,as:%5B78~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tI6XeCW+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C1172%7C118*.1352960-70224227%7C1181%7C1191%7C11a1%7C11b1%7C11c,idMap:118*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:20,sinceFw:64,readyFired:false%7D&br=c Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT server nginx x-server-name dt14.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 8D8E	22 KB 8 KB	8ms 7ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 56313 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 23 Jun 2023 23:32:19 GMT expires Sat, 22 Jun 2024 23:32:19 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	skeleton.js Show response fw.adsafeprotected.com/rjss/st/1484055/72040524/ Frame D03E	244 KB 74 KB	87ms 87ms	Script application/javascript	63.35.89.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/st/1484055/72040524/skeleton.js?ias_dspID=64 Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.35.89.158 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-35-89-158.eu-west-1.compute.amazonaws.com Software / Resource Hash b4468d451344f47a421860a2ce993507620f820fcb16ad914430f455fb515151 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame D03E	172 KB 61 KB	39ms 8ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Origin https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 13:52:35 GMT content-encoding gzip x-content-type-options nosniff age 4697 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61485 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:43:57 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 25 Jun 2023 13:52:35 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame D03E	11 KB 4 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bk5H8zM2z2D5g-UdpbWY_3c54pdaMta6ljZDoSeqeQzRpiDIHYXqvM20yQdCYaVGmujaz76_i_Tv5Jd4TtZ38wBHYsV_Le1OvF_RmQT2Qr_krhyF1oo2ZMJDlTtAb-ZSgiRcreZGTmohI7EGVOxJde5wzfapg1KqlYbiQ7Jjdavhy-m-0&dbm_d=AKAmf-Cpn1mDSzZCiErrRQIH_PH4NF9O9wR0KimBrF4GRHnZDsnhzHfRlPm9w6ghW1DHzwuwsEeaCssdksSv273RU86r2J9dy-JDsoyiHp2J3nHVVH22ykTvbhjVbF8K-EI2A0TYx-RqUAp-_x0Pxn_k-d_-PHQRmwbbtCWFXk5P_CfjJ5aPaPEzVfQAXiCEmPKM76-gRPgDfvAaX74pKVq3oFiGWZtzf1U5VQub9gTHEea2SJZ2iD9bhqYcwv0y_dtBLqOPdSQVxkrZCRLLSqemHqg3PX1PwQE1nABx4hnljXhvFUvi8W0tA1ZC2sZfXWSuQ3MfK1fkdM4grehNjdnSn1h4HiCcH8P3ejCmoXb6H-eRQtb1A9m9rw0wik98OHwjYHYTYlM6Ds3YzhYqfxUibDFo0bz7OJS66uCj-4ta92JfUdOD-c2Ju7pv3DHqpE1I9NsyX01zJ7gQdkkBF5OdtMwVNkrGBmDFkV9rYpdcneiUX7Q3X5P5_RPC6wIguPJhnWFEZE1K511r4v26Vsm_6kv-Z-8wa8yRLQFbL3xob6JJMTYHGZbRm8kLj4SD6aRsDBg1E3Znu5i2xMXoltHE6cEo5AHyHZmzQbb-BSEDnJzGfyyLclizEiLnZn8rYqUCglDnAk7ZMY6hz1el3-eX4MNrEjuvp-gV716uoZO5O7Q1lqhHIsYXKhKj4Bbh_nxLPGOXiEXicYbghmpZ07eoxojFXHFHMYHwh5D80SUKGM9EdDpALKPX1I-0u61eXh3z88DzDTTIKTK_YaRy6U_7A3b-Y-_RWUAIj3z1Yy2Eoig3nmRnCoe403LBMrdhe5KXv7qtlc0vDSFYYiF4UMGhXZhOxUm2NARhTcmn48t-4tNda_Nht127fyLKejA_Ll2OIqN9zqQKtCsSX_olyc-CXLnV3Ow2K46wJdmr3TvTJ_B4Jt4aOh97yhn1MjOpyTbHcUQlRLibhTSdbCOxei1cFgv26rvHLfdX859AgjRSqZP_oVY37_9IOriqMF8glKX8iDohUedpMoVvRIMGIH0Wez5HajhFRbit4vLbwUN6m_FE11wULAbZu6P2zXFWkeM9Etvg8EmrqCQYXrfuVn5OB0RNXb_nFO9IuUt4ig7HzaRwSndYcY4n782wn7EfPS5_7ngHOHOsgXYoefEjVsSjWXzl8G6y_eWR-9L6FeFF_iSQaoVah1HO0ecs860dx22uQjG2g3_RdQrAASveYEabbeEPDhxG0YlF8jnmZUPR7yaiT11MBe9r23P0k8WbOXblJalhKAICLKDwrFfc7NGYvKG2Ez7FI-bgjiTod_O2COJcLJ8ea9f8whOKjBxa7sT4in6H895r29O77z0CXeeFxA5wpg7ZKarsW15gUilBvhYteAGBLPbXsho2_5GrHqFUGfK0IYMc5Tg19vsoJQFZ6GAQIvzh23J3dbrYdUSVYH_LxoQ4frWk7Mx8ePEex-_v-ivNsn-6IfJSGA1DrkupwGdtG0ZaMW_lx33U74NpAxd0rN4TIc161r0QkKaomKGCOwoZ-wUb8_QMrJAFZhbXGgTpLg3KknSnaP6f0E_K5-j0YmU4rAk-OExtvIBw0KHFjFPI08mhvb7eg5gPUvzSR_88SnRYeojCisvhEvYocVQBVxCVdfB9PdTR8Fl1Vknhc7sxkj9soxchCGRLgVKqlKLePh38eXqX3zEDc3j6EEo0OhuUneMUFQQVX4hkBgMwHV0gW934GgGI4COMvp6hiZwKygMxm3qPiaKs1N3j1OKPAR0VQgOLKkeAojd9aT9uv4fpWxjYsrxqcm-xJH9uI0DIr5KaoJ9Ic9SdYd7mDyGM71-TQu_nUxRcHzEt-Yz6v7JKrjuYq7JyvBBe4jhh0NmLhd7NzWyKUDls2hyWY_Dbj7IVa5WwNIA8asUOS5EfUZhW8cR_OGtpE0LMQeyovnyl5LtYIi36vdq0AwaOSHhx_706Ta-hP0KyKVeyLCcQrjWXauGDsQwsDt-s41pkoIr8migjsxYkCv7ItuLz_METlx8ZI3KVO2h9eSVFz7_PjCvkIn_DAodxg2aDBwrI-r4W7AZdxhDt2CGE_b28USr3HyKHUEIYv_t1P9Hqtf2iCSJe7HOfgm7Jpj9NsaeFHebuIvx1MJLX4JcI-6Lt5Si-mFQX8IhJLLiqPuHTXC5QorbmApT_fveBsJGphHKLjbNyfgI4dIXsidO5iVuP3U4blEmxPUkomeeNANXiLnljBvbp4WBwOA38ohuKEX9Xg_XHpMjbZMBt21W_9l3SNlUsQQKMmjlRwnOIhk3yUe0xpSdi6mdFIFoyb5bMfCj3TCUwb6Bf9aj_dkjm9p5pAY36uJcKmgjngl5JZMlQkEkn1zAFYtWRg2_Qzu7KIYqxTzZ6na0ex1R3rEfxlEQwpp_mg6Xh_k3ohupuadnjJd-A31L2i5eLmR5lR8QMWLSTYLKUlGBKgVtUtxET5eJpgWnVB44tOiqwlemMyXnow0JpYBAbZR1aNrbrbq9XFlZS6hghUGQbkL67Xj4jeHgmbDR6NoQ9Gkq43EPiLFmZqaQzGGoc15pRLXya3v6IkCi5NWE9nzEOnmKQQmWqmg8MMokWRoW6cAaHR1CKfSc8srxk5krsew2aINCXlHq_LBZYWWOlQnXoADm52Uw0xvkItwrMxGgi-ttBJnuB0iFJ3QFgApuKa5X8LlgCRVxD-uOQ9YL81tzFodvLZAz6xlSQYvt_ImHbgAeCLRNSyqXZIGX_DtsG0zC_KjXSbwaeY9uhJyTWj3B2T2ttI9YxGBhih3rwJOBisqwft3_PTGlFGh-s2EhS3_dsBZeSBtPjZBEL5uPIaPRc-mVwdnL6ETfet6YccoCEJNx3uZlRZWltUqdel-rUkeBTuRh-tTWmcYhBn9oqe-Uwmzs-THTCcoMmnvRuIxrzbqJWN3pVvHh_WxElQy9VqTFaU4dOMKZ_uJmHGwMGF_S0dpjEA1m7WbLn7Ps9J09cSyNRTNIohhcU3Yx_Wf383HW_pEOF_CEeS2YhKA7ozWY0Uf8zaN3cGZ6UQJXVj-kc6RVZ4Jp3powWxf0uXN1fmMMxufAfj-l4bcq4f04C1s3tBI-NJPVdvHIkWWyNVlacw2K9zjHFRMh5bxpXbPInlXzbL52cWdYG-y1gzSBKqP66bLEKLw79FgC_O_710pmwIICP4gfHVNAfMjQDRQyLinIdpsGq5zdnNakFZNC3L-VskQ7iNrrZfr7j1ckXFKudjNVVWA7tSH9r95AW2OymSFEpPm2z1b1NljC2vhLOZ_Av5rO_fMAuJEiUvJxsDyAhNz73T0EEEMqGVsk-TkQNrqgnKawgH5OfUGxWgze5ykWEPJNlueakLde49bMlTkwPAUUDoZc63Re5LBqDT_EqNOdnq5B1X8XpIV8Z6YA20ezbwrSPHgtPAivOE_OW7n1xYtV0aBe9zhyAVFfBDAV4iUat&cid=CAQSbQBygQiDLmVYNRBHL07lK15TOUXe-maDycFmFgIGsUozEdpLPsCyzOcyNkv9UWLMKXWN5PgMMqiGdRSlILF5FZ4cjCRbd2eNPmChQRDcgBv8-Jegu66GeTHRz2k1OCT4U9tXgix_FEMer6VX8JQYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=3274816977669780500&adk=212707235&idt=283&cac=0&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:19:34 GMT content-encoding br x-content-type-options nosniff age 71478 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4172 x-xss-protection 0 server cafe etag 5499578052516643378 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 19:19:34 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame D03E	30 KB 11 KB	11ms 10ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bk5H8zM2z2D5g-UdpbWY_3c54pdaMta6ljZDoSeqeQzRpiDIHYXqvM20yQdCYaVGmujaz76_i_Tv5Jd4TtZ38wBHYsV_Le1OvF_RmQT2Qr_krhyF1oo2ZMJDlTtAb-ZSgiRcreZGTmohI7EGVOxJde5wzfapg1KqlYbiQ7Jjdavhy-m-0&dbm_d=AKAmf-Cpn1mDSzZCiErrRQIH_PH4NF9O9wR0KimBrF4GRHnZDsnhzHfRlPm9w6ghW1DHzwuwsEeaCssdksSv273RU86r2J9dy-JDsoyiHp2J3nHVVH22ykTvbhjVbF8K-EI2A0TYx-RqUAp-_x0Pxn_k-d_-PHQRmwbbtCWFXk5P_CfjJ5aPaPEzVfQAXiCEmPKM76-gRPgDfvAaX74pKVq3oFiGWZtzf1U5VQub9gTHEea2SJZ2iD9bhqYcwv0y_dtBLqOPdSQVxkrZCRLLSqemHqg3PX1PwQE1nABx4hnljXhvFUvi8W0tA1ZC2sZfXWSuQ3MfK1fkdM4grehNjdnSn1h4HiCcH8P3ejCmoXb6H-eRQtb1A9m9rw0wik98OHwjYHYTYlM6Ds3YzhYqfxUibDFo0bz7OJS66uCj-4ta92JfUdOD-c2Ju7pv3DHqpE1I9NsyX01zJ7gQdkkBF5OdtMwVNkrGBmDFkV9rYpdcneiUX7Q3X5P5_RPC6wIguPJhnWFEZE1K511r4v26Vsm_6kv-Z-8wa8yRLQFbL3xob6JJMTYHGZbRm8kLj4SD6aRsDBg1E3Znu5i2xMXoltHE6cEo5AHyHZmzQbb-BSEDnJzGfyyLclizEiLnZn8rYqUCglDnAk7ZMY6hz1el3-eX4MNrEjuvp-gV716uoZO5O7Q1lqhHIsYXKhKj4Bbh_nxLPGOXiEXicYbghmpZ07eoxojFXHFHMYHwh5D80SUKGM9EdDpALKPX1I-0u61eXh3z88DzDTTIKTK_YaRy6U_7A3b-Y-_RWUAIj3z1Yy2Eoig3nmRnCoe403LBMrdhe5KXv7qtlc0vDSFYYiF4UMGhXZhOxUm2NARhTcmn48t-4tNda_Nht127fyLKejA_Ll2OIqN9zqQKtCsSX_olyc-CXLnV3Ow2K46wJdmr3TvTJ_B4Jt4aOh97yhn1MjOpyTbHcUQlRLibhTSdbCOxei1cFgv26rvHLfdX859AgjRSqZP_oVY37_9IOriqMF8glKX8iDohUedpMoVvRIMGIH0Wez5HajhFRbit4vLbwUN6m_FE11wULAbZu6P2zXFWkeM9Etvg8EmrqCQYXrfuVn5OB0RNXb_nFO9IuUt4ig7HzaRwSndYcY4n782wn7EfPS5_7ngHOHOsgXYoefEjVsSjWXzl8G6y_eWR-9L6FeFF_iSQaoVah1HO0ecs860dx22uQjG2g3_RdQrAASveYEabbeEPDhxG0YlF8jnmZUPR7yaiT11MBe9r23P0k8WbOXblJalhKAICLKDwrFfc7NGYvKG2Ez7FI-bgjiTod_O2COJcLJ8ea9f8whOKjBxa7sT4in6H895r29O77z0CXeeFxA5wpg7ZKarsW15gUilBvhYteAGBLPbXsho2_5GrHqFUGfK0IYMc5Tg19vsoJQFZ6GAQIvzh23J3dbrYdUSVYH_LxoQ4frWk7Mx8ePEex-_v-ivNsn-6IfJSGA1DrkupwGdtG0ZaMW_lx33U74NpAxd0rN4TIc161r0QkKaomKGCOwoZ-wUb8_QMrJAFZhbXGgTpLg3KknSnaP6f0E_K5-j0YmU4rAk-OExtvIBw0KHFjFPI08mhvb7eg5gPUvzSR_88SnRYeojCisvhEvYocVQBVxCVdfB9PdTR8Fl1Vknhc7sxkj9soxchCGRLgVKqlKLePh38eXqX3zEDc3j6EEo0OhuUneMUFQQVX4hkBgMwHV0gW934GgGI4COMvp6hiZwKygMxm3qPiaKs1N3j1OKPAR0VQgOLKkeAojd9aT9uv4fpWxjYsrxqcm-xJH9uI0DIr5KaoJ9Ic9SdYd7mDyGM71-TQu_nUxRcHzEt-Yz6v7JKrjuYq7JyvBBe4jhh0NmLhd7NzWyKUDls2hyWY_Dbj7IVa5WwNIA8asUOS5EfUZhW8cR_OGtpE0LMQeyovnyl5LtYIi36vdq0AwaOSHhx_706Ta-hP0KyKVeyLCcQrjWXauGDsQwsDt-s41pkoIr8migjsxYkCv7ItuLz_METlx8ZI3KVO2h9eSVFz7_PjCvkIn_DAodxg2aDBwrI-r4W7AZdxhDt2CGE_b28USr3HyKHUEIYv_t1P9Hqtf2iCSJe7HOfgm7Jpj9NsaeFHebuIvx1MJLX4JcI-6Lt5Si-mFQX8IhJLLiqPuHTXC5QorbmApT_fveBsJGphHKLjbNyfgI4dIXsidO5iVuP3U4blEmxPUkomeeNANXiLnljBvbp4WBwOA38ohuKEX9Xg_XHpMjbZMBt21W_9l3SNlUsQQKMmjlRwnOIhk3yUe0xpSdi6mdFIFoyb5bMfCj3TCUwb6Bf9aj_dkjm9p5pAY36uJcKmgjngl5JZMlQkEkn1zAFYtWRg2_Qzu7KIYqxTzZ6na0ex1R3rEfxlEQwpp_mg6Xh_k3ohupuadnjJd-A31L2i5eLmR5lR8QMWLSTYLKUlGBKgVtUtxET5eJpgWnVB44tOiqwlemMyXnow0JpYBAbZR1aNrbrbq9XFlZS6hghUGQbkL67Xj4jeHgmbDR6NoQ9Gkq43EPiLFmZqaQzGGoc15pRLXya3v6IkCi5NWE9nzEOnmKQQmWqmg8MMokWRoW6cAaHR1CKfSc8srxk5krsew2aINCXlHq_LBZYWWOlQnXoADm52Uw0xvkItwrMxGgi-ttBJnuB0iFJ3QFgApuKa5X8LlgCRVxD-uOQ9YL81tzFodvLZAz6xlSQYvt_ImHbgAeCLRNSyqXZIGX_DtsG0zC_KjXSbwaeY9uhJyTWj3B2T2ttI9YxGBhih3rwJOBisqwft3_PTGlFGh-s2EhS3_dsBZeSBtPjZBEL5uPIaPRc-mVwdnL6ETfet6YccoCEJNx3uZlRZWltUqdel-rUkeBTuRh-tTWmcYhBn9oqe-Uwmzs-THTCcoMmnvRuIxrzbqJWN3pVvHh_WxElQy9VqTFaU4dOMKZ_uJmHGwMGF_S0dpjEA1m7WbLn7Ps9J09cSyNRTNIohhcU3Yx_Wf383HW_pEOF_CEeS2YhKA7ozWY0Uf8zaN3cGZ6UQJXVj-kc6RVZ4Jp3powWxf0uXN1fmMMxufAfj-l4bcq4f04C1s3tBI-NJPVdvHIkWWyNVlacw2K9zjHFRMh5bxpXbPInlXzbL52cWdYG-y1gzSBKqP66bLEKLw79FgC_O_710pmwIICP4gfHVNAfMjQDRQyLinIdpsGq5zdnNakFZNC3L-VskQ7iNrrZfr7j1ckXFKudjNVVWA7tSH9r95AW2OymSFEpPm2z1b1NljC2vhLOZ_Av5rO_fMAuJEiUvJxsDyAhNz73T0EEEMqGVsk-TkQNrqgnKawgH5OfUGxWgze5ykWEPJNlueakLde49bMlTkwPAUUDoZc63Re5LBqDT_EqNOdnq5B1X8XpIV8Z6YA20ezbwrSPHgtPAivOE_OW7n1xYtV0aBe9zhyAVFfBDAV4iUat&cid=CAQSbQBygQiDLmVYNRBHL07lK15TOUXe-maDycFmFgIGsUozEdpLPsCyzOcyNkv9UWLMKXWN5PgMMqiGdRSlILF5FZ4cjCRbd2eNPmChQRDcgBv8-Jegu66GeTHRz2k1OCT4U9tXgix_FEMer6VX8JQYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=3274816977669780500&adk=212707235&idt=283&cac=0&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:21:16 GMT content-encoding br x-content-type-options nosniff age 71376 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11398 x-xss-protection 0 server cafe etag 3934322099733601226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 19:21:16 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame D03E	41 KB 15 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 13:19:10 GMT content-encoding gzip x-content-type-options nosniff age 179502 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Jun 2024 13:19:10 GMT
GET H2	200	adj Show response bid.g.doubleclick.net/xbbe/creative/ Frame 0A67 Redirect Chain https://fw.adsafeprotected.com/rfw/bgd/1352960/70224227/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-CDcGVXmqxeoUalaDnV0d5SBPdG3sGXbHYj23Dm5gV7WIxwuQUnBxx... https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-CDcGVXmqxeoUalaDnV0d5SBPdG3sGXbHYj23Dm5gV7WIxwuQUnBxxF_0LfPRJLaeSnzOUgn3iP0vKX3...	75 KB 25 KB	72ms 71ms	Script text/javascript	74.125.133.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-CDcGVXmqxeoUalaDnV0d5SBPdG3sGXbHYj23Dm5gV7WIxwuQUnBxxF_0LfPRJLaeSnzOUgn3iP0vKX3RhjIxLmQnsbIDh-BCw5J9Qsr7uQYmB8rEd6hVl-6YVBiZge8R166jIEao413gwuc1JtiYdW4rfcnwGcW8YVwuVstzmbq1Ut67ESqRUAoCZ_4Bn2sgsDL4Hkbpr9S1PevmFKhE3-gWhuAIiutft17ytdsci3Wpk4yHmHtu0RtU58N5mhHZuyawZIwccVw0jCuRfC-XnPBZEiKvtYnskBqbXT3VKAbKY89NDzHcHZXE40WAy0rkOxp6T-A_brpB5f8-7ElRTvEP1w3ZzB2D96LYAAPakY2oFldmT5e6aHtNtqR2hgQNcdj-FtjGAw3rQ9JMFRDvLUhCMWEBYJ5EQRA5BDojguiq7-YYzoa5skIQ_XEdSNu76Td950x7dTuP9fdfQYIxvLdx0izw_VGrikPqoV3KApB7zbL0iapvaZOtkpV-qyt0yInkOEdPQfEGXRs4LVporx-aeHxDoCiYO3kmcv-0QkgKyrEkRHuDxPGcztzK4RCFPFdVf4Pgtt5sjp7lMzWUkAJEhH5fKzSTMkMGjdbNpmq_jQYjT5NBcutP7avF-tA-RfWgIvIB07vN3Ag2U19jytDLbw6Tr-Sxygezj4bniIXrBWmbgMoCgikvMH36Iy9FRJs4QYc2O01DB7tkQO4bRNHSTdNXvoRKSQPb5hYs4e1Xu2G428MxU02zEV_nWSpRhyA1Mp805TQ17mJTAEWYvJLDJId3BbQrK-y24nRVDhTrDDhBRws42moAWQMASCozsQQWnVTZti8o7jeUrI7sbaUu9xbr44-qAZAI4QVeuefqJr-N6--BHB69qCYC_IWAzfrMo5fU-cm0aROax01Bj-V8YoO3izXuJ6Jt4OLMQFMcM3jP9l_83eG5K24wOqsoiAl1IJM1QwuUB-Oj_TyxgynLBMAE000WXqSG9r8VBNTUCOrflKy7UFOodxUVy3tD7f4VEGU3tx6-6WswGJX_BpfIgQ-aj-x7qTh6vvHhNnR1w9pS34dtvScp189uPJwayrqnX0EQjOHAGUbo3rjYu286WmRlE74E5x9luvm6xkh28-YXgmWVmZnUbg_GFSMDxbawXyyddHtOmog7-9FQfYQYHW7pbXZMHum9vEMzEKKjdNdvRED7vz2DMFMAHUm7-KxXbLtspFHjDZ3vR3R94NdLsC3sTdqnxxOox0yP5wnlOOOGUtaRL_waBizMDDhfN1dqlm1f-Xe1u_4VUhgyhS41etznZPC36eRhSjg9dmSvOb7-dgedppracyxSP55VrzPAe_0e6VZ965jiawzL9GqAO1wNTzjVfeBCIqc-VaOrS88B0YA5YN6N3JZe_suhIJ7OEFqufQl4igCyElS-61yn-tc2KOKW428tnVnvWoShRvNBqdccRKSKHwh5RNWGQeZG7hWlVdvMJWgh3DiXkNgvlZ2wCw5ZSDsg1XGZrH3mU7ZcZprMxa-Y6RN05LRxqaSK6XF-tIfsURU8wMM-CvWkNw98an2WRiFJ8Ak6hDCRAQ3GRXxgss_6MHIiRuDBb5Z-iZ6ahnjxREpfN3iegZV-IN33Hth7bkjsh3Yr9TYTMCX9bvlYzPawSNgsewQcqe9qOi5buztWjT7fD3debt0RuVvPRusxl6BxFzNv8Qq5nNYWb-4bPY--6tI9H9bb0RT21Jo0zZ6YrEtYmY7uwGjsDdJaUlu3tV93SaQGVXA9E70aIERJ6QJdeDfbPedeP_yE1DcPUyQyH5C1aocETs6uwqPbQ1-Yl39QO7FaBmNTVpWHfWqlNPc4sPbnxfbubpd1pgKXq0JNYu3MFIjUzPm2SBqRNiPqJfqMikt2jtsrC0RMV7fMe9E-imXIuSgFCMrrMfbc-QMqUqR8vyI-PjRQzS9iwCQHc7VjdEWpuoc7cEm3JreBMvyICGAWn4rU8bMmUF9TDLsmfIfqkhTe6_IGoUUtzbL-MCcRBLwUzFimqFQhKoXSpGnY_0YbPjhf8Qv5JRXT_yC-HjW8bEi62p4BM9q3M_XC18WOHkvHYzqJgmLlS7vV5euodyJMIrf6QH91B4DY1qNaZoa6d8WQ7V3AVvjyJFAR2f-9wRJLL8QoqMtiqkt4cY-NQoVZPuD02aQtx0pGI9DdHZffxVWxs1BtVphlzPbzIJ13lfDk1dTMc_kMZmGqL4ZzDdnRbPWcl-kWm06ODwpv93c-ImcpzIIQ_m_3TO9CF2ok-jXN-pqhtreySNmxIAu94qDKBRpim5hw8-2lxfsJRtN4Jc7-PWxO9TdufsjYe1oGo5VG78kKykUCzfd469-4eTNOlHY4ccFrEsgVGnUlME0zreCz1YKPF8X5ZbosYKhdCH6-lR4z7zperZlVeIgdBPOf273LXmPM-QcG8MvsSDQHRqaBNdKUkNL8WHxPrfwfgKTZE-kDUa-4cHeTlmET9qylEpmu2Zq-cHV0xqqW6jfhBLSQhMRrxREggVYgfy8nMtYImTbMMBwW1o1QUG--mAfCOdnlyRnXyOB1brJirWPquWG9HqcjAiY6w_Wz1WbK7DGUlKBW_5zLS4PYfYnOQ5KWAcqqAn2CQyMBm68eoeJkNoBJ5PwJcK0m4LwHQFBDA1o4FR-Aom1XGRzjjUk0dg0Kat_J1hfzADT6iCODNavCpT_y8lE3kJMAQE01tVBXACTkgda84oLryTNFQ2YBQyOfFO2Jzyi9Bf6885Q6tKFTSL5rZS4fDUfP2SxZbPiMEHk0pxvlL1TqhefCQXtJUnUfm_mWsISF72pCqQILYQz-YaWKPIhWXQ4DjOl8gYBDG8EHvgkr6xAUlcpLZ8ShWNOxL4BoDD2SUTuU7K3Y4XlawOWeZcsmF-C44DO_afFSdz5xy7mowdxXminjIXbGqXug4zETsKzQKzrzwO9Zna4ldeGgPJWiIbpodOq8KuPErVnesLu3pRpHW6P-PrM8si6iC8z3v_EWjIw55hp-14q1X3okEsmFEBLIAKiV5NAU1pAhC9tucroZo3rM2ccncbyn8mdBststp5JUtGTHPLuK00HbxwZXncZcprSIdBbvNe9r2w2wMQc_yowi5PZMnEf0BqCaqqgb-kYTRO9XFso5hyjiFAuuYYhC6YWJ6Zmkn4srgJp-ikNLBq7qGcur6GAiG81V8MhGM4cHt0EbtSbXPHh9XOazar99WTi27aL_nFKFjh3hLT_D_gx413TCBCzbjD_P_TNl8ZVd6TOEQPYihwAr3C7tN6a6182Z-oFMl3NlNnkgGo8vKsg1gLjv9SF0K7KyG4teSIeuYCWvTjZS-QvFghzw4XE8K6cthH6y-j6_lE30JxqAxBJ592KTmHxTAR1zQvTE00tSDDPUBmtLLQzJSRBlxw9PVTsk-XqGeQGmITUTFZc7pjpSFQ3HYSNXGAjtdAnicjA0HICjcDxoWKEG6lgXizQcyjnUJCBh-AYVB5yse3MeynkpJjiSAkEWhQj7Uqt_jvxZyG8dtUmtRWyN1TUPUubCrhBv4Xrcn8wHxGSWF2jMut1nRcmbdd-uz9NrELy5IQTdTacHdPieJkW17qj_6ZiUN03zP9jnE9wCoTgeusNcaS1ayvbUB9xWRbTf4TLCz0p9ycA_3AcRVMzg6ZTahZQ1ShM6SG7K-keopXowT5P7Uf1jEzNFwXix_G9Tp9hmxPekPQ8lm7rqf2EDfAFDFN5mz9Rcttv65Dv5gtgJNhD6iNbnScPKwklcUaSvco7xbQioUB8m7vpjpv_4ZUHxMMI3QPZqT_1i6UJR1_QRpzCAQSbQBygQiDesc4HT9I0TjrOnxgDaHiRDjntArQHT5bSnrBTO6yI2JNQsQOQ92udKfJ2lx4m6JJhI2jw78rj8gyqhPCsC__RnXXl6FLwSFxjkGwPUr0jZXoF4wJ4FPBXG6XAAWKFWimse6eChK2-CYYAWAB&cry=1&bundleId= Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Server 74.125.133.156 Nashville, United States, ASN15169 (GOOGLE, US), Reverse DNS wo-in-f156.1e100.net Software cafe / Resource Hash 344e3203cb91707c39b144173d4203871891278dc42b8150e178ce1ce4d0a757 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25605 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT server nginx x-server-name app05.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-CDcGVXmqxeoUalaDnV0d5SBPdG3sGXbHYj23Dm5gV7WIxwuQUnBxxF_0LfPRJLaeSnzOUgn3iP0vKX3RhjIxLmQnsbIDh-BCw5J9Qsr7uQYmB8rEd6hVl-6YVBiZge8R166jIEao413gwuc1JtiYdW4rfcnwGcW8YVwuVstzmbq1Ut67ESqRUAoCZ_4Bn2sgsDL4Hkbpr9S1PevmFKhE3-gWhuAIiutft17ytdsci3Wpk4yHmHtu0RtU58N5mhHZuyawZIwccVw0jCuRfC-XnPBZEiKvtYnskBqbXT3VKAbKY89NDzHcHZXE40WAy0rkOxp6T-A_brpB5f8-7ElRTvEP1w3ZzB2D96LYAAPakY2oFldmT5e6aHtNtqR2hgQNcdj-FtjGAw3rQ9JMFRDvLUhCMWEBYJ5EQRA5BDojguiq7-YYzoa5skIQ_XEdSNu76Td950x7dTuP9fdfQYIxvLdx0izw_VGrikPqoV3KApB7zbL0iapvaZOtkpV-qyt0yInkOEdPQfEGXRs4LVporx-aeHxDoCiYO3kmcv-0QkgKyrEkRHuDxPGcztzK4RCFPFdVf4Pgtt5sjp7lMzWUkAJEhH5fKzSTMkMGjdbNpmq_jQYjT5NBcutP7avF-tA-RfWgIvIB07vN3Ag2U19jytDLbw6Tr-Sxygezj4bniIXrBWmbgMoCgikvMH36Iy9FRJs4QYc2O01DB7tkQO4bRNHSTdNXvoRKSQPb5hYs4e1Xu2G428MxU02zEV_nWSpRhyA1Mp805TQ17mJTAEWYvJLDJId3BbQrK-y24nRVDhTrDDhBRws42moAWQMASCozsQQWnVTZti8o7jeUrI7sbaUu9xbr44-qAZAI4QVeuefqJr-N6--BHB69qCYC_IWAzfrMo5fU-cm0aROax01Bj-V8YoO3izXuJ6Jt4OLMQFMcM3jP9l_83eG5K24wOqsoiAl1IJM1QwuUB-Oj_TyxgynLBMAE000WXqSG9r8VBNTUCOrflKy7UFOodxUVy3tD7f4VEGU3tx6-6WswGJX_BpfIgQ-aj-x7qTh6vvHhNnR1w9pS34dtvScp189uPJwayrqnX0EQjOHAGUbo3rjYu286WmRlE74E5x9luvm6xkh28-YXgmWVmZnUbg_GFSMDxbawXyyddHtOmog7-9FQfYQYHW7pbXZMHum9vEMzEKKjdNdvRED7vz2DMFMAHUm7-KxXbLtspFHjDZ3vR3R94NdLsC3sTdqnxxOox0yP5wnlOOOGUtaRL_waBizMDDhfN1dqlm1f-Xe1u_4VUhgyhS41etznZPC36eRhSjg9dmSvOb7-dgedppracyxSP55VrzPAe_0e6VZ965jiawzL9GqAO1wNTzjVfeBCIqc-VaOrS88B0YA5YN6N3JZe_suhIJ7OEFqufQl4igCyElS-61yn-tc2KOKW428tnVnvWoShRvNBqdccRKSKHwh5RNWGQeZG7hWlVdvMJWgh3DiXkNgvlZ2wCw5ZSDsg1XGZrH3mU7ZcZprMxa-Y6RN05LRxqaSK6XF-tIfsURU8wMM-CvWkNw98an2WRiFJ8Ak6hDCRAQ3GRXxgss_6MHIiRuDBb5Z-iZ6ahnjxREpfN3iegZV-IN33Hth7bkjsh3Yr9TYTMCX9bvlYzPawSNgsewQcqe9qOi5buztWjT7fD3debt0RuVvPRusxl6BxFzNv8Qq5nNYWb-4bPY--6tI9H9bb0RT21Jo0zZ6YrEtYmY7uwGjsDdJaUlu3tV93SaQGVXA9E70aIERJ6QJdeDfbPedeP_yE1DcPUyQyH5C1aocETs6uwqPbQ1-Yl39QO7FaBmNTVpWHfWqlNPc4sPbnxfbubpd1pgKXq0JNYu3MFIjUzPm2SBqRNiPqJfqMikt2jtsrC0RMV7fMe9E-imXIuSgFCMrrMfbc-QMqUqR8vyI-PjRQzS9iwCQHc7VjdEWpuoc7cEm3JreBMvyICGAWn4rU8bMmUF9TDLsmfIfqkhTe6_IGoUUtzbL-MCcRBLwUzFimqFQhKoXSpGnY_0YbPjhf8Qv5JRXT_yC-HjW8bEi62p4BM9q3M_XC18WOHkvHYzqJgmLlS7vV5euodyJMIrf6QH91B4DY1qNaZoa6d8WQ7V3AVvjyJFAR2f-9wRJLL8QoqMtiqkt4cY-NQoVZPuD02aQtx0pGI9DdHZffxVWxs1BtVphlzPbzIJ13lfDk1dTMc_kMZmGqL4ZzDdnRbPWcl-kWm06ODwpv93c-ImcpzIIQ_m_3TO9CF2ok-jXN-pqhtreySNmxIAu94qDKBRpim5hw8-2lxfsJRtN4Jc7-PWxO9TdufsjYe1oGo5VG78kKykUCzfd469-4eTNOlHY4ccFrEsgVGnUlME0zreCz1YKPF8X5ZbosYKhdCH6-lR4z7zperZlVeIgdBPOf273LXmPM-QcG8MvsSDQHRqaBNdKUkNL8WHxPrfwfgKTZE-kDUa-4cHeTlmET9qylEpmu2Zq-cHV0xqqW6jfhBLSQhMRrxREggVYgfy8nMtYImTbMMBwW1o1QUG--mAfCOdnlyRnXyOB1brJirWPquWG9HqcjAiY6w_Wz1WbK7DGUlKBW_5zLS4PYfYnOQ5KWAcqqAn2CQyMBm68eoeJkNoBJ5PwJcK0m4LwHQFBDA1o4FR-Aom1XGRzjjUk0dg0Kat_J1hfzADT6iCODNavCpT_y8lE3kJMAQE01tVBXACTkgda84oLryTNFQ2YBQyOfFO2Jzyi9Bf6885Q6tKFTSL5rZS4fDUfP2SxZbPiMEHk0pxvlL1TqhefCQXtJUnUfm_mWsISF72pCqQILYQz-YaWKPIhWXQ4DjOl8gYBDG8EHvgkr6xAUlcpLZ8ShWNOxL4BoDD2SUTuU7K3Y4XlawOWeZcsmF-C44DO_afFSdz5xy7mowdxXminjIXbGqXug4zETsKzQKzrzwO9Zna4ldeGgPJWiIbpodOq8KuPErVnesLu3pRpHW6P-PrM8si6iC8z3v_EWjIw55hp-14q1X3okEsmFEBLIAKiV5NAU1pAhC9tucroZo3rM2ccncbyn8mdBststp5JUtGTHPLuK00HbxwZXncZcprSIdBbvNe9r2w2wMQc_yowi5PZMnEf0BqCaqqgb-kYTRO9XFso5hyjiFAuuYYhC6YWJ6Zmkn4srgJp-ikNLBq7qGcur6GAiG81V8MhGM4cHt0EbtSbXPHh9XOazar99WTi27aL_nFKFjh3hLT_D_gx413TCBCzbjD_P_TNl8ZVd6TOEQPYihwAr3C7tN6a6182Z-oFMl3NlNnkgGo8vKsg1gLjv9SF0K7KyG4teSIeuYCWvTjZS-QvFghzw4XE8K6cthH6y-j6_lE30JxqAxBJ592KTmHxTAR1zQvTE00tSDDPUBmtLLQzJSRBlxw9PVTsk-XqGeQGmITUTFZc7pjpSFQ3HYSNXGAjtdAnicjA0HICjcDxoWKEG6lgXizQcyjnUJCBh-AYVB5yse3MeynkpJjiSAkEWhQj7Uqt_jvxZyG8dtUmtRWyN1TUPUubCrhBv4Xrcn8wHxGSWF2jMut1nRcmbdd-uz9NrELy5IQTdTacHdPieJkW17qj_6ZiUN03zP9jnE9wCoTgeusNcaS1ayvbUB9xWRbTf4TLCz0p9ycA_3AcRVMzg6ZTahZQ1ShM6SG7K-keopXowT5P7Uf1jEzNFwXix_G9Tp9hmxPekPQ8lm7rqf2EDfAFDFN5mz9Rcttv65Dv5gtgJNhD6iNbnScPKwklcUaSvco7xbQioUB8m7vpjpv_4ZUHxMMI3QPZqT_1i6UJR1_QRpzCAQSbQBygQiDesc4HT9I0TjrOnxgDaHiRDjntArQHT5bSnrBTO6yI2JNQsQOQ92udKfJ2lx4m6JJhI2jw78rj8gyqhPCsC__RnXXl6FLwSFxjkGwPUr0jZXoF4wJ4FPBXG6XAAWKFWimse6eChK2-CYYAWAB&cry=1&bundleId= cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame 08A5	91 KB 23 KB	21ms 21ms	Script application/javascript	2600:9000:2450:cc00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2450:cc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 26 May 2023 01:06:44 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 b07ca4a88c1a9f9cf09555efc7865098.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P4 age 2556249 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id MmNuIPSas1oxToaAj_ck3dQZ0G9W7Zuwlf6y8hW6KsW3BshDNYEIvw==
GET DATA	200 OK	truncated / Frame D03E	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 171c5f9e6b839593ef8a475869a4a5545078339403fe57f48bea0e04903891d0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/png
GET H2	200	dt dt.adsafeprotected.com/ Frame 0A67	43 B 215 B	94ms 94ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=ebe5f00f-2a08-6f56-a9f8-f609d451617a&tv=%7Bc:gt6LI2,pingTime:-3,time:114,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:114,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B108~0%5D,as:%5B108~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tI6XeFC+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C11721%7C1181%7C1182%7C1183%7C119*.1352960-70224227%7C1191%7C11a1%7C11b1%7C11c1,idMap:119*,rmeas:1,rend:0,renddet:IMG.us,siq:24%7D&br=c Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT server nginx x-server-name dt12.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 0A67	43 B 215 B	93ms 93ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=ebe5f00f-2a08-6f56-a9f8-f609d451617a&tv=%7Bc:gt6LI3,pingTime:-6,time:115,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:115,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B109~0%5D,as:%5B109~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tI6XeFC+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C11721%7C1181%7C1182%7C1183%7C119*.1352960-70224227%7C1191%7C11a1%7C11b1%7C11c1,idMap:119*,rmeas:1,rend:0,renddet:IMG.us,siq:24%7D&tpiLookup=ao:pcloak.blob.core.windows.net*%2Cye-mek.net*&br=c Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT server nginx x-server-name dt10.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H/1.1	200 OK	e99aace94e6e58733936cdd965d03e75 Show response pv.medialead.de/trck/epv/ Frame 1A3D	0 366 B	125ms 72ms	Document application/javascript	145.239.193.130 OVH
General Check archive.org Show headers Download Go to Full URL https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=11604300080079704444550012365027&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d6c88edf11&subid=&uid=5a6bbf115a9b8c18&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9fs6eweXZIKnEb2NmLAPjdWG-A6m5b2gaYWVnKfJD_AuEAEgwLKCa2CV4pGCoAfIAQmpAjbE8JEfR7I-qAMByAObBKoE2QFP0OFgxl554VCllujyzqckTM1RzhghwCXqlMugupink9avzun4vtC1EUv0KP5mSjD4ATlO6pTADpnw3ihx-xzq1Fv0Nlc6U8_bQsFGaSBcKClbhUt5DhodF0Bt3it0JcPykHj1BJsybV5LDS0s4i_ljqfw8uEUcHxx_g0dikkpiLmqq9OkuSYUx1ul7mddMb6BCHspTShkbvdbEH3Htk8I058EWTFVP3dTz3oZO3yRxCKV85nS7ctJE4jnpLtUNmk9cFoOQUWs-xLMqVN2eY6Fg8ClFdKtz5KuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSbQBygQiDEMUeGIMyqjiBxK0RVzVRTBtM1JhQ13KtMONl9xzRmkEf8qu5HE_gGS8O6q6rA3lPnJkGQZ6Q5D5MSIieiD3ESKZF71fs0PD5jOnFe9niUoFviCyaepERJYApNrwxFRMPB5pOlEfDsHgYAQ%26sig%3DAOD64_0iWJDOdrmEX1zpQPhent2QyGdweg%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-D70RhzOk2EYmDjvLYeEbGDJPEEmpObijQXBcFJsSVNOj7a2WB_W51CMXpuWkM9s3UdLmJpFycgJh_rFllVd3f5Fq7yYlLnDR1q2904FJ9KQvYLWJSl9RtS-2DWd95D5SsEJwZvBfPBz9apAcczJQY3m0WVA0IscBWIJhrMpGvDrsKXE24%26cry%3D1%26dbm_d%3DAKAmf-CW__8_YOxFtjxOkGLFHc10eHuyfwLWSwj_rp94-6D1b8jlinVLqmXwXgNWZrh1uLY1LTNQuuy4STCrpW6SwYUN9kDb1TemRgwNrw50efakrUEaZX0FKxVod_auxMvSk7i750Ms1tg5_bkdUUBhxToWaGdFpJKGTZYV3XNrvM6Qiia2HYD9uno3t1w0xREy_HT_WCLqKhednlEECNTv7rrdXx632-G7w56CvAomCdp5ZSynBYga2N3KU2Po53CR8noR5uQHAWs7amAzOMfncT9FuYjD0xSK8RznX301CVlW4LMaHAQgV87rzj-mOlEl8aYMJKCAunRW_soco2xGMopKQ6Qcoqv1MZSOiOV_l1NdalVWIQfsvXSLZATO59Pmdu98ZbJhmx74d1ViJRnEIuSYxPMMjySVL54YpztKBikuLlCxNYy4LNXrqyBBezadkFb6NLXdu-U08tToVlAHhoGNgbQu84jgJsCbpB806v9ZnjtTuoSKvp27JKNigHxJRsijiOi7BQCLa1z0-PtdXG1ASEfPY-_StVuihXFDrHcjcZjDjp8%26adurl%3D&documentReferer=https%3A%2F%2Fye-mek.net%2F&ancestorOrigins=https%3A%2F%2Fye-mek.net%2Chttps%3A%2F%2Fpcloak.blob.core.windows.net&random=3989046750841&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 145.239.193.130 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.17.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Length 0 Content-Type application/javascript; charset=utf-8 Date Sat, 24 Jun 2023 15:10:52 GMT Host pv.medialead.de Keep-Alive timeout=20 Proxy-Host pv.medialead.de Server nginx/1.17.5 Strict-Transport-Security max-age=15768000 X-IPLB-Instance 40027 X-IPLB-Request-ID 50FF0ACA:D83C_91EFC182:01BB_6497077C_378DBAD:25BD2
GET H2	200	/ Show response adv.office-partner.de/ Frame 820A	930 B 931 B	59ms 10ms	Document text/html	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d6c88edf11&subid=&uid=5a6bbf115a9b8c18&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9fs6eweXZIKnEb2NmLAPjdWG-A6m5b2gaYWVnKfJD_AuEAEgwLKCa2CV4pGCoAfIAQmpAjbE8JEfR7I-qAMByAObBKoE2QFP0OFgxl554VCllujyzqckTM1RzhghwCXqlMugupink9avzun4vtC1EUv0KP5mSjD4ATlO6pTADpnw3ihx-xzq1Fv0Nlc6U8_bQsFGaSBcKClbhUt5DhodF0Bt3it0JcPykHj1BJsybV5LDS0s4i_ljqfw8uEUcHxx_g0dikkpiLmqq9OkuSYUx1ul7mddMb6BCHspTShkbvdbEH3Htk8I058EWTFVP3dTz3oZO3yRxCKV85nS7ctJE4jnpLtUNmk9cFoOQUWs-xLMqVN2eY6Fg8ClFdKtz5KuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSbQBygQiDEMUeGIMyqjiBxK0RVzVRTBtM1JhQ13KtMONl9xzRmkEf8qu5HE_gGS8O6q6rA3lPnJkGQZ6Q5D5MSIieiD3ESKZF71fs0PD5jOnFe9niUoFviCyaepERJYApNrwxFRMPB5pOlEfDsHgYAQ%26sig%3DAOD64_0iWJDOdrmEX1zpQPhent2QyGdweg%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-D70RhzOk2EYmDjvLYeEbGDJPEEmpObijQXBcFJsSVNOj7a2WB_W51CMXpuWkM9s3UdLmJpFycgJh_rFllVd3f5Fq7yYlLnDR1q2904FJ9KQvYLWJSl9RtS-2DWd95D5SsEJwZvBfPBz9apAcczJQY3m0WVA0IscBWIJhrMpGvDrsKXE24%26cry%3D1%26dbm_d%3DAKAmf-CW__8_YOxFtjxOkGLFHc10eHuyfwLWSwj_rp94-6D1b8jlinVLqmXwXgNWZrh1uLY1LTNQuuy4STCrpW6SwYUN9kDb1TemRgwNrw50efakrUEaZX0FKxVod_auxMvSk7i750Ms1tg5_bkdUUBhxToWaGdFpJKGTZYV3XNrvM6Qiia2HYD9uno3t1w0xREy_HT_WCLqKhednlEECNTv7rrdXx632-G7w56CvAomCdp5ZSynBYga2N3KU2Po53CR8noR5uQHAWs7amAzOMfncT9FuYjD0xSK8RznX301CVlW4LMaHAQgV87rzj-mOlEl8aYMJKCAunRW_soco2xGMopKQ6Qcoqv1MZSOiOV_l1NdalVWIQfsvXSLZATO59Pmdu98ZbJhmx74d1ViJRnEIuSYxPMMjySVL54YpztKBikuLlCxNYy4LNXrqyBBezadkFb6NLXdu-U08tToVlAHhoGNgbQu84jgJsCbpB806v9ZnjtTuoSKvp27JKNigHxJRsijiOi7BQCLa1z0-PtdXG1ASEfPY-_StVuihXFDrHcjcZjDjp8%26adurl%3D&documentReferer=https%3A%2F%2Fye-mek.net%2F&ancestorOrigins=https%3A%2F%2Fye-mek.net%2Chttps%3A%2F%2Fpcloak.blob.core.windows.net&random=3989046750841&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control max-age=604800 content-encoding gzip content-length 552 content-type text/html date Sat, 24 Jun 2023 15:10:52 GMT etag "3a2-5c1ab16b3be00-gzip" expires Sat, 01 Jul 2023 15:10:52 GMT last-modified Thu, 06 May 2021 15:37:28 GMT link <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical" server keycdn-engine vary Accept-Encoding x-accel-version 0.01 x-cache HIT x-edge-location defr
GET H/1.1	200 OK	e99aace94e6e58733936cdd965d03e75 Show response pv.medialead.de/trck/epv/ Frame 84F8	0 366 B	132ms 81ms	Script application/javascript	145.239.193.130 OVH
General Check archive.org Show headers Download Go to Full URL https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=11604300080079704444550012365027&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d6c88edf11&subid=&uid=5a6bbf115a9b8c18&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9fs6eweXZIKnEb2NmLAPjdWG-A6m5b2gaYWVnKfJD_AuEAEgwLKCa2CV4pGCoAfIAQmpAjbE8JEfR7I-qAMByAObBKoE2QFP0OFgxl554VCllujyzqckTM1RzhghwCXqlMugupink9avzun4vtC1EUv0KP5mSjD4ATlO6pTADpnw3ihx-xzq1Fv0Nlc6U8_bQsFGaSBcKClbhUt5DhodF0Bt3it0JcPykHj1BJsybV5LDS0s4i_ljqfw8uEUcHxx_g0dikkpiLmqq9OkuSYUx1ul7mddMb6BCHspTShkbvdbEH3Htk8I058EWTFVP3dTz3oZO3yRxCKV85nS7ctJE4jnpLtUNmk9cFoOQUWs-xLMqVN2eY6Fg8ClFdKtz5KuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSbQBygQiDEMUeGIMyqjiBxK0RVzVRTBtM1JhQ13KtMONl9xzRmkEf8qu5HE_gGS8O6q6rA3lPnJkGQZ6Q5D5MSIieiD3ESKZF71fs0PD5jOnFe9niUoFviCyaepERJYApNrwxFRMPB5pOlEfDsHgYAQ%26sig%3DAOD64_0iWJDOdrmEX1zpQPhent2QyGdweg%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-D70RhzOk2EYmDjvLYeEbGDJPEEmpObijQXBcFJsSVNOj7a2WB_W51CMXpuWkM9s3UdLmJpFycgJh_rFllVd3f5Fq7yYlLnDR1q2904FJ9KQvYLWJSl9RtS-2DWd95D5SsEJwZvBfPBz9apAcczJQY3m0WVA0IscBWIJhrMpGvDrsKXE24%26cry%3D1%26dbm_d%3DAKAmf-CW__8_YOxFtjxOkGLFHc10eHuyfwLWSwj_rp94-6D1b8jlinVLqmXwXgNWZrh1uLY1LTNQuuy4STCrpW6SwYUN9kDb1TemRgwNrw50efakrUEaZX0FKxVod_auxMvSk7i750Ms1tg5_bkdUUBhxToWaGdFpJKGTZYV3XNrvM6Qiia2HYD9uno3t1w0xREy_HT_WCLqKhednlEECNTv7rrdXx632-G7w56CvAomCdp5ZSynBYga2N3KU2Po53CR8noR5uQHAWs7amAzOMfncT9FuYjD0xSK8RznX301CVlW4LMaHAQgV87rzj-mOlEl8aYMJKCAunRW_soco2xGMopKQ6Qcoqv1MZSOiOV_l1NdalVWIQfsvXSLZATO59Pmdu98ZbJhmx74d1ViJRnEIuSYxPMMjySVL54YpztKBikuLlCxNYy4LNXrqyBBezadkFb6NLXdu-U08tToVlAHhoGNgbQu84jgJsCbpB806v9ZnjtTuoSKvp27JKNigHxJRsijiOi7BQCLa1z0-PtdXG1ASEfPY-_StVuihXFDrHcjcZjDjp8%26adurl%3D&documentReferer=https%3A%2F%2Fye-mek.net%2F&ancestorOrigins=https%3A%2F%2Fye-mek.net%2Chttps%3A%2F%2Fpcloak.blob.core.windows.net&random=3989046750841&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 145.239.193.130 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.17.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sat, 24 Jun 2023 15:10:52 GMT Strict-Transport-Security max-age=15768000 Server nginx/1.17.5 Host pv.medialead.de X-IPLB-Request-ID 50FF0ACA:D83A_91EFC182:01BB_6497077C_37D8893:1ECFB X-IPLB-Instance 40028 Content-Type application/javascript; charset=utf-8 Keep-Alive timeout=20 Content-Length 0 Proxy-Host pv.medialead.de
GET H/1.1	200 OK	e99aace94e6e58733936cdd965d03e75 pv.medialead.de/trck/eview/ Frame 84F8	43 B 382 B	123ms 73ms	Image image/gif	145.239.193.130 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=11604300080079704444550012365027&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d6c88edf11&subid=&uid=5a6bbf115a9b8c18&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9fs6eweXZIKnEb2NmLAPjdWG-A6m5b2gaYWVnKfJD_AuEAEgwLKCa2CV4pGCoAfIAQmpAjbE8JEfR7I-qAMByAObBKoE2QFP0OFgxl554VCllujyzqckTM1RzhghwCXqlMugupink9avzun4vtC1EUv0KP5mSjD4ATlO6pTADpnw3ihx-xzq1Fv0Nlc6U8_bQsFGaSBcKClbhUt5DhodF0Bt3it0JcPykHj1BJsybV5LDS0s4i_ljqfw8uEUcHxx_g0dikkpiLmqq9OkuSYUx1ul7mddMb6BCHspTShkbvdbEH3Htk8I058EWTFVP3dTz3oZO3yRxCKV85nS7ctJE4jnpLtUNmk9cFoOQUWs-xLMqVN2eY6Fg8ClFdKtz5KuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSbQBygQiDEMUeGIMyqjiBxK0RVzVRTBtM1JhQ13KtMONl9xzRmkEf8qu5HE_gGS8O6q6rA3lPnJkGQZ6Q5D5MSIieiD3ESKZF71fs0PD5jOnFe9niUoFviCyaepERJYApNrwxFRMPB5pOlEfDsHgYAQ%26sig%3DAOD64_0iWJDOdrmEX1zpQPhent2QyGdweg%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-D70RhzOk2EYmDjvLYeEbGDJPEEmpObijQXBcFJsSVNOj7a2WB_W51CMXpuWkM9s3UdLmJpFycgJh_rFllVd3f5Fq7yYlLnDR1q2904FJ9KQvYLWJSl9RtS-2DWd95D5SsEJwZvBfPBz9apAcczJQY3m0WVA0IscBWIJhrMpGvDrsKXE24%26cry%3D1%26dbm_d%3DAKAmf-CW__8_YOxFtjxOkGLFHc10eHuyfwLWSwj_rp94-6D1b8jlinVLqmXwXgNWZrh1uLY1LTNQuuy4STCrpW6SwYUN9kDb1TemRgwNrw50efakrUEaZX0FKxVod_auxMvSk7i750Ms1tg5_bkdUUBhxToWaGdFpJKGTZYV3XNrvM6Qiia2HYD9uno3t1w0xREy_HT_WCLqKhednlEECNTv7rrdXx632-G7w56CvAomCdp5ZSynBYga2N3KU2Po53CR8noR5uQHAWs7amAzOMfncT9FuYjD0xSK8RznX301CVlW4LMaHAQgV87rzj-mOlEl8aYMJKCAunRW_soco2xGMopKQ6Qcoqv1MZSOiOV_l1NdalVWIQfsvXSLZATO59Pmdu98ZbJhmx74d1ViJRnEIuSYxPMMjySVL54YpztKBikuLlCxNYy4LNXrqyBBezadkFb6NLXdu-U08tToVlAHhoGNgbQu84jgJsCbpB806v9ZnjtTuoSKvp27JKNigHxJRsijiOi7BQCLa1z0-PtdXG1ASEfPY-_StVuihXFDrHcjcZjDjp8%26adurl%3D&documentReferer=https%3A%2F%2Fye-mek.net%2F&ancestorOrigins=https%3A%2F%2Fye-mek.net%2Chttps%3A%2F%2Fpcloak.blob.core.windows.net&random=3989046750841&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 145.239.193.130 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.17.5 / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sat, 24 Jun 2023 15:10:52 GMT Strict-Transport-Security max-age=15768000 Server nginx/1.17.5 Host pv.medialead.de X-IPLB-Request-ID 50FF0ACA:D83E_91EFC182:01BB_6497077C_3783667:25BD1 X-IPLB-Instance 40027 Content-Type image/gif Keep-Alive timeout=20 Content-Length 43 Proxy-Host pv.medialead.de
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 84F8	43 B 702 B	163ms 97ms	Image image/gif	104.102.45.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=11604300080079704444550012365027&pv=1 Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=d6c88edf11&subid=&uid=5a6bbf115a9b8c18&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9fs6eweXZIKnEb2NmLAPjdWG-A6m5b2gaYWVnKfJD_AuEAEgwLKCa2CV4pGCoAfIAQmpAjbE8JEfR7I-qAMByAObBKoE2QFP0OFgxl554VCllujyzqckTM1RzhghwCXqlMugupink9avzun4vtC1EUv0KP5mSjD4ATlO6pTADpnw3ihx-xzq1Fv0Nlc6U8_bQsFGaSBcKClbhUt5DhodF0Bt3it0JcPykHj1BJsybV5LDS0s4i_ljqfw8uEUcHxx_g0dikkpiLmqq9OkuSYUx1ul7mddMb6BCHspTShkbvdbEH3Htk8I058EWTFVP3dTz3oZO3yRxCKV85nS7ctJE4jnpLtUNmk9cFoOQUWs-xLMqVN2eY6Fg8ClFdKtz5KuwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSbQBygQiDEMUeGIMyqjiBxK0RVzVRTBtM1JhQ13KtMONl9xzRmkEf8qu5HE_gGS8O6q6rA3lPnJkGQZ6Q5D5MSIieiD3ESKZF71fs0PD5jOnFe9niUoFviCyaepERJYApNrwxFRMPB5pOlEfDsHgYAQ%26sig%3DAOD64_0iWJDOdrmEX1zpQPhent2QyGdweg%26client%3Dca-pub-7983651257838282%26dbm_c%3DAKAmf-D70RhzOk2EYmDjvLYeEbGDJPEEmpObijQXBcFJsSVNOj7a2WB_W51CMXpuWkM9s3UdLmJpFycgJh_rFllVd3f5Fq7yYlLnDR1q2904FJ9KQvYLWJSl9RtS-2DWd95D5SsEJwZvBfPBz9apAcczJQY3m0WVA0IscBWIJhrMpGvDrsKXE24%26cry%3D1%26dbm_d%3DAKAmf-CW__8_YOxFtjxOkGLFHc10eHuyfwLWSwj_rp94-6D1b8jlinVLqmXwXgNWZrh1uLY1LTNQuuy4STCrpW6SwYUN9kDb1TemRgwNrw50efakrUEaZX0FKxVod_auxMvSk7i750Ms1tg5_bkdUUBhxToWaGdFpJKGTZYV3XNrvM6Qiia2HYD9uno3t1w0xREy_HT_WCLqKhednlEECNTv7rrdXx632-G7w56CvAomCdp5ZSynBYga2N3KU2Po53CR8noR5uQHAWs7amAzOMfncT9FuYjD0xSK8RznX301CVlW4LMaHAQgV87rzj-mOlEl8aYMJKCAunRW_soco2xGMopKQ6Qcoqv1MZSOiOV_l1NdalVWIQfsvXSLZATO59Pmdu98ZbJhmx74d1ViJRnEIuSYxPMMjySVL54YpztKBikuLlCxNYy4LNXrqyBBezadkFb6NLXdu-U08tToVlAHhoGNgbQu84jgJsCbpB806v9ZnjtTuoSKvp27JKNigHxJRsijiOi7BQCLa1z0-PtdXG1ASEfPY-_StVuihXFDrHcjcZjDjp8%26adurl%3D&documentReferer=https%3A%2F%2Fye-mek.net%2F&ancestorOrigins=https%3A%2F%2Fye-mek.net%2Chttps%3A%2F%2Fpcloak.blob.core.windows.net&random=3989046750841&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-102-45-165.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:52 GMT Strict-Transport-Security max-age=86400 Node Helix Content-Type image/gif P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 43 Expires 0
GET H2	200	dt dt.adsafeprotected.com/ Frame 0A67	43 B 215 B	94ms 94ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=ebe5f00f-2a08-6f56-a9f8-f609d451617a&tv=%7Bc:gt6LIn,pingTime:-2,time:135,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:715,beZ:716,mfA:718,cmA:719,inA:719,inZ:723,prA:723,prZ:734,si:738,poA:739,poZ:758,cmZ:758,mfZ:758,loA:830,loZ:832,ltA:849,ltZ:849%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:135,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B129~0%5D,as:%5B129~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tI6XeCW+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C11721%7C118.1352960-70224227%7C1181%7C1182%7C1183%7C119*.1352960-70224227%7C1191%7C11a1%7C11b1%7C11c1,idMap:119*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:24,sinceFw:110,readyFired:false%7D&br=c Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT server nginx x-server-name dt07.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame B06D	22 KB 8 KB	11ms 9ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 56313 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 23 Jun 2023 23:32:19 GMT expires Sat, 22 Jun 2024 23:32:19 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame B0FA	3 KB 1 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 16:34:51 GMT content-encoding br x-content-type-options nosniff age 81361 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 16:34:51 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame B0FA	19 KB 8 KB	14ms 8ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:11:55 GMT content-encoding br x-content-type-options nosniff age 71937 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8131 x-xss-protection 0 server cafe etag 7076601798724011321 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 19:11:55 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame B0FA	0 0	60ms 16ms	Image text/html	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDaRsNA4lARmbQnZocBtpbdjtpx5BI43UbfKMyqxuAReQddiei1WjyYAREzTzkl3g3uc-rNP8MrKIeX3D6SkZIGD9InA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B0FA	179 KB 56 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:52 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57242 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1687383875062185" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 24 Jun 2023 15:10:52 GMT
GET H2	200	html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 177F	172 KB 60 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Origin https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 13:52:35 GMT content-encoding gzip x-content-type-options nosniff age 4697 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61485 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:43:57 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 25 Jun 2023 13:52:35 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame 177F	11 KB 4 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rfw/bgd/1352960/70224227/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-AivqQPI5VKg9-wTaQPI9yV1G1b3TcvIfGGRr9_QJbmOQ3JuqnIyDv0n-abq4g0Bz9FcEGfvln4sv37fZNia41pyygKlnYTEFkWUb73h4C2f1Fb2qEHdGIs2mWaJ4RtQQxHcQvYRPEyBo9p0fZxQOSZs1hX4E7zgouoU3oMDT3uKqnUMdYSqRUAoCZ_4M7nqvs1oNrWie-cKDSsZc0mc53D1fze5iA9MDpACODzs6xW5-YUjrgBraWfDrT0Vn4YEKeqKJhwKCdphhBoEe5DL9aIu0YmgNehoEag5mzry7jC-_L1tciPFP8xRgjKyMosfAWVRsnNAda0BtzrzvzYx5nnupeAsqS4wmBWKP5No4-jZ4RV-RCPPjOVLhgoxDLZJ7UKNaTV9nPw8Nj2hE9bq9e8IMq4VJje_722J9FMDxF_-C3YgTc8wGzEVuMmIC8XA3Y0qjRFeH9Ol-ipz4ho6cE_aZeHuuEw6b5uZmmKvzaS5uI_lpwjBudwUMLSgmwXhYESJW7Em11VxlfmdU9eq52QYiEfX_u5x_parKb1Qg_3lTJsVxeirv074JWVeP-xRqsEim5A-azhZuQ_f5jZq_kxW8VV5g0KqbHDjQPc7cM1k-McjjNRQ2dTJdAgcKszeZ_aRprxrliKOPoRhKOQQSpkdB1Lq8iLH39_h7gfVoNH9qwFye8JbJ367MAWwnrlD2OLGxevubXWZ94VshqIdX1e2ANFcFN6Mg37puRbkjM5Vmuq6avTXq7Clc81nOQ0ncyKc6Mei-X93_atdNImhJ92uMddFEcoN0xzV535Ax563NFOTSfMcl0Qx9p7qJgdjcV4xNyeme_ImZngdudS1--VOT46Xxpu5nKGQeJW7nHYly6SC8n-8jHXlLL9-jN9Kn6Bpmw0Np_wPlS5w_2hFLcrGYfa28ktan70vzHBZOt-7QlK3TR1j5uxsT1U5gOYGD9viYzuotgCKoIWpYLeiqOIzt3CGkq2zG_iuPwQ9YFtZizSLECwXLseDnImPp_qzP1ArJhuKmVazNJusVD3-z7jdVW38KiPLB9N7krzQyzt6NAzdrGV0zshHqTAC8M13ymW9WR86_7AvzywAozV935GkabouSJTKF-ND00fhs4bNDE53QO_0D3V2j48YpvghW6Z8iD5XKjBdp-RK04wi4aWC5wha8VtUyEbx6usXd5VBzm-My0FJlar5-qFwaONtYN__wBof_KJfT6gjVpkefHy6REqQ8lzJVgejTKhOOl34PNei9p3uTLvNEN-_24_XkUk-nFbrzFqwwrEUcyIy4kl6Bh_mBOtf75nu4Juqk7JrHxJmNZwQaU-VFPkE1xzmgaqMnkLlmWJ4m6Jf1qd1b9xLyBm3u2U_h8Mpt-AB9VqmR0NIeOaJ5M8W7tuMv2GAK5T-TKDi2UHbMfcVUnu9AdKuVD0dHxwJy2j1GnMazWTCCeLiodkW88hU55muZj--wwFz-lhPKXFIji-2-d6Bri347NAtISdar6jrksMxY-WDq09wFSnjSIwglzffTzdgrSEOW7bIvYIBtnTsSEgQN4owPt3z6h8bkWA8har2XUK1yXXc7WS8tMhMNbZGmy2cVcghrRELw_EcXa3UDtgJ5dDvTC6V9QWQjJiumm--b8Y9EjALleUtOcUuYn9VMIJYKUQcoYr57Odfg64nFMd5gv_ZRFr3zJ6ETwnf1CzYsDyPnar-go4KRxd8yKre9XXtqBabnkUBgKIhA5wov_pbipflK9A6N9tmijOcr9D_1EmkYXX-nbKW762Ndrv3u5n9PbtRGe93-SSSXV2cqEfzXBlP5zXuQ0x-GDjoiAk5m6COomIfw81K9Mq7KdCCEwjHSysa8VuviSguUaJaucKGb2ylA4jevEKnJgOrb3tQ7AheWzLGa4x-MaJ8RqKobUgBkO9Z3NaEAktl2GKr-BTkywKCbcVcn8eJO3SBcbAEpXtxOKWnkGvITSJ1etc8O21oTuU0vG2Q2mISbelNbfIpv2ZQFji1NJoZPNlYGlLojeryHGu5sXa0Pbod3i9D1CQttRHmBlpBrrYMfTdd6PJ6aeqY8VtVwXdDNeShdZf0k4akaWvJ_EodBqFNlY7-fqCPY0JgYs9NVWd7AT0eRYrWFbJG4sewKA2XgChzHcvJ7mY0LSAHUDGhPk9z-HP34k6BSahp6fjAiRCnXECCgXJo1ffOO2LT-cKJgYqUKCFLn859kAx76AkPsVurR5k3ZRfT6j3bA6qBRVaRDen3HBwIm_21yveUP4jrkUrbkGBZYFMPnj_AGT_VyAAnfZlwSJg5-OHyO3aKrQRaaFkr8Ona_AsO0zN5MizFhq5v4-GbCSuC1UESc0N6A4AUxuIKelTYkop_NY_CKO9iDSqxUtP0ZYEKihjqWBOGWqzTCsYQBAxecM8iGZnjvO5LvdklDyK_KWW62bCWi7slAOugiz8mk77SNLG3U0lr8HHtftQYOVhxXe3MZ5T0jLBXF6qgb-kVV6XgWZX76KVv6fr-ZTrSfAXpJ0Ds3xn4c-Hxmy4Sl1sUs2AytsEJpSoMzp2AWwI43glKP9ybiK1MF3MX3kEb_haukrPvLAYz3MAElBOQshEFZrIIc0GPvYZbmE6c8FPue4JHsNOfbshhv-PxFeZZpRR-2mK8F1SishBdN9qlQ53Bjlsw8aemtF4mNo496IoHFKgai6D2J4UU7Wzxnyqxp2RDZUi6DcfbzoK4jsHFcMIIZnUxrycQPq_5_cxOump1v9agV6r3_Mq-u1uGsh8qpD3F_QlHQ9QtO7x_Ze96xGl6_R171t-Uua6d7I5cG6Cdy66rPTAy3Lt2__WiipBwY-3GL0A_4P4r1CnSQb6obmhDnnMgFj0kROFB8mK5RLIfETX74Csh62nTtuXk5shvQ7wy-BpcDif89gbDeSoi3RFCIInliSzq-Yw8C69jKSHAt7BtsG8aLIjR7HARb1DsrjFFnFrlV7LUKZnn9hlKQsfgZ5J5X8ZG0BKgkx0Cn_CahqN9utsrNVlJ6HqfRl3Ui8NLC-VjfmjlaYP_80oNwqnatgyzfJIOFrwOQUXgKXApUYfP6zT5ck8GHeX0RFJ82FkMoMGW8hoCDh9AVK18AJ5-fNL7HtvbvOQ2z2x3gZJGio7FVBuRIqoNGJC76V6dRXzzFp0RK7kz2ZTGFLyHyRx4ZicWKl9HnUK7307E5sGswRwduKEBGDDEifUvuBqJpbzalGOYag4vuX7_e0Z0CH_w4rFuSlOJA5J2_aBn0zZyxvA1JJ0rFzGYQUQ6VAyj0F2Rv7GGI7ha1RAtNF5o0e10BalIwB6T_d_i5cQ1DREfSu9YEbF9Yg-LAfKJr9EKW3MkvvtmNJGY0phcYHkPOcwnwevdRxh2VFh5f1ktZ4Yns_S_U4nutfwKYqwmeNi3AwGUR0LhUAZa36mezTwmrr0LvXzjnCUgWZdTcCKB6sLvWBHwtNQqqvrQiFgO0etOwZgUOqTIoEqLl7D1DR2p33bH2Y2xEPG411l0xHLjY5JHku-eG_CiK9wL6dQY8steVLpONd9q3odTVfmXWShdP55VICvm-iy84ZswA-kzMKP-kHDFronuQdj4jFyO2xj324zg839CXXYBUL8_ohSwSh1Y58QsWqnBJL7sUf179qaTU9ST-_qnlZC1bbIeQcMRmPPMptkkyag1x_-9Gp9XCxst3Ekhu0vWwdUHy64a4TlUn-cYM0MhwwURRmxM7rmA0X2sqeWWRtzH4Er_2C9jFpnMKgNfK7cY5y1UVENXBM4SrFepNV6eBjgrQTFd-mv3H45S40i_07QnPqnAK6gxnxkKBpzCAQSbQBygQiDg-wr4CTft0WWBkb6lK9qvkCvtkXEZRd5tm7OdkNGIbG42UdNMHOJm3pApSFRnip7ipsXFqITjSRO_1owZMiupIf5OkV1VWtz87Eswef9Rb_x1lDGih4MT6RiF9owA_FGLkR3ltWydDoYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782081104&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gy-pacOXyuEf-Mi_tWlDdU&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fe3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fe3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:315ff81f-3483-8faf-ac1d-43f4ca54c81e,c:gt6LDP,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-664b4f8f74-dgvgl,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tI6XeCW+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C1172%7C118*.1352960-70224227%7C1181%7C1191%7C11a1%7C11b1%7C11c,idMap:118*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:20,oid:4efcaa01-12a1-11ee-934d-22fdcad9fd18,v:19.8.421,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:19:34 GMT content-encoding br x-content-type-options nosniff age 71478 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4172 x-xss-protection 0 server cafe etag 5499578052516643378 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 19:19:34 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 177F	30 KB 11 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rfw/bgd/1352960/70224227/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-AivqQPI5VKg9-wTaQPI9yV1G1b3TcvIfGGRr9_QJbmOQ3JuqnIyDv0n-abq4g0Bz9FcEGfvln4sv37fZNia41pyygKlnYTEFkWUb73h4C2f1Fb2qEHdGIs2mWaJ4RtQQxHcQvYRPEyBo9p0fZxQOSZs1hX4E7zgouoU3oMDT3uKqnUMdYSqRUAoCZ_4M7nqvs1oNrWie-cKDSsZc0mc53D1fze5iA9MDpACODzs6xW5-YUjrgBraWfDrT0Vn4YEKeqKJhwKCdphhBoEe5DL9aIu0YmgNehoEag5mzry7jC-_L1tciPFP8xRgjKyMosfAWVRsnNAda0BtzrzvzYx5nnupeAsqS4wmBWKP5No4-jZ4RV-RCPPjOVLhgoxDLZJ7UKNaTV9nPw8Nj2hE9bq9e8IMq4VJje_722J9FMDxF_-C3YgTc8wGzEVuMmIC8XA3Y0qjRFeH9Ol-ipz4ho6cE_aZeHuuEw6b5uZmmKvzaS5uI_lpwjBudwUMLSgmwXhYESJW7Em11VxlfmdU9eq52QYiEfX_u5x_parKb1Qg_3lTJsVxeirv074JWVeP-xRqsEim5A-azhZuQ_f5jZq_kxW8VV5g0KqbHDjQPc7cM1k-McjjNRQ2dTJdAgcKszeZ_aRprxrliKOPoRhKOQQSpkdB1Lq8iLH39_h7gfVoNH9qwFye8JbJ367MAWwnrlD2OLGxevubXWZ94VshqIdX1e2ANFcFN6Mg37puRbkjM5Vmuq6avTXq7Clc81nOQ0ncyKc6Mei-X93_atdNImhJ92uMddFEcoN0xzV535Ax563NFOTSfMcl0Qx9p7qJgdjcV4xNyeme_ImZngdudS1--VOT46Xxpu5nKGQeJW7nHYly6SC8n-8jHXlLL9-jN9Kn6Bpmw0Np_wPlS5w_2hFLcrGYfa28ktan70vzHBZOt-7QlK3TR1j5uxsT1U5gOYGD9viYzuotgCKoIWpYLeiqOIzt3CGkq2zG_iuPwQ9YFtZizSLECwXLseDnImPp_qzP1ArJhuKmVazNJusVD3-z7jdVW38KiPLB9N7krzQyzt6NAzdrGV0zshHqTAC8M13ymW9WR86_7AvzywAozV935GkabouSJTKF-ND00fhs4bNDE53QO_0D3V2j48YpvghW6Z8iD5XKjBdp-RK04wi4aWC5wha8VtUyEbx6usXd5VBzm-My0FJlar5-qFwaONtYN__wBof_KJfT6gjVpkefHy6REqQ8lzJVgejTKhOOl34PNei9p3uTLvNEN-_24_XkUk-nFbrzFqwwrEUcyIy4kl6Bh_mBOtf75nu4Juqk7JrHxJmNZwQaU-VFPkE1xzmgaqMnkLlmWJ4m6Jf1qd1b9xLyBm3u2U_h8Mpt-AB9VqmR0NIeOaJ5M8W7tuMv2GAK5T-TKDi2UHbMfcVUnu9AdKuVD0dHxwJy2j1GnMazWTCCeLiodkW88hU55muZj--wwFz-lhPKXFIji-2-d6Bri347NAtISdar6jrksMxY-WDq09wFSnjSIwglzffTzdgrSEOW7bIvYIBtnTsSEgQN4owPt3z6h8bkWA8har2XUK1yXXc7WS8tMhMNbZGmy2cVcghrRELw_EcXa3UDtgJ5dDvTC6V9QWQjJiumm--b8Y9EjALleUtOcUuYn9VMIJYKUQcoYr57Odfg64nFMd5gv_ZRFr3zJ6ETwnf1CzYsDyPnar-go4KRxd8yKre9XXtqBabnkUBgKIhA5wov_pbipflK9A6N9tmijOcr9D_1EmkYXX-nbKW762Ndrv3u5n9PbtRGe93-SSSXV2cqEfzXBlP5zXuQ0x-GDjoiAk5m6COomIfw81K9Mq7KdCCEwjHSysa8VuviSguUaJaucKGb2ylA4jevEKnJgOrb3tQ7AheWzLGa4x-MaJ8RqKobUgBkO9Z3NaEAktl2GKr-BTkywKCbcVcn8eJO3SBcbAEpXtxOKWnkGvITSJ1etc8O21oTuU0vG2Q2mISbelNbfIpv2ZQFji1NJoZPNlYGlLojeryHGu5sXa0Pbod3i9D1CQttRHmBlpBrrYMfTdd6PJ6aeqY8VtVwXdDNeShdZf0k4akaWvJ_EodBqFNlY7-fqCPY0JgYs9NVWd7AT0eRYrWFbJG4sewKA2XgChzHcvJ7mY0LSAHUDGhPk9z-HP34k6BSahp6fjAiRCnXECCgXJo1ffOO2LT-cKJgYqUKCFLn859kAx76AkPsVurR5k3ZRfT6j3bA6qBRVaRDen3HBwIm_21yveUP4jrkUrbkGBZYFMPnj_AGT_VyAAnfZlwSJg5-OHyO3aKrQRaaFkr8Ona_AsO0zN5MizFhq5v4-GbCSuC1UESc0N6A4AUxuIKelTYkop_NY_CKO9iDSqxUtP0ZYEKihjqWBOGWqzTCsYQBAxecM8iGZnjvO5LvdklDyK_KWW62bCWi7slAOugiz8mk77SNLG3U0lr8HHtftQYOVhxXe3MZ5T0jLBXF6qgb-kVV6XgWZX76KVv6fr-ZTrSfAXpJ0Ds3xn4c-Hxmy4Sl1sUs2AytsEJpSoMzp2AWwI43glKP9ybiK1MF3MX3kEb_haukrPvLAYz3MAElBOQshEFZrIIc0GPvYZbmE6c8FPue4JHsNOfbshhv-PxFeZZpRR-2mK8F1SishBdN9qlQ53Bjlsw8aemtF4mNo496IoHFKgai6D2J4UU7Wzxnyqxp2RDZUi6DcfbzoK4jsHFcMIIZnUxrycQPq_5_cxOump1v9agV6r3_Mq-u1uGsh8qpD3F_QlHQ9QtO7x_Ze96xGl6_R171t-Uua6d7I5cG6Cdy66rPTAy3Lt2__WiipBwY-3GL0A_4P4r1CnSQb6obmhDnnMgFj0kROFB8mK5RLIfETX74Csh62nTtuXk5shvQ7wy-BpcDif89gbDeSoi3RFCIInliSzq-Yw8C69jKSHAt7BtsG8aLIjR7HARb1DsrjFFnFrlV7LUKZnn9hlKQsfgZ5J5X8ZG0BKgkx0Cn_CahqN9utsrNVlJ6HqfRl3Ui8NLC-VjfmjlaYP_80oNwqnatgyzfJIOFrwOQUXgKXApUYfP6zT5ck8GHeX0RFJ82FkMoMGW8hoCDh9AVK18AJ5-fNL7HtvbvOQ2z2x3gZJGio7FVBuRIqoNGJC76V6dRXzzFp0RK7kz2ZTGFLyHyRx4ZicWKl9HnUK7307E5sGswRwduKEBGDDEifUvuBqJpbzalGOYag4vuX7_e0Z0CH_w4rFuSlOJA5J2_aBn0zZyxvA1JJ0rFzGYQUQ6VAyj0F2Rv7GGI7ha1RAtNF5o0e10BalIwB6T_d_i5cQ1DREfSu9YEbF9Yg-LAfKJr9EKW3MkvvtmNJGY0phcYHkPOcwnwevdRxh2VFh5f1ktZ4Yns_S_U4nutfwKYqwmeNi3AwGUR0LhUAZa36mezTwmrr0LvXzjnCUgWZdTcCKB6sLvWBHwtNQqqvrQiFgO0etOwZgUOqTIoEqLl7D1DR2p33bH2Y2xEPG411l0xHLjY5JHku-eG_CiK9wL6dQY8steVLpONd9q3odTVfmXWShdP55VICvm-iy84ZswA-kzMKP-kHDFronuQdj4jFyO2xj324zg839CXXYBUL8_ohSwSh1Y58QsWqnBJL7sUf179qaTU9ST-_qnlZC1bbIeQcMRmPPMptkkyag1x_-9Gp9XCxst3Ekhu0vWwdUHy64a4TlUn-cYM0MhwwURRmxM7rmA0X2sqeWWRtzH4Er_2C9jFpnMKgNfK7cY5y1UVENXBM4SrFepNV6eBjgrQTFd-mv3H45S40i_07QnPqnAK6gxnxkKBpzCAQSbQBygQiDg-wr4CTft0WWBkb6lK9qvkCvtkXEZRd5tm7OdkNGIbG42UdNMHOJm3pApSFRnip7ipsXFqITjSRO_1owZMiupIf5OkV1VWtz87Eswef9Rb_x1lDGih4MT6RiF9owA_FGLkR3ltWydDoYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782081104&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gy-pacOXyuEf-Mi_tWlDdU&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fe3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fe3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:315ff81f-3483-8faf-ac1d-43f4ca54c81e,c:gt6LDP,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-664b4f8f74-dgvgl,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tI6XeCW+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C1172%7C118*.1352960-70224227%7C1181%7C1191%7C11a1%7C11b1%7C11c,idMap:118*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:20,oid:4efcaa01-12a1-11ee-934d-22fdcad9fd18,v:19.8.421,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:21:16 GMT content-encoding br x-content-type-options nosniff age 71376 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11398 x-xss-protection 0 server cafe etag 3934322099733601226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 19:21:16 GMT
GET H2	200	dr Show response as.ad4m.at/ad/ Frame F0CA	2 KB 2 KB	60ms 29ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/dr?ed=1ht9xfs9ewh3rvhjx1q4c1rfev94s5311kb9g6wx37wvm25rvz57sezy0g11afvv634rbw3xdwm435t6by34wens6br2k8ayktpmgmhcy7zcykhvj8wcy42030d2j8grscwqd54gespetskkacxpvq1fzxzc2raw2aq9ps3hdesfxqnd859jtq4php0perp8tpw0atsevwwdpxdyh1cn6gmshx7qg09a86hwhx1a99ydmq6drz1ejj6kan2y8md6bcgfacbjxgsqz02jdnctn6bdzr7jkdptkksy4sgnrek79dep4kdcxf8868b55a2gdd8wgspe9v7mnt80w1wb95wa41p6k09sdb9hc3h4nry9g995w5mqxa6dw4fnnrytdhm33ntdma6yxsxz8nxnbq3m9b787cjb1n7pvnqjjbafwtw6mcmrdygf56bcxph6y30hs63kt8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%26client%3Dca-pub-6593523210010154%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1785d05c7bf9d441582fefbc55b3ed41b3fcd4e8b54b67e172093689f9522a0 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7dc5e66a8cba18e2-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:52 GMT expires 0 feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 3D19	1 KB 643 B	7ms 7ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 6702 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 13:19:10 GMT etag 48472445140208031 expires Sun, 25 Jun 2023 13:19:10 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response pagead2.googlesyndication.com/bg/ Frame 8D8E	38 KB 14 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 19:10:38 GMT content-encoding br x-content-type-options nosniff age 158414 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14804 x-xss-protection 0 last-modified Mon, 19 Jun 2023 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 21 Jun 2024 19:10:38 GMT
GET DATA	200 OK	truncated / Frame 177F	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5eb3f254e32a7ee3180cc4b249d937b3c6f5b314c543f22972f3a5cb244b53e5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/png
GET H2	200	4a.js Show response static.adsafeprotected.com/ Frame D03E Redirect Chain https://fw.adsafeprotected.com/rfw/st/1484055/72040524/4.js?ias_dspID=64&adContainerId=brand_safety_fAeXZOrbCYqRjuwP7da76AY&cbFunctionName=goog_wrapCb_fAeXZOrbCYqRjuwP7da76AY&true_pb=&adsafe_pb=htt... https://static.adsafeprotected.com/4a.js	2 KB 2 KB	22ms 21ms	Script application/javascript	2600:9000:2450:cc00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/4a.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Server 2600:9000:2450:cc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Tue, 20 Jun 2023 17:21:31 GMT x-amz-version-id 6WocTuTK89qveTBkoZ2Yz1Xyh4dBYRY0 content-encoding gzip via 1.1 b07ca4a88c1a9f9cf09555efc7865098.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P4 age 337762 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status PENDING last-modified Tue, 20 Jun 2023 17:21:29 GMT server AmazonS3 etag W/"589d8955c4906ab1b8e63a2f92d932d3" vary Accept-Encoding content-type application/javascript cache-control max-age=604800 x-amz-cf-id IieHF2666A9_O7lLdJTMgwKTQqI56LOcSVg54agK_uWJBHHGt3F8aw== Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT server nginx x-server-name app06.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/4a.js cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame 8799	91 KB 23 KB	19ms 19ms	Script application/javascript	2600:9000:2450:cc00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2450:cc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 26 May 2023 01:06:44 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 b07ca4a88c1a9f9cf09555efc7865098.cloudfront.net (CloudFront) x-amz-cf-pop CDG50-P4 age 2556249 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id FR2K6G9svvUF0wOrd4McFli0bglm36_wQVdzfg-dDcrROaZQMzK4uw==
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 820A	113 KB 44 KB	18ms 17ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF Requested by Host: adv.office-partner.de URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash cfb314d9be32dd965af88ca6b2794d68dee3c92dfa9faec777656b55c937ed22 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:52 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 44490 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 24 Jun 2023 15:10:52 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 752E	22 KB 8 KB	9ms 7ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 56313 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 23 Jun 2023 23:32:19 GMT expires Sat, 22 Jun 2024 23:32:19 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	dvtp_src.js Show response cdn.doubleverify.com/ Frame D03E	8 KB 4 KB	84ms 13ms	Script application/javascript	2a02:26f0:480:9::210:ee04 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvtp_src.js?ctx=20309721&cmp=29968277&sid=3288807&plc=367565023&num=&adid=&advid=4309118&adsrv=1&btreg=558488166&btadsrv=doubleclick&crt=192207036&gdpr=&gdpr_consent=&tagtype=&dvtagver=6.1.src Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:9::210:ee04 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 0746b21cfaae0aeba1fe18ef923cf659a3d82203c4f9368f6c3c10e82eefcffb Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sat, 24 Jun 2023 15:10:52 GMT Content-Encoding gzip Last-Modified Wed, 21 Jun 2023 08:32:27 GMT Server UploadServer ETag "94707cfe9b8ec381b248dabc78be09a3" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers * Cache-Control max-age=900 Connection keep-alive Accept-Ranges bytes Content-Length 3397 Expires Wed, 21 Jun 2023 08:47:51 GMT
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/16829948873192997814/ Frame 2050	14 KB 3 KB	34ms 16ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=b7WgNZKfhB&t=1&renderingType=2&ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e8cd9f7f932e502b97e7ebd1194ba28e4b5a441b6100a07a09a6c02f102c8b55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 3050 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:52 GMT expires Sun, 23 Jun 2024 15:10:52 GMT last-modified Fri, 12 May 2023 09:19:58 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame D03E	0 0	127ms 66ms	Fetch image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5kyWwOaVFH2dFnuCLQ2lTw2GJ_OUQ2l5KfF4rA5eU9bT6tz8CRsH_Lauy2b4EC5e0Jq29XOcglyu2uouBUJOryb0cdsSq4SBvrGTkSY_2GPFZ79m2oR5ZJL3Y5n3ka2U73RWBtrnX0EbmvqqmqpU1gv_fun4XFfdfmI1YTgtG-l80ef5zl15Gn_-Jv0FOdWaBK9kidDOcysx70KI2qnB4cSXKEfal-FS3qZQzOQKo_7ERgulZrjzrhocTEiqAJlxv5A2XUisqU2ncVTxY20eOE56IBwe5mPBiyn1mpBUT9bIrdOt6hS1G-7Lpk0sRykmESgzfrrlpKwb3V8GHZGY8o_8D6s58FY3MS-Dg5LIP8peC7WT44irHrR0DarCQn8N2JBc_8QdRnO8mlHHZ9xJnihF6En_r-b8i_Jy-_-GsBio-P8FC27D_fesBO4iuCgv-zkL04823e4hlqM4YDiaL9auACqaAVjRBwkpI9MsEfggzRSTBWdQTEqceWCtJxzMIiWZMhh7yEUXugo-ZukxfZpkMZ066_FH1MB2-ozDxcGSHLaZW7zGeLtoz_MPlnewfzQQn7BKnBXWL4YC64QSz1HOG6ecBal8eEjIBGn7sdF8FaQsr1DqTXX9uX57pts2J_FooQ0NNBiaO2cs4XB_WT-FVSlVXSUjPgFQbkqvN_6aB3Ft7YQHuxGAu9mtSYfX3DChisup9cJdFGHVaIHW2Bq7DfALWQWvGPik-Nrr0gzoBvToxpWqKQEhjojHQq-KUTIpXkCN3PrW9DIs8dgsGIKlApLO-4sD583s7w_E-lONbmXkwhZFAUcDwe0MC4LLIuRO3k1bd9n55w0wQQpAW6k5U_GvPt33Ov3YaodAkS9b7tnTyVMHaMvaHD1TsFKOmgTWCG23F3LLfj14SGy5qoo1XvEI7e4VA3RHh6LOljjsiI8dSoY9OPRe88BkFBIKHnQ_zrMzpUHVHdrP5c07jLuunGUBt5pQEef9cmtX1a-0wYDmtsSPB6v2JqnHcuC4xzf4ucmTAuX8q1bvcUhYIw_f5JzzhjCynXVgBNTki-hUsK2kq4o0AhnrXz3LuCCwVSwX6a6wF9oCPXSceED_kroLDmd_KPLD69BfjPufc1j9K8iJrMTryYq-6V3vfqgXEychyAFRsAhl-PdO9M4kobRgc6bU5PmLJJFlzyrLlyRMW14PbfmariO5-oAFmcPr1WzhyOxCGwdHzLddFe4j7hj7JkNB3VuGfUNye8eBoaIKHMc-bvwhSZwiC5Nt7AjkQTRJWQVPM4LthCP-viwaAQPmKn2xByxZ1bIw5ThHO&sai=AMfl-YS-us-YvNPLVxcEnMRDiaFrqCDSUulibyumtNtdFYU6y-7ikZVyuXI8WmfZkyWhJdSZ8sNS_Tr9ftyNB7kk3gko65HRJ0MALSqG-q65WGcaq-VwtDFxJLGY3JopGy-heKZDZ8X8SwF6k1G2lcG0leRQlYhHOXijph46P1jhJoKtqEVmosT8ZXSHd051r_b1DuWUqQGz0Y0lf87OsjUnyDvizz4DYeLo_Yjc5AVanBU2tyBZX8SqH7PKKUXVb_0MOvGqgWkuHmkSmgYfS_qfaSkjS_tXyEvvjWDEVED_zwJXkEgqWBCf48eMRO6etHe9WcMZZWlxU8o4HnULlQIkofod6o3k0puaRrhwl35BGo9TL4Bfz2lp-FwSeU4h&sig=Cg0ArKJSzAuaz2BCRlceEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=367&cbvp=1&cstd=357&cisv=r20230620.97295&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sat, 24 Jun 2023 15:10:52 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Sat, 24 Jun 2023 15:10:52 GMT
GET H3	200	html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 0A67	172 KB 60 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Origin https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 13:52:35 GMT content-encoding gzip x-content-type-options nosniff age 4697 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61485 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:43:57 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 25 Jun 2023 13:52:35 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame 0A67	11 KB 4 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rfw/bgd/1352960/70224227/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-CDcGVXmqxeoUalaDnV0d5SBPdG3sGXbHYj23Dm5gV7WIxwuQUnBxxF_0LfPRJLaeSnzOUgn3iP0vKX3RhjIxLmQnsbIDh-BCw5J9Qsr7uQYmB8rEd6hVl-6YVBiZge8R166jIEao413gwuc1JtiYdW4rfcnwGcW8YVwuVstzmbq1Ut67ESqRUAoCZ_4Bn2sgsDL4Hkbpr9S1PevmFKhE3-gWhuAIiutft17ytdsci3Wpk4yHmHtu0RtU58N5mhHZuyawZIwccVw0jCuRfC-XnPBZEiKvtYnskBqbXT3VKAbKY89NDzHcHZXE40WAy0rkOxp6T-A_brpB5f8-7ElRTvEP1w3ZzB2D96LYAAPakY2oFldmT5e6aHtNtqR2hgQNcdj-FtjGAw3rQ9JMFRDvLUhCMWEBYJ5EQRA5BDojguiq7-YYzoa5skIQ_XEdSNu76Td950x7dTuP9fdfQYIxvLdx0izw_VGrikPqoV3KApB7zbL0iapvaZOtkpV-qyt0yInkOEdPQfEGXRs4LVporx-aeHxDoCiYO3kmcv-0QkgKyrEkRHuDxPGcztzK4RCFPFdVf4Pgtt5sjp7lMzWUkAJEhH5fKzSTMkMGjdbNpmq_jQYjT5NBcutP7avF-tA-RfWgIvIB07vN3Ag2U19jytDLbw6Tr-Sxygezj4bniIXrBWmbgMoCgikvMH36Iy9FRJs4QYc2O01DB7tkQO4bRNHSTdNXvoRKSQPb5hYs4e1Xu2G428MxU02zEV_nWSpRhyA1Mp805TQ17mJTAEWYvJLDJId3BbQrK-y24nRVDhTrDDhBRws42moAWQMASCozsQQWnVTZti8o7jeUrI7sbaUu9xbr44-qAZAI4QVeuefqJr-N6--BHB69qCYC_IWAzfrMo5fU-cm0aROax01Bj-V8YoO3izXuJ6Jt4OLMQFMcM3jP9l_83eG5K24wOqsoiAl1IJM1QwuUB-Oj_TyxgynLBMAE000WXqSG9r8VBNTUCOrflKy7UFOodxUVy3tD7f4VEGU3tx6-6WswGJX_BpfIgQ-aj-x7qTh6vvHhNnR1w9pS34dtvScp189uPJwayrqnX0EQjOHAGUbo3rjYu286WmRlE74E5x9luvm6xkh28-YXgmWVmZnUbg_GFSMDxbawXyyddHtOmog7-9FQfYQYHW7pbXZMHum9vEMzEKKjdNdvRED7vz2DMFMAHUm7-KxXbLtspFHjDZ3vR3R94NdLsC3sTdqnxxOox0yP5wnlOOOGUtaRL_waBizMDDhfN1dqlm1f-Xe1u_4VUhgyhS41etznZPC36eRhSjg9dmSvOb7-dgedppracyxSP55VrzPAe_0e6VZ965jiawzL9GqAO1wNTzjVfeBCIqc-VaOrS88B0YA5YN6N3JZe_suhIJ7OEFqufQl4igCyElS-61yn-tc2KOKW428tnVnvWoShRvNBqdccRKSKHwh5RNWGQeZG7hWlVdvMJWgh3DiXkNgvlZ2wCw5ZSDsg1XGZrH3mU7ZcZprMxa-Y6RN05LRxqaSK6XF-tIfsURU8wMM-CvWkNw98an2WRiFJ8Ak6hDCRAQ3GRXxgss_6MHIiRuDBb5Z-iZ6ahnjxREpfN3iegZV-IN33Hth7bkjsh3Yr9TYTMCX9bvlYzPawSNgsewQcqe9qOi5buztWjT7fD3debt0RuVvPRusxl6BxFzNv8Qq5nNYWb-4bPY--6tI9H9bb0RT21Jo0zZ6YrEtYmY7uwGjsDdJaUlu3tV93SaQGVXA9E70aIERJ6QJdeDfbPedeP_yE1DcPUyQyH5C1aocETs6uwqPbQ1-Yl39QO7FaBmNTVpWHfWqlNPc4sPbnxfbubpd1pgKXq0JNYu3MFIjUzPm2SBqRNiPqJfqMikt2jtsrC0RMV7fMe9E-imXIuSgFCMrrMfbc-QMqUqR8vyI-PjRQzS9iwCQHc7VjdEWpuoc7cEm3JreBMvyICGAWn4rU8bMmUF9TDLsmfIfqkhTe6_IGoUUtzbL-MCcRBLwUzFimqFQhKoXSpGnY_0YbPjhf8Qv5JRXT_yC-HjW8bEi62p4BM9q3M_XC18WOHkvHYzqJgmLlS7vV5euodyJMIrf6QH91B4DY1qNaZoa6d8WQ7V3AVvjyJFAR2f-9wRJLL8QoqMtiqkt4cY-NQoVZPuD02aQtx0pGI9DdHZffxVWxs1BtVphlzPbzIJ13lfDk1dTMc_kMZmGqL4ZzDdnRbPWcl-kWm06ODwpv93c-ImcpzIIQ_m_3TO9CF2ok-jXN-pqhtreySNmxIAu94qDKBRpim5hw8-2lxfsJRtN4Jc7-PWxO9TdufsjYe1oGo5VG78kKykUCzfd469-4eTNOlHY4ccFrEsgVGnUlME0zreCz1YKPF8X5ZbosYKhdCH6-lR4z7zperZlVeIgdBPOf273LXmPM-QcG8MvsSDQHRqaBNdKUkNL8WHxPrfwfgKTZE-kDUa-4cHeTlmET9qylEpmu2Zq-cHV0xqqW6jfhBLSQhMRrxREggVYgfy8nMtYImTbMMBwW1o1QUG--mAfCOdnlyRnXyOB1brJirWPquWG9HqcjAiY6w_Wz1WbK7DGUlKBW_5zLS4PYfYnOQ5KWAcqqAn2CQyMBm68eoeJkNoBJ5PwJcK0m4LwHQFBDA1o4FR-Aom1XGRzjjUk0dg0Kat_J1hfzADT6iCODNavCpT_y8lE3kJMAQE01tVBXACTkgda84oLryTNFQ2YBQyOfFO2Jzyi9Bf6885Q6tKFTSL5rZS4fDUfP2SxZbPiMEHk0pxvlL1TqhefCQXtJUnUfm_mWsISF72pCqQILYQz-YaWKPIhWXQ4DjOl8gYBDG8EHvgkr6xAUlcpLZ8ShWNOxL4BoDD2SUTuU7K3Y4XlawOWeZcsmF-C44DO_afFSdz5xy7mowdxXminjIXbGqXug4zETsKzQKzrzwO9Zna4ldeGgPJWiIbpodOq8KuPErVnesLu3pRpHW6P-PrM8si6iC8z3v_EWjIw55hp-14q1X3okEsmFEBLIAKiV5NAU1pAhC9tucroZo3rM2ccncbyn8mdBststp5JUtGTHPLuK00HbxwZXncZcprSIdBbvNe9r2w2wMQc_yowi5PZMnEf0BqCaqqgb-kYTRO9XFso5hyjiFAuuYYhC6YWJ6Zmkn4srgJp-ikNLBq7qGcur6GAiG81V8MhGM4cHt0EbtSbXPHh9XOazar99WTi27aL_nFKFjh3hLT_D_gx413TCBCzbjD_P_TNl8ZVd6TOEQPYihwAr3C7tN6a6182Z-oFMl3NlNnkgGo8vKsg1gLjv9SF0K7KyG4teSIeuYCWvTjZS-QvFghzw4XE8K6cthH6y-j6_lE30JxqAxBJ592KTmHxTAR1zQvTE00tSDDPUBmtLLQzJSRBlxw9PVTsk-XqGeQGmITUTFZc7pjpSFQ3HYSNXGAjtdAnicjA0HICjcDxoWKEG6lgXizQcyjnUJCBh-AYVB5yse3MeynkpJjiSAkEWhQj7Uqt_jvxZyG8dtUmtRWyN1TUPUubCrhBv4Xrcn8wHxGSWF2jMut1nRcmbdd-uz9NrELy5IQTdTacHdPieJkW17qj_6ZiUN03zP9jnE9wCoTgeusNcaS1ayvbUB9xWRbTf4TLCz0p9ycA_3AcRVMzg6ZTahZQ1ShM6SG7K-keopXowT5P7Uf1jEzNFwXix_G9Tp9hmxPekPQ8lm7rqf2EDfAFDFN5mz9Rcttv65Dv5gtgJNhD6iNbnScPKwklcUaSvco7xbQioUB8m7vpjpv_4ZUHxMMI3QPZqT_1i6UJR1_QRpzCAQSbQBygQiDesc4HT9I0TjrOnxgDaHiRDjntArQHT5bSnrBTO6yI2JNQsQOQ92udKfJ2lx4m6JJhI2jw78rj8gyqhPCsC__RnXXl6FLwSFxjkGwPUr0jZXoF4wJ4FPBXG6XAAWKFWimse6eChK2-CYYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782081104&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jUoieRiMq-u4MXzMUXose-&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fe3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fe3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:ebe5f00f-2a08-6f56-a9f8-f609d451617a,c:gt6LGz,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-664b4f8f74-tcn52,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tI6XeFC+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C11721%7C1181%7C1182%7C1183%7C119*.1352960-70224227%7C1191%7C11a1%7C11b1%7C11c1,idMap:119*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:24,oid:4efcaa2b-12a1-11ee-96ef-7e82db52e495,v:19.8.421,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:19:34 GMT content-encoding br x-content-type-options nosniff age 71478 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4172 x-xss-protection 0 server cafe etag 5499578052516643378 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 19:19:34 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 0A67	30 KB 11 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rfw/bgd/1352960/70224227/xbbe/creative/adj?p=APEucNVsG6eJQoK33s99hgTMPN4ZVv0juyNG3XdkA0Sc-vVZugqMkfQ&d=CokBAKAmf-CDcGVXmqxeoUalaDnV0d5SBPdG3sGXbHYj23Dm5gV7WIxwuQUnBxxF_0LfPRJLaeSnzOUgn3iP0vKX3RhjIxLmQnsbIDh-BCw5J9Qsr7uQYmB8rEd6hVl-6YVBiZge8R166jIEao413gwuc1JtiYdW4rfcnwGcW8YVwuVstzmbq1Ut67ESqRUAoCZ_4Bn2sgsDL4Hkbpr9S1PevmFKhE3-gWhuAIiutft17ytdsci3Wpk4yHmHtu0RtU58N5mhHZuyawZIwccVw0jCuRfC-XnPBZEiKvtYnskBqbXT3VKAbKY89NDzHcHZXE40WAy0rkOxp6T-A_brpB5f8-7ElRTvEP1w3ZzB2D96LYAAPakY2oFldmT5e6aHtNtqR2hgQNcdj-FtjGAw3rQ9JMFRDvLUhCMWEBYJ5EQRA5BDojguiq7-YYzoa5skIQ_XEdSNu76Td950x7dTuP9fdfQYIxvLdx0izw_VGrikPqoV3KApB7zbL0iapvaZOtkpV-qyt0yInkOEdPQfEGXRs4LVporx-aeHxDoCiYO3kmcv-0QkgKyrEkRHuDxPGcztzK4RCFPFdVf4Pgtt5sjp7lMzWUkAJEhH5fKzSTMkMGjdbNpmq_jQYjT5NBcutP7avF-tA-RfWgIvIB07vN3Ag2U19jytDLbw6Tr-Sxygezj4bniIXrBWmbgMoCgikvMH36Iy9FRJs4QYc2O01DB7tkQO4bRNHSTdNXvoRKSQPb5hYs4e1Xu2G428MxU02zEV_nWSpRhyA1Mp805TQ17mJTAEWYvJLDJId3BbQrK-y24nRVDhTrDDhBRws42moAWQMASCozsQQWnVTZti8o7jeUrI7sbaUu9xbr44-qAZAI4QVeuefqJr-N6--BHB69qCYC_IWAzfrMo5fU-cm0aROax01Bj-V8YoO3izXuJ6Jt4OLMQFMcM3jP9l_83eG5K24wOqsoiAl1IJM1QwuUB-Oj_TyxgynLBMAE000WXqSG9r8VBNTUCOrflKy7UFOodxUVy3tD7f4VEGU3tx6-6WswGJX_BpfIgQ-aj-x7qTh6vvHhNnR1w9pS34dtvScp189uPJwayrqnX0EQjOHAGUbo3rjYu286WmRlE74E5x9luvm6xkh28-YXgmWVmZnUbg_GFSMDxbawXyyddHtOmog7-9FQfYQYHW7pbXZMHum9vEMzEKKjdNdvRED7vz2DMFMAHUm7-KxXbLtspFHjDZ3vR3R94NdLsC3sTdqnxxOox0yP5wnlOOOGUtaRL_waBizMDDhfN1dqlm1f-Xe1u_4VUhgyhS41etznZPC36eRhSjg9dmSvOb7-dgedppracyxSP55VrzPAe_0e6VZ965jiawzL9GqAO1wNTzjVfeBCIqc-VaOrS88B0YA5YN6N3JZe_suhIJ7OEFqufQl4igCyElS-61yn-tc2KOKW428tnVnvWoShRvNBqdccRKSKHwh5RNWGQeZG7hWlVdvMJWgh3DiXkNgvlZ2wCw5ZSDsg1XGZrH3mU7ZcZprMxa-Y6RN05LRxqaSK6XF-tIfsURU8wMM-CvWkNw98an2WRiFJ8Ak6hDCRAQ3GRXxgss_6MHIiRuDBb5Z-iZ6ahnjxREpfN3iegZV-IN33Hth7bkjsh3Yr9TYTMCX9bvlYzPawSNgsewQcqe9qOi5buztWjT7fD3debt0RuVvPRusxl6BxFzNv8Qq5nNYWb-4bPY--6tI9H9bb0RT21Jo0zZ6YrEtYmY7uwGjsDdJaUlu3tV93SaQGVXA9E70aIERJ6QJdeDfbPedeP_yE1DcPUyQyH5C1aocETs6uwqPbQ1-Yl39QO7FaBmNTVpWHfWqlNPc4sPbnxfbubpd1pgKXq0JNYu3MFIjUzPm2SBqRNiPqJfqMikt2jtsrC0RMV7fMe9E-imXIuSgFCMrrMfbc-QMqUqR8vyI-PjRQzS9iwCQHc7VjdEWpuoc7cEm3JreBMvyICGAWn4rU8bMmUF9TDLsmfIfqkhTe6_IGoUUtzbL-MCcRBLwUzFimqFQhKoXSpGnY_0YbPjhf8Qv5JRXT_yC-HjW8bEi62p4BM9q3M_XC18WOHkvHYzqJgmLlS7vV5euodyJMIrf6QH91B4DY1qNaZoa6d8WQ7V3AVvjyJFAR2f-9wRJLL8QoqMtiqkt4cY-NQoVZPuD02aQtx0pGI9DdHZffxVWxs1BtVphlzPbzIJ13lfDk1dTMc_kMZmGqL4ZzDdnRbPWcl-kWm06ODwpv93c-ImcpzIIQ_m_3TO9CF2ok-jXN-pqhtreySNmxIAu94qDKBRpim5hw8-2lxfsJRtN4Jc7-PWxO9TdufsjYe1oGo5VG78kKykUCzfd469-4eTNOlHY4ccFrEsgVGnUlME0zreCz1YKPF8X5ZbosYKhdCH6-lR4z7zperZlVeIgdBPOf273LXmPM-QcG8MvsSDQHRqaBNdKUkNL8WHxPrfwfgKTZE-kDUa-4cHeTlmET9qylEpmu2Zq-cHV0xqqW6jfhBLSQhMRrxREggVYgfy8nMtYImTbMMBwW1o1QUG--mAfCOdnlyRnXyOB1brJirWPquWG9HqcjAiY6w_Wz1WbK7DGUlKBW_5zLS4PYfYnOQ5KWAcqqAn2CQyMBm68eoeJkNoBJ5PwJcK0m4LwHQFBDA1o4FR-Aom1XGRzjjUk0dg0Kat_J1hfzADT6iCODNavCpT_y8lE3kJMAQE01tVBXACTkgda84oLryTNFQ2YBQyOfFO2Jzyi9Bf6885Q6tKFTSL5rZS4fDUfP2SxZbPiMEHk0pxvlL1TqhefCQXtJUnUfm_mWsISF72pCqQILYQz-YaWKPIhWXQ4DjOl8gYBDG8EHvgkr6xAUlcpLZ8ShWNOxL4BoDD2SUTuU7K3Y4XlawOWeZcsmF-C44DO_afFSdz5xy7mowdxXminjIXbGqXug4zETsKzQKzrzwO9Zna4ldeGgPJWiIbpodOq8KuPErVnesLu3pRpHW6P-PrM8si6iC8z3v_EWjIw55hp-14q1X3okEsmFEBLIAKiV5NAU1pAhC9tucroZo3rM2ccncbyn8mdBststp5JUtGTHPLuK00HbxwZXncZcprSIdBbvNe9r2w2wMQc_yowi5PZMnEf0BqCaqqgb-kYTRO9XFso5hyjiFAuuYYhC6YWJ6Zmkn4srgJp-ikNLBq7qGcur6GAiG81V8MhGM4cHt0EbtSbXPHh9XOazar99WTi27aL_nFKFjh3hLT_D_gx413TCBCzbjD_P_TNl8ZVd6TOEQPYihwAr3C7tN6a6182Z-oFMl3NlNnkgGo8vKsg1gLjv9SF0K7KyG4teSIeuYCWvTjZS-QvFghzw4XE8K6cthH6y-j6_lE30JxqAxBJ592KTmHxTAR1zQvTE00tSDDPUBmtLLQzJSRBlxw9PVTsk-XqGeQGmITUTFZc7pjpSFQ3HYSNXGAjtdAnicjA0HICjcDxoWKEG6lgXizQcyjnUJCBh-AYVB5yse3MeynkpJjiSAkEWhQj7Uqt_jvxZyG8dtUmtRWyN1TUPUubCrhBv4Xrcn8wHxGSWF2jMut1nRcmbdd-uz9NrELy5IQTdTacHdPieJkW17qj_6ZiUN03zP9jnE9wCoTgeusNcaS1ayvbUB9xWRbTf4TLCz0p9ycA_3AcRVMzg6ZTahZQ1ShM6SG7K-keopXowT5P7Uf1jEzNFwXix_G9Tp9hmxPekPQ8lm7rqf2EDfAFDFN5mz9Rcttv65Dv5gtgJNhD6iNbnScPKwklcUaSvco7xbQioUB8m7vpjpv_4ZUHxMMI3QPZqT_1i6UJR1_QRpzCAQSbQBygQiDesc4HT9I0TjrOnxgDaHiRDjntArQHT5bSnrBTO6yI2JNQsQOQ92udKfJ2lx4m6JJhI2jw78rj8gyqhPCsC__RnXXl6FLwSFxjkGwPUr0jZXoF4wJ4FPBXG6XAAWKFWimse6eChK2-CYYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782081104&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jUoieRiMq-u4MXzMUXose-&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fe3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fe3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:ebe5f00f-2a08-6f56-a9f8-f609d451617a,c:gt6LGz,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-664b4f8f74-tcn52,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tI6XeFC+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C11721%7C1181%7C1182%7C1183%7C119*.1352960-70224227%7C1191%7C11a1%7C11b1%7C11c1,idMap:119*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:24,oid:4efcaa2b-12a1-11ee-96ef-7e82db52e495,v:19.8.421,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:21:16 GMT content-encoding br x-content-type-options nosniff age 71376 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11398 x-xss-protection 0 server cafe etag 3934322099733601226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 07 Jul 2023 19:21:16 GMT
GET H2	200	default.css as.ad4m.at/ad/style/0.1.42/one-ad/ Frame F0CA	106 KB 13 KB	20ms 19ms	Stylesheet text/css	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1ht9xfs9ewh3rvhjx1q4c1rfev94s5311kb9g6wx37wvm25rvz57sezy0g11afvv634rbw3xdwm435t6by34wens6br2k8ayktpmgmhcy7zcykhvj8wcy42030d2j8grscwqd54gespetskkacxpvq1fzxzc2raw2aq9ps3hdesfxqnd859jtq4php0perp8tpw0atsevwwdpxdyh1cn6gmshx7qg09a86hwhx1a99ydmq6drz1ejj6kan2y8md6bcgfacbjxgsqz02jdnctn6bdzr7jkdptkksy4sgnrek79dep4kdcxf8868b55a2gdd8wgspe9v7mnt80w1wb95wa41p6k09sdb9hc3h4nry9g995w5mqxa6dw4fnnrytdhm33ntdma6yxsxz8nxnbq3m9b787cjb1n7pvnqjjbafwtw6mcmrdygf56bcxph6y30hs63kt8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%26client%3Dca-pub-6593523210010154%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/dr?ed=1ht9xfs9ewh3rvhjx1q4c1rfev94s5311kb9g6wx37wvm25rvz57sezy0g11afvv634rbw3xdwm435t6by34wens6br2k8ayktpmgmhcy7zcykhvj8wcy42030d2j8grscwqd54gespetskkacxpvq1fzxzc2raw2aq9ps3hdesfxqnd859jtq4php0perp8tpw0atsevwwdpxdyh1cn6gmshx7qg09a86hwhx1a99ydmq6drz1ejj6kan2y8md6bcgfacbjxgsqz02jdnctn6bdzr7jkdptkksy4sgnrek79dep4kdcxf8868b55a2gdd8wgspe9v7mnt80w1wb95wa41p6k09sdb9hc3h4nry9g995w5mqxa6dw4fnnrytdhm33ntdma6yxsxz8nxnbq3m9b787cjb1n7pvnqjjbafwtw6mcmrdygf56bcxph6y30hs63kt8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%26client%3Dca-pub-6593523210010154%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:52 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-meta-goog-reserved-file-mtime 1686312358 age 97186 cf-polished origSize=108907 x-guploader-uploadid ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Fri, 09 Jun 2023 12:06:25 GMT server cloudflare etag W/"913a188acf4937267d989357edafdccf" vary Accept-Encoding x-goog-generation 1686312385390155 content-type text/css x-goog-hash crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw== cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEukjHqWLEHLRevFzM8gYOtP8DvDDq4%2FVbeSzHBxXqgoDDhVj8nGCa0cNtOn9jwdjIk%2BUdl0kqXi8PzjgOvdt4ASgnhNDBRkOD9hBYWzk1XNY2xl46GiKkjCZq4jE1k3lAr4tUwksVE%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 108907 cf-ray 7dc5e66b6e2518e2-FRA expires Sat, 24 Jun 2023 16:10:52 GMT
GET H2	200	r62eglto.js Show response ad4m.at/ Frame F0CA	25 KB 10 KB	33ms 25ms	Script application/javascript	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/r62eglto.js Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1ht9xfs9ewh3rvhjx1q4c1rfev94s5311kb9g6wx37wvm25rvz57sezy0g11afvv634rbw3xdwm435t6by34wens6br2k8ayktpmgmhcy7zcykhvj8wcy42030d2j8grscwqd54gespetskkacxpvq1fzxzc2raw2aq9ps3hdesfxqnd859jtq4php0perp8tpw0atsevwwdpxdyh1cn6gmshx7qg09a86hwhx1a99ydmq6drz1ejj6kan2y8md6bcgfacbjxgsqz02jdnctn6bdzr7jkdptkksy4sgnrek79dep4kdcxf8868b55a2gdd8wgspe9v7mnt80w1wb95wa41p6k09sdb9hc3h4nry9g995w5mqxa6dw4fnnrytdhm33ntdma6yxsxz8nxnbq3m9b787cjb1n7pvnqjjbafwtw6mcmrdygf56bcxph6y30hs63kt8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%26client%3Dca-pub-6593523210010154%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:52 GMT content-encoding br cf-cache-status HIT last-modified Tue, 14 Mar 2023 13:45:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 350695 etag W/"fcb2a26b07bd76d9a925cae661d6d94d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJDQ7Pmw8v%2FT2XABP1VvO%2FgOnmXTK0XNtAmtG%2FMHAnpN%2BJymxNJFmaAWK5dp9B%2F2vOKSNySk4q2GeQYVNXNrAnMD0UDvkwZDhe7ekYKhOoUVDiFh%2FQenWtU%2BWS%2F%2FZTnDfTCV9yc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 cf-ray 7dc5e66b7e3818e2-FRA alt-svc h3=":443"; ma=86400 expires Tue, 13 Jun 2023 13:46:16 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame D03E	43 B 215 B	94ms 93ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1484055&asId=f26a5537-58ab-34cf-3ca7-733fe37bb058&tv=%7Bc:gt6LMG,pingTime:-3,time:149,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:45%7D,%7Br:r,w:728,h:90,t:137%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:149,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:45,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B141~0%5D,as:%5B129~0.0,12~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tI6XeJH+111%7C112%7C113%7C114%7C115%7C1161%7C11621%7C11622%7C1171%7C11721%7C1173%7C1174%7C1181%7C1182%7C1183%7C1191%7C1192%7C1193%7C11a*.1484055-72040524%7C11a1%7C11b1%7C11c1,idMap:11a*,rmeas:1,rend:0,renddet:svg.us,siq:46%7D&br=c Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT server nginx x-server-name dt25.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame D03E	43 B 215 B	94ms 93ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1484055&asId=f26a5537-58ab-34cf-3ca7-733fe37bb058&tv=%7Bc:gt6LMI,pingTime:-6,time:151,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:151,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:45,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B143~0%5D,as:%5B129~0.0,14~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tI6XeJH+111%7C112%7C113%7C114%7C115%7C1161%7C11621%7C11622%7C1171%7C11721%7C1173%7C1174%7C1181%7C1182%7C1183%7C1191%7C1192%7C1193%7C11a*.1484055-72040524%7C11a1%7C11b1%7C11c1,idMap:11a*,rmeas:1,rend:0,renddet:svg.us,siq:46%7D&tpiLookup=ao:pcloak.blob.core.windows.net*%2Cye-mek.net*&br=c Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT server nginx x-server-name dt26.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET DATA	200 OK	truncated / Frame 0A67	209 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1b0f248968a3a5d20973ca4d0efc57672d223fe55e8025e5233081843e4bab8f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/png
GET H2	200	dt dt.adsafeprotected.com/ Frame 177F	43 B 215 B	93ms 93ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=315ff81f-3483-8faf-ac1d-43f4ca54c81e&tv=%7Bc:gt6LNA,pingTime:0,time:624,type:pf,im:%7Bpci:%7Btdr:582%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:19%7D,%7Bpiv:100,vs:i,r:,t:624%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:624,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B617~0%5D,as:%5B617~160.600%5D%7D%7D,%7Bsl:i,t:624,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:421,fm:tI6XeCW+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C1172%7C118*.1352960-70224227%7C1181%7C119.1352960-70224227%7C1191%7C11a.1484055-72040524%7C11a1%7C11b1%7C11c,idMap:118*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:20,sis:378%7D&br=c Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT server nginx x-server-name dt11.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	styles.css s0.2mdn.net/sadbundle/16829948873192997814/css/ Frame 2050	6 KB 2 KB	9ms 8ms	Stylesheet text/css	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/16829948873192997814/css/styles.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=b7WgNZKfhB&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ce3cf09c371f16e84cd9db5935613c3c8eeb5b5cf14511fa484818c7282cf5fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=b7WgNZKfhB&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Tue, 20 Jun 2023 16:37:31 GMT content-encoding gzip x-content-type-options nosniff age 340401 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1606 x-xss-protection 0 last-modified Fri, 12 May 2023 09:19:58 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 19 Jun 2024 16:37:31 GMT
GET H3	200	Enabler_01_250.js Show response s0.2mdn.net/879366/ Frame 2050	120 KB 41 KB	9ms 9ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_250.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=b7WgNZKfhB&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=b7WgNZKfhB&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 13:53:03 GMT content-encoding gzip x-content-type-options nosniff age 4669 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42247 x-xss-protection 0 last-modified Tue, 14 Mar 2023 21:28:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 25 Jun 2023 13:53:03 GMT
GET		overlay.png s0.2mdn.net/sadbundle/16829948873192997814/img/ Frame 2050	0 0
GET		logo.svg s0.2mdn.net/sadbundle/16829948873192997814/img/ Frame 2050	0 0
GET H3	200	gsap_3.5.1_min.js s0.2mdn.net/ads/studio/cached_libs/ Frame 2050	60 KB 0	16ms 15ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=b7WgNZKfhB&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=b7WgNZKfhB&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:52 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24155 x-xss-protection 0 last-modified Mon, 31 Aug 2020 21:23:17 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:10:52 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame D03E	43 B 215 B	93ms 93ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1484055&asId=f26a5537-58ab-34cf-3ca7-733fe37bb058&tv=%7Bc:gt6LNP,pingTime:-2,time:220,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:682,mdZ:771,beA:948,beZ:950,mfA:952,cmA:954,inA:954,inZ:958,prA:958,prZ:989,si:994,poA:995,poZ:1017,cmZ:1017,mfZ:1017,loA:1099,loZ:1101,ltA:1168,ltZ:1168%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:45%7D,%7Br:r,w:728,h:90,t:137%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:220,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:45,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B212~0%5D,as:%5B129~0.0,83~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tI6XeCW+111%7C112%7C113%7C114%7C115%7C1161%7C11621%7C11622%7C1171%7C11721%7C1173%7C1174%7C118.1352960-70224227%7C1181%7C1182%7C1183%7C119.1352960-70224227%7C1191%7C1192%7C1193%7C11a*.1484055-72040524%7C11a1%7C11b1%7C11c1,idMap:11a*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:46,sinceFw:173,readyFired:true%7D&br=c Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT server nginx x-server-name dt21.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/12943809228921786815/ Frame 72B2	1 KB 767 B	20ms 20ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=lCAVW55xiJ&t=1&renderingType=2&ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 68b34a28617137221b76b93546359bf577aea1d6b3aadbd65b40e8bbdae7dd0f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 739 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:52 GMT expires Sun, 23 Jun 2024 15:10:52 GMT last-modified Thu, 27 Apr 2023 13:46:02 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 177F	0 0	51ms 48ms	Fetch image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstIMkI6o7FdkT-kvmr4oYIo8a5R3rA77DF7KbvqgBFfDrwsuKcWN86db5196CWeGBeS82Ju9lDONt4pQGTmNvJogb0t7FfkP2rVNO8dnrXPAxvdSE_fs51kQD3MFB0sa8vahsytrHTVAkGH_8OrJjs_SwxBTYGGmNDNCg&sai=AMfl-YQA8viFQO5_55UAuBFlTDnbgYK5oY7L-Pce--6n242vTZcVEGInu3izKqxFjqz_0hPqbiiVDcWnh-45lu6WMARctuGcNYK2uFdmhJMtm95PVadnYWVWgl29BCFuEw&sig=Cg0ArKJSzOky_VF6GZDAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=284&cbvp=1&cstd=272&cisv=r20230620.49587&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:52 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 24 Jun 2023 15:10:52 GMT
GET H/1.1	200 OK	ai.aspx m.exactag.com/ Frame 177F	43 B 1 KB	91ms 21ms	Image image/gif	85.14.248.72 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180662177&extPm=361198325&gdpr_consent=&gdpr= Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 85.14.248.72 Mülheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Sat, 24 Jun 2023 15:10:52 GMT X-Content-Type-Options nosniff P3P policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR" cross-origin-resource-policy cross-origin Connection close X-ET-Monitoring 1 Content-Length 43 X-Xss-Protection 0 Pragma no-cache Last-Modified Sa, 24 Jun 2023 03:10:52 GMT X-ET-Code 0 Accept-CH sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64 Access-Control-Max-Age 1000 Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/gif Access-Control-Allow-Origin https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com Cache-Control private Access-Control-Allow-Credentials true X-ET-Camp 1119 Access-Control-Allow-Headers * Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3	200	IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response pagead2.googlesyndication.com/bg/ Frame B06D	38 KB 14 KB	10ms 8ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 19:10:38 GMT content-encoding br x-content-type-options nosniff age 158414 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14804 x-xss-protection 0 last-modified Mon, 19 Jun 2023 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 21 Jun 2024 19:10:38 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3D19 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECurcynna_2pPXqx-jNiRBg&google_push=ATf1kGOHzQUsVAOk1mW5zqRzVDqk8b0YTcdh5BTAxdSgvfXAblAMmDv3kF...	170 B 188 B	18ms 18ms	Image image/png	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECurcynna_2pPXqx-jNiRBg&google_push=ATf1kGOHzQUsVAOk1mW5zqRzVDqk8b0YTcdh5BTAxdSgvfXAblAMmDv3kF8frB_fom2m-C-AbNY78PkIVIWuYXYuCepbN6eXjyp6HU8 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 Protocol H3 Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-fra-eddf8230064-FRA pragma no-cache date Sat, 24 Jun 2023 15:10:52 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1687619453.886799,VS0,VE90 x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECurcynna_2pPXqx-jNiRBg&google_push=ATf1kGOHzQUsVAOk1mW5zqRzVDqk8b0YTcdh5BTAxdSgvfXAblAMmDv3kF8frB_fom2m-C-AbNY78PkIVIWuYXYuCepbN6eXjyp6HU8 cache-control no-cache accept-ranges bytes content-length 0 x-cache-hits 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3D19 Redirect Chain https://d.agkn.com/pixel/2175/?google_gid=CAESEC4PR449Qc3XCSn4VA2-hmQ&google_cver=1&google_push=ATf1kGNQZLnfZWpeaQiuRDl8QjTOBE60ifsayUsCOC3bDsNUcFezxluIT59gBX_LEU2vGTqRbQZaXv1fUlwuWPgbDtRh25YoaK8KLGsH https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGNQZLnfZWpeaQiuRDl8QjTOBE60ifsayUsCOC3bDsNUcFezxluIT59gBX_LEU2vGTqRbQZaXv1fUlwuWPgbDtRh25YoaK8KLGsH&google_hm=Q0FFU0VDNFBSNDQ5U...	170 B 188 B	18ms 17ms	Image image/png	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGNQZLnfZWpeaQiuRDl8QjTOBE60ifsayUsCOC3bDsNUcFezxluIT59gBX_LEU2vGTqRbQZaXv1fUlwuWPgbDtRh25YoaK8KLGsH&google_hm=Q0FFU0VDNFBSNDQ5UWMzWENTbjRWQTItaG1R Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 Protocol H3 Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:52 GMT P3P CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGNQZLnfZWpeaQiuRDl8QjTOBE60ifsayUsCOC3bDsNUcFezxluIT59gBX_LEU2vGTqRbQZaXv1fUlwuWPgbDtRh25YoaK8KLGsH&google_hm=Q0FFU0VDNFBSNDQ5UWMzWENTbjRWQTItaG1R Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3D19 Redirect Chain https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGPL-sQO... https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DATf1kGPL-sQO... https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA2MjQxNTEwNTQwMDAxMTc5OTY2NTIxNA%3D%3D&google_push=ATf1kGPL-sQOemyf9yAadZBsguTU07wx0bMg8V3yJ-1_GG9SjOtsMBa8E9zdYitDojn4FM...	170 B 188 B	20ms 20ms	Image image/png	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA2MjQxNTEwNTQwMDAxMTc5OTY2NTIxNA%3D%3D&google_push=ATf1kGPL-sQOemyf9yAadZBsguTU07wx0bMg8V3yJ-1_GG9SjOtsMBa8E9zdYitDojn4FMgJirvGa9cCFAOFZeDsk5_Nde8v_PN3oOp6 Protocol H3 Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzA2MjQxNTEwNTQwMDAxMTc5OTY2NTIxNA%3D%3D&google_push=ATf1kGPL-sQOemyf9yAadZBsguTU07wx0bMg8V3yJ-1_GG9SjOtsMBa8E9zdYitDojn4FMgJirvGa9cCFAOFZeDsk5_Nde8v_PN3oOp6 pragma no-cache date Sat, 24 Jun 2023 15:10:54 GMT cache-control max-age=0, no-cache, no-store strict-transport-security max-age=2628000 content-length 0 expires Sat, 24 Jun 2023 15:10:54 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3D19 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHavlMy-KBNYAW4EKFu86cM&google_cver=1&google_push=ATf1kGOtFQxEU4h7bDslbilf-dWSBs0kFQxeTaynzIRV7UeK9I10ibh0tzbC0g_Wyf2IFiKm99_oCZM3P3FXG3FHLhRHZ3T... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOtFQxEU4h7bDslbilf-dWSBs0kFQxeTaynzIRV7UeK9I10ibh0tzbC0g_Wyf2IFiKm99_oCZM3P3FXG3FHLhRHZ3T0zhsuxWrn&google_hm=eS1lS3dyblVaRTJwR0...	170 B 188 B	19ms 18ms	Image image/png	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOtFQxEU4h7bDslbilf-dWSBs0kFQxeTaynzIRV7UeK9I10ibh0tzbC0g_Wyf2IFiKm99_oCZM3P3FXG3FHLhRHZ3T0zhsuxWrn&google_hm=eS1lS3dyblVaRTJwR0ZkNlJfeTlha0RNUlloMDY3RmdJaH5B Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 Protocol H3 Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 24 Jun 2023 15:10:52 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOtFQxEU4h7bDslbilf-dWSBs0kFQxeTaynzIRV7UeK9I10ibh0tzbC0g_Wyf2IFiKm99_oCZM3P3FXG3FHLhRHZ3T0zhsuxWrn&google_hm=eS1lS3dyblVaRTJwR0ZkNlJfeTlha0RNUlloMDY3RmdJaH5B content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3D19 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFNRLNNQDkDJhkXYJs6FKgI&google_cver=1&google_push=ATf1kGPy97KfinXJ_rycAHuk8h4kKth-wObc094Q2Fqmim_j9va4hRWxVPz9GPP41LcoMCJHE3-DJfxi... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFNRLNNQDkDJhkXYJs6FKgI&google_cver=1&google_push=ATf1kGPy97KfinXJ_rycAHuk8h4kKth-wObc094Q2Fqmim_j9va4hRWxVPz9GPP41LcoMCJHE3-... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE1MzcwMzUxNzM2NjU1MDM0MQ&google_push=ATf1kGPy97KfinXJ_rycAHuk8h4kKth-wObc094Q2Fqmim_j9va4hRWxVPz9GPP41LcoMCJHE3-DJf...	170 B 188 B	18ms 18ms	Image image/png	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE1MzcwMzUxNzM2NjU1MDM0MQ&google_push=ATf1kGPy97KfinXJ_rycAHuk8h4kKth-wObc094Q2Fqmim_j9va4hRWxVPz9GPP41LcoMCJHE3-DJfxi8Bo2Ac10jeX8DAlSTpB0ldgu Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 Protocol H3 Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE1MzcwMzUxNzM2NjU1MDM0MQ&google_push=ATf1kGPy97KfinXJ_rycAHuk8h4kKth-wObc094Q2Fqmim_j9va4hRWxVPz9GPP41LcoMCJHE3-DJfxi8Bo2Ac10jeX8DAlSTpB0ldgu access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	trk ag.innovid.com/ Frame 3D19	43 B 296 B	212ms 22ms	Image image/gif	2a05:d01c:1d8:8101:7a17:40a9:5794:5e61 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ag.innovid.com/trk?tid=11711&google_gid=CAESEJKjK4BkYvyhL1NXIb_WENQ&google_cver=1&google_push=ATf1kGPTg4f8fYeAFVL0KCajmiR9458p5xkGOpR9xaMBqm3xVltaUKWFUk_sKgP_YR0tY8JYl3dTBEJLlGOnNAxar1moi3leEa9ygZ0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d01c:1d8:8101:7a17:40a9:5794:5e61 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers content-type image/gif pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT cache-control no-cache content-length 43 request-time 0 expires -1
GET H2	200	report sync.teads.tv/um/ Frame 3D19 Redirect Chain https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPPcZvispcw1I7pGx6doTrQ&... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGO3CBkMmp6pygcwaLW1nHdH3nAaidQ-PinF2q4DQiBztjNWvXBJK9xuVTT4d3sUnVgwq9yrvWoBddR7z0zaP5LeOw7g2_WPwHIC-Q https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab	23 B 163 B	39ms 39ms	Image image/gif	104.102.35.84 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 Protocol H2 Server 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-102-35-84.deploy.static.akamaitechnologies.com Software akka-http/10.2.10 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers expires Sat, 24 Jun 2023 15:10:53 GMT pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT cache-control max-age=0, no-cache, no-store server akka-http/10.2.10 content-length 23 content-type image/gif Redirect headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 260 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 3D19	0 12 B	18ms 17ms	Image text/html	172.217.16.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lf6OPZQHW8VVIffNKznSUqs1GBObEY0kM5ZqVQWsntfn3AiXm7LWa4Uv-uWq5yZGuq5IkccQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:52 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	link.html Show response track.webgains.com/ Frame 84F8	2 KB 2 KB	142ms 69ms	Script text/html	3.11.176.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=11604300080079704444550012365027&nw=1 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.11.176.98 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-11-176-98.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash d71a2859ac5af232376c402696033c2f46971bb408d268dcc73c2d66fec1b51c Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:52 GMT last-modified Sat, 24 Jun 2023 15:10:52 GMT server nginx x-powered-by PHP/7.4.26 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=60 access-control-allow-headers Authorization expires Sat, 24 Jun 2023 15:11:52 GMT
GET H2	200	activityi;dc_pre=CPqMibCY3P8CFQ5Bwgodg98Pew;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3476966648974.3223 Show response 8019191.fls.doubleclick.net/ Frame 4F90 Redirect Chain https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3476966648974.3223? https://8019191.fls.doubleclick.net/activityi;dc_pre=CPqMibCY3P8CFQ5Bwgodg98Pew;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3476966648974.3223?	392 B 326 B	63ms 62ms	Document text/html	142.250.185.198 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8019191.fls.doubleclick.net/activityi;dc_pre=CPqMibCY3P8CFQ5Bwgodg98Pew;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3476966648974.3223? Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f6.1e100.net Software cafe / Resource Hash 7cce3468d5f52975b669e9bb65666a12117a4b8c54dd330f280be0d098250cdf Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 217 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:53 GMT expires Sat, 24 Jun 2023 15:10:53 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:52 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://8019191.fls.doubleclick.net/activityi;dc_pre=CPqMibCY3P8CFQ5Bwgodg98Pew;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3476966648974.3223? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	request_content.php Show response hal900027.redintelligence.net/ Frame FBF6	7 KB 2 KB	26ms 11ms	Document text/html	78.46.111.106 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900027.redintelligence.net/request_content.php?s=11604300080079704444550012365027&a=b8bf07a6 Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.106.111.46.78.clients.your-server.de Software Apache / Resource Hash 42d08b1833d752f80ce2218591b98ea794ebd47897f4428d960a7e2d5d9feaa4 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Encoding gzip Content-Length 2069 Content-Type text/html; charset=utf-8 Date Sat, 24 Jun 2023 15:10:52 GMT Expires Sat, 24 Jun 2023 16:10:52 +0200 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Vary Accept-Encoding
GET DATA	200 OK	truncated / Frame 84F8	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8fe913323bb7af09b0adc9ff027cfaea7f3a23c32262d86c7fd389e988e8e2fa Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame B0FA	220 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3c6351caced46c3a343c49152afad753a472aab375293262c8ec9996c5e19c70 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/png
GET H3	200	tweenmax_2.0.1_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 72B2	113 KB 38 KB	18ms 17ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=lCAVW55xiJ&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=lCAVW55xiJ&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:52 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38915 x-xss-protection 0 last-modified Tue, 19 Jun 2018 18:02:41 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:10:52 GMT
GET H3	200	Enabler_01_247.js Show response s0.2mdn.net/879366/ Frame 72B2	118 KB 40 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=lCAVW55xiJ&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=lCAVW55xiJ&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 13:52:36 GMT content-encoding gzip x-content-type-options nosniff age 4696 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41099 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:07 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 25 Jun 2023 13:52:36 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 0A67	43 B 215 B	93ms 93ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=ebe5f00f-2a08-6f56-a9f8-f609d451617a&tv=%7Bc:gt6LRb,pingTime:0,time:681,type:pf,im:%7Bpci:%7Btdr:654%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:23%7D,%7Bpiv:100,vs:i,r:,t:681%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:681,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B675~0%5D,as:%5B675~160.600%5D%7D%7D,%7Bsl:i,t:681,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:320,fm:tI6XeCW+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C11721%7C118.1352960-70224227%7C1181%7C1182%7C1183%7C119*.1352960-70224227%7C1191%7C11a.1484055-72040524%7C11a1%7C11b1%7C11c1,idMap:119*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:367%7D&br=c Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT server nginx x-server-name dt27.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	5ed76f76e4b07a92411bc03a ng2.virgul.com/tck/imp/ Frame 2BF5	0 209 B	50ms 50ms	Image text/plain	185.7.176.221 SH
General Check archive.org Show headers Download Go to Show image Full URL https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1687619450846&userId=vnet123931f3-5d4e-45ce-8bee-3e95e8876882 Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers access-control-allow-origin https://ye-mek.net date Sat, 24 Jun 2023 15:10:53 GMT access-control-allow-credentials true expires Tue, 04 Jan 2022 10:49:40 GMT server openresty/1.15.8.3 content-length 0 p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/12943809228921786815/ Frame 4272	1 KB 767 B	17ms 16ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=4XNThhz7Gz&t=1&renderingType=2&ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 68b34a28617137221b76b93546359bf577aea1d6b3aadbd65b40e8bbdae7dd0f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 739 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:53 GMT expires Sun, 23 Jun 2024 15:10:53 GMT last-modified Thu, 27 Apr 2023 13:46:02 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 0A67	0 0	47ms 45ms	Fetch image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJBnM2ZIqmga8T_FkcAaE2huPpSW74PiPKHNBcR3XGcIYa6o77vevtuP9uZl0qz4hLwLCMYlK9qnFeG6LAPNzrZsgSxQ2PW5DqXbLlt4CkTbSYvHgfv_BoTfU3pNM2IFPIhanCfzyac2-x-H126Y_FJIy1OZZCe_1ezw&sai=AMfl-YSwjRJalmwLGAr_qbJsbHUaeXnY3jGNTjHiEfXB9-BNMNTvKLMYOVwfh8i-GlLxO0lSDbYkqZX_UI5jd_9dadRW8G9SSVE0uH3CUkgJm8x3nmtFfBNE9iqOWBfmvg&sig=Cg0ArKJSzCJwiuBvKGzsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=361&cbvp=1&cstd=353&cisv=r20230620.05133&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 24 Jun 2023 15:10:53 GMT
GET H/1.1	200 OK	ai.aspx m.exactag.com/ Frame 0A67	43 B 1 KB	54ms 19ms	Image image/gif	85.14.248.72 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180662177&extPm=361198325&gdpr_consent=&gdpr= Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 85.14.248.72 Mülheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Date Sat, 24 Jun 2023 15:10:52 GMT X-Content-Type-Options nosniff P3P policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR" cross-origin-resource-policy cross-origin Connection close X-ET-Monitoring 1 Content-Length 43 X-Xss-Protection 0 Pragma no-cache Last-Modified Sa, 24 Jun 2023 03:10:53 GMT X-ET-Code 0 Accept-CH sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64 Access-Control-Max-Age 1000 Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/gif Access-Control-Allow-Origin https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com Cache-Control private Access-Control-Allow-Credentials true X-ET-Camp 1119 Access-Control-Allow-Headers * Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	css fonts.googleapis.com/ Frame FBF6	2 KB 530 B	17ms 16ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Titillium+Web:400,700 Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request_content.php?s=11604300080079704444550012365027&a=b8bf07a6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900027.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 24 Jun 2023 15:10:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 24 Jun 2023 13:45:53 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 24 Jun 2023 15:10:53 GMT
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame FBF6	9 KB 9 KB	21ms 7ms	Image image/png	78.46.90.238 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_627x627.jpg Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request_content.php?s=11604300080079704444550012365027&a=b8bf07a6 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.238.90.46.78.clients.your-server.de Software Apache / Resource Hash 0e7ebfd29b62080fd470fb491ce14bc693ae1c67e1014b9c330bea1f00ed6943 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900027.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sat, 24 Jun 2023 15:10:53 GMT Content-Encoding gzip Server Apache Connection close Content-Length 9331 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame FBF6	9 KB 9 KB	22ms 8ms	Image image/png	78.46.90.238 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request_content.php?s=11604300080079704444550012365027&a=b8bf07a6 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.238.90.46.78.clients.your-server.de Software Apache / Resource Hash c556768235479365871ae5b09a2e8b2b8efad4ae4aef26e915671652e095213b Request headers accept-language de-DE,de;q=0.9 Referer https://hal900027.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sat, 24 Jun 2023 15:10:53 GMT Content-Encoding gzip Server Apache Connection close Content-Length 9249 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame FBF6	10 KB 10 KB	22ms 8ms	Image image/png	78.46.90.238 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-627x627.jpg Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request_content.php?s=11604300080079704444550012365027&a=b8bf07a6 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.238.90.46.78.clients.your-server.de Software Apache / Resource Hash 71f195d83eccc3192df4a0521d050a75805b0ec58646ffa247a78764bccc2edf Request headers accept-language de-DE,de;q=0.9 Referer https://hal900027.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sat, 24 Jun 2023 15:10:53 GMT Content-Encoding gzip Server Apache Connection close Content-Length 9719 Vary Accept-Encoding Content-Type image/png
GET H3	200	IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response pagead2.googlesyndication.com/bg/ Frame 752E	38 KB 14 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 19:10:38 GMT content-encoding br x-content-type-options nosniff age 158415 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14804 x-xss-protection 0 last-modified Mon, 19 Jun 2023 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 21 Jun 2024 19:10:38 GMT
GET		dv-measurements3986.js cdn.doubleverify.com/ Frame E38B	0 0
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame D03E	0 26 B	65ms 48ms	Ping image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9hWdZJHr2KGonBS68AkaNj2qszXA4QPUjsrr9_qu1mbORt7j5wKd2-aXIDxik9fnfRGrVyNQCsQVdJc50BT3UEGFoNWoRC11NSctS9oTBWwDqL04oGzKB0RGD0kcKyIvQfSiTsGuImP7WjxdsbovtBFS0zij3I5xHBomP-43cpBhqycVdyH2a0iUTFsFdoeEjrS2RLBSjg1tjqQ&sai=AMfl-YQ7_WZxZEtkhsb8pJT8uePWfPgZl7DXDJxZnBh4pabH5lQLUnsQ_ZTscFlqAForWPcBcaUs70C1R3O0ZndD3Z5CVuZ4G8nM9XQNQRku4ZR4donp6gKR3gZzyi615O52-jD2FnLIpwQaVGhuFxox8cXRrQ&sig=Cg0ArKJSzJrioBfNWvlUEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl= Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	dt dt.adsafeprotected.com/ Frame 177F	43 B 215 B	92ms 92ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=315ff81f-3483-8faf-ac1d-43f4ca54c81e&tv=%7Bc:gt6LTr,pingTime:-10,time:987,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMzMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687619453129%7C%7C1f1aa2c23bb05405f9cb6c541f1d05da%7C%7C8623b242deb4313525321dba17b62725%7C%7C9aa92c227749e1cdb6a2e839424ef34f%7C%7C173cd99a5e83332475ebebbfe37bf116%7C%7C402631f8d6424a81eb0b56cf74b5fdb3%7C%7Cc4629e015f7d1dd2a0a75ff85bc08d95%7C%7C0e6d8ccbc188dcec99d7a6b66ca9792b%7C%7C1663701684%7D Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT server nginx x-server-name dt13.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame D03E	0 0	47ms 46ms	Fetch image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5kyWwOaVFH2dFnuCLQ2lTw2GJ_OUQ2l5KfF4rA5eU9bT6tz8CRsH_Lauy2b4EC5e0Jq29XOcglyu2uouBUJOryb0cdsSq4SBvrGTkSY_2GPFZ79m2oR5ZJL3Y5n3ka2U73RWBtrnX0EbmvqqmqpU1gv_fun4XFfdfmI1YTgtG-l80ef5zl15Gn_-Jv0FOdWaBK9kidDOcysx70KI2qnB4cSXKEfal-FS3qZQzOQKo_7ERgulZrjzrhocTEiqAJlxv5A2XUisqU2ncVTxY20eOE56IBwe5mPBiyn1mpBUT9bIrdOt6hS1G-7Lpk0sRykmESgzfrrlpKwb3V8GHZGY8o_8D6s58FY3MS-Dg5LIP8peC7WT44irHrR0DarCQn8N2JBc_8QdRnO8mlHHZ9xJnihF6En_r-b8i_Jy-_-GsBio-P8FC27D_fesBO4iuCgv-zkL04823e4hlqM4YDiaL9auACqaAVjRBwkpI9MsEfggzRSTBWdQTEqceWCtJxzMIiWZMhh7yEUXugo-ZukxfZpkMZ066_FH1MB2-ozDxcGSHLaZW7zGeLtoz_MPlnewfzQQn7BKnBXWL4YC64QSz1HOG6ecBal8eEjIBGn7sdF8FaQsr1DqTXX9uX57pts2J_FooQ0NNBiaO2cs4XB_WT-FVSlVXSUjPgFQbkqvN_6aB3Ft7YQHuxGAu9mtSYfX3DChisup9cJdFGHVaIHW2Bq7DfALWQWvGPik-Nrr0gzoBvToxpWqKQEhjojHQq-KUTIpXkCN3PrW9DIs8dgsGIKlApLO-4sD583s7w_E-lONbmXkwhZFAUcDwe0MC4LLIuRO3k1bd9n55w0wQQpAW6k5U_GvPt33Ov3YaodAkS9b7tnTyVMHaMvaHD1TsFKOmgTWCG23F3LLfj14SGy5qoo1XvEI7e4VA3RHh6LOljjsiI8dSoY9OPRe88BkFBIKHnQ_zrMzpUHVHdrP5c07jLuunGUBt5pQEef9cmtX1a-0wYDmtsSPB6v2JqnHcuC4xzf4ucmTAuX8q1bvcUhYIw_f5JzzhjCynXVgBNTki-hUsK2kq4o0AhnrXz3LuCCwVSwX6a6wF9oCPXSceED_kroLDmd_KPLD69BfjPufc1j9K8iJrMTryYq-6V3vfqgXEychyAFRsAhl-PdO9M4kobRgc6bU5PmLJJFlzyrLlyRMW14PbfmariO5-oAFmcPr1WzhyOxCGwdHzLddFe4j7hj7JkNB3VuGfUNye8eBoaIKHMc-bvwhSZwiC5Nt7AjkQTRJWQVPM4LthCP-viwaAQPmKn2xByxZ1bIw5ThHO&sai=AMfl-YS-us-YvNPLVxcEnMRDiaFrqCDSUulibyumtNtdFYU6y-7ikZVyuXI8WmfZkyWhJdSZ8sNS_Tr9ftyNB7kk3gko65HRJ0MALSqG-q65WGcaq-VwtDFxJLGY3JopGy-heKZDZ8X8SwF6k1G2lcG0leRQlYhHOXijph46P1jhJoKtqEVmosT8ZXSHd051r_b1DuWUqQGz0Y0lf87OsjUnyDvizz4DYeLo_Yjc5AVanBU2tyBZX8SqH7PKKUXVb_0MOvGqgWkuHmkSmgYfS_qfaSkjS_tXyEvvjWDEVED_zwJXkEgqWBCf48eMRO6etHe9WcMZZWlxU8o4HnULlQIkofod6o3k0puaRrhwl35BGo9TL4Bfz2lp-FwSeU4h&sig=Cg0ArKJSzAuaz2BCRlceEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=842&vt=11&dtpt=475&dett=4&cstd=357&cisv=r20230620.97295&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 24 Jun 2023 15:10:53 GMT
GET H3	200	dc_pre=CPqMibCY3P8CFQ5Bwgodg98Pew;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3476966648974.3223 adservice.google.com/ddm/fls/z/ Frame 4F90	42 B 63 B	54ms 54ms	Image image/gif	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CPqMibCY3P8CFQ5Bwgodg98Pew;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3476966648974.3223 Requested by Host: 8019191.fls.doubleclick.net URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPqMibCY3P8CFQ5Bwgodg98Pew;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3476966648974.3223? Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://8019191.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	tweenmax_2.0.1_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 4272	113 KB 38 KB	18ms 17ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=4XNThhz7Gz&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=4XNThhz7Gz&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38915 x-xss-protection 0 last-modified Tue, 19 Jun 2018 18:02:41 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:10:53 GMT
GET H3	200	Enabler_01_247.js Show response s0.2mdn.net/879366/ Frame 4272	118 KB 40 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=4XNThhz7Gz&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=4XNThhz7Gz&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 13:52:36 GMT content-encoding gzip x-content-type-options nosniff age 4697 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41099 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:07 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 25 Jun 2023 13:52:36 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 0A67	43 B 215 B	98ms 93ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=ebe5f00f-2a08-6f56-a9f8-f609d451617a&tv=%7Bc:gt6LUc,pingTime:-10,time:868,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMzMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687619453175%7C%7Cf5c17711cdce7a11bc790ab6a9c4e9de%7C%7C8623b242deb4313525321dba17b62725%7C%7Cf27313279d2993b43a2e2a4483c5a4df%7C%7C31e6d8a7e07825ee7997755f0451307a%7C%7C47f99e1878ff2b7e6e73d941b7f51eff%7C%7C6b35a8cc625364e59e7b19d92ef8955b%7C%7Cc2cb11762f7eea1b77685d33ee6211ec%7C%7C1663701684%7D Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT server nginx x-server-name dt06.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	adchoices_default.png static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F0CA	3 KB 4 KB	51ms 19ms	Image image/png	2606:4700:20::681a:61b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3075 x-guploader-uploadid ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ x-goog-storage-class STANDARD x-goog-custom-time 1970-01-01T00:00:00Z x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 content-length 3262 x-goog-meta- last-modified Wed, 09 Jun 2021 12:35:14 GMT server cloudflare etag "794c84d30e213ec6a144d64215f07551" vary Accept-Encoding x-goog-generation 1623242114099744 content-type image/png x-goog-hash crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ== cache-control public, max-age=31536000, immutable report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAydyIdVOPCR4cbNDR0KQiUElGVd744uev8YA1gyCkNZQP8QFuamMpkBvx4ii9y4ayladBDMXAP4aM0jBB8pYju%2FLQtGKisJi6pZxJVlHR%2FbaVnL42C9Kf2ck5cBIt4brCclxk8l3YWbDf2r02UbN8WQ"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 3262 accept-ranges bytes cf-ray 7dc5e66ed84f5c20-FRA expires Sat, 24 Jun 2023 14:21:54 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 9DFA	42 B 64 B	47ms 47ms	Fetch image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVu7-L9Aoy9L0sxfAukjDSbM7WqLSrf9VRICDQp5i9Tipp0ctKw_fRzplxQTNDrv1rrvFZmqUEY8ocncH9B7K7IQPZ8Qm0yvQSwG_ocwvbTQoZyP7VSLEPvZPaDi7FNXI98dVmI1LJHdNe&sai=AMfl-YQg9lEWgbROCHq8khBoNNj-_IHdp2FCG9Pvt7qSmik00tM6bw6W6vX4ofQ0p4nNdJ_SwkMbVM0qdP0kGBNDv2Eev1H9tl0MiIKxN6nnS6M_oXxwBITAbpYbqJ0FbG60OPYYuyWHrAqzqp74mOaystIgTEXh6FjN4GOFjIEMLw9nBieUB5QrtbOjprsmQQ&sig=Cg0ArKJSzMp98Z1EUqYNEAE&cid=CAQSbQBygQiDt4Sp51CzHbXhJfJf3K2qHRYXrIffBS-gGuApr_aMF8_hbAWyHku1LzxXeNBw50ksIX0eq8z1UzevDALSZUM-DY_ldc0Ymaq8kQcS9oUV2wzSansrQBVZvz6QXlOwW01nMdaPiW5TASAYAQ&id=lidar2&mcvt=1094&p=0,0,250,996&mtos=1094,1094,1094,1094,1094&tos=1094,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3050045420&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687619451635&rpt=485&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	viewability Show response hal900027.redintelligence.net/ Frame FBF6	0 150 B	27ms 9ms	Script text/html	78.46.111.106 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900027.redintelligence.net/viewability?s=11604300080079704444550012365027&a=eac5b62c&vb=m Requested by Host: hal900027.redintelligence.net URL: https://hal900027.redintelligence.net/request_content.php?s=11604300080079704444550012365027&a=b8bf07a6 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.106.111.46.78.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900027.redintelligence.net/request_content.php?s=11604300080079704444550012365027&a=b8bf07a6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Sat, 24 Jun 2023 15:10:53 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H3	200	frame.html Show response ad4m.at/ Frame 8AB4	2 KB 1 KB	21ms 21ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1017917 alt-svc h3=":443"; ma=86400 cache-control public, max-age=3600 cf-cache-status HIT cf-ray 7dc5e66eea539a3b-FRA content-encoding br content-language en content-type text/html; charset=utf-8 date Sat, 24 Jun 2023 15:10:53 GMT expires Thu, 08 Jun 2023 00:41:56 GMT last-modified Thu, 25 Aug 2022 14:12:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWuebSR5j1cMWvS908CARKFFRBUPBpuQ3s%2FlEBoh0iUU2aOCGzfGOH4VcIquv5rYanwx1t9gpvktIjHu7S7G3nizUb%2B4xqh5M7gPF3KIOkZRRzFsVUnR6tq8K9t9RZhcQunNws0%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	pvClk.min.js Show response analytics.webgains.io/ Frame 84F8	85 KB 31 KB	64ms 17ms	Script text/javascript	18.66.147.52 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://analytics.webgains.io/pvClk.min.js Requested by Host: track.webgains.com URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=11604300080079704444550012365027&nw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.52 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-52.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 02:49:42 GMT content-encoding gzip via 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront) last-modified Wed, 15 Mar 2023 17:26:29 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 age 54142 etag W/"876c293e6c37046ecb0c11ce2e276942" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript x-amz-cf-id dtvgOYfQw3c6FSUQBtSbS5chWR681tgTVwqM_mZPnPTmT4mjuwIWdg==
GET H2	200	1x1.gif cdn.track.production.webgains.team/7121/ Frame 84F8	85 B 421 B	74ms 21ms	Image image/gif	18.155.129.96 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1687619752&Signature=D2MsFR3EeVrjxjptOWemRuXBMEarBPKLlgKBCl4H3m5QACUIzi6n8whjtdYQEUPiuwc2zY2WsEiX-hVIRjRln2bWn4vJnDs~SR8XQLOEpg6v-UmTSQ0MsvI2oOTjg06rB8L8WEko3-eqANWbvaStFPantTcqhS~T3Rmc3T8-kdOaiX2OIoF~AsdHiNGcYhWrNT43DVxpvOYa7bNblhXwcmTsy1QWkQ6OSBWvjEGOCTDVs0bsKJhTzW5L-ZMET78epC0hNC-CeIVXxzwP9BOfavRMmWxDtqsbEfPGEchsjN4gitLD7Iw4~VxvyX612p0OLxy93f4YkZ0nlahN-RmrnA__&Key-Pair-Id=K28VXAGA7VWE0O Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.155.129.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-155-129-96.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 02:36:40 GMT x-amz-version-id null via 1.1 bf37fcd05a816a7fa3bda09195cf83b2.cloudfront.net (CloudFront) last-modified Fri, 06 May 2022 11:40:06 GMT server AmazonS3 x-amz-cf-pop CDG52-P4 age 45254 etag "70af33d70b6810475aae19743c8c435b" x-cache Hit from cloudfront content-type image/gif accept-ranges bytes content-length 85 x-amz-cf-id PzJqIU6bbeIYFXFvmzK_JSlYzYcB1GzLc0RsOTG8hdl9SRaG9d6ANw==
GET H2	200	dt dt.adsafeprotected.com/ Frame D03E	43 B 215 B	92ms 92ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1484055&asId=f26a5537-58ab-34cf-3ca7-733fe37bb058&tv=%7Bc:gt6LWd,pingTime:-10,time:740,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMzMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687619453299%7C%7Ca979fbd25d09ddae083da3d5f653b347%7C%7C8623b242deb4313525321dba17b62725%7C%7Ccf985131229038c5b1badeae6d29d575%7C%7Ced2450677b9e3deb09068957f0499fa4%7C%7Cb19a69ed8b1ed2a5e0897e0a3ae89fbb%7C%7Cbdb56e41f93563d5e11355ab85c9f712%7C%7C0e4dfdd2d211f8a396cd894481b75da0%7C%7C1663701684,im:%7Bimprf:%7Bttecl:822,ecd:148,tsecr:361%7D%7D%7D Requested by Host: ye-mek.net URL: https://ye-mek.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT server nginx x-server-name dt12.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E6A3	0 20 B	46ms 46ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHo3peweXZKPlKcbH7gPeipTABgAAAAA4AeAEAg&bg=!WlmlWQ3NAAYQ3eRoMN07ADkAdvg8Ws1dBILjD1pAIIcyBhES30zVxG-JRkR1MBIJzG2V1ydP2caENriC-iTWZf2dygrXXwRi1MgCAAAD2FIAAAAEaAEHmQMUCQln6l9h4mTt0kuVL3ckzCiK48ldNV_GXQAaQgkaICUc1yZ1hdnnAmKcdk1_DXlBFTIMkyYO0MkUDY4rPpgmkf8Qhd1vh5H85IQkJCtIQdvorsc6z3XATeDuU7hqNrVZKIqIC1F8FJFWV1h93FlG0_b3jVzb0Ddz38QShxs7NgodQlPVezmzBkgfGxuksVV8tV7knUl4ohWYgnUfZj_BPIZTAkUdPCWcqdO8vp7dcjURT0Fm6JX1TLp4dElGZD_FCDU_U5ZnulAxc1E6JbhW8nH5NC9gZChcMZwk3s2BYttUpJXsvKf8eK5X0_d1mgcszmEo5-2T9aDjZjT4nRHz40ykZ_lTGCsfnufW8rdGoY8drng9KOlLN3gK_wQDWosUQMal7DGIU_MwLnEdzvKC5r6_IwSYhYaioltT7pWOhlYWHb9UtwzFaeKWNUzN2ECjgmJ4DKbyIsYqropOrk7Lz73Qtg199b5af_qOXwmd3zFWMpYK8Eon4h4VQhicBq0tONzF3jQ421jU0Sx6sC_5zA8yyaUHW3pB5zpGoVlC-w4Xf3ZokdR7Zx7pnk0z3P8N3aXe_xd6eC1KJ8V2qriEAnX52wsW6dBAUFY6NcSYAJYclczjroktTgAp7PI2nbqmwN7JDjUKgLYLn-qTm7OEy9OpBgF1csAULmRbVqh9rUB-Q01sI5PRXbZc1gtKJ7StwOQrRYtUkppOoT2n6EgNIBDgrWVdxYURxGsVKykqB8KbE_59VHCilahlOLGSurnFHzfRnAjpQdTiwBuXA59WX1eKIx9E__JPxOFdvZrvTAftej3CiojXqo1jrmjGsX2Vfl37TeVKNe5sEg94tXRSSWNb11835_nK-prz_f78ogAgN4-cSHPQnSmhAo3uDiaX-x-PSH3n8yxFAiEGtKqK5A1oQOCbDWN7oZxi_rHV63vMDJo5fShezQz77ziKdCDMm01zaPsaotAV3W2vFB5r1pDkB4OdrmGAbr-hEVbjB7urdNd7p_9FI9KGD12gs3q5awpE3xNMBek95iAEtyyDXr3Vasg Requested by Host: e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com URL: https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 177F	0 0	45ms 45ms	Fetch image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstIMkI6o7FdkT-kvmr4oYIo8a5R3rA77DF7KbvqgBFfDrwsuKcWN86db5196CWeGBeS82Ju9lDONt4pQGTmNvJogb0t7FfkP2rVNO8dnrXPAxvdSE_fs51kQD3MFB0sa8vahsytrHTVAkGH_8OrJjs_SwxBTYGGmNDNCg&sai=AMfl-YQA8viFQO5_55UAuBFlTDnbgYK5oY7L-Pce--6n242vTZcVEGInu3izKqxFjqz_0hPqbiiVDcWnh-45lu6WMARctuGcNYK2uFdmhJMtm95PVadnYWVWgl29BCFuEw&sig=Cg0ArKJSzOky_VF6GZDAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=866&vt=11&dtpt=582&dett=3&cstd=272&cisv=r20230620.49587&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 24 Jun 2023 15:10:53 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame B0FA	0 19 B	53ms 52ms	Image text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CXOMvfAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSuAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8-onsTJ92hP3WIc_2AQBWlp-g19m9__6DA3vLKvM0WLaJGoj-fMAIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjU5MzUyMzIxMDAxMDE1NBgA&sigh=jCN8_5yUCNI&uach_m=[UACH]&cid=CAQSKQBygQiDBygowWtxd2LhfdUmpTnB5cG20Vs4eCGMJyuJ0f8DrziqYoo3GAE&cbvp=2&vis=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sat, 24 Jun 2023 15:10:53 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame B0FA	0 103 B	46ms 16ms	Image image/gif	2600:1901:0:76b9::
General Check archive.org Show headers Download Go to Show image Full URL https://prod-rtb.ad4mat.net/winResponse?a=1hh8h0ynpcxwxh6c3fny4w50x9rc6nv90j4yb1af87z67p5rs34bejd8s2z0q5pwrr0nh68qa0ppp9dhbqse1nm97q5s23753wn1psw26j9vyecdz2a4tqz6x70b99yvjsv2vffhgstdbtqtc82xv2qe96etm8k29hw8ys1agdxqc2cpce6z5ftgr70rqk78yeqc6sd753vd42vvzvexv6v8hd4csrwxtvymz9cycph14bj2hcptt0w20ae95y0k3hkwn1gnjgyqkzym3pz0yc6azj0hchw7rxbegg4pf7r17t4shmtttaskvhsm7k8yqbhqpys8k66ttgwwycaqkm524gfjmvqg1jb2rj0jn2w37fxzga4dc4q977d7bvsdvpz1exxacn7vqqx1&b=ZJcHfAAA-rYKp4ERAAjyGdHod9--KmOZxHw71g&cbvp=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687619451757&bpp=1&bdt=271&idt=209&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=212345243548&frm=8&ife=1&pv=1&ga_vid=1686258645.1687619452&ga_sid=1687619452&ga_hid=1106167133&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3622413015&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075413%2C44788442%2C44794790&oid=2&pvsid=89528633706228&tmod=611514670&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8gi812uujzbh&fsb=1&dtd=219 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:76b9:: -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers access-control-allow-origin * date Sat, 24 Jun 2023 15:10:53 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 0A67	0 0	45ms 45ms	Fetch image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJBnM2ZIqmga8T_FkcAaE2huPpSW74PiPKHNBcR3XGcIYa6o77vevtuP9uZl0qz4hLwLCMYlK9qnFeG6LAPNzrZsgSxQ2PW5DqXbLlt4CkTbSYvHgfv_BoTfU3pNM2IFPIhanCfzyac2-x-H126Y_FJIy1OZZCe_1ezw&sai=AMfl-YSwjRJalmwLGAr_qbJsbHUaeXnY3jGNTjHiEfXB9-BNMNTvKLMYOVwfh8i-GlLxO0lSDbYkqZX_UI5jd_9dadRW8G9SSVE0uH3CUkgJm8x3nmtFfBNE9iqOWBfmvg&sig=Cg0ArKJSzCJwiuBvKGzsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=757&vt=11&dtpt=396&dett=3&cstd=353&cisv=r20230620.05133&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 24 Jun 2023 15:10:53 GMT
GET H3	200	main.js Show response s0.2mdn.net/creatives/assets/4703545/ Frame 72B2	3 KB 1 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4703545/main.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=lCAVW55xiJ&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=lCAVW55xiJ&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 14:58:38 GMT content-encoding gzip x-content-type-options nosniff age 735 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1100 x-xss-protection 0 last-modified Fri, 05 May 2023 10:07:31 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:13:38 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 72B2	7 KB 6 KB	53ms 53ms	XHR application/json	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 718cdaeb23b6d50ed7e5d5fa73e79d594252b41615c9cc6256ddc94d80758230 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5696 x-xss-protection 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame D03E	42 B 64 B	46ms 46ms	Fetch image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4-OlnVTa52FC5YLlkkiV1t7c2XS0VhH8mLKAYqGmnrvH_QU4jSzwqLK-4ErJIVsGAdqZfOlq2y79Dw9H5944kkU1Yt3eQIjjEupunmtaNekVxbqeFE3WnErkgEEMLYb9oJLrk7RcX95vf&sai=AMfl-YT5FuUHk-kGwIExRhoCMDDV9AyhKc0q5dAv3zMOXOlXNlX1Kp0PR_NwalR87Ozz9Gz9zuWDnUGF9xl-oGr9AS0ShuXgX8VIgrSYSJm44INt-ZTzZIGGiYeBksAuIW3aLp0nEEBl5Cb26ro9NrIZ-naAsOwqg14c8KR7ncZ13MA2UQ50Hyh4clqBEnLI8A&sig=Cg0ArKJSzFJQHCfJHHxpEAE&cid=CAQSbQBygQiDLmVYNRBHL07lK15TOUXe-maDycFmFgIGsUozEdpLPsCyzOcyNkv9UWLMKXWN5PgMMqiGdRSlILF5FZ4cjCRbd2eNPmChQRDcgBv8-Jegu66GeTHRz2k1OCT4U9tXgix_FEMer6VX8JQYAQ&id=lidar2&mcvt=1030&p=0,0,90,728&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687619451613&rpt=787&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	main.js Show response s0.2mdn.net/creatives/assets/4703545/ Frame 4272	3 KB 1 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4703545/main.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=4XNThhz7Gz&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=4XNThhz7Gz&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 14:58:38 GMT content-encoding gzip x-content-type-options nosniff age 735 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1100 x-xss-protection 0 last-modified Fri, 05 May 2023 10:07:31 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:13:38 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 4272	7 KB 5 KB	51ms 51ms	XHR application/json	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bcd144af618145fa9612bdd3d3de772264afbc9818e1d6ee5c6abd302cd5ad28 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5588 x-xss-protection 0
GET H3	200	160x600_de-de_performance.js Show response s0.2mdn.net/creatives/assets/4703545/ Frame 72B2	62 KB 17 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/4703545/main.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf035fa0bfc989035b3a60bd3384033c03a80a1ba4103a81d20e0bd053301e9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=lCAVW55xiJ&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 14:56:57 GMT content-encoding gzip x-content-type-options nosniff age 836 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17856 x-xss-protection 0 last-modified Tue, 28 Mar 2023 08:23:33 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:11:57 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame A2CC	0 0	62ms 46ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsts0ti0dLruzBglxLjghvIefR5wkAtwZM4xAyimTYt6DU-IQJKk3VqbYfcGV-xXdMS5XOvWdXppRIuDlKwoF7ogsxCwv-wGfuw3Pe7RxBdaNgn04IqdUfLw7ca4CLq38dr7wAPXu0nhpheg1O7mG6S8EluHefGsY9s5lDOcOO9Zx_RQBpcESFMQarNIAsDW3fKZLsP3sPf-Srgb-1m8riPG7-m-1v1DSUAb1cfODAP1Igqe8iM_W9zOR_EDUXLmSeisYY1sAiohbX8zZpylcUSJPpz32_BDDYXtw0dKO2X4YqjhzlGQxZwsos-Ac6sgbii7pNf8jzxK0ENYEzYETEr2eAjxlzgCYORe6jDITOxBGMXs1TnG6ddaOvR_&sai=AMfl-YTBnXTes6qkChAYuQqGYOvL41yMmtitGOcJWNSWEf84gWOutH6FTW1VG3IOoeDTOwzxVhK_XsqxGw0meHLoT4atpHNIdVU8nLt_TwRK3_4&sig=Cg0ArKJSzJIcvZ0R6NaKEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 24 Jun 2023 15:10:53 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame A2CC	14 KB 11 KB	58ms 58ms	XHR application/json	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230620&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 50db374bc22555b79fbce9e32c5cb9a7a60decba7544b3f3cbc4455f382a9ab4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11168 x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 2BF5	15 KB 11 KB	56ms 55ms	XHR application/json	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306220101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 057c1ede49fa51f61ae8b4d1c3801724c9dd4f5c1453864e08fd4aa7d44cac94 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11387 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8D8E	0 20 B	45ms 44ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOEdFfAeXZLONBcr5-gaI2rnYBwAAAAA4AeAEAg&bg=!TE-lTxvNAAYQ3eRoMN07ADkAdvg8WhYuT_p5yfqfQe--Nl8rfdEdCOuApPAr4r_hf8fyVB65f928-sJaYdSU4XCzMto5Flkx5h4CAAACVFIAAAADaAEHmQMc4wXU0iqjk4x9bvdiop1BCv_1xqMstcjpc3_azsjB6xaWmbDa3i3XCX7lERNCa5qaaqqmb8xwsDLN3fgHKvzAZDOR2ndCZCmjYb0WXZ686qg3qkMB3P8Fzg8BJQBlAucGUypr0GTW2IllCnJWhJLZMstvc5sOEql00G44PpndqlJ7SdbgcAzacNPv5t0-o8fV3lInOWQbkWaxK8DDg2jJMvI_sGfOXuE83EVDQDBE9G1jgw2z1LmTwqgmpB48gXYMEZCc3YP3TVVwMjDiBzCA6ON9QVQdt5LiWBPXNQnwCOzNNoDOc2M1sx1rmMpMaY5OcsVt1iI_yTQcQtnDJeqhq6oeCSKAQQtwlDFBG0ucpvSNzsECghWWwtKt-0ujwePycIUi8bxKnc-5POpzCINPgCO9FB9LS2EUepoyLZ8fpanMkkEX9XN7vDpIR76w91ylEpcXSPs8-7HBqs7NXMiohUWkX8lT66qGbfoqDkgPT43qvRuxuxYZfhrpreAkiuJfxdxKBCwsXsUIYHhjSY3zLhNWkSyUCNUhWV88Q9yrIx7v2hRFggcIjps1JKfO_Gq8oZVCiUkSFQazm9Mf1IIGuUtY1JKw6MUUs0KWArPpwFdpp0PXk6FzJRpDgguFMLaOFuXlz0Bbm-Lyh_AapvJO73rXxio1IWh5E6E3b5jtx6GKvScZ63zdmPMpjuLz3J-9ycXSIvsoFxg0gjHyKExwi0BcNLc9T3KA48F2Wx2kQDJw-LheFwl2_s6Z0L6emC7Sy7xIdkF2LIIthG3PxM7hoQGrUAO68aaeJFIQyC0c5gBYrzaPASHqI28ImxH9dsZl9jaLjcj0XTANr9JXKhPmSR4pq5_87ZbHlSQ8XW_g82NIar1d6uCaLY_G18GId4mFvolefPQW9DmCexY5vqjdHq3W-Ya9i3HqlX0rIlMnOo1gYnC0inrqTATlMywQpv_6LmOjRWwem3UxM92ifeHPp248WvqRUU0RhNzoQY7c5Bq-dYOmsBBm-CwW_TqMC25knZkxmx98eWoY0RwzEkQOVrHa48P4ImNUrFh4ng Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 72B2	17 KB 6 KB	28ms 27ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 24 Jun 2023 15:10:53 GMT
GET H3	200	160x600_de-de_performance.js Show response s0.2mdn.net/creatives/assets/4703545/ Frame 4272	62 KB 17 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/4703545/main.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf035fa0bfc989035b3a60bd3384033c03a80a1ba4103a81d20e0bd053301e9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=4XNThhz7Gz&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 14:56:57 GMT content-encoding gzip x-content-type-options nosniff age 836 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17856 x-xss-protection 0 last-modified Tue, 28 Mar 2023 08:23:33 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:11:57 GMT
OPTIONS H3	200	rs ad4m.at/ Frame	0 0	45ms 29ms	Preflight text/plain	2606:4700:20::681a:ad1
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://as.ad4m.at Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-origin https://as.ad4m.at access-control-max-age 1800 allow HEAD,POST,GET,OPTIONS alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7dc5e670bc58bb67-FRA content-length 24 content-type text/plain date Sat, 24 Jun 2023 15:10:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEy3LPL6RXtOpempgunKHg3fNmWtACxXKUWm98%2B77B9ccqUrsvSkpp21yFhnWCr02eo2FLzpNacn0PErtNduxLlKK3FCIpYXaKk%2BsiWfDDr7A0a9TQ1UicuOS7NR%2B%2FTVuGkRZZ4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google x-backend-server aa-reachservice-group-europe-west1-400d
POST H3	200	rs Show response ad4m.at/ Frame F0CA	1 KB 2 KB	34ms 34ms	XHR text/plain	2606:4700:20::681a:ad1
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 4b6155fca5b1fc7166885434d4bf655d0d91cbed7dd3c642cc23414171c4efc4 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Content-Type application/json Response headers date Sat, 24 Jun 2023 15:10:53 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FveSVr8xdrx5TMaTWRSDUe0piOFU8otFO53zeS18Y55NnRcTldE1Im6aiuWkwgatH0%2BiaqQdMfXsdYhJb%2B6NS3MEdwPs5n%2BRkObY03aOU3RfLicQvw3sGLlWqnmgpekpvzIrkmA%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://as.ad4m.at access-control-allow-credentials true cf-ray 7dc5e670ec93bb67-FRA x-backend-server aa-reachservice-group-europe-west1-hkpl alt-svc h3=":443"; ma=86400
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 4272	17 KB 6 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 24 Jun 2023 15:10:53 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame A2CC	17 KB 6 KB	16ms 16ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 24 Jun 2023 15:10:53 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 2BF5	17 KB 6 KB	24ms 24ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js?cb=31075569 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 24 Jun 2023 15:10:53 GMT
GET H3	200	star_alliance.svg Show response s0.2mdn.net/creatives/assets/4689654/ Frame 72B2	4 KB 2 KB	11ms 10ms	XHR image/svg+xml	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=lCAVW55xiJ&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 14:57:35 GMT content-encoding gzip x-content-type-options nosniff age 798 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1840 x-xss-protection 0 last-modified Tue, 04 Oct 2022 11:00:32 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:12:35 GMT
GET H3	200	lh_logotype_single.svg Show response s0.2mdn.net/creatives/assets/4689654/ Frame 72B2	5 KB 2 KB	13ms 12ms	XHR image/svg+xml	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=lCAVW55xiJ&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:07:09 GMT content-encoding gzip x-content-type-options nosniff age 224 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2151 x-xss-protection 0 last-modified Tue, 18 Oct 2022 09:41:58 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:22:09 GMT
GET H3	200	lh_crane.svg Show response s0.2mdn.net/creatives/assets/4689654/ Frame 72B2	2 KB 1 KB	11ms 10ms	XHR image/svg+xml	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=lCAVW55xiJ&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:08:06 GMT content-encoding gzip x-content-type-options nosniff age 167 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1311 x-xss-protection 0 last-modified Tue, 18 Oct 2022 09:41:55 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:23:06 GMT
GET H3	200	NH_D_EU_Rome-Palais-Indian_160x600.jpg s0.2mdn.net/creatives/assets/4703548/ Frame 72B2	57 KB 57 KB	11ms 10ms	Image image/jpeg	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4703548/NH_D_EU_Rome-Palais-Indian_160x600.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7a2e590d6eeea3cd04e2c15877f65f1c49c20711bdc609689dc284a9bf4065ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=lCAVW55xiJ&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:01:44 GMT x-content-type-options nosniff age 549 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58342 x-xss-protection 0 last-modified Mon, 07 Nov 2022 16:58:56 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:16:44 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B06D	0 20 B	45ms 45ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BphCafAeXZK7XB8iHrASR95moCgAAAAA4AeAEAg&bg=!QkGlQRXNAAYQ3eRoMN07ADkAdvg8Wqwe6S-EZEj2AeFfEDFuQ4Db7QpJomszFZolUlmFeS0oSvLARb0kBhgw41h-PB41AkzTOgUCAAABVlIAAAAFaAEHmQMTQayByTNjZKwEek9d5dWjncLjl-_grrQVFEWVndswuZQD2Buw_yORKi9g1IIe8LVtnu2snbQLFsdLmgJDNQdKPxmYZ1d0pRq-K6oHRN4o5h-hkshlfK2pmbPuPl0MruULFwvO4Vv8J29S5KUBKaA3kONvcdXAA_9ar7-OEQHU2-4sykk4Bk63rHLBIdwmRWsNMSeCGhThe7965JJJgZYAtpLWG99V1b8PbcEb2LZqiP4V4KIJtmdAVd7UHbcHg_cDf67BhDGlCwld3fFH2vLt12oik1uCp3oZryiyN_PitpuDFoUOh9bzql8Bd9hleNCjZnceIYGP7cfdtFU8LYiPfAjQESWUkAS8mKyeskPRe6N3dAbKq6mWVEJOACS0bZNwa4_SNMZISfgSeEdyoy6vqAYesc-UYZtKUBt4biwgYIwKyegBXW-Wx5RktLoXrVJPx3AGG8ziDkhu67xAV82WJICL4RryzjapdkSMn9z5NYSuMj7BvDVbpi4VaBKaCeW5MuYJYbyTpSiyv7e_8w7IVhuXSMZ_UQgmAsdfRyCx6AOBjJXavzZu3TmU_y3IP9XNcg-eQInJn0rmutX0nl_p5gRyevrP7ijFDIi3hPWIdX0zyyo-jdLmxadOyV4yzyBmq9RjuS2hEjY7wAbSqKRlIZcKy7ZEcaJaSiFeeS98jhLa-7vnfySy0mr_fyTZMhHbN_2H4ac4SjlDJklYaVmIgoLBRhsGTV7-ZJ2XzUg216LFfFJxkigb4I9aFlOA4CRHUPezpXOmRpvQMSipHFZ2gPrmEMEEdFFkXNXdDFOZ33izX9zfgRkBEac7O7maFOgQr0dKOT3XKdGmGW4uvyw8yWJ1ut_rC6H2C8VcTvAoBPXAz81eY2THMh_2bnhgcQLcCNcQkrENTdi-Ngps6xUJmorTRG0ATz_I41ok-dKae8Jr8pgtsCFcCibYUfKMjRDoA5KK-RLuUl0zjhB-vbYPGfsgwOcd-NNMTOnIalOOSCZ3QjBOjjG0-yt7BSNOwHVaRATBsBejJVVu_4K60enUTxvHMw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	LufthansaHeadWeb-Bold.woff2 s0.2mdn.net/creatives/assets/4714589/ Frame 72B2	50 KB 50 KB	9ms 9ms	Font font/woff2	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=lCAVW55xiJ&t=1&renderingType=2&ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 14:57:28 GMT x-content-type-options nosniff age 805 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51548 x-xss-protection 0 last-modified Fri, 18 Nov 2022 11:46:13 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:12:28 GMT
GET H3	200	IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response pagead2.googlesyndication.com/bg/ Frame 530E	38 KB 14 KB	10ms 10ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 19:10:38 GMT content-encoding br x-content-type-options nosniff age 158415 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14804 x-xss-protection 0 last-modified Mon, 19 Jun 2023 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 21 Jun 2024 19:10:38 GMT
GET H3	200	rar Show response as.ad4m.at/ad/ Frame B68A	10 KB 4 KB	34ms 34ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2f06b45a601a242c33fc993b82aa6be3%2F753262136356710167&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687619453588&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2zdwmrbt1fenkr87qem3bfyz4361g7frj5dh10758f1bra1y334nehh6fs0j1rgz2hhx1tywxy174mvegkzrefeynjxvxm6b31qpqtt6bwjx9rm6ebcq2z851kpm5wayvemzagw1tf58rg7487qe3e2qfqaqzhd563k52jptfz93mdvkk8yk3anshs75k964ben8azkjqvwab69bggamz95vcv8jn3dvr5tw8hmpzbbj6ydjtd1hf4kerb5m0c3bardbys90zbmeaaz6egxamak4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6bd60670274932bc9856596b51705f4e37fa01a3fa280f731127d499f91dc233 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/dr?ed=1ht9xfs9ewh3rvhjx1q4c1rfev94s5311kb9g6wx37wvm25rvz57sezy0g11afvv634rbw3xdwm435t6by34wens6br2k8ayktpmgmhcy7zcykhvj8wcy42030d2j8grscwqd54gespetskkacxpvq1fzxzc2raw2aq9ps3hdesfxqnd859jtq4php0perp8tpw0atsevwwdpxdyh1cn6gmshx7qg09a86hwhx1a99ydmq6drz1ejj6kan2y8md6bcgfacbjxgsqz02jdnctn6bdzr7jkdptkksy4sgnrek79dep4kdcxf8868b55a2gdd8wgspe9v7mnt80w1wb95wa41p6k09sdb9hc3h4nry9g995w5mqxa6dw4fnnrytdhm33ntdma6yxsxz8nxnbq3m9b787cjb1n7pvnqjjbafwtw6mcmrdygf56bcxph6y30hs63kt8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%26client%3Dca-pub-6593523210010154%26adurl%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7dc5e6729f869a3b-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:53 GMT expires 0 feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H3	200	IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response pagead2.googlesyndication.com/bg/ Frame 877E	38 KB 14 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 19:10:38 GMT content-encoding br x-content-type-options nosniff age 158415 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14804 x-xss-protection 0 last-modified Mon, 19 Jun 2023 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 21 Jun 2024 19:10:38 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 752E	0 20 B	46ms 45ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbOntfAeXZOrbCYqRjuwP7da76AYAAAAAOAHgBAI&bg=!HxylHEjNAAYQ3eRoMN07ADkAdvg8WobViLJfPYVGe8bxC1PAsqg-J3CCyE1NfpCne2V3XhHOEHK2syO3kFIIS_3Cv1rKPFdrwY8CAAAA_lIAAAAEaAEHmQMSkDCf0soGgsreJc2jhDO0cRh5KC5v8UMR1xjVmDkbZq2d8tajU2zOYdsGu6TFrZhEh4WS8XsrsPCtHmL5wE4W6dk8i8SJX2msP9oh6h0hBfjUW_dLBVLG7tzDrksRAp5_xEyUHhvnNFe_Ya_gpjHYPPKzVuBaKxhjzFxTEf-rymHz7IY_bikqobM9kz0i9V0RxpK70b5XVpObMYZNHENpa0OfmGXCMc7andnqsubdEETpwoSJAaWQItBR2A8VrH3YGeypod4lkknFsj23I3whaI4hydwiELSYDMAL-t3VhIk9BAyq8UNcW7mLluZJ_BSAdBqafWDW3p4hfMKM1dHtyDw2pAPIozr3JipHcEpP340eCCuMLIye4S_yjnTb2c_IuknBx3t3FRDj-qNCNqpVd3nZ3qQ6k2WYREeH5RKi5sAIDTHx-Q_4VW4b5d3r4Z7eFMg7vO8IZnYOEJ0V4F9mufDXWt33fuX0cQmOhK8jPYgTg5ivY1doInULYM3GPmHXeubmR3WUcYoHuzjYep-Y-Z4rYhC3rD1LYxD9YHc4wPclmDM_12RvRsZFG_BknjbNS1OlCvbxd5br6mljssLAhb3CnBU_l2ITvGtr7EbKr2knuhJLH7glfDRfH30WbdQlo3qI_mZj_omwhNdtRc3QEE8XpvqhgY2jZlI95-Rhisn0Xhow4f8QIr6menJgYuL9bo1i85N_uH0Uatt-XUYCzQVLdbx2mAyo3msONz4cHCZuC0XMJXKEmE4iKlZa-33FhJKu6x8VJIfV12p5GvKnxo4iCVGXBZr5D-fTdzTt47z3uj-V3AqHVTcQXkXYC1Y-Cid_ENMzaUSM4pC_tSWYA-MqY1fcRrZ9GySmxxHPkUtHwAfYrgAUIu-lW2rDDPq71rLBJFkSb4S1Ncy9J8ef03BQsqkaJPvClWaXyrNiWgSzcNQM4Ka7T_pYeiQnnt7sAXYfq4NiJPAKm-iBvS_jUR1vci7wfPWMvmhFtPnp9H1PvE7QkeWribwCvQKIno7gtfb08vkcf1L1nq0OO7pqyB2T Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	star_alliance.svg Show response s0.2mdn.net/creatives/assets/4689654/ Frame 4272	4 KB 2 KB	9ms 8ms	XHR image/svg+xml	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=4XNThhz7Gz&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 14:57:35 GMT content-encoding gzip x-content-type-options nosniff age 798 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1840 x-xss-protection 0 last-modified Tue, 04 Oct 2022 11:00:32 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:12:35 GMT
GET H3	200	lh_logotype_single.svg Show response s0.2mdn.net/creatives/assets/4689654/ Frame 4272	5 KB 2 KB	12ms 12ms	XHR image/svg+xml	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=4XNThhz7Gz&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:07:09 GMT content-encoding gzip x-content-type-options nosniff age 224 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2151 x-xss-protection 0 last-modified Tue, 18 Oct 2022 09:41:58 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:22:09 GMT
GET H3	200	lh_crane.svg Show response s0.2mdn.net/creatives/assets/4689654/ Frame 4272	2 KB 1 KB	13ms 12ms	XHR image/svg+xml	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=4XNThhz7Gz&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:08:06 GMT content-encoding gzip x-content-type-options nosniff age 167 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1311 x-xss-protection 0 last-modified Tue, 18 Oct 2022 09:41:55 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:23:06 GMT
GET H3	200	NH_D_EU_Rome-Palais-Indian_160x600.jpg s0.2mdn.net/creatives/assets/4703548/ Frame 4272	57 KB 57 KB	13ms 12ms	Image image/jpeg	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4703548/NH_D_EU_Rome-Palais-Indian_160x600.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7a2e590d6eeea3cd04e2c15877f65f1c49c20711bdc609689dc284a9bf4065ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=4XNThhz7Gz&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:01:44 GMT x-content-type-options nosniff age 549 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58342 x-xss-protection 0 last-modified Mon, 07 Nov 2022 16:58:56 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:16:44 GMT
GET H3	200	LufthansaHeadWeb-Bold.woff2 s0.2mdn.net/creatives/assets/4714589/ Frame 4272	50 KB 50 KB	8ms 8ms	Font font/woff2	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=4XNThhz7Gz&t=1&renderingType=2&ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 14:57:28 GMT x-content-type-options nosniff age 805 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51548 x-xss-protection 0 last-modified Fri, 18 Nov 2022 11:46:13 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Jun 2023 15:12:28 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2B96	13 KB 5 KB	15ms 8ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 28342 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 07:18:31 GMT expires Sun, 23 Jun 2024 07:18:31 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame F78A	783 B 1002 B	25ms 17ms	Document text/html	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7ae8697b598072ff9c30c03c2cd8b142406d2c972de265a020cbae077e6e7c98 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-sVMRst7FPXKY2Tt6NWbZLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 514 content-security-policy script-src 'report-sample' 'nonce-sVMRst7FPXKY2Tt6NWbZLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:53 GMT expires Sat, 24 Jun 2023 15:10:53 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame F1EE	13 KB 5 KB	15ms 9ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ye-mek.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 28342 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 07:18:31 GMT expires Sun, 23 Jun 2024 07:18:31 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 3029	783 B 739 B	24ms 18ms	Document text/html	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 860fffa0dec7cc2daa9f0d9084674519aa031febcaa7fb9db6def5811c2cc0c1 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-0dxuib50RnA6iBfsw2hjbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ye-mek.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-0dxuib50RnA6iBfsw2hjbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 24 Jun 2023 15:10:53 GMT expires Sat, 24 Jun 2023 15:10:53 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	dt dt.adsafeprotected.com/ Frame 177F	43 B 215 B	93ms 93ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=315ff81f-3483-8faf-ac1d-43f4ca54c81e&tv=%7Bc:gt6M3J,pingTime:1,time:1625,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:19%7D,%7Bpiv:100,vs:i,r:,t:624%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:624,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B617~0%5D,as:%5B617~160.600%5D%7D%7D,%7Bsl:i,t:624,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:205,fm:tI6XeCW+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C1172%7C118*.1352960-70224227%7C1181%7C119.1352960-70224227%7C1191%7C11a.1484055-72040524%7C11a1%7C11b1%7C11c,idMap:118*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:20,sis:378%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT server nginx x-server-name dt11.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 177F	43 B 215 B	94ms 93ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=315ff81f-3483-8faf-ac1d-43f4ca54c81e&tv=%7Bc:gt6M3K,pingTime:1,time:1626,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:19%7D,%7Bpiv:100,vs:i,r:,t:624%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:624,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B617~0%5D,as:%5B617~160.600%5D%7D%7D,%7Bsl:i,t:624,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:205,fm:tI6XeCW+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C1172%7C118*.1352960-70224227%7C1181%7C119.1352960-70224227%7C1191%7C11a.1484055-72040524%7C11a1%7C11b1%7C11c,idMap:118*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:20,sis:378,metricId:grpm1,cmr:t%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT server nginx x-server-name dt19.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	5ed7702fe4b07a92411bc03e ng2.virgul.com/tck/imp/ Frame 2BF5	0 209 B	50ms 50ms	Image text/plain	185.7.176.221 SH
General Check archive.org Show headers Download Go to Show image Full URL https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1687619450846&userId=vnet123931f3-5d4e-45ce-8bee-3e95e8876882 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers access-control-allow-origin https://ye-mek.net date Sat, 24 Jun 2023 15:10:53 GMT access-control-allow-credentials true expires Tue, 04 Jan 2022 10:49:40 GMT server openresty/1.15.8.3 content-length 0 p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 177F	42 B 64 B	49ms 48ms	Fetch image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6I3wdXcsSEmcHIUFuoWxrsSMsq10-cAlxUnmhrGG1M3_MIhGbEIAcAdLFV_BCWiWrnxnKK-sW9eiaCLTiO-z7vCnwHS4MURO7Gydmt_Ll7h6OTiOJ2OOSymXcQvlOYOYtYWnEyQav-xf8&sai=AMfl-YSwFba-cMAlioGdjPTAwXsPvRa1F4HJHvlhiYB0w_QI_9I-ieIQA8_SsoAsYFW4GTX0m7kV8sO3db85c5BvVVrXgaL3na384T34cI9o53WSz_2rxdtiZmfbi1J2m1g7cKucKVrWWcLtjPX_hR3OIMi0xCEDj3LwWP3QbUR2WuUyvntuF3v__cfb-NXxqw&sig=Cg0ArKJSzARuJ5rQ4jM4EAE&cid=CAQSbQBygQiDg-wr4CTft0WWBkb6lK9qvkCvtkXEZRd5tm7OdkNGIbG42UdNMHOJm3pApSFRnip7ipsXFqITjSRO_1owZMiupIf5OkV1VWtz87Eswef9Rb_x1lDGih4MT6RiF9owA_FGLkR3ltWydDoYAQ&id=lidar2&mcvt=1000&p=0,119,40,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3203893797&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687619451543&rpt=1010&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:53 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	default.css as.ad4m.at/ad/style/0.1.42/one-ad/ Frame B68A	106 KB 13 KB	29ms 28ms	Stylesheet text/css	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2f06b45a601a242c33fc993b82aa6be3%2F753262136356710167&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687619453588&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2zdwmrbt1fenkr87qem3bfyz4361g7frj5dh10758f1bra1y334nehh6fs0j1rgz2hhx1tywxy174mvegkzrefeynjxvxm6b31qpqtt6bwjx9rm6ebcq2z851kpm5wayvemzagw1tf58rg7487qe3e2qfqaqzhd563k52jptfz93mdvkk8yk3anshs75k964ben8azkjqvwab69bggamz95vcv8jn3dvr5tw8hmpzbbj6ydjtd1hf4kerb5m0c3bardbys90zbmeaaz6egxamak4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2f06b45a601a242c33fc993b82aa6be3%2F753262136356710167&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687619453588&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2zdwmrbt1fenkr87qem3bfyz4361g7frj5dh10758f1bra1y334nehh6fs0j1rgz2hhx1tywxy174mvegkzrefeynjxvxm6b31qpqtt6bwjx9rm6ebcq2z851kpm5wayvemzagw1tf58rg7487qe3e2qfqaqzhd563k52jptfz93mdvkk8yk3anshs75k964ben8azkjqvwab69bggamz95vcv8jn3dvr5tw8hmpzbbj6ydjtd1hf4kerb5m0c3bardbys90zbmeaaz6egxamak4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-meta-goog-reserved-file-mtime 1686312358 age 97187 cf-polished origSize=108907 x-guploader-uploadid ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Fri, 09 Jun 2023 12:06:25 GMT server cloudflare etag W/"913a188acf4937267d989357edafdccf" vary Accept-Encoding x-goog-generation 1686312385390155 content-type text/css x-goog-hash crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw== cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MazVP4d8lefAlCnHerg%2F%2FCgF2Id9u4ga15yb%2F8f6RTCQH6N9L5e4%2FwB%2BXO7KurTjxHwOV5h4c3NXwJrUP5h3XBr53YwCoMmZSCf0zlky6iTkkc%2FHscOByqzXrmiYfE1onepKJXbzC%2BY%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 108907 cf-ray 7dc5e672dfd29a3b-FRA expires Sat, 24 Jun 2023 16:10:53 GMT
GET H2	200	C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022 assets.ad4m.at/logo/ Frame B68A	5 KB 5 KB	34ms 19ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2f06b45a601a242c33fc993b82aa6be3%2F753262136356710167&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687619453588&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2zdwmrbt1fenkr87qem3bfyz4361g7frj5dh10758f1bra1y334nehh6fs0j1rgz2hhx1tywxy174mvegkzrefeynjxvxm6b31qpqtt6bwjx9rm6ebcq2z851kpm5wayvemzagw1tf58rg7487qe3e2qfqaqzhd563k52jptfz93mdvkk8yk3anshs75k964ben8azkjqvwab69bggamz95vcv8jn3dvr5tw8hmpzbbj6ydjtd1hf4kerb5m0c3bardbys90zbmeaaz6egxamak4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2448742 cf-polished origFmt=png, origSize=10283 alt-svc h3=":443"; ma=86400 content-length 4736 cf-bgj imgq:85,h2pri last-modified Thu, 06 Apr 2023 12:21:02 GMT server cloudflare etag "b90d04a587c2a1ab6749e51d8bb195d1" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UoyqyJxjSMYWZlk%2Fk2kaX1RQLTKdkPilx9MAh5sFfwCn3lt3eaaqRxNb6lAgZlWWCz2qEsNp8EagyM1uduwx1IHfDYcg%2Fh5pwRb5H3DfeyAsjZ36DkPfAJo%2B2zuAdKsYNcI%2Fg6vMkrEhj3g"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7dc5e672ff4c18e2-FRA expires Sun, 25 Jun 2023 15:10:53 GMT
GET H3	200	A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75 assets.ad4m.at/product_image/ Frame B68A	91 KB 91 KB	19ms 18ms	Image image/png	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2f06b45a601a242c33fc993b82aa6be3%2F753262136356710167&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687619453588&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2zdwmrbt1fenkr87qem3bfyz4361g7frj5dh10758f1bra1y334nehh6fs0j1rgz2hhx1tywxy174mvegkzrefeynjxvxm6b31qpqtt6bwjx9rm6ebcq2z851kpm5wayvemzagw1tf58rg7487qe3e2qfqaqzhd563k52jptfz93mdvkk8yk3anshs75k964ben8azkjqvwab69bggamz95vcv8jn3dvr5tw8hmpzbbj6ydjtd1hf4kerb5m0c3bardbys90zbmeaaz6egxamak4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2146713 cf-polished origSize=105738, status=vary_header_present alt-svc h3=":443"; ma=86400 content-length 92686 cf-bgj imgq:85,h2pri last-modified Mon, 04 Jul 2022 08:55:40 GMT server cloudflare etag "147be38db57f89c69c9e65b05983ff0e" vary X-Goog-Allowed-Resources, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IqTOSZIk7NKYS9vFmFjSubhFwIRjOE6HW8lhul7xJM1r2KUG4rOKOXY8rKhklirZ44Xp175bv7T3YXvuz42g%2FyRij5RCXohtze0j8wQmIsR468n66bYZl%2FS%2F%2Bb2fo2G36H02TdQeIIxmxNF"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=86400 accept-ranges bytes cf-ray 7dc5e67318149a3b-FRA expires Sun, 25 Jun 2023 15:10:53 GMT
GET H3	200	A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266 assets.ad4m.at/logo/ Frame B68A	2 KB 3 KB	37ms 35ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2f06b45a601a242c33fc993b82aa6be3%2F753262136356710167&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687619453588&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2zdwmrbt1fenkr87qem3bfyz4361g7frj5dh10758f1bra1y334nehh6fs0j1rgz2hhx1tywxy174mvegkzrefeynjxvxm6b31qpqtt6bwjx9rm6ebcq2z851kpm5wayvemzagw1tf58rg7487qe3e2qfqaqzhd563k52jptfz93mdvkk8yk3anshs75k964ben8azkjqvwab69bggamz95vcv8jn3dvr5tw8hmpzbbj6ydjtd1hf4kerb5m0c3bardbys90zbmeaaz6egxamak4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 276787 cf-polished origFmt=png, origSize=9357 alt-svc h3=":443"; ma=86400 content-length 2330 cf-bgj imgq:85,h2pri last-modified Thu, 08 Apr 2021 14:26:03 GMT server cloudflare etag "8cc161b392f5744da5319a4da549b763" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uF02QPoo02UlUA8LtzO9hZxtXYQ7TH1R281xZdiWZnvb289D013NxXLuC7fxgDk%2BoS7%2Fu0xrpBDOkZDhkvozwnmNBIUB32WWhvIFLvYiRUL%2BKIrJbxCy%2BkLzQSqXEV%2B%2F9xejTsDqdeat2QfO"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7dc5e67318159a3b-FRA expires Sun, 25 Jun 2023 15:10:53 GMT
GET H3	200	B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1 assets.ad4m.at/ Frame B68A	253 KB 254 KB	38ms 36ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2f06b45a601a242c33fc993b82aa6be3%2F753262136356710167&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687619453588&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2zdwmrbt1fenkr87qem3bfyz4361g7frj5dh10758f1bra1y334nehh6fs0j1rgz2hhx1tywxy174mvegkzrefeynjxvxm6b31qpqtt6bwjx9rm6ebcq2z851kpm5wayvemzagw1tf58rg7487qe3e2qfqaqzhd563k52jptfz93mdvkk8yk3anshs75k964ben8azkjqvwab69bggamz95vcv8jn3dvr5tw8hmpzbbj6ydjtd1hf4kerb5m0c3bardbys90zbmeaaz6egxamak4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 123788 cf-polished origFmt=png, origSize=431531 alt-svc h3=":443"; ma=86400 content-length 259252 cf-bgj imgq:85,h2pri last-modified Fri, 16 Jun 2023 10:20:07 GMT server cloudflare etag "16f7fe8ce7119ba0f513f8179ecb2d3a" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNcGCSe%2BzZkm%2BwNGWXV5VlM1HPzLL77kQFnojo3Sj%2FfFDfPwwzbDvtCdmorTEnAlaMkjR9o%2BZP3FVV1nzFISQ5d1gaD9l%2B9w4A5IMgy0l5Xfq%2BFdDm8h1nIUW9Bv5ZpeJZXXkSHn7jb5f6UF"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7dc5e67318169a3b-FRA expires Sun, 25 Jun 2023 15:10:53 GMT
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame B68A	43 B 702 B	63ms 60ms	Image image/gif	104.102.45.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2f06b45a601a242c33fc993b82aa6be3%2F753262136356710167&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687619453588&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2zdwmrbt1fenkr87qem3bfyz4361g7frj5dh10758f1bra1y334nehh6fs0j1rgz2hhx1tywxy174mvegkzrefeynjxvxm6b31qpqtt6bwjx9rm6ebcq2z851kpm5wayvemzagw1tf58rg7487qe3e2qfqaqzhd563k52jptfz93mdvkk8yk3anshs75k964ben8azkjqvwab69bggamz95vcv8jn3dvr5tw8hmpzbbj6ydjtd1hf4kerb5m0c3bardbys90zbmeaaz6egxamak4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-102-45-165.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:53 GMT Strict-Transport-Security max-age=86400 Node Helix Content-Type image/gif P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 43 Expires 0
GET H3	200	90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826 assets.ad4m.at/logo/ Frame B68A	36 KB 36 KB	56ms 53ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2f06b45a601a242c33fc993b82aa6be3%2F753262136356710167&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687619453588&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2zdwmrbt1fenkr87qem3bfyz4361g7frj5dh10758f1bra1y334nehh6fs0j1rgz2hhx1tywxy174mvegkzrefeynjxvxm6b31qpqtt6bwjx9rm6ebcq2z851kpm5wayvemzagw1tf58rg7487qe3e2qfqaqzhd563k52jptfz93mdvkk8yk3anshs75k964ben8azkjqvwab69bggamz95vcv8jn3dvr5tw8hmpzbbj6ydjtd1hf4kerb5m0c3bardbys90zbmeaaz6egxamak4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2669913 cf-polished origFmt=png, origSize=62828 alt-svc h3=":443"; ma=86400 content-length 36446 cf-bgj imgq:85,h2pri last-modified Tue, 18 Oct 2022 15:02:47 GMT server cloudflare etag "e12c1a9f1887c09d377658838eaaa06d" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEz%2Fy9PQNHECzgwqdCjvg%2FYO427clUd5qR1%2FbJh8nA5HxKSM51Rkm5tIuadHqTrf%2FPaEwI4y83XCWwC77jQIZhurFt3%2FpczmZbvZUEdeTt1SBbI13n83WfOvPoEhIFz1tevGZ6gr%2Fhc8amuL"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7dc5e67318179a3b-FRA expires Sun, 25 Jun 2023 15:10:53 GMT
GET H3	200	287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1 assets.ad4m.at/ Frame B68A	38 KB 38 KB	27ms 25ms	Image image/jpeg	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2f06b45a601a242c33fc993b82aa6be3%2F753262136356710167&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687619453588&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2zdwmrbt1fenkr87qem3bfyz4361g7frj5dh10758f1bra1y334nehh6fs0j1rgz2hhx1tywxy174mvegkzrefeynjxvxm6b31qpqtt6bwjx9rm6ebcq2z851kpm5wayvemzagw1tf58rg7487qe3e2qfqaqzhd563k52jptfz93mdvkk8yk3anshs75k964ben8azkjqvwab69bggamz95vcv8jn3dvr5tw8hmpzbbj6ydjtd1hf4kerb5m0c3bardbys90zbmeaaz6egxamak4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1017211 cf-polished degrade=85, origSize=133780, status=vary_header_present alt-svc h3=":443"; ma=86400 content-length 38661 cf-bgj imgq:85,h2pri last-modified Tue, 18 Feb 2020 10:22:01 GMT server cloudflare etag "d061ca155f758f490340e147604dc3ee" vary X-Goog-Allowed-Resources, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbvWGdCqZA%2BsAPYNT6C35LaSXUSZZYSRubK0oHx0cqAyO7jgWcFH%2B89CTfMGJX%2B2hiUBvv%2BZbJ9LnKYSuH5mfQPciSxR2%2Fpr3rLG9hB7VmX6sCak6IrInZSPaJHm8qGlieT01lexM6ZS5w9%2F"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=86400 accept-ranges bytes cf-ray 7dc5e67318189a3b-FRA expires Sun, 25 Jun 2023 15:10:53 GMT
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame B68A	43 B 702 B	87ms 72ms	Image image/gif	104.102.45.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2f06b45a601a242c33fc993b82aa6be3%2F753262136356710167&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687619453588&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2zdwmrbt1fenkr87qem3bfyz4361g7frj5dh10758f1bra1y334nehh6fs0j1rgz2hhx1tywxy174mvegkzrefeynjxvxm6b31qpqtt6bwjx9rm6ebcq2z851kpm5wayvemzagw1tf58rg7487qe3e2qfqaqzhd563k52jptfz93mdvkk8yk3anshs75k964ben8azkjqvwab69bggamz95vcv8jn3dvr5tw8hmpzbbj6ydjtd1hf4kerb5m0c3bardbys90zbmeaaz6egxamak4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-102-45-165.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Jun 2023 15:10:54 GMT Strict-Transport-Security max-age=86400 Node Helix Content-Type image/gif P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 43 Expires 0
GET H2	200	link.html Show response track.webgains.com/ Frame B68A	2 KB 2 KB	80ms 80ms	Script text/html	3.11.176.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hrfja7q4r03hr6ddqwhbqg58arc586t747fh54dxmrw69y59dvedfnv4xqg59dh2zn01kb1ka5bgjkm9dkmrc05avd98vamvrm0b37y1kddcwk7d6v2xw3swt7xehyzvgatjasyt5kracmws1fs1sqxj7x8vwpky6w150544azdf2y9a3af7pk0qbwsa6g3dk3rkkyk9p4y50ssj24efkq022ydh9t60rzvjjs187arkwrd35xyp49g8q8hpvgqm4%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g2zdwmrbt1fenkr87qem3bfyz4361g7frj5dh10758f1bra1y334nehh6fs0j1rgz2hhx1tywxy174mvegkzrefeynjxvxm6b31qpqtt6bwjx9rm6ebcq2z851kpm5wayvemzagw1tf58rg7487qe3e2qfqaqzhd563k52jptfz93mdvkk8yk3anshs75k964ben8azkjqvwab69bggamz95vcv8jn3dvr5tw8hmpzbbj6ydjtd1hf4kerb5m0c3bardbys90zbmeaaz6egxamak4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2f06b45a601a242c33fc993b82aa6be3%2F753262136356710167&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687619453588&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2zdwmrbt1fenkr87qem3bfyz4361g7frj5dh10758f1bra1y334nehh6fs0j1rgz2hhx1tywxy174mvegkzrefeynjxvxm6b31qpqtt6bwjx9rm6ebcq2z851kpm5wayvemzagw1tf58rg7487qe3e2qfqaqzhd563k52jptfz93mdvkk8yk3anshs75k964ben8azkjqvwab69bggamz95vcv8jn3dvr5tw8hmpzbbj6ydjtd1hf4kerb5m0c3bardbys90zbmeaaz6egxamak4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.11.176.98 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-11-176-98.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash b0756bd5b907f637773d754a7e5c92344ad2983c015b4dc4b2591328951d1dc7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:54 GMT last-modified Sat, 24 Jun 2023 15:10:54 GMT server nginx x-powered-by PHP/7.4.26 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=60 access-control-allow-headers Authorization expires Sat, 24 Jun 2023 15:11:54 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame F78A	0 0	42ms 42ms	Image text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230620&jk=89528633706228&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 3029	0 0	42ms 42ms	Image text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306220101&jk=4316092289396185&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers
GET H2	200	dt dt.adsafeprotected.com/ Frame 0A67	43 B 215 B	97ms 97ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=ebe5f00f-2a08-6f56-a9f8-f609d451617a&tv=%7Bc:gt6M9A,pingTime:1,time:1822,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:23%7D,%7Bpiv:100,vs:i,r:,t:681%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1141,o:681,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B675~0%5D,as:%5B675~160.600%5D%7D%7D,%7Bsl:i,t:681,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1141~100%5D,as:%5B1141~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:202,fm:tI6XeCW+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C11721%7C118.1352960-70224227%7C1181%7C1182%7C1183%7C119*.1352960-70224227%7C1191%7C11a.1484055-72040524%7C11a1%7C11b1%7C11c1,idMap:119*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:367%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:54 GMT server nginx x-server-name dt02.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 0A67	43 B 215 B	95ms 95ms	Image image/gif	2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=ebe5f00f-2a08-6f56-a9f8-f609d451617a&tv=%7Bc:gt6M9B,pingTime:1,time:1823,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:23%7D,%7Bpiv:100,vs:i,r:,t:681%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1142,o:681,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B675~0%5D,as:%5B675~160.600%5D%7D%7D,%7Bsl:i,t:681,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1142~100%5D,as:%5B1142~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:202,fm:tI6XeCW+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C1171%7C11721%7C118.1352960-70224227%7C1181%7C1182%7C1183%7C119*.1352960-70224227%7C1191%7C11a.1484055-72040524%7C11a1%7C11b1%7C11c1,idMap:119*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:24,sis:367,metricId:grpm1,cmr:t%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:dc7b:ed81:6094:3fb5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:54 GMT server nginx x-server-name dt16.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	5ed7638be4b07a92411bbffe ng.virgul.com/tck/i_vb2/ Frame 2BF5	0 209 B	51ms 51ms	Image text/plain	185.7.176.221 SH
General Check archive.org Show headers Download Go to Show image Full URL https://ng.virgul.com/tck/i_vb2/5ed7638be4b07a92411bbffe?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1687619454178&userId=vnet123931f3-5d4e-45ce-8bee-3e95e8876882 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers access-control-allow-origin https://ye-mek.net date Sat, 24 Jun 2023 15:10:54 GMT access-control-allow-credentials true expires Tue, 04 Jan 2022 10:49:40 GMT server openresty/1.15.8.3 content-length 0 p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
GET H2	200	5ed76f76e4b07a92411bc03a ng.virgul.com/tck/i_vb2/ Frame 2BF5	0 209 B	52ms 51ms	Image text/plain	185.7.176.221 SH
General Check archive.org Show headers Download Go to Show image Full URL https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1687619454179&userId=vnet123931f3-5d4e-45ce-8bee-3e95e8876882 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers access-control-allow-origin https://ye-mek.net date Sat, 24 Jun 2023 15:10:54 GMT access-control-allow-credentials true expires Tue, 04 Jan 2022 10:49:40 GMT server openresty/1.15.8.3 content-length 0 p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
GET H2	200	5ed771bae4b07a92411bc04c ng.virgul.com/tck/i_vb2/ Frame 2BF5	0 209 B	51ms 51ms	Image text/plain	185.7.176.221 SH
General Check archive.org Show headers Download Go to Show image Full URL https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1687619454179&userId=vnet123931f3-5d4e-45ce-8bee-3e95e8876882 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers access-control-allow-origin https://ye-mek.net date Sat, 24 Jun 2023 15:10:54 GMT access-control-allow-credentials true expires Tue, 04 Jan 2022 10:49:40 GMT server openresty/1.15.8.3 content-length 0 p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
GET H2	200	5ed771e3e4b07a92411bc04e ng.virgul.com/tck/i_vb2/ Frame 2BF5	0 209 B	51ms 51ms	Image text/plain	185.7.176.221 SH
General Check archive.org Show headers Download Go to Show image Full URL https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1687619454179&userId=vnet123931f3-5d4e-45ce-8bee-3e95e8876882 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers access-control-allow-origin https://ye-mek.net date Sat, 24 Jun 2023 15:10:54 GMT access-control-allow-credentials true expires Tue, 04 Jan 2022 10:49:40 GMT server openresty/1.15.8.3 content-length 0 p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 0A67	42 B 64 B	48ms 48ms	Fetch image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDLV8GfMuP5U6cROrrS1a6bONH-z_phOrgCsHkLv9WjiVP5oh2v9gbXsoLqph3UKXw3F9Qa7aSrvOVlDtynmOwYwdJjDTpONcFZyGoHUhH5bvN2vrwfUq3mmRTmsLNRNUthGWlDYBV_D9j&sai=AMfl-YQ7-M68s_DD0A3Vd6COL8k5hwywxsjPbFHgOjsTah7u2MHTYSxds-7n-A_3FOMBYV0k8swGm5NUtDvbSf691Kw7o0scV2wK5hJ94em1q2PIu1ffEO3HvATFbr8qZnw9ZFFjE_cfqbXNvVY-9CoL_A6HbFfXbEhxbaZ9aIMgqhduV7PKl1Jx_ZRaqPVXSA&sig=Cg0ArKJSzHh6H-q1g95REAE&cid=CAQSbQBygQiDesc4HT9I0TjrOnxgDaHiRDjntArQHT5bSnrBTO6yI2JNQsQOQ92udKfJ2lx4m6JJhI2jw78rj8gyqhPCsC__RnXXl6FLwSFxjkGwPUr0jZXoF4wJ4FPBXG6XAAWKFWimse6eChK2-CYYAQ&id=lidar2&mcvt=1132&p=0,119,40,160&mtos=1132,1132,1132,1132,1132&tos=1132,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3299242717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687619451594&rpt=1164&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:54 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame D03E	0 20 B	42ms 42ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1993076610256&version=m202301230201&ct=76&x=1&cor=3274816977669780500 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:54 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response pagead2.googlesyndication.com/bg/ Frame 2B96	38 KB 14 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 19:10:38 GMT content-encoding br x-content-type-options nosniff age 158416 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14804 x-xss-protection 0 last-modified Mon, 19 Jun 2023 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 21 Jun 2024 19:10:38 GMT
GET H3	200	IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response pagead2.googlesyndication.com/bg/ Frame F1EE	38 KB 14 KB	11ms 10ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 22 Jun 2023 19:10:38 GMT content-encoding br x-content-type-options nosniff age 158416 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14804 x-xss-protection 0 last-modified Mon, 19 Jun 2023 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 21 Jun 2024 19:10:38 GMT
POST H2	200	tracking-event Show response api.webgains.io/ Frame 84F8	16 B 209 B	80ms 79ms	Fetch application/json	52.56.247.104
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Requested by Host: analytics.webgains.io URL: https://analytics.webgains.io/pvClk.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.56.247.104 -, , ASN (), Reverse DNS Software nginx / PHP/8.1.14 Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Content-Type application/json Response headers date Sat, 24 Jun 2023 15:10:54 GMT x-content-type-options nosniff server nginx x-powered-by PHP/8.1.14 content-type application/json access-control-allow-origin * cache-control no-cache, private x-xss-protection 1; mode=block
OPTIONS H2	204	tracking-event api.webgains.io/ Frame	0 0	194ms 21ms	Preflight	52.56.247.104
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.56.247.104 -, , ASN (), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers access-control-allow-headers Authorization, Content-Type access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * date Sat, 24 Jun 2023 15:10:54 GMT server nginx
GET H2	200	pvClk.min.js Show response analytics.webgains.io/ Frame B68A	85 KB 31 KB	8ms 8ms	Script text/javascript	18.66.147.52 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://analytics.webgains.io/pvClk.min.js Requested by Host: track.webgains.com URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hrfja7q4r03hr6ddqwhbqg58arc586t747fh54dxmrw69y59dvedfnv4xqg59dh2zn01kb1ka5bgjkm9dkmrc05avd98vamvrm0b37y1kddcwk7d6v2xw3swt7xehyzvgatjasyt5kracmws1fs1sqxj7x8vwpky6w150544azdf2y9a3af7pk0qbwsa6g3dk3rkkyk9p4y50ssj24efkq022ydh9t60rzvjjs187arkwrd35xyp49g8q8hpvgqm4%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g2zdwmrbt1fenkr87qem3bfyz4361g7frj5dh10758f1bra1y334nehh6fs0j1rgz2hhx1tywxy174mvegkzrefeynjxvxm6b31qpqtt6bwjx9rm6ebcq2z851kpm5wayvemzagw1tf58rg7487qe3e2qfqaqzhd563k52jptfz93mdvkk8yk3anshs75k964ben8azkjqvwab69bggamz95vcv8jn3dvr5tw8hmpzbbj6ydjtd1hf4kerb5m0c3bardbys90zbmeaaz6egxamak4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.52 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-52.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 02:49:42 GMT content-encoding gzip via 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront) last-modified Wed, 15 Mar 2023 17:26:29 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 age 54143 etag W/"876c293e6c37046ecb0c11ce2e276942" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript x-amz-cf-id kOKPNjCxnt6Sm9QhGj3AlV8p2uhALYcCOIPVDXmJhaSfL3SwsZ2_Kw==
GET H2	200	1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png cdn.track.production.webgains.team/286305/ Frame B68A	15 KB 15 KB	18ms 18ms	Image image/png	18.155.129.96 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1687619754&Signature=Jki1YqNV-EYHv1k9Ln4GVPLWRXUvBcG9IfiNxoDPaEWVMObGZL5BFpWoLPubDj4Rx0IJGVZPn4-~BRzhmwkpVx4HydhUrFl1ecN~vrMW2-g15VRn1lnRGcsQc9kg-KoASNIjZNivOValS7~tnglfDvFZLnQl0YuUSBD~QL96oaZFv92mOdpxFQGC9tX9HdIBV1IHQOiY1~5ZygYf~bSYmNH5gRhQuNkPLAxDd96cerRpVCn~b~xpLpWxN~BjbAOUX0lk0i~hl5hHyzLOZGKrCmsHzds7vALdlaA0KE-kaYuvQhlKZqeDu9p3l1QeyzbWxMrnMfUQ~NdNFsXaH3evVg__&Key-Pair-Id=K28VXAGA7VWE0O Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2f06b45a601a242c33fc993b82aa6be3%2F753262136356710167&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687619453588&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2zdwmrbt1fenkr87qem3bfyz4361g7frj5dh10758f1bra1y334nehh6fs0j1rgz2hhx1tywxy174mvegkzrefeynjxvxm6b31qpqtt6bwjx9rm6ebcq2z851kpm5wayvemzagw1tf58rg7487qe3e2qfqaqzhd563k52jptfz93mdvkk8yk3anshs75k964ben8azkjqvwab69bggamz95vcv8jn3dvr5tw8hmpzbbj6ydjtd1hf4kerb5m0c3bardbys90zbmeaaz6egxamak4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpXs6fAeXZLb1A5GCngWZ5KPoBJDhgYRctqjCivACwI23ARABIABgleKRgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjbE8JEfR7I-qAMByAMCqgSxAU_Q-Vk4cKFQcBA5v8NEOOEYLJ0a5JFcMpAJxMgkj9JkIDhacJSR3i33fTJQp8NPX4Is3uOLxbuKBHfHlWviyHv5oHT7Gr9GQKGLpyKTlojw4wcn2Le42E193fiMImA3QbV6JdCKds_5hPXFFr8CJufsQ3Hk90BObRZZ3xtL58wgqO587YFGt8_qnOVbIJHInaqbt_bKTPubwxl3NtXR8O23fvs9y9GVRIl9U3iMyDHHSIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Xa28xZdszgU7XVjCQj8ahiTm7_w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.155.129.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-155-129-96.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-amz-version-id null date Fri, 23 Jun 2023 16:16:28 GMT via 1.1 bf37fcd05a816a7fa3bda09195cf83b2.cloudfront.net (CloudFront) last-modified Fri, 06 May 2022 10:41:35 GMT server AmazonS3 x-amz-cf-pop CDG52-P4 age 82467 etag "d4e8f970f24f6d19b53aa92b1907c1ef" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 15054 x-amz-cf-id XYOlXALW0t0kiIvaugiVxBUhb8KbMz1uyv-pjw_MM5S-Bp5I3DG93Q==
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 177F	0 20 B	42ms 41ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1682626414116&version=m202301230201&ct=76&x=1&cor=5665225942590057000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:54 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 84F8	0 20 B	41ms 41ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8341753971322&version=m202301230201&ct=77&x=1&cor=4683820838116261000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:54 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0A67	0 20 B	41ms 41ms	Ping image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=848884243783&version=m202301230201&ct=76&x=1&cor=10650375088757840000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://e3d098949793fc844fe2effc317d4d13.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Sat, 24 Jun 2023 15:10:54 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	5ed7706de4b07a92411bc042 ng2.virgul.com/tck/imp/ Frame 2BF5	0 209 B	49ms 49ms	Image text/plain	185.7.176.221 SH
General Check archive.org Show headers Download Go to Show image Full URL https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1687619450846&userId=vnet123931f3-5d4e-45ce-8bee-3e95e8876882 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR), Reverse DNS Software openresty/1.15.8.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ye-mek.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers access-control-allow-origin https://ye-mek.net date Sat, 24 Jun 2023 15:10:54 GMT access-control-allow-credentials true expires Tue, 04 Jan 2022 10:49:40 GMT server openresty/1.15.8.3 content-length 0 p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 2B96	0 12 B	10ms 9ms	Image text/plain	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?mflxnQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:54 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame F1EE	0 12 B	9ms 9ms	Image text/plain	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?QZnokg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 24 Jun 2023 15:10:54 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

s0.2mdn.net

URL

https://s0.2mdn.net/sadbundle/16829948873192997814/img/overlay.png

Domain

s0.2mdn.net

URL

https://s0.2mdn.net/sadbundle/16829948873192997814/img/logo.svg

Domain

cdn.doubleverify.com

URL

https://cdn.doubleverify.com/dv-measurements3986.js