pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Submission: On May 21 via api (May 21st 2023, 1:13:29 am UTC) from TR — Scanned from DE

Summary HTTP 353 Redirects Behaviour Indicators

Summary

This website contacted 63 IPs in 7 countries across 47 domains to perform 353 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
2	94.138.206.83 94.138.206.83	49126 (AS49126) (AS49126)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
40	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
18	185.7.176.223 185.7.176.223	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
19	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	13.224.192.181 13.224.192.181	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
6 7	63.251.14.60 63.251.14.60	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
4	85.111.6.48 85.111.6.48	9121 (TTNET) (TTNET)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
9	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.76.67.2 3.76.67.2	16509 (AMAZON-02) (AMAZON-02)
6	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	185.7.176.221 185.7.176.221	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.89.208.11 185.89.208.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
24	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 6	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
5 5	3.120.46.248 3.120.46.248	16509 (AMAZON-02) (AMAZON-02)
38	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
6 6	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
6	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
7 7	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
1 2	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
8 8	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	() ()
1	145.239.193.130 145.239.193.130	() ()
3	18.133.209.175 18.133.209.175	() ()
1	18.66.147.120 18.66.147.120	() ()
1	99.86.4.94 99.86.4.94	() ()
3	13.42.73.96 13.42.73.96	() ()
353	63

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)

ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 63.251.14.60 (United States) 6 redirects

ASN14744 (INTERNAP-BLOCK-4, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns2.ttidc.com.tr

cpm.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.76.67.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-67-2.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 5 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.120.46.248 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-46-248.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.155.156.182 (Sweden) 6 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.78 (United Kingdom) 7 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.45.165 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.71.149.231 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.130 (None, )

ASN- ()

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.133.209.175 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (None, )

ASN- ()

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.94 (None, )

ASN- ()

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.42.73.96 (None, )

ASN- ()

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132	794 KB
67	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 ad.doubleclick.net — Cisco Umbrella Rank: 165	389 KB
42	ye-mek.net ye-mek.net — Cisco Umbrella Rank: 414703 cdn.ye-mek.net	615 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 32812 ad4m.at — Cisco Umbrella Rank: 10585 assets.ad4m.at — Cisco Umbrella Rank: 43177	2 MB
18	virgul.com static.virgul.com — Cisco Umbrella Rank: 68795 ng.virgul.com — Cisco Umbrella Rank: 62090 ng2.virgul.com — Cisco Umbrella Rank: 67803	232 KB
13	adform.net adx.adform.net — Cisco Umbrella Rank: 4394 track.adform.net — Cisco Umbrella Rank: 3725 s1.adform.net — Cisco Umbrella Rank: 9046	231 KB
13	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2 mts0.google.com — Cisco Umbrella Rank: 3740	30 KB
12	rubiconproject.com 5 redirects prebid-server.rubiconproject.com — Cisco Umbrella Rank: 811 fastlane.rubiconproject.com — Cisco Umbrella Rank: 469 pixel.rubiconproject.com — Cisco Umbrella Rank: 315	15 KB
10	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 723 dis.criteo.com — Cisco Umbrella Rank: 575 gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com	10 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	475 KB
8	yahoo.com 8 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 272	2 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	171 KB
8	pubmatic.com 7 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 477 image6.pubmatic.com — Cisco Umbrella Rank: 682	3 KB
7	lijit.com 6 redirects ap.lijit.com — Cisco Umbrella Rank: 597	4 KB
6	de17a.com 6 redirects d5p.de17a.com — Cisco Umbrella Rank: 4789	2 KB
6	quantserve.com 5 redirects cms.quantserve.com — Cisco Umbrella Rank: 686	2 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 320 imasdk.googleapis.com — Cisco Umbrella Rank: 437 fonts.googleapis.com — Cisco Umbrella Rank: 35	157 KB
5	w55c.net 5 redirects pm.w55c.net — Cisco Umbrella Rank: 752	4 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 9037	1 KB
4	webgains.io analytics.webgains.io api.webgains.io Failed	31 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 141178 static-de.ad4mat.net — Cisco Umbrella Rank: 183763	8 KB
4	programattik.com cpm.programattik.com — Cisco Umbrella Rank: 54660	565 B
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 286 aax.amazon-adsystem.com — Cisco Umbrella Rank: 387	60 KB
4	windows.net pcloak.blob.core.windows.net	3 KB
3	webgains.com track.webgains.com	52 KB
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1172	406 B
3	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 214 prebid.adnxs.com — Cisco Umbrella Rank: 1505	2 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1351 mp.4dex.io — Cisco Umbrella Rank: 1975	25 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 639	59 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 16768	1 KB
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 121400	131 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 1628 feed.pghub.io — Cisco Umbrella Rank: 7466	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	88 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 13287	6 KB
2	cloakan.co www.cloakan.co	1 KB
1	webgains.team cdn.track.production.webgains.team	15 KB
1	medialead.de pv.medialead.de	365 B
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 81468	474 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 91562	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 78256	436 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 80054	261 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 344	26 KB
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1373	377 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	46 KB
0	emxdgt.com Failed hb.emxdgt.com Failed
0	addthis.com Failed s7.addthis.com Failed
353	47

	Domain	Requested by
40	cdn.ye-mek.net	ye-mek.net cdn.ye-mek.net
38	cm.g.doubleclick.net	googleads.g.doubleclick.net 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com ye-mek.net pcloak.blob.core.windows.net
33	pagead2.googlesyndication.com	static.virgul.com pagead2.googlesyndication.com 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com googleads.g.doubleclick.net ye-mek.net tpc.googlesyndication.com pcloak.blob.core.windows.net www.googletagservices.com
31	tpc.googlesyndication.com	6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com ye-mek.net pcloak.blob.core.windows.net
19	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com www.googletagservices.com pcloak.blob.core.windows.net
12	assets.ad4m.at	as.ad4m.at
9	www.googletagservices.com	6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net
8	ups.analytics.yahoo.com	8 redirects
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	ng.virgul.com	static.virgul.com ye-mek.net
7	image6.pubmatic.com	7 redirects
7	www.google.com	googleads.g.doubleclick.net 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com tpc.googlesyndication.com
7	ap.lijit.com	6 redirects static.virgul.com
7	6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	static.virgul.com	ye-mek.net static.virgul.com pcloak.blob.core.windows.net
6	track.adform.net	static.virgul.com s1.adform.net
6	dis.criteo.com	googleads.g.doubleclick.net 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
6	d5p.de17a.com	6 redirects
6	cms.quantserve.com	5 redirects googleads.g.doubleclick.net
6	fastlane.rubiconproject.com	static.virgul.com
5	pixel.rubiconproject.com	5 redirects
5	pm.w55c.net	5 redirects
5	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	s1.adform.net	static.virgul.com track.adform.net s1.adform.net ye-mek.net
4	www.gstatic.com	6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
4	fonts.googleapis.com	6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
4	cpm.programattik.com	static.virgul.com
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	api.webgains.io	analytics.webgains.io
3	track.webgains.com	as.ad4m.at
3	ng2.virgul.com	ye-mek.net
3	rtb.openx.net	googleads.g.doubleclick.net 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
3	adx.adform.net	static.virgul.com s1.adform.net
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	static.virgul.com static.criteo.net
2	ad.doubleclick.net	2 redirects
2	www.awin1.com	1 redirects as.ad4m.at
2	static-de.ad4mat.net	as.ad4m.at
2	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
2	ib.adnxs.com	static.virgul.com
2	script.4dex.io	static.virgul.com script.4dex.io
2	connect.facebook.net	ye-mek.net connect.facebook.net
2	images.dmca.com	ye-mek.net
2	ye-mek.net	www.cloakan.co ye-mek.net
2	www.cloakan.co	pcloak.blob.core.windows.net
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	pv.medialead.de	as.ad4m.at
1	mug.criteo.com	pcloak.blob.core.windows.net
1	mts0.google.com	6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
1	www.conrad.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	imasdk.googleapis.com	c1.imgiz.com
1	prebid.adnxs.com	static.virgul.com
1	feed.pghub.io	pghub.io
1	hbopenbid.pubmatic.com	static.virgul.com
1	prebid-server.rubiconproject.com	static.virgul.com
1	a.teads.tv	static.virgul.com
1	bidder.criteo.com	static.virgul.com
1	mp.4dex.io	static.virgul.com
1	pghub.io	static.virgul.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ye-mek.net
1	ajax.googleapis.com	ye-mek.net
0	hb.emxdgt.com Failed	static.virgul.com
0	s7.addthis.com Failed	ye-mek.net
353	76

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
www.ye-mek.net RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-29` - `2023-07-07`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
1099124734.rsc.cdn77.org R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
images.dmca.com R3	`2023-05-13` - `2023-08-11`	3 months	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-09-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-27` - `2023-05-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.programattik.com GeoTrust RSA CA 2018	`2022-10-25` - `2023-10-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-31` - `2023-08-31`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-27` - `2023-09-09`	a year	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2022-05-26` - `2023-06-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
pv.medialead.de R3	`2023-04-15` - `2023-07-14`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 41 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Frame ID: 62B8EB6A5A3FA0F242E5559E2B82D77F
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: 75C4C7C9A26DE05F432D9B815F2E7885
Requests: 121 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: EA6C11CFE5821811626D0A887EF84B44
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html
Frame ID: 853459BD2B528666F15F1AC7BF32C386
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631605755&bpp=3&bdt=677&idt=85&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&nras=1&correlator=7848161654836&frm=24&ife=1&pv=2&ga_vid=1606866872.1684631605&ga_sid=1684631606&ga_hid=106614699&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759842%2C44759875%2C44788441%2C44789779&oid=2&pvsid=2956025681526129&tmod=1553968372&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.6mno76lntkpe&fsb=1&dtd=100
Frame ID: 46EB81403D46D77F7F5B0EE39273F4D1
Requests: 1 HTTP requests in this frame

Frame: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7F98E5AB1890D81598D6AF408912CF6A
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 98DCE7E590E45D2D919311333E287CD4
Requests: 1 HTTP requests in this frame

Frame: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: DD03D08EC57E62D1FD9542099668361E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631606501&bpp=8&bdt=63&idt=78&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&nras=1&correlator=6835022087184&frm=8&ife=1&pv=2&ga_vid=622753124.1684631607&ga_sid=1684631607&ga_hid=855266032&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=600283665&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759837%2C31071755%2C44788441%2C44789923&oid=2&pvsid=3797269709545832&tmod=905752032&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.v8skk3762gs1&fsb=1&dtd=95
Frame ID: 162D5B8DE81538ADEF142D83F3A9954A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631606509&bpp=1&bdt=71&idt=90&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6835022087184&frm=8&ife=1&pv=1&ga_vid=622753124.1684631607&ga_sid=1684631607&ga_hid=855266032&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=600283665&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759837%2C31071755%2C44788441%2C44789923&oid=2&pvsid=3797269709545832&tmod=905752032&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8rwbedpuusmu&fsb=1&dtd=93
Frame ID: 50DED5CF0E15E1877B454A2FA912054C
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jn4qqvcsy9s0n4fk49ccqn8vj7abys0rj6ab4vphfrwxc61q4ymjfy2ssp6p98sq5qqaz5hf88mx7r4cm332yz7nv8txvdsvva519egcesx0qn0akx0dq2psdhesta8bpyrh9ycr9rdqnpmy24vmzyxqc90d0sqq99as9gwbzxae8yt4yh680ess9fmdhhs2y7v1y23yqwvswjp7kr9qznt7cgtfzxmgneamdzcfb1fee62k0d074nn94wfm3240m4snkmsahxc3pxctwekkykyxvb7bbtj5729rrhyteesy0n1r5dfy0qdy449nekhjxxgva7h4s37xm7012jaztgkfnqxdzj2777ad3ffnt55m6t1zkt4h96gy9k75fcm16tqer9byjk12md73re5q8fbjrrkk04vgw5f9nxrrhwew6k1nhkyjgmprecyjqm3n3114vpd&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: 2204726B084748C1E7141B6041781FF6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 224010F37647BFFC74366F07BF4430E1
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 566AFD6AB5CCD7E563C1B86591C82F03
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7zu7WmoYqzVv4tRrDo9GIVBnH3M7wj60W0Ql9fUWzeGu6wRIL9MIRe3YBo0uT2TvZXMxSz8A97_PBm1WFRDDqG45Z0BGanzK4Z97f_G9Ca8RC_EEOM2AVJDpAb94a55sH2Ql1l2HDsuqe0ppHTF-PqtmuYc79MQs_h-rBP4KrVCnAnBCbsV35L0Ugnm8_GdhLkvLBdYSxu0XEu4c1mo9HbSetp3ZhEVX2iy3QukUf4NPtrmcrt7bA-pdRuOfBIB6lQSszY1kqSBJPicJH2EHOVV5BeOz6AZJWxh_mg9WS5t2CwTSOX3hMjtWwWZ42NzVQxqMUctKrTl_WQZIQ&sai=AMfl-YT3q1K3JY3jsMwd6IZ8EWdcW0f5WQcOaZLuWpTHacmTr-GeCsoIWCUH5mUiXAAqpqSwNB1euA-a3QTwT2JReG2FN8dBwjZT36gJbjRNlSvstRnKXI2pSzAtslDzzA&sig=Cg0ArKJSzDQYtYlepbaQEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 71E597334A8605E82A2D8174555BAB90
Requests: 17 HTTP requests in this frame

Frame: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7D9EAE633D30CA69FD949E1D31534779
Requests: 14 HTTP requests in this frame

Frame: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E7B10CCA79FA039CA8ACCE452AC3D609
Requests: 12 HTTP requests in this frame

Frame: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9E80A4EAFF02F35B1E7741EF1DD7E10C
Requests: 14 HTTP requests in this frame

Frame: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: BF84063E3E4B7596AC374E069DE756A4
Requests: 18 HTTP requests in this frame

Frame: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 991FCB06BA6EBFB4FD50E5C14D369722
Requests: 12 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=24c8ee5bcd6e167fc93c53ec63e0f030%2F7046258601773954066&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631606978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvb47mgathztq2dc2bqzxs55zp9kjgxdn2r4avby48m7767y9yx2mevpvdpcyk4am0rpy6y0h064njscx9y1cpyhtb8dpj5jhtyecrr63gg6v2snad5edx9nk6xag3zw566g9r8gebz1617ba8sg4mh04pfhs0svxgf0kahb6v8q9w6af1bewxyzscgjybmd126ayq1z3zwp4awqx6g57d71ns0dfs7w7c5cq85bvmr6gybn8y42rbhxkkkb1gyggg7nj07k3wyzx704mmzb37y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Frame ID: BD55F61470F07E32B47DEFF726728EAD
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9D40DF1FEE2140A7094A532973032944
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 41B0C121A038277AF92231E14FA643E8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D59B20F8A26C5CD5885F7A5B0880DAD8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D644C53F47C999BE76B3C4C71376F34
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EBEDDDA56CF332AB1A371B322C9CA44B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6B2AA3A053448C98450491C17F9F34D1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407281013&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631607314&bpp=2&bdt=286&idt=143&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&nras=1&correlator=1257473034480&frm=8&ife=1&pv=2&ga_vid=782985121.1684631607&ga_sid=1684631607&ga_hid=1934057862&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2015535855&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759837%2C44759926%2C31074689%2C44772268%2C44785292%2C44788441%2C44792089&oid=2&pvsid=3317466819416913&tmod=1173862464&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.dgbq51bqm99c&fsb=1&dtd=159
Frame ID: 76FA04368E97633A8CC124F83C517621
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198791702&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631607316&bpp=1&bdt=288&idt=161&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1257473034480&frm=8&ife=1&pv=1&ga_vid=782985121.1684631607&ga_sid=1684631607&ga_hid=1934057862&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2015535855&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759837%2C44759926%2C31074689%2C44772268%2C44785292%2C44788441%2C44792089&oid=2&pvsid=3317466819416913&tmod=1173862464&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.gta3myz05xd&fsb=1&dtd=164
Frame ID: FF999E18B80C5D58FB71E5F01877125F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Frame ID: F9C8EB70C8DB31592CE86296B3CC8E12
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Frame ID: A9E79BF266AAEF243873F84F01F82EE0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Frame ID: DA63E48D1661D7CB40820CB247F69AB9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js
Frame ID: 4881FD03DF049829006C6E6F18178585
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j756tye0cp6psb14ve86chgm07vrz0nest8jdfyex9bbb0qz6xb8zhemmbtgxbp1hpwa30wnf36fk3xcaffm78bq3atk16atwf8xqzbpzr3r9rrs1jrk7w3be5ykymtebrv40qbfter826ywvd5mqeq9xprxsv26jmx1sb7efbcfr48y0tp2rc4yhs3t2tcdbv4m1dqjmmpmxysft50fxdtb929gnba64kbznbwbvchcz8xwcea8smtt2aez8jkwwrk7zy79zmqsvyeeyn5mnd4j1p1p6mcpt8atrzanwhr5m57f0915rs8rky7c7ys5rh2cjbtw8jmjy8t3fjzj3sptjp86262v7v62jqry7syya1v7r3g9yqsma6e0abt9369zn592gk2gdzabwpkyqdwaxre8w05bhva54wvmghvach1vytmmq62wvsdjqhf2dvp5n75xm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: 3DE02D0897A5737450F8528332484FD8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 695CBE5F71A33E59B206243B8D7ED68A
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F1ED2AC9F53D93C84552441A295537A4
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: B74F8A65FD9C758512D7D7D0E1828604
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B32A114B12E895BA6F1BA61291FF7C19
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 32BE679507970AB3602D24E3E5077067
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C15579&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=160&d=600&e=&g=aeee86e974299565104f4aa3dcc2e81f%2F14465600517323004686&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631608061&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Frame ID: 45911720F589708CFF42B4309CE1978A
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 088DFAD8777394CC0689F4E3DA4417F5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8E28D75A383795F5BD4D98D411D9638
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

353
Requests

89 %
HTTPS

46 %
IPv6

47
Domains

76
Subdomains

63
IPs

7
Countries

5381 kB
Transfer

10996 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 140

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGPieE0SVsMVeO4BVkzOLrwntFd4qFl531ZrxR3jCYtRGfIdOtmWq9R8D74-WJ_cVpnIgzYvdW_dkPXNLrwEu6Dp7mcKeTNoXe8 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGPieE0SVsMVeO4BVkzOLrwntFd4qFl531ZrxR3jCYtRGfIdOtmWq9R8D74-WJ_cVpnIgzYvdW_dkPXNLrwEu6Dp7mcKeTNoXe8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UG5KeE50WGcxUTB4RHc1&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGPieE0SVsMVeO4BVkzOLrwntFd4qFl531ZrxR3jCYtRGfIdOtmWq9R8D74-WJ_cVpnIgzYvdW_dkPXNLrwEu6Dp7mcKeTNoXe8

Request Chain 141

https://d5p.de17a.com/cookies/google?google_gid=CAESEIy3Y_9xk-XT4uSx2YoeDsM&google_cver=1&google_push=ATf1kGPDWVMstIsaPq1wlHFUoH8ve3X13IGJ5aIRBHXwgXYZ0l4cKbjZ6jlk-WbaHo4EzFmPvJWkbimOY_w__-O8bxfewVaG4b2_aw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIy3Y_9xk-XT4uSx2YoeDsM&google_cver=1&google_push=ATf1kGPDWVMstIsaPq1wlHFUoH8ve3X13IGJ5aIRBHXwgXYZ0l4cKbjZ6jlk-WbaHo4EzFmPvJWkbimOY_w__-O8bxfewVaG4b2_aw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPDWVMstIsaPq1wlHFUoH8ve3X13IGJ5aIRBHXwgXYZ0l4cKbjZ6jlk-WbaHo4EzFmPvJWkbimOY_w__-O8bxfewVaG4b2_aw

Request Chain 144

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECcwiMyj6KF77oadbO2Ast0&google_cver=1&google_push=ATf1kGPjpiM77L-o8Tath8Uwh1o50l77-JGu6Lg7g6hXw19tuwhamMCSdUkMZcz2OtxKEWZ5Rzv2CHiwoVyGSxOZz7K2E_JygKfATng HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECcwiMyj6KF77oadbO2Ast0&google_cver=1&google_push=ATf1kGPjpiM77L-o8Tath8Uwh1o50l77-JGu6Lg7g6hXw19tuwhamMCSdUkMZcz2OtxKEWZ5Rzv2CHiwoVyGSxOZz7K2E_JygKfATng&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPjpiM77L-o8Tath8Uwh1o50l77-JGu6Lg7g6hXw19tuwhamMCSdUkMZcz2OtxKEWZ5Rzv2CHiwoVyGSxOZz7K2E_JygKfATng

Request Chain 145

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELcAfesAoKDY432PyOzz_b0&google_cver=1&google_push=ATf1kGN6NtnzmPH5guE3vMddWSXb-SFYgQmL8TbKo5BMVS6QC6MxU461w4d4-K8AHD3Gc7x5VRCssmSaG6myyYK88yazt6fkfI550_I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGN6NtnzmPH5guE3vMddWSXb-SFYgQmL8TbKo5BMVS6QC6MxU461w4d4-K8AHD3Gc7x5VRCssmSaG6myyYK88yazt6fkfI550_I

Request Chain 203

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPnGm-Sdhf8CFarxEQgdthkDrw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023052103132785118563527X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023052103132785118563527X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218

Request Chain 206

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1684631607_b0cb64a0-f774-11ed-89a2-223974343f8d&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 244

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFLDaRy6ib9XICpcGaPUqc4&google_cver=1&google_push=ATf1kGOlse0Sdoork1tS4030ne2OaL0BTCnCvfd3YPfNuKxMDcKmp7l1BCz0rN5aL91eBx2i8c7jL61_caeGgpYbOlPSVR5iHXc HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOlse0Sdoork1tS4030ne2OaL0BTCnCvfd3YPfNuKxMDcKmp7l1BCz0rN5aL91eBx2i8c7jL61_caeGgpYbOlPSVR5iHXc&google_hm=V0EK9X3Clz6tVZRoin7laQ

Request Chain 245

https://d5p.de17a.com/cookies/google?google_gid=CAESEIy3Y_9xk-XT4uSx2YoeDsM&google_cver=1&google_push=ATf1kGMQvOIlomID6WJ7DMVPlZUt9XG2Eu1CVupTafu98vQwGMd9guOQ2nh9Ax14Ufospz2cXckEg81dY91OU0SioLowtz6RUAs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMQvOIlomID6WJ7DMVPlZUt9XG2Eu1CVupTafu98vQwGMd9guOQ2nh9Ax14Ufospz2cXckEg81dY91OU0SioLowtz6RUAs

Request Chain 247

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECcwiMyj6KF77oadbO2Ast0&google_cver=1&google_push=ATf1kGMRTZX36fc26KopqGlxU2XjhLmdiWHkFUixqjyAnlIKtSetawJ2dRRt6C9xFCv3Hkx9_8V0cEkbdlilez0e_rlP-ImNbw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMRTZX36fc26KopqGlxU2XjhLmdiWHkFUixqjyAnlIKtSetawJ2dRRt6C9xFCv3Hkx9_8V0cEkbdlilez0e_rlP-ImNbw

Request Chain 248

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELcAfesAoKDY432PyOzz_b0&google_cver=1&google_push=ATf1kGOnMwJ0PbASvPQZyVVK3nDtcV39ydYIGr4dfe3Eku5nr7PJ3fsW4tuNyyQoMV5XwiBIQANh2eCc_BEQX9CEYawB0elMkA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGOnMwJ0PbASvPQZyVVK3nDtcV39ydYIGr4dfe3Eku5nr7PJ3fsW4tuNyyQoMV5XwiBIQANh2eCc_BEQX9CEYawB0elMkA

Request Chain 249

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOBG2etN3jwwfvPotwv0G0Y&google_cver=1&google_push=ATf1kGONZY199lx64A29RT5AcWNGBF9jh6ZTN9DOh3AMzYhLa4yPqkZFWZDuWOtBgX6vizDd2TQGnamXXiBd07LZdtGdad0E9pU HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOBG2etN3jwwfvPotwv0G0Y&google_cver=1&google_push=ATf1kGONZY199lx64A29RT5AcWNGBF9jh6ZTN9DOh3AMzYhLa4yPqkZFWZDuWOtBgX6vizDd2TQGnamXXiBd07LZdtGdad0E9pU&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGONZY199lx64A29RT5AcWNGBF9jh6ZTN9DOh3AMzYhLa4yPqkZFWZDuWOtBgX6vizDd2TQGnamXXiBd07LZdtGdad0E9pU&google_hm=GrhJLGZHJw_XhuLbTbuGptBB

Request Chain 250

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELkdn31dCdkiJXQSHuqGm3E&google_cver=1&google_push=ATf1kGPu0Dlswy6ceS2thgDJm5a6Qg6J96P4K_y_yYrAEztU_10rs2P0kmVlgmv6Q6hBVBohjy-dEaD3ro-HOwOzGZqeIX-9vXg HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELkdn31dCdkiJXQSHuqGm3E&google_cver=1&google_push=ATf1kGPu0Dlswy6ceS2thgDJm5a6Qg6J96P4K_y_yYrAEztU_10rs2P0kmVlgmv6Q6hBVBohjy-dEaD3ro-HOwOzGZqeIX-9vXg&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HZTBMSVBCRTJ1RkhpbzgzMHdVeEpOcWtxcDU2R1pnTn5B&google_push=ATf1kGPu0Dlswy6ceS2thgDJm5a6Qg6J96P4K_y_yYrAEztU_10rs2P0kmVlgmv6Q6hBVBohjy-dEaD3ro-HOwOzGZqeIX-9vXg

Request Chain 252

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFLDaRy6ib9XICpcGaPUqc4&google_cver=1&google_push=ATf1kGPp26Ii3MjseWg-9Ybd3DzQ3DdvCfAL1oHozXOEloNQVlzlNFcfYK1o7ehU7qni2t8p-NsvPY_P3kO-3J7yOd3zxZvkcX5i HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGPp26Ii3MjseWg-9Ybd3DzQ3DdvCfAL1oHozXOEloNQVlzlNFcfYK1o7ehU7qni2t8p-NsvPY_P3kO-3J7yOd3zxZvkcX5i&google_hm=V0EK9X3Clz6tVZRoin7laQ

Request Chain 253

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGNi8aJKM3VimopVCcimjOeoYca_8jHG6LXtPL_IgJshGc7SrZLAWXOFaJDqQ3HHEK5m52gWeBXawJT1c4b_YCv_aaAVwyc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UG5KeE50WGcxUTB4RHc1&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGNi8aJKM3VimopVCcimjOeoYca_8jHG6LXtPL_IgJshGc7SrZLAWXOFaJDqQ3HHEK5m52gWeBXawJT1c4b_YCv_aaAVwyc

Request Chain 255

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECcwiMyj6KF77oadbO2Ast0&google_cver=1&google_push=ATf1kGO026pMl9zV7OOhjcOIrOB0zn3cMxbHwDoSrnv9F7wmdfL2sHvI9J2FPJvWstvMvV_lj_I0UYPKvZ-T4d5M_8Te2OZkOoP6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGO026pMl9zV7OOhjcOIrOB0zn3cMxbHwDoSrnv9F7wmdfL2sHvI9J2FPJvWstvMvV_lj_I0UYPKvZ-T4d5M_8Te2OZkOoP6

Request Chain 256

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELcAfesAoKDY432PyOzz_b0&google_cver=1&google_push=ATf1kGNN4i37luxOPMGGWFUHdqNZpOuSg5QaQsrLfnZKiHy02K786tJNaooepg_myM4v455bm4epP3XGFb-9h2RB9k0FG9XG7nyD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGNN4i37luxOPMGGWFUHdqNZpOuSg5QaQsrLfnZKiHy02K786tJNaooepg_myM4v455bm4epP3XGFb-9h2RB9k0FG9XG7nyD

Request Chain 257

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOBG2etN3jwwfvPotwv0G0Y&google_cver=1&google_push=ATf1kGPpWyyHRdka8U17wXTJCwg5kcn3EsABpMi3eOop2MERhCvTYGloFRfs1Dp_LUnIqyR6qUhMidDIRoIsNnSQmwlfDD2o8DQ HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOBG2etN3jwwfvPotwv0G0Y&google_cver=1&google_push=ATf1kGPpWyyHRdka8U17wXTJCwg5kcn3EsABpMi3eOop2MERhCvTYGloFRfs1Dp_LUnIqyR6qUhMidDIRoIsNnSQmwlfDD2o8DQ&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPpWyyHRdka8U17wXTJCwg5kcn3EsABpMi3eOop2MERhCvTYGloFRfs1Dp_LUnIqyR6qUhMidDIRoIsNnSQmwlfDD2o8DQ&google_hm=GrhJLGZHI02ojr4tTx-WnXDQ

Request Chain 258

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELkdn31dCdkiJXQSHuqGm3E&google_cver=1&google_push=ATf1kGNZwhogVXhgeG8UNJKG5Y3urbINxEJ9yKFnFRCfDizLpaPs2lb9Tb7fDQLI-NweKj6L7_6Yfo9_8vj9EOju0EG63DRFYC1yAw HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELkdn31dCdkiJXQSHuqGm3E&google_cver=1&google_push=ATf1kGNZwhogVXhgeG8UNJKG5Y3urbINxEJ9yKFnFRCfDizLpaPs2lb9Tb7fDQLI-NweKj6L7_6Yfo9_8vj9EOju0EG63DRFYC1yAw&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HZTBMSVBCRTJ1RkhpbzgzMHdVeEpOcWtxcDU2R1pnTn5B&google_push=ATf1kGNZwhogVXhgeG8UNJKG5Y3urbINxEJ9yKFnFRCfDizLpaPs2lb9Tb7fDQLI-NweKj6L7_6Yfo9_8vj9EOju0EG63DRFYC1yAw

Request Chain 260

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFLDaRy6ib9XICpcGaPUqc4&google_cver=1&google_push=ATf1kGMBFV6OUcp1a4cB2S2FP8RmTaRYpgQRnDxHPaDK_adDxpXvqZOBEnDObHULKk2TLYaKgV3QDT6cUE-27fAgKeVYEgDTjDAZIw HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGMBFV6OUcp1a4cB2S2FP8RmTaRYpgQRnDxHPaDK_adDxpXvqZOBEnDObHULKk2TLYaKgV3QDT6cUE-27fAgKeVYEgDTjDAZIw&google_hm=V0EK9X3Clz6tVZRoin7laQ

Request Chain 261

https://d5p.de17a.com/cookies/google?google_gid=CAESEIy3Y_9xk-XT4uSx2YoeDsM&google_cver=1&google_push=ATf1kGP0Fa31qvt2xRqpW5mjo9ebmyvBvNNAgDPUv8Xlnb6GEf91KNeijOpwBcVkEbqUlYXbvnYRQ4vCrvcyZsn48DWgDv9iiBM0gA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGP0Fa31qvt2xRqpW5mjo9ebmyvBvNNAgDPUv8Xlnb6GEf91KNeijOpwBcVkEbqUlYXbvnYRQ4vCrvcyZsn48DWgDv9iiBM0gA

Request Chain 264

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECcwiMyj6KF77oadbO2Ast0&google_cver=1&google_push=ATf1kGPeJK0iELkIhWgL9wu5c6ZbcKIXGtQ2ZWp0I-ohLehIPtsYpDhmj7oPynoSGawxXK0ClBUAtor-arYnG92YxCiZPJx3tU-1NA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPeJK0iELkIhWgL9wu5c6ZbcKIXGtQ2ZWp0I-ohLehIPtsYpDhmj7oPynoSGawxXK0ClBUAtor-arYnG92YxCiZPJx3tU-1NA

Request Chain 265

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOBG2etN3jwwfvPotwv0G0Y&google_cver=1&google_push=ATf1kGNhYPCrzZIP7gvm0RudIEIJ_ZDLkvjmhR134WiUhXQz9iMunUD55a3Oo0QrF0rO8r-FO_IJTeRTYJgMzYHKffGquQ4w75Dpxg HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOBG2etN3jwwfvPotwv0G0Y&google_cver=1&google_push=ATf1kGNhYPCrzZIP7gvm0RudIEIJ_ZDLkvjmhR134WiUhXQz9iMunUD55a3Oo0QrF0rO8r-FO_IJTeRTYJgMzYHKffGquQ4w75Dpxg&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNhYPCrzZIP7gvm0RudIEIJ_ZDLkvjmhR134WiUhXQz9iMunUD55a3Oo0QrF0rO8r-FO_IJTeRTYJgMzYHKffGquQ4w75Dpxg&google_hm=GrhJLGZHDHNrznemSD-t1CU-

Request Chain 266

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELkdn31dCdkiJXQSHuqGm3E&google_cver=1&google_push=ATf1kGN46mzPttcB2bzxFy7SU-jQNpDI66Sz2ncga2DMoxyfFNRpgGZ16nTnIe1wPffyUC6CNcUyMkx7OAwQ8UAUOOubPF4TxZK9Cg HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELkdn31dCdkiJXQSHuqGm3E&google_cver=1&google_push=ATf1kGN46mzPttcB2bzxFy7SU-jQNpDI66Sz2ncga2DMoxyfFNRpgGZ16nTnIe1wPffyUC6CNcUyMkx7OAwQ8UAUOOubPF4TxZK9Cg&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HZTBMSVBCRTJ1RkhpbzgzMHdVeEpOcWtxcDU2R1pnTn5B&google_push=ATf1kGN46mzPttcB2bzxFy7SU-jQNpDI66Sz2ncga2DMoxyfFNRpgGZ16nTnIe1wPffyUC6CNcUyMkx7OAwQ8UAUOOubPF4TxZK9Cg

Request Chain 268

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFLDaRy6ib9XICpcGaPUqc4&google_cver=1&google_push=ATf1kGOy2RX6mKuu627Up57ImgA0TY8NKXlh6w8v4TDlP_3NatMtzAApz8S22d18SthRRusiPhevF3jrMmIa3Lz12k_mg7pJKX_FVg HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOy2RX6mKuu627Up57ImgA0TY8NKXlh6w8v4TDlP_3NatMtzAApz8S22d18SthRRusiPhevF3jrMmIa3Lz12k_mg7pJKX_FVg&google_hm=V0EK9X3Clz6tVZRoin7laQ

Request Chain 269

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGNPDrChMxWNTd_CtOu6iz32ahBrZ7n_rxPVYoANAEySa3K0kIl5eOPw_4oomceLjRv-MJxLrhLrZGK_q218EBjYFdbI8JFn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UG5KeE50WGcxUTB4RHc1&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGNPDrChMxWNTd_CtOu6iz32ahBrZ7n_rxPVYoANAEySa3K0kIl5eOPw_4oomceLjRv-MJxLrhLrZGK_q218EBjYFdbI8JFn

Request Chain 270

https://d5p.de17a.com/cookies/google?google_gid=CAESEIy3Y_9xk-XT4uSx2YoeDsM&google_cver=1&google_push=ATf1kGOSgPTuGqwJQiWCK3JWHldwY0shn8ribrEZaAtIv2J2KzH3cW0SyLk1qE12mcnB2bjdf7MzpSrrKaWyYrKKqgOAL6cif4eVRw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOSgPTuGqwJQiWCK3JWHldwY0shn8ribrEZaAtIv2J2KzH3cW0SyLk1qE12mcnB2bjdf7MzpSrrKaWyYrKKqgOAL6cif4eVRw

Request Chain 272

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECcwiMyj6KF77oadbO2Ast0&google_cver=1&google_push=ATf1kGNDxnLhOY2-jhvLcO9_2VeSOT2C4aviYbgj0OpLmeKTu8x2UvbNOT5djpPCefcLHv7nuVx5mkt3JsdrIIC20mv4btvU14Ao HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNDxnLhOY2-jhvLcO9_2VeSOT2C4aviYbgj0OpLmeKTu8x2UvbNOT5djpPCefcLHv7nuVx5mkt3JsdrIIC20mv4btvU14Ao

Request Chain 273

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELcAfesAoKDY432PyOzz_b0&google_cver=1&google_push=ATf1kGMxOWMiAzndS3bfN-VgA_v0VA6l4trUFeV1OwCYFqRYpKeupfQ2zWV1UMXJ55Y0RcEhLfDBrDYyU9FqijSIvTdIJYKyzEKUBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGMxOWMiAzndS3bfN-VgA_v0VA6l4trUFeV1OwCYFqRYpKeupfQ2zWV1UMXJ55Y0RcEhLfDBrDYyU9FqijSIvTdIJYKyzEKUBQ

Request Chain 274

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELkdn31dCdkiJXQSHuqGm3E&google_cver=1&google_push=ATf1kGMY8bYN1_vJtoQbLromR0gtRFivgp7ySPIjEYv6KxnqgiiBfEWsWO_t6sDkcBk3pOQN4TfpJi_dXwsVV-q9xuxN4jZ0ptDJUg HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELkdn31dCdkiJXQSHuqGm3E&google_cver=1&google_push=ATf1kGMY8bYN1_vJtoQbLromR0gtRFivgp7ySPIjEYv6KxnqgiiBfEWsWO_t6sDkcBk3pOQN4TfpJi_dXwsVV-q9xuxN4jZ0ptDJUg&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HZTBMSVBCRTJ1RkhpbzgzMHdVeEpOcWtxcDU2R1pnTn5B&google_push=ATf1kGMY8bYN1_vJtoQbLromR0gtRFivgp7ySPIjEYv6KxnqgiiBfEWsWO_t6sDkcBk3pOQN4TfpJi_dXwsVV-q9xuxN4jZ0ptDJUg

Request Chain 302

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFLDaRy6ib9XICpcGaPUqc4&google_cver=1&google_push=ATf1kGOJQkvFPfoJhntX6Lswt2muzyhfCH3Rpd7EMDIyzYK_DitBKb6ysQKJF4s6GccsZOIlWKe4zB5UEsVqdFdUwCN5Qfnp98FNRA HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOJQkvFPfoJhntX6Lswt2muzyhfCH3Rpd7EMDIyzYK_DitBKb6ysQKJF4s6GccsZOIlWKe4zB5UEsVqdFdUwCN5Qfnp98FNRA&google_hm=V0EK9X3Clz6tVZRoin7laQ

Request Chain 303

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGPUlOfFBSs8GOKPtc7mQ8IAZNa9mA4P4mAJWJHMM7YKqXiNOsw0VUv0nMVIjIyRnQ8keam8AsRTnwjVschWO9vcfV1rDwuEOQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UG5KeE50WGcxUTB4RHc1&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGPUlOfFBSs8GOKPtc7mQ8IAZNa9mA4P4mAJWJHMM7YKqXiNOsw0VUv0nMVIjIyRnQ8keam8AsRTnwjVschWO9vcfV1rDwuEOQ

Request Chain 304

https://d5p.de17a.com/cookies/google?google_gid=CAESEIy3Y_9xk-XT4uSx2YoeDsM&google_cver=1&google_push=ATf1kGPfkpUzZhxOLUB4Rr6spsY9x43ziLnDYjJtBTz_ziSCj9jHw3MNFzhCEwUfkFvOl0sKWVv2lNiDg2L_1zeBVrrpaIM7fT7sUw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPfkpUzZhxOLUB4Rr6spsY9x43ziLnDYjJtBTz_ziSCj9jHw3MNFzhCEwUfkFvOl0sKWVv2lNiDg2L_1zeBVrrpaIM7fT7sUw

Request Chain 307

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECcwiMyj6KF77oadbO2Ast0&google_cver=1&google_push=ATf1kGPhKmmwBbjOR8-Typ05QqJRMrlAtbQmywFZUwCtVhvm_YvHolVsbZe2NZ899iErFG6pB520kdjOOay_Iojr1p3GeFzv6bafog HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPhKmmwBbjOR8-Typ05QqJRMrlAtbQmywFZUwCtVhvm_YvHolVsbZe2NZ899iErFG6pB520kdjOOay_Iojr1p3GeFzv6bafog

Request Chain 308

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELcAfesAoKDY432PyOzz_b0&google_cver=1&google_push=ATf1kGNiY6PHAKy0A3-bppn-YRbBt1nQDxCdjZ0V4DgKFuZCQElUEg8Uhk0GV1bENG2idro3h6Bq-kzW8kySfjoIlPpTdyaPmFvWcUY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGNiY6PHAKy0A3-bppn-YRbBt1nQDxCdjZ0V4DgKFuZCQElUEg8Uhk0GV1bENG2idro3h6Bq-kzW8kySfjoIlPpTdyaPmFvWcUY

Request Chain 324

https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=g5bp0HxWVndQOFNKMDVlQUlvUm5OY09lc0srdTBhVnNNamNZalFveUNTcWRndVJRbWRTK3JkUEo0M3g0cXc2ai8reDJOckxlOXlwUFY2Q2pPRVRiQlR1dFVTV1JhREw1aytqKytaTkpTRGV6YlV5SWhZWmpNVmNJdzV6S0tDaW03REZTSStKamxzZ2xDUUpGb3pHVUpjT2FhcU5DbllWK1BNVmxiMFg0NHJqOHJJaG0zMEYrSGtVTTB2cEhQY2ZjSFkxYmp5REUwRGczZ216RFVzZnJpRVRmczAvN2oxR1VRS3dIVkg3VzM2ZkZ3U3ZZbUh2LzdkUFNrVTUvSnVrWGU2N3ZoZldxN0NhVkwvVFlScUw4QjMxVTNyQT09fA&cppv=2

353 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x6uf5z9e3262.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 423ms
102ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1324
Content-MD5: XPHdOVCmWyxrVVstkB9xGw==
Content-Type: text/html
Date: Sun, 21 May 2023 01:13:23 GMT
ETag: 0x8DB304DFD1C41BC
Last-Modified: Wed, 29 Mar 2023 12:06:12 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: a422b287-701e-0046-2581-8b768a000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 94ms
93ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-request-id: a422b2fd-701e-0046-1481-8b768a000000
Date: Sun, 21 May 2023 01:13:23 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 291ms
100ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 21 May 2023 01:13:23 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: a422b3e3-701e-0046-6f81-8b768a000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 190ms
96ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 21 May 2023 01:13:23 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: a422b364-701e-0046-7981-8b768a000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 743 B
681 B 332ms
131ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x6uf5z9e3262
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:24 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 404

GET
H2 200 nv.php Show response
www.cloakan.co/ 232 B
385 B 270ms
154ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:24 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 112

GET
H2 200 / Show response
ye-mek.net/ Frame 75C4 76 KB
76 KB 216ms
65ms Document
text/html 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/
Requested by: Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 83ba7fc956ef08c239767c08f97ac71a3c520cdec45b08fbcf6c9f51b0bcb7f4

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 77844
content-type: text/html; charset=utf-8
date: Sun, 21 May 2023 01:13:24 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 75C4 90 KB
33 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 553379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 May 2024 15:30:26 GMT

GET
H2 200 yemeknet.js Show response
ye-mek.net/js/ Frame 75C4 10 KB
11 KB 84ms
83ms Script
application/javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/js/yemeknet.js?v=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sun, 21 May 2023 01:13:24 GMT
last-modified: Tue, 20 Aug 2019 13:15:54 GMT
server: Microsoft-IIS/10.0
etag: "0a144655957d51:0"
x-powered-by: ASP.NET
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 10691

GET
H2 200 maincss.css
cdn.ye-mek.net/ Frame 75C4 40 KB
12 KB 157ms
7ms Stylesheet
text/css 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ye-mek.net/maincss.css?v=434
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 2822163
x-accel-date: 1681809442
x-77-nzt: AcO1rycJDnX/ExArAA
x-accel-expires: @1713345442
last-modified: Tue, 24 Nov 2020 00:00:32 GMT
server: CDN77-Turbo
etag: W/"5fbc4d20-9e5b"
x-77-nzt-ray: 25b02131fb3de22535706964b79f9e0d
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 75C4 117 KB
46 KB 42ms
19ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da26ab5b1ed87aea678637efb3c6c9cfaba6b998c146e228a98da50e215f3d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46529
x-xss-protection: 0
last-modified: Sun, 21 May 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 May 2023 01:13:25 GMT

GET
H2 200 searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame 75C4 542 B
894 B 16ms
9ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2822205
x-accel-date: 1681809400
content-length: 542
x-77-nzt: AcO1rydhiC7/PRArAA
x-accel-expires: @1713345400
last-modified: Sat, 22 Oct 2022 20:00:57 GMT
server: CDN77-Turbo
etag: "63544bf9-21e"
x-77-nzt-ray: 25b02131fb3de2253570696485acb00d
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ara.png
cdn.ye-mek.net/App_UI/Img/ Frame 75C4 2 KB
2 KB 7ms
7ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2822164
x-accel-date: 1681809441
content-length: 1651
x-77-nzt: AcO1ryfpkw3/FBArAA
x-accel-expires: @1713345441
last-modified: Mon, 14 May 2018 22:41:08 GMT
server: CDN77-Turbo
etag: "5afa1084-673"
x-77-nzt-ray: 25b02131fb3de22535706964abbf380e
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 isirgan-otu-kavurmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 75C4 18 KB
18 KB 10ms
10ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/isirgan-otu-kavurmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ce0da5330728f20b8d550536ffbc9aaebece54338daeacce50a2d30f932b3de0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 13415
x-accel-date: 1684618190
content-length: 18105
x-77-nzt: AcO1rycOg/D/ZzQAAA
x-accel-expires: @1716154190
last-modified: Sat, 20 May 2023 11:22:32 GMT
server: CDN77-Turbo
etag: "6468ad78-46b9"
x-77-nzt-ray: 25b02131fb3de22535706964062a470e
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-kuzu-sirt-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 75C4 15 KB
15 KB 9ms
9ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/firinda-kuzu-sirt-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7cb6faffffa513846dd5bd141fe16779c15082515289a027c827d53128bf07bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 100300
x-accel-date: 1684531305
content-length: 15367
x-77-nzt: AcO1ryfPSIf/zIcBAA
x-accel-expires: @1716067305
last-modified: Thu, 18 May 2023 11:54:43 GMT
server: CDN77-Turbo
etag: "64661203-3c07"
x-77-nzt-ray: 25b02131fb3de225357069641a0eb80e
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 buzlukta-karnabahar-saklama-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 75C4 13 KB
13 KB 13ms
7ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/buzlukta-karnabahar-saklama-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ddbdaa529ef1a352c2940b0ef1d03adb64c3abd41e9b0c7ba586aadb8e04eb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 183733
x-accel-date: 1684447872
content-length: 13260
x-77-nzt: AcO1ryczFuL/tc0CAA
x-accel-expires: @1715983872
last-modified: Thu, 18 May 2023 11:02:16 GMT
server: CDN77-Turbo
etag: "646605b8-33cc"
x-77-nzt-ray: 25b02131fb3de225357069645aaf0c0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 zeytinyagli-ic-bakla-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 75C4 18 KB
18 KB 15ms
8ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/zeytinyagli-ic-bakla-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ea8f240546897acbfea3e09edecabc3ae63892d59dd7ae5416ec1813f8278a53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 271465
x-accel-date: 1684360140
content-length: 18510
x-77-nzt: AcO1rye+8tz/aSQEAA
x-accel-expires: @1715896140
last-modified: Wed, 17 May 2023 20:56:06 GMT
server: CDN77-Turbo
etag: "64653f66-484e"
x-77-nzt-ray: 25b02131fb3de22535706964dcee2f0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 acem-koftesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/03/ Frame 75C4 14 KB
14 KB 17ms
10ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/03/acem-koftesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b0a9edd9406b9e846d2613b16def49dca3d2307816622cb274acc4d0d2314245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2822091
x-accel-date: 1681809514
content-length: 14065
x-77-nzt: AcO1ryeaMXn/yw8rAA
x-accel-expires: @1713345514
last-modified: Sun, 15 Mar 2020 20:02:10 GMT
server: CDN77-Turbo
etag: "5e6e89c2-36f1"
x-77-nzt-ray: 25b02131fb3de225357069640cd7340f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 meftune-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/05/ Frame 75C4 11 KB
12 KB 19ms
12ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/05/meftune-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7e6cadcc4078e0fbfc92f8e3decea2d269e88f56bf6a17795744c4c92f8f4f59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2822074
x-accel-date: 1681809531
content-length: 11563
x-77-nzt: AcO1rye6vkr/ug8rAA
x-accel-expires: @1713345531
last-modified: Wed, 01 May 2019 23:34:21 GMT
server: CDN77-Turbo
etag: "5cca2cfd-2d2b"
x-77-nzt-ray: 25b02131fb3de22535706964f980390f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tencerede-etli-patlican-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/08/ Frame 75C4 13 KB
13 KB 20ms
13ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/08/tencerede-etli-patlican-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8e2b2033aae5f2ebbc9b92291c3cdfa7a084429d21d85b382e39dfbd875b5f55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2817205
x-accel-date: 1681814400
content-length: 13086
x-77-nzt: AcO1ryeOkpn/tfwqAA
x-accel-expires: @1713350400
last-modified: Wed, 01 May 2019 23:03:11 GMT
server: CDN77-Turbo
etag: "5cca25af-331e"
x-77-nzt-ray: 25b02131fb3de2253570696488403d0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-kazan-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/06/ Frame 75C4 13 KB
13 KB 21ms
14ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/06/firinda-kazan-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8696856d40a33bb1143b9f31c9d507fccab76523f0f3e431bf6e03997017950e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2820464
x-accel-date: 1681811141
content-length: 13223
x-77-nzt: AcO1ryce+Zb/cAkrAA
x-accel-expires: @1713347141
last-modified: Wed, 01 May 2019 23:36:40 GMT
server: CDN77-Turbo
etag: "5cca2d88-33a7"
x-77-nzt-ray: 25b02131fb3de225357069648f07410f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hasuda-tatlisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame 75C4 13 KB
14 KB 23ms
16ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/hasuda-tatlisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 30fa114ebf33b9b401df7941f9bdc0610402a285010f1efd602201bba10edb95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2821839
x-accel-date: 1681809766
content-length: 13584
x-77-nzt: AcO1ryfS9N3/zw4rAA
x-accel-expires: @1713345766
last-modified: Tue, 21 Mar 2023 21:51:47 GMT
server: CDN77-Turbo
etag: "641a26f3-3510"
x-77-nzt-ray: 25b02131fb3de22535706964bf99440f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sam-durumu-tatlisi-resimli-yemek-tarifi(24).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/04/ Frame 75C4 16 KB
17 KB 23ms
17ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/04/sam-durumu-tatlisi-resimli-yemek-tarifi(24).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 06117894b914359714aca44cb7df9e37e5fc3d01fb7a9b78b0cd4d99f34dae2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2822041
x-accel-date: 1681809564
content-length: 16761
x-77-nzt: AcO1ryfRrYP/mQ8rAA
x-accel-expires: @1713345564
last-modified: Wed, 21 Apr 2021 02:21:49 GMT
server: CDN77-Turbo
etag: "607f8c3d-4179"
x-77-nzt-ray: 25b02131fb3de22535706964913c480f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kaygana-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/03/ Frame 75C4 12 KB
12 KB 23ms
17ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/03/kaygana-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7db39f0b9931b338e9cd0eabeef7fd618ace0e5bc5990061ce13a0a2ed8e8a0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2814448
x-accel-date: 1681817157
content-length: 11893
x-77-nzt: AcO1ryf5NID/8PEqAA
x-accel-expires: @1713353157
last-modified: Wed, 01 May 2019 23:14:01 GMT
server: CDN77-Turbo
etag: "5cca2839-2e75"
x-77-nzt-ray: 25b02131fb3de22535706964af544a0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 yagli-kofte-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/12/ Frame 75C4 15 KB
15 KB 23ms
17ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/12/yagli-kofte-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 61ef244a7f7b27ce2c69ff28e1bb69f7bac2e6be7fe6dbbbcb82feeb11db7d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2818971
x-accel-date: 1681812634
content-length: 15394
x-77-nzt: AcO1rycAsxb/mwMrAA
x-accel-expires: @1713348634
last-modified: Fri, 17 Dec 2021 23:00:27 GMT
server: CDN77-Turbo
etag: "61bd168b-3c22"
x-77-nzt-ray: 25b02131fb3de225357069642c8d4c0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kofteli-patates-dizmesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 75C4 16 KB
16 KB 23ms
17ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/kofteli-patates-dizmesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 089371c2d0c637c172d5af2ba670a229c49df18790fa29a8c9a3d4af7796f2c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2821839
x-accel-date: 1681809766
content-length: 16315
x-77-nzt: AcO1rycPtd//zw4rAA
x-accel-expires: @1713345766
last-modified: Fri, 22 May 2020 22:51:08 GMT
server: CDN77-Turbo
etag: "5ec8575c-3fbb"
x-77-nzt-ray: 25b02131fb3de2253570696406df710f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tencerede-izmir-kofte-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/04/ Frame 75C4 13 KB
14 KB 23ms
17ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/04/tencerede-izmir-kofte-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 68f8702c1d3fb44f6df07969952f51be1ce1a0be2dbf71c1831f0ccca70085d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2821469
x-accel-date: 1681810136
content-length: 13539
x-77-nzt: AcO1rydT3RL/XQ0rAA
x-accel-expires: @1713346136
last-modified: Wed, 01 May 2019 23:47:34 GMT
server: CDN77-Turbo
etag: "5cca3016-34e3"
x-77-nzt-ray: 25b02131fb3de225357069641252740f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hunkar-begendi-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/03/ Frame 75C4 12 KB
13 KB 23ms
18ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/03/hunkar-begendi-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ca52a0eec13c48696bf05cbe5e76a0b67c73967c1f8825cfe4b733e24a775580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2821469
x-accel-date: 1681810136
content-length: 12532
x-77-nzt: AcO1ryfuZAr/XQ0rAA
x-accel-expires: @1713346136
last-modified: Wed, 01 May 2019 23:32:05 GMT
server: CDN77-Turbo
etag: "5cca2c75-30f4"
x-77-nzt-ray: 25b02131fb3de22535706964bb98760f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 beyti-kebabi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/06/ Frame 75C4 13 KB
14 KB 23ms
18ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/06/beyti-kebabi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 10a53c815898ee13fa3584ffc789a348963965f77264875937a1e7941538c572

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2821898
x-accel-date: 1681809707
content-length: 13533
x-77-nzt: AcO1ryf5lv7/Cg8rAA
x-accel-expires: @1713345707
last-modified: Wed, 01 May 2019 23:01:16 GMT
server: CDN77-Turbo
etag: "5cca253c-34dd"
x-77-nzt-ray: 25b02131fb3de2253570696451a0780f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-tas-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame 75C4 14 KB
15 KB 23ms
18ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/tavuklu-tas-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5c43ed02f9d0a2a773e7f13c481df34f9de77c425c368f5cb3398d7e67152e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2822170
x-accel-date: 1681809435
content-length: 14751
x-77-nzt: AcO1rycj1Vf/GhArAA
x-accel-expires: @1713345435
last-modified: Wed, 05 May 2021 00:03:16 GMT
server: CDN77-Turbo
etag: "6091e0c4-399f"
x-77-nzt-ray: 25b02131fb3de22535706964ef5b7a0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 patates-puresinde-tavuk-sote-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/04/ Frame 75C4 16 KB
17 KB 23ms
18ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/04/patates-puresinde-tavuk-sote-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3bc501087c297a6f3d740843828eabab1f7f9de9787718f2ec63952faedbec0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2821838
x-accel-date: 1681809767
content-length: 16839
x-77-nzt: AcO1ryfSuIL/zg4rAA
x-accel-expires: @1713345767
last-modified: Tue, 04 Apr 2023 21:50:39 GMT
server: CDN77-Turbo
etag: "642c9baf-41c7"
x-77-nzt-ray: 25b02131fb3de22535706964964b7c0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 terbiyeli-tavuk-pirzola-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/08/ Frame 75C4 14 KB
15 KB 23ms
18ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/08/terbiyeli-tavuk-pirzola-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a8f7c822ad63a849206f187b5b4d812340f1b9a6b276d4b65d5510d7eea52657

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2821839
x-accel-date: 1681809766
content-length: 14639
x-77-nzt: AcO1ryfCO4j/zw4rAA
x-accel-expires: @1713345766
last-modified: Thu, 26 Aug 2021 20:42:20 GMT
server: CDN77-Turbo
etag: "6127fcac-392f"
x-77-nzt-ray: 25b02131fb3de22535706964d90e7e0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-besamel-soslu-tavuklu-brokoli-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/12/ Frame 75C4 11 KB
12 KB 23ms
18ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/12/firinda-besamel-soslu-tavuklu-brokoli-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d3e1f63cb9af3441911ffa72bf09eddacabf139270f046400954486fd1b4170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2820742
x-accel-date: 1681810863
content-length: 11573
x-77-nzt: AcO1rydIG9L/hgorAA
x-accel-expires: @1713346863
last-modified: Wed, 01 May 2019 22:51:45 GMT
server: CDN77-Turbo
etag: "5cca2301-2d35"
x-77-nzt-ray: 25b02131fb3de2253570696464ac7f0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 etli-kapuska-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/11/ Frame 75C4 15 KB
16 KB 23ms
19ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/11/etli-kapuska-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b9e6152eae010599803ae5f12dc1df3620259dd27248f3652a53140a4347a057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2818884
x-accel-date: 1681812721
content-length: 15584
x-77-nzt: AcO1ryeqa2X/RAMrAA
x-accel-expires: @1713348721
last-modified: Thu, 18 Nov 2021 23:27:50 GMT
server: CDN77-Turbo
etag: "6196e176-3ce0"
x-77-nzt-ray: 25b02131fb3de22535706964b14f810f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 zeytinyagli-kabak-kavurmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/07/ Frame 75C4 11 KB
11 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/07/zeytinyagli-kabak-kavurmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 59c6dfd49e7a076fc3232a038849e1b1fd128ac60e3f2a84a2da80b5cc427b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2818667
x-accel-date: 1681812938
content-length: 11274
x-77-nzt: AcO1ryfZp6r/awIrAA
x-accel-expires: @1713348938
last-modified: Fri, 12 Jul 2019 20:33:37 GMT
server: CDN77-Turbo
etag: "5d28eea1-2c0a"
x-77-nzt-ray: 25b02131fb3de22535706964d32f830f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kasarli-karnabahar-koftesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame 75C4 15 KB
15 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/kasarli-karnabahar-koftesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a9e0c3f2f8aa72179351f0b5edcde6cfcf708285785c4a358331e05da8bff5a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2821839
x-accel-date: 1681809766
content-length: 14949
x-77-nzt: AcO1rydDjTD/zw4rAA
x-accel-expires: @1713345766
last-modified: Wed, 09 Dec 2020 00:07:17 GMT
server: CDN77-Turbo
etag: "5fd01535-3a65"
x-77-nzt-ray: 25b02131fb3de2253570696404ba840f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pirincli-domates-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/08/ Frame 75C4 15 KB
15 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/08/pirincli-domates-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5edbd7e44da663fe3154846ac383a1516e681e69cd5fe15fa24331914a73904e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2816024
x-accel-date: 1681815581
content-length: 15141
x-77-nzt: AcO1rye8KkP/GPgqAA
x-accel-expires: @1713351581
last-modified: Fri, 21 Aug 2020 22:33:50 GMT
server: CDN77-Turbo
etag: "5f404bce-3b25"
x-77-nzt-ray: 25b02131fb3de225357069646365860f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-mercimek-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/06/ Frame 75C4 10 KB
11 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/06/tavuklu-mercimek-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: bd9b3105907a46f1a808c0fc4b8223e88064cbb5a3606ad642b34b8168388566

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2821838
x-accel-date: 1681809767
content-length: 10682
x-77-nzt: AcO1rydWD4T/zg4rAA
x-accel-expires: @1713345767
last-modified: Wed, 01 May 2019 23:35:36 GMT
server: CDN77-Turbo
etag: "5cca2d48-29ba"
x-77-nzt-ray: 25b02131fb3de22535706964373b880f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tutmac-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/04/ Frame 75C4 14 KB
14 KB 24ms
20ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/04/tutmac-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b50ffd6561ea35566998d330555e5df43a5d0846cd846909883a47b72b696081

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2821217
x-accel-date: 1681810388
content-length: 14163
x-77-nzt: AcO1ryc+c+z/YQwrAA
x-accel-expires: @1713346388
last-modified: Sat, 25 Apr 2020 01:28:29 GMT
server: CDN77-Turbo
etag: "5ea3923d-3753"
x-77-nzt-ray: 25b02131fb3de22535706964a6b6890f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 lokanta-usulu-yayla-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/05/ Frame 75C4 12 KB
12 KB 24ms
20ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/05/lokanta-usulu-yayla-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 06c585d06e09e4eabb2f6c30698667352dd8a4249cf708486fe96409f531a4de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2822173
x-accel-date: 1681809432
content-length: 12361
x-77-nzt: AcO1ryfkeQr/HRArAA
x-accel-expires: @1713345432
last-modified: Wed, 01 May 2019 23:34:23 GMT
server: CDN77-Turbo
etag: "5cca2cff-3049"
x-77-nzt-ray: 25b02131fb3de22535706964445d8b0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 suleymaniye-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/09/ Frame 75C4 9 KB
10 KB 24ms
20ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/09/suleymaniye-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a4a0c11a8a2ab6d690d760fa20b53c03ea59a06825be78f8374a094ce9a9101a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2814170
x-accel-date: 1681817435
content-length: 9395
x-77-nzt: AcO1ryelS3//2vAqAA
x-accel-expires: @1713353435
last-modified: Sun, 01 Sep 2019 21:03:44 GMT
server: CDN77-Turbo
etag: "5d6c3230-24b3"
x-77-nzt-ray: 25b02131fb3de2253570696492f68c0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kozalak-tatlisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/02/ Frame 75C4 13 KB
14 KB 24ms
20ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/02/kozalak-tatlisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: eb20f1c11a784518e218b27495f577f8316eef934d8c5e34e1beb983e78df4b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2819497
x-accel-date: 1681812108
content-length: 13761
x-77-nzt: AcO1ryeEZOf/qQUrAA
x-accel-expires: @1713348108
last-modified: Wed, 01 May 2019 23:30:31 GMT
server: CDN77-Turbo
etag: "5cca2c17-35c1"
x-77-nzt-ray: 25b02131fb3de2253570696487918e0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tepsi-pastasi-resimli-yemek-tarifi(24).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/11/ Frame 75C4 13 KB
13 KB 24ms
21ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/11/tepsi-pastasi-resimli-yemek-tarifi(24).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 533d8ffc4c1408daebf6f167d5edecb89e85a63b896fee8bf9e952e054c4b6c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 13415
x-accel-date: 1684618190
content-length: 13204
x-77-nzt: AcO1ryc+zxz/ZzQAAA
x-accel-expires: @1716154190
last-modified: Wed, 01 May 2019 23:41:01 GMT
server: CDN77-Turbo
etag: "5cca2e8d-3394"
x-77-nzt-ray: 25b02131fb3de22535706964c083900f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 baba-tatlisi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/09/ Frame 75C4 10 KB
11 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/09/baba-tatlisi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5c94dbc62949d4f1b130766f2640fbe13aecba7a93a753d0a62d0d80feb3cefb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2821984
x-accel-date: 1681809621
content-length: 10724
x-77-nzt: AcO1rycv1LL/YA8rAA
x-accel-expires: @1713345621
last-modified: Wed, 01 May 2019 23:05:30 GMT
server: CDN77-Turbo
etag: "5cca263a-29e4"
x-77-nzt-ray: 25b02131fb3de22535706964271b920f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firin-posetinde-kabak-tatlisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame 75C4 14 KB
14 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/firin-posetinde-kabak-tatlisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3aadd556481555830157191cf0cf905f6fd863732b6ebab18cace98b411ff2d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2820817
x-accel-date: 1681810788
content-length: 14314
x-77-nzt: AcO1ryfUN1//0QorAA
x-accel-expires: @1713346788
last-modified: Sat, 26 Dec 2020 22:56:49 GMT
server: CDN77-Turbo
etag: "5fe7bfb1-37ea"
x-77-nzt-ray: 25b02131fb3de225357069644cc9930f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ispanyol-omleti-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/07/ Frame 75C4 9 KB
9 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/07/ispanyol-omleti-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 032d6b62e0c227635ed9778096b422f7e09c9686c3ca267c092b4dec728e3c8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2819763
x-accel-date: 1681811842
content-length: 9109
x-77-nzt: AcO1ryes/Ij/swYrAA
x-accel-expires: @1713347842
last-modified: Wed, 01 May 2019 23:37:08 GMT
server: CDN77-Turbo
etag: "5cca2da4-2395"
x-77-nzt-ray: 25b02131fb3de22535706964ed84950f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mantarli-kasarli-omlet-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/09/ Frame 75C4 11 KB
12 KB 25ms
22ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/09/mantarli-kasarli-omlet-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6d008456b54f647fa8c3ccf31d17f12a19b9cb78522442ff236392bccacd93b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2819762
x-accel-date: 1681811843
content-length: 11742
x-77-nzt: AcO1ryfr5Fn/sgYrAA
x-accel-expires: @1713347843
last-modified: Tue, 03 Sep 2019 21:58:15 GMT
server: CDN77-Turbo
etag: "5d6ee1f7-2dde"
x-77-nzt-ray: 25b02131fb3de225357069644e3f970f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-peynirli-pirasa-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/12/ Frame 75C4 12 KB
13 KB 25ms
22ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/12/firinda-peynirli-pirasa-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a922254e89c4606e02b4490153175d02cb137c4799e0dc602a28216816980817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 38996
x-accel-date: 1684592609
content-length: 12735
x-77-nzt: AcO1ryfoTwL/VJgAAA
x-accel-expires: @1716128609
last-modified: Wed, 01 May 2019 23:10:09 GMT
server: CDN77-Turbo
etag: "5cca2751-31bf"
x-77-nzt-ray: 25b02131fb3de22535706964227d990f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mayasiz-peynirli-dereotlu-pogaca-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/02/ Frame 75C4 13 KB
13 KB 25ms
22ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/02/mayasiz-peynirli-dereotlu-pogaca-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2c73a4fd0fd7485832d724635a0f83d873e3ad95fdcd2dfa9479f3839f9252d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2815026
x-accel-date: 1681816579
content-length: 12895
x-77-nzt: AcO1ryebz5r/MvQqAA
x-accel-expires: @1713352579
last-modified: Thu, 13 Feb 2020 22:21:38 GMT
server: CDN77-Turbo
etag: "5e45cbf2-325f"
x-77-nzt-ray: 25b02131fb3de22535706964772c9b0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 _dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame 75C4 5 KB
6 KB 45ms
11ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:25 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "8ae3cdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1684631605.cds269.fr8.hn,1684631605.cds153.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length: 5605

GET addthis_widget.js
s7.addthis.com/js/300/ Frame 75C4 0
0

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ Frame 75C4 465 B
585 B 45ms
12ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:25 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1684631605.cds269.fr8.hn,1684631605.cds057.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 75C4 51 KB
21 KB 42ms
8ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 21 May 2023 00:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2266
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sun, 21 May 2023 02:35:39 GMT

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ Frame 75C4 74 KB
26 KB 361ms
52ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19498
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a0847b5e0373e2fd011803f2dc04baa326f849fe2b2684b4e89cb11122cb5b17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:25 GMT
content-encoding: gzip
last-modified: Thu, 18 May 2023 15:23:45 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 75C4 3 KB
3 KB 41ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c81d381a19a31fdbab018060f48649337198f96c444086f63ac21b5760107019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 21 May 2023 01:13:25 GMT
content-md5: V/HaONlvdj2KVZY78HzS7Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
x-fb-rlafr: 0
x-fb-debug: 2hFhUN8a6RmlsKU53df54RUEmVITK0EDrfceFtz8/b/8cLeoMabwxR/ByUjPG6DoZ6tmQWfdvtBeQKqLP1tHGw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 63b88d58bdf0c59aba9e26739274bd3d
cross-origin-opener-policy: same-origin-allow-popups
etag: "fc7d7671c930566d2a533ddd89c73cb6"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 21 May 2023 01:24:07 GMT

GET
H2 200 sprite_3.png
cdn.ye-mek.net/grafik/ Frame 75C4 21 KB
21 KB 23ms
22ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by: Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ye-mek.net/maincss.css?v=434
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 21 May 2023 01:13:25 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2822163
x-accel-date: 1681809442
content-length: 21525
x-77-nzt: AcO1ryfm9D7/ExArAA
x-accel-expires: @1713345442
last-modified: Mon, 14 May 2018 20:55:05 GMT
server: CDN77-Turbo
etag: "5af9f7a9-5415"
x-77-nzt-ray: 25b02131fb3de2253570696415559d0f
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H3 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 75C4 301 KB
85 KB 18ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=4f9e6af20b5d9e00a3c33fff0948ae2a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3fbcc045c1dc30eaf97fb51fe3240ab033239cfc8ec4422f3a557ba10fbdb4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 21 May 2023 01:13:25 GMT
content-md5: YmKCli+l74Ai9EisrA1/OQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87269
x-fb-rlafr: 0
x-fb-debug: GtO9NDWzGZNVaSGmv5rQf2uba2Nvb+uhLPeaI75yBiYyF3u/4TiS6+cEabQyb2McIKaFVpFU/BKaDsbjV31bxw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 17dbdf5d58c7192fc34feb67beea4c18
cross-origin-opener-policy: same-origin-allow-popups
etag: "66bbb789cb74d6e1e257ea4128e18deb"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Mon, 20 May 2024 00:10:06 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 75C4 76 KB
25 KB 68ms
46ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22b461732a145ca5f79987abc86b719e27a7672f37d263867a23bfb1b99d20d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25311
x-xss-protection: 0
server: cafe
etag: 535 / 19498 / 31074710 / config-hash: 12351717780372853951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 21 May 2023 01:13:25 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 75C4 120 B
306 B 49ms
49ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:25 GMT
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame EA6C 891 B
1 KB 50ms
49ms Document
text/html 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Sun, 21 May 2023 01:13:25 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 75C4 136 KB
47 KB 51ms
28ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99cb03a6c5017ee44a4d9e8a1490d00e233016218a95c29ee548a8f9ba659754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47514
x-xss-protection: 0
server: cafe
etag: 4777377750465828274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 21 May 2023 01:13:25 GMT

GET
H2 200 prebid7.38.0.js Show response
static.virgul.com/theme/mockups/outside/ Frame 75C4 489 KB
182 KB 62ms
62ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:25 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:56:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 75C4 230 KB
57 KB 35ms
10ms Script
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:48:23 GMT
content-encoding: gzip
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
last-modified: Wed, 10 May 2023 21:23:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 1503
etag: W/"e6af4658ab1a6fdde1f0066b27d5372e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: pzgK5mEJorfneL2g4PmK7FmLEYgaQh2geypzQNvC_vkhILHFRm7evg==

GET
H2 200 pageview Show response
ng.virgul.com/ Frame 75C4 37 KB
7 KB 312ms
82ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1684631605674&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.014809994942396543
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: c99efd6eb48d2d82d6851a147cd70e041f2ee9d579d251e04f545ced342639b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:25 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/fallback/ Frame 75C4 12 KB
2 KB 50ms
50ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19498
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 58712a4f1909f78e6b3cb7b01dfbb8e2952037880985e4fc91ccf08d37a7bd84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:25 GMT
content-encoding: gzip
last-modified: Sun, 14 May 2023 21:52:48 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 hb Show response
ng.virgul.com/ Frame 75C4 49 KB
5 KB 286ms
60ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=467953
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: afc54b639e8a146f5abf77ea08e90afcbf4cf85546138ad591fb5fa3a985f485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:25 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 75C4 0
306 B 9ms
8ms XHR
text/plain 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 19:39:08 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 20057
x-cache: Hit from cloudfront
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: gNVDD8iWI2aX75ekOVfMLv-6n_-zIytjlx8M1wtwWXahAq6Pyj5UlQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 75C4 6 KB
3 KB 25ms
8ms XHR
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding: gzip
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
date: Sat, 20 May 2023 21:17:03 GMT
x-amz-cf-pop: FRA2-C1
age: 70154
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 11 May 2023 21:16:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: KNTpQtFlOh8u3PTexJNvVQ02XEohak0ratVo8gJII7PmuZb25Yb-tA==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame 75C4 355 KB
120 KB 54ms
38ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14817d6a5f18f51a3e30cef055c442d64c626ed8e0f5d82ae4d8547b5d9de384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122658
x-xss-protection: 0
server: cafe
etag: 12212364107656909104
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 21 May 2023 01:13:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/ Frame 8534 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 15:37:11 GMT
etag: 15057649708203361565
expires: Sat, 03 Jun 2023 15:37:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/ Frame 75C4 407 KB
126 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c909c28a92bf7b48807218b7eb333d2e6700bd123064a9625b63e36764ae3d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 20:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17174
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128419
x-xss-protection: 0
server: cafe
etag: 9945815184239927542
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 19 May 2024 20:27:11 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 75C4 107 B
531 B 42ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 75C4 107 B
456 B 42ms
17ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 46EB 603 B
218 B 59ms
58ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631605755&bpp=3&bdt=677&idt=85&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&nras=1&correlator=7848161654836&frm=24&ife=1&pv=2&ga_vid=1606866872.1684631605&ga_sid=1684631606&ga_hid=106614699&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759842%2C44759875%2C44788441%2C44789779&oid=2&pvsid=2956025681526129&tmod=1553968372&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.6mno76lntkpe&fsb=1&dtd=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 empowerwebplayer3.js Show response
static.virgul.com/theme/mockups/outside/ Frame 75C4 9 KB
3 KB 51ms
51ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:25 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 09:38:48 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 75C4 483 B
1 KB 143ms
13ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 01:13:26 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1048566
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgzAUfuyCl36grLSUDD5ZgyRMfjNtS2vCiAnYYvbgh%2Fi1Njka1Y9FcmdHCi7%2BVTcZM%2B%2Bx%2FH7kVtQnbWt79KGDyHknC6SkgJMNwr4cmRZt9yGl26%2BoMV8S6K0nUOsZjoALZ0UIphTBAvgRH7L"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7ca8f4f25f3a1d90-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 75C4 23 B
460 B 237ms
110ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=dyVP6BMDiPWOg&cb=0&ws=1600x1200&v=23.505.1627&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: S3Z5E0RY5M7MDRDT9DNC
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: plAE2nMjCVJJLbXkZrszS4sHqzM5BKnB8rpGlzG8wZiQ3lI3QyiYpw==

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/sites/ Frame 75C4 11 KB
5 KB 114ms
113ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=467953
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 09:08:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ Frame 75C4 17 KB
5 KB 135ms
6ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:51:09 GMT
content-encoding: gzip
age: 1337
x-guploader-uploadid: ADPycdtufa7Y15-BJuK_WXFR1w6HKBUhD7O16jNTsloXUtJwP6xltufG-sTAtjHcoMTmakYcLN_I40EKYyURqHzZr88PdLcjpPbA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
last-modified: Fri, 20 Jan 2023 18:31:19 GMT
server: UploadServer
etag: "b3517e216253857ea8c4209cb84004df"
vary: Accept-Encoding
x-goog-generation: 1674239479122517
x-goog-hash: crc32c=rClt4g==, md5=s1F+IWJThX6oxCCcuEAE3w==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 4955
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ Frame 75C4 0
209 B 113ms
113ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1684631605994&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnet342eace4-dea7-4cff-ab23-5dd40df209ff&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.5033073196831512
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 21 May 2023 01:13:26 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 75C4 107 B
165 B 120ms
118ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 75C4 107 B
165 B 120ms
119ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 75C4 26 KB
11 KB 363ms
362ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2956025681526129&correlator=4134935969893734&eid=31072020%2C31073865%2C31074171%2C31074682%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684631605674%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet342eace4-dea7-4cff-ab23-5dd40df209ff%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet342eace4dea74cffab235dd40df209ff&sc=1&cdm=ye-mek.net&abxe=1&dt=1684631606029&lmt=1684631606&dlt=1684631605078&idt=747&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=27dhqrc1azbh&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1606866872.1684631605&ga_sid=1684631606&ga_hid=106614699&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

350d847d9ddc3df8ff830adcc2a867fa1cd7f8abed7bb63dce564af67c70df49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11298
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425583957
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F98 6 KB
3 KB 119ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:26 GMT
expires: Mon, 20 May 2024 01:13:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 75C4 24 B
397 B 593ms
173ms XHR
application/json 63.251.14.60
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.38.0
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.60 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 5a70edb812a423980a2a2e09aaa405e756562f9ae8be2bec35cdf85ff47d66c1

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 21 May 2023 01:13:26 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ye-mek.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST /
hb.emxdgt.com/ Frame 75C4 0
0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 75C4 0
142 B 193ms
41ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=43&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 75C4 0
141 B 193ms
41ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=45&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 75C4 0
141 B 193ms
42ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=44&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 75C4 0
141 B 194ms
42ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=80&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 prebid Show response
mp.4dex.io/ Frame 75C4 0
281 B 114ms
29ms XHR
text/plain 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
x-err: Parsing the Prebid Request. adrequest and manager domains do not match
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7ca8f4f26d7118d8-FRA
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 75C4 19 B
814 B 108ms
15ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 01:13:26 GMT
AN-X-Request-Uuid: ddd495e1-6291-4f31-be5f-6a4fc021b446
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 75C4 2 KB
2 KB 198ms
91ms XHR
application/json 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a52ab1285c2fe36abb1ab3f6f299d736e7b41a382b41eb27a99614179579ac41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://ye-mek.net
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 75C4 0
212 B 195ms
36ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.38.0&cb=32653016146&lsavail=0

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 21 May 2023 01:13:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://ye-mek.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 200 bid-request Show response
a.teads.tv/hb/ Frame 75C4 16 B
377 B 125ms
43ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 21 May 2023 01:13:26 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 75C4 173 B
399 B 83ms
9ms XHR
application/json 3.76.67.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.76.67.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-76-67-2.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2bf8b00455ab9e961e6f7eec43decf2d7428ce6a5166b7e9a66b07aa4737c567

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
x-prebid: pbs-java/1.119.0
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 75C4 416 B
741 B 187ms
108ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862172&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=34c4090d-2518-4abb-ab85-979493cb02ff%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&tk_flint=pbjs_lite_v7.38.0&x_source.tid=e4c645af-3b31-46a9-b408-f6898552b027&l_pb_bid_id=43577e085a5c198&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6845060977800743
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0176a1a529fe1debdef0c37f3c662558f8c1331b21a23a42e2daf4b2d2d1f921

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 416
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 75C4 410 B
956 B 182ms
103ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862174&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=34c4090d-2518-4abb-ab85-979493cb02ff%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&tk_flint=pbjs_lite_v7.38.0&x_source.tid=8c7e0b31-7fe2-47cd-9dcf-e66e274c502d&l_pb_bid_id=44d72406da8e522&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.27487453583105026
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7fe20f94f7911d9fd80246050a5b0a6ba9b39f40021c07890c315431bacce19a

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 410
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 75C4 8 KB
4 KB 275ms
196ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746578&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C55%2C57&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=34c4090d-2518-4abb-ab85-979493cb02ff%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead&tk_flint=pbjs_lite_v7.38.0&x_source.tid=b632a8ac-d0af-4f55-a283-4cb1923110e4&l_pb_bid_id=45ab2e0524e93c4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8780790612442599
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 012507b5fdca4f3fdb6456805c89554a13e2c513579043c692a1d2fb247c62d6

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 75C4 12 KB
5 KB 206ms
128ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746730&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=34c4090d-2518-4abb-ab85-979493cb02ff%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=edcfbab1-4d0b-4ef6-879e-7f8571f698c4&l_pb_bid_id=46aa8127065362b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2779915191891278
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 275ba215efbc5194cfcc9edb7c977145adac73394965ce26dc46fca2a5504f4f

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 75C4 397 B
722 B 185ms
107ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746580&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=34c4090d-2518-4abb-ab85-979493cb02ff%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=280ca192-a505-4337-88bd-60cf90d0d651&l_pb_bid_id=4750205ea31ef8f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8529619563930508
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c910d13254908dbf2521da5a86363ed5328adc0decc7608c2135f7514518bd18

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 397
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 75C4 408 B
733 B 184ms
106ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862158&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=34c4090d-2518-4abb-ab85-979493cb02ff%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&tk_flint=pbjs_lite_v7.38.0&x_source.tid=5bc12f09-9d2d-4431-905e-581a79696f0d&l_pb_bid_id=496afc0fe7034f5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4230315616482607
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 51849e49392c60728111494c15716b684bb111de17eef186b753d76c9cd20335

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 408
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 75C4 0
112 B 113ms
37ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 21 May 2023 01:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 75C4 1 KB
2 KB 181ms
86ms XHR
application/json 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d8253c356b5991345fbdcb261d98bfad3a4a45e5211b8569a9fe6899704cc4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://ye-mek.net
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 75C4 19 B
814 B 95ms
15ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 01:13:26 GMT
AN-X-Request-Uuid: db7ded14-1f6a-4e27-b7c3-31f6ddb92cb6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ Frame 75C4 7 KB
3 KB 326ms
50ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19498
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sun, 28 May 2023 01:13:26 GMT

GET
H2 200 zoneview
ng.virgul.com/ Frame 75C4 0
209 B 53ms
49ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1684631606137&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnet342eace4-dea7-4cff-ab23-5dd40df209ff&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.06381541406478597
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 21 May 2023 01:13:26 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 tag Show response
feed.pghub.io/ Frame 98DC 13 B
257 B 105ms
20ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Sun, 21 May 2023 01:13:26 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 75C4 74 KB
23 KB 35ms
19ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 01:13:26 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1275714
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUG%2BGJmTxa2FzdP0Qxv5YQdp%2FhusbkOkMVx5TN%2BGnMNn3dNWfUFcqIslb52vUEYx7hMh2q%2FC6DriBRHtHkfSuTxyLR4m%2FP9FUO4C3u1HDcS%2Fh2LW1VCju16bwqOjQjN%2F6fDnzciI9ex%2F%2BZ7b"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7ca8f4f29ca36916-FRA

POST
H/1.1 200
OK cache Show response
prebid.adnxs.com/pbc/v1/ Frame 75C4 63 B
320 B 81ms
15ms XHR
application/json 185.89.208.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbc/v1/cache
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: d1fea1a1c2a23246ad78092cfc1629792fc1927112100bf71486c7dc0e7f9058

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 21 May 2023 01:13:26 GMT
Server: nginx/1.21.3
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://ye-mek.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 63

GET
H2 200 container.html Show response
6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DD03 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:26 GMT
expires: Mon, 20 May 2024 01:13:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 75C4 359 KB
120 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77851be5afb51840c7809b09bcaf75d2220513c2d5a3ac5fb66b173cd3032c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122524
x-xss-protection: 0
expires: Sun, 21 May 2023 01:13:26 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ Frame 75C4 399 KB
128 KB 56ms
56ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=5/21/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e183dfed35d6921278c39359a5d34fbb9dfaaf4f990ec6d210a7217a95e897db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
last-modified: Mon, 06 Mar 2023 16:42:16 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sun, 28 May 2023 01:13:26 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DD03 24 KB
7 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 14:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 123671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 May 2024 14:52:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DD03 135 KB
46 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

636d06e79301d085b33ecd6961e4ed4dea2ba53f88bcd76e518b67dcc351a96d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
Origin: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47335
x-xss-protection: 0
server: cafe
etag: 11472704045305986993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 21 May 2023 01:13:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD03 170 KB
53 KB 45ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 01:13:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DD03 0
0 48ms
47ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVRcKMM7gBuuyYbXYVZ2by_3buktlFQSG2oWMifJctypVFnw9mt8DomxsgSuIi7hHvYcTClhkuMNWTBzp54NnjT77EdW1DymzxZLeDvZBAZX00mjlwTXhA2kp_3Fv19AIw8d8xwkj2FbD3cgBqBk53NFZXWtSHSQX9hR3a7BQyV_5SPvpzduVYdecVfOHtj4p807IqvNJWz_NKk8us6LiEF43JKxH5MMLl_1jUX6KGPco7QdpuAaKOfr3bx7FXyxa6wzgLvNrUHBFJs03H2kck5uJyyJNJy22T4Ozm5uKKFc2sTGc6YR8xB0iRGzyOW77tdrItLuK6PtVRkxFQs4XT48kkTM2mjMwfwaq14rCi9kVDgqY&sai=AMfl-YRBrv-8ezmiLQRwUdCf0-oUZE22_tL7et0D61fnJeW3QEMLqUgT1n00yLpkAweuSMNQsAp85egFBsp7l61byzlV9frh4OQTaoSiExyysGcJj4jjn4anUl3lXnaspA&sig=Cg0ArKJSzCSNYVn76nNaEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame DD03 355 KB
120 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1722a72ddc413a493d56a297350e68b7f376ac4352a2744356aa30c47f1aab39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122658
x-xss-protection: 0
server: cafe
etag: 2425285218513909009
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 21 May 2023 01:13:26 GMT

GET
DATA 200
OK truncated
/ Frame DD03 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6f3d2d3a07f89fc97ad747856637fd7d2347625848fcc361c3b500808a7374a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame DD03 107 B
122 B 20ms
20ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame DD03 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 162D 0
16 B 66ms
66ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631606501&bpp=8&bdt=63&idt=78&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&nras=1&correlator=6835022087184&frm=8&ife=1&pv=2&ga_vid=622753124.1684631607&ga_sid=1684631607&ga_hid=855266032&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=600283665&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759837%2C31071755%2C44788441%2C44789923&oid=2&pvsid=3797269709545832&tmod=905752032&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.v8skk3762gs1&fsb=1&dtd=95

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 50DE 32 KB
13 KB 169ms
169ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631606509&bpp=1&bdt=71&idt=90&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6835022087184&frm=8&ife=1&pv=1&ga_vid=622753124.1684631607&ga_sid=1684631607&ga_hid=855266032&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=600283665&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759837%2C31071755%2C44788441%2C44789923&oid=2&pvsid=3797269709545832&tmod=905752032&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8rwbedpuusmu&fsb=1&dtd=93

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c2730ef2f8b327ae1aa59e0a1d2e9e389cc59010504fb56290b0710b93c5513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13628
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 75C4 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 75C4 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 75C4 28 KB
11 KB 254ms
253ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2956025681526129&correlator=1167049207994264&eid=31072020%2C31073865%2C31074171%2C31074682%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=3&adks=3203893797&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D3.19%26hb_adid%3D69001a8155973f7%26hb_bidder%3Dadformpbs%26hb_format_adformpbs%3Dbanner%26hb_size_adformpbs%3D300x600%26hb_pb_adformpbs%3D3.19%26hb_adid_adformpbs%3D69001a8155973f7%26hb_bidder_adformpbs%3Dadformpbs%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D0.79%26hb_adid_rubicon%3D707cab3d8c6d3d8%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D3.19&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684631605674%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet342eace4-dea7-4cff-ab23-5dd40df209ff%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet342eace4dea74cffab235dd40df209ff&sc=1&cdm=ye-mek.net&abxe=1&dt=1684631606679&lmt=1684631606&dlt=1684631605078&idt=747&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=gbn1g0cnl32m&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvjxVPGgZzNNP7aPlfyx7d7uCGnSSer3auS4U-Qi1UaU4rDq2WbZsWwWqWqEEj4GkTd0pYKcnY14z6VyAO7Qog&ga_vid=1606866872.1684631605&ga_sid=1684631606&ga_hid=106614699&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8be41dcd90e9ada14698b4def48648a88968582eb8ecd8fceaa1c1efd68623f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11626
x-xss-protection: 0
google-lineitem-id: 5615618310
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339352911
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 75C4 133 KB
40 KB 261ms
261ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2956025681526129&correlator=3573733880216470&eid=31072020%2C31073865%2C31074171%2C31074682%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=4&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684631605674%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet342eace4-dea7-4cff-ab23-5dd40df209ff%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet342eace4dea74cffab235dd40df209ff&sc=1&cdm=ye-mek.net&abxe=1&dt=1684631606683&lmt=1684631606&dlt=1684631605078&idt=747&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=t18ws9ek3uu&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvjxVPGgZzNNP7aPlfyx7d7uCGnSSer3auS4U-Qi1UaU4rDq2WbZsWwWqWqEEj4GkTd0pYKcnY14z6VyAO7Qog&ga_vid=1606866872.1684631605&ga_sid=1684631606&ga_hid=106614699&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7392436c7d3b5ce39737bcf9d48db40f388ba85ddf03ae496b5cb4df29a03f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41412
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 75C4 26 KB
11 KB 258ms
258ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2956025681526129&correlator=3476535132390244&eid=31072020%2C31073865%2C31074171%2C31074682%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=5&adks=3299242717&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684631605674%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet342eace4-dea7-4cff-ab23-5dd40df209ff%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet342eace4dea74cffab235dd40df209ff&sc=1&cdm=ye-mek.net&abxe=1&dt=1684631606686&lmt=1684631606&dlt=1684631605078&idt=747&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=f7nom4rqm8on&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvjxVPGgZzNNP7aPlfyx7d7uCGnSSer3auS4U-Qi1UaU4rDq2WbZsWwWqWqEEj4GkTd0pYKcnY14z6VyAO7Qog&ga_vid=1606866872.1684631605&ga_sid=1684631606&ga_hid=106614699&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f7683f5253de7aedb52c7b7e9b34882c0ad806eb246d773a4b38cd994a9fc53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11265
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425516693
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 75C4 142 KB
43 KB 277ms
277ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2956025681526129&correlator=2792613807713950&eid=31072020%2C31073865%2C31074171%2C31074682%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160%7C640x205&fluid=height&ifi=6&adks=3050045420&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D468x60%26hb_pb%3D0.15%26hb_adid%3D711c4178e8a8122%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D468x60%26hb_pb_rubicon%3D0.15%26hb_adid_rubicon%3D711c4178e8a8122%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D0.15&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684631605674%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet342eace4-dea7-4cff-ab23-5dd40df209ff%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet342eace4dea74cffab235dd40df209ff&sc=1&cdm=ye-mek.net&abxe=1&dt=1684631606689&lmt=1684631606&dlt=1684631605078&idt=747&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=126aqiiiszxg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=996x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvjxVPGgZzNNP7aPlfyx7d7uCGnSSer3auS4U-Qi1UaU4rDq2WbZsWwWqWqEEj4GkTd0pYKcnY14z6VyAO7Qog&ga_vid=1606866872.1684631605&ga_sid=1684631606&ga_hid=106614699&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9411bf1dfb95ffcbe5a024e82847314c238e6bad89e17576f3b4247f45dc65ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44139
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 75C4 133 KB
41 KB 263ms
263ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2956025681526129&correlator=1527900821996034&eid=31072020%2C31073865%2C31074171%2C31074682%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684631605674%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet342eace4-dea7-4cff-ab23-5dd40df209ff%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet342eace4dea74cffab235dd40df209ff&sc=1&cdm=ye-mek.net&abxe=1&dt=1684631606691&lmt=1684631606&dlt=1684631605078&idt=747&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=67lzh5h7vwq9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvjxVPGgZzNNP7aPlfyx7d7uCGnSSer3auS4U-Qi1UaU4rDq2WbZsWwWqWqEEj4GkTd0pYKcnY14z6VyAO7Qog&ga_vid=1606866872.1684631605&ga_sid=1684631606&ga_hid=106614699&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e029375b626e30c975d68a8c546e46cca0be3381d9c25f52b61a538bb474999a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41690
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 75C4 134 KB
41 KB 275ms
274ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2956025681526129&correlator=2732920077265911&eid=31072020%2C31073865%2C31074171%2C31074682%2C31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=8&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684631605674%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet342eace4-dea7-4cff-ab23-5dd40df209ff%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet342eace4dea74cffab235dd40df209ff&sc=1&cdm=ye-mek.net&abxe=1&dt=1684631606694&lmt=1684631606&dlt=1684631605078&idt=747&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=x18vyhq6bmvd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvjxVPGgZzNNP7aPlfyx7d7uCGnSSer3auS4U-Qi1UaU4rDq2WbZsWwWqWqEEj4GkTd0pYKcnY14z6VyAO7Qog&ga_vid=1606866872.1684631605&ga_sid=1684631606&ga_hid=106614699&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7c7aa635136ed3cb4898a5a229deea718f771f2ddadada14b37bc05fbde5419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41833
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 50DE 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631606509&bpp=1&bdt=71&idt=90&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6835022087184&frm=8&ife=1&pv=1&ga_vid=622753124.1684631607&ga_sid=1684631607&ga_hid=855266032&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=600283665&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759837%2C31071755%2C44788441%2C44789923&oid=2&pvsid=3797269709545832&tmod=905752032&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8rwbedpuusmu&fsb=1&dtd=93

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 23:31:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 50DE 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:38:12 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 50DE 0
0 41ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcx0QrlLNqGcAkiB0YAdCHKWC2iagm2yoo-lYikd9dlIeSGHd25qZQqkjzR4eBIg3VyVqaIPnEa1XcAGKi7EJgnRJSGA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631606509&bpp=1&bdt=71&idt=90&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6835022087184&frm=8&ife=1&pv=1&ga_vid=622753124.1684631607&ga_sid=1684631607&ga_hid=855266032&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=600283665&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759837%2C31071755%2C44788441%2C44789923&oid=2&pvsid=3797269709545832&tmod=905752032&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8rwbedpuusmu&fsb=1&dtd=93
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50DE 170 KB
53 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 01:13:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 50DE 0
0 49ms
49ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cs_zqNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTSAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYim4egIiU_RUTws0-HonjleeUlR4v_6a6jJuRjVzkbouR6CboJn_xoAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjU5MzUyMzIxMDAxMDE1NBgA&sigh=ESFY8tU8sAo&uach_m=[UACH]&cid=CAQSKQBygQiDh5v3oh4DFwOeL1MQYRpK8mSD-STqMAFep_HT4FZYkD7qBN6CGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631606509&bpp=1&bdt=71&idt=90&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6835022087184&frm=8&ife=1&pv=1&ga_vid=622753124.1684631607&ga_sid=1684631607&ga_hid=855266032&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=600283665&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759837%2C31071755%2C44788441%2C44789923&oid=2&pvsid=3797269709545832&tmod=905752032&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8rwbedpuusmu&fsb=1&dtd=93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 21 May 2023 01:13:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 50DE 0
0 42ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j3r3eksek4b0099pcdbymrqdbefyqjcem7cjmn5gz7dq61cwkzhdhwchr0gs7g0bdq8fm01984e6sba2f5vzhhkwzbcv3ant4dznn8jbsdsymeq6nnbd2btb9v1jw87fvh9gk8t1nrcdvxq23qxkk50n9prjzthpwwjgy38kggdp26s2q5der06qw5cad0vb5dy9dmp42js3davrfatmpksw4gsgccvtcw5jwebeec816p29sfbkmw9ph0cbmfcc3zz8ffeyz6aqf68wtb3rfny474t19b8pb5gyvq3qaym025970j2ypdj7g8sengvm6tqs3dknym8a2n3pjscavfmny4j8qxd549xezj808stbzs48nfq0fm3s3789hdn20gdrx4ntdk4f1r&b=ZGlwNgAJbtIKiwPSAA7FTSyn0KBlTCZl3eNo8Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631606509&bpp=1&bdt=71&idt=90&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6835022087184&frm=8&ife=1&pv=1&ga_vid=622753124.1684631607&ga_sid=1684631607&ga_hid=855266032&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=600283665&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759837%2C31071755%2C44788441%2C44789923&oid=2&pvsid=3797269709545832&tmod=905752032&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8rwbedpuusmu&fsb=1&dtd=93
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 May 2023 01:13:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 2204 2 KB
3 KB 56ms
30ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jn4qqvcsy9s0n4fk49ccqn8vj7abys0rj6ab4vphfrwxc61q4ymjfy2ssp6p98sq5qqaz5hf88mx7r4cm332yz7nv8txvdsvva519egcesx0qn0akx0dq2psdhesta8bpyrh9ycr9rdqnpmy24vmzyxqc90d0sqq99as9gwbzxae8yt4yh680ess9fmdhhs2y7v1y23yqwvswjp7kr9qznt7cgtfzxmgneamdzcfb1fee62k0d074nn94wfm3240m4snkmsahxc3pxctwekkykyxvb7bbtj5729rrhyteesy0n1r5dfy0qdy449nekhjxxgva7h4s37xm7012jaztgkfnqxdzj2777ad3ffnt55m6t1zkt4h96gy9k75fcm16tqer9byjk12md73re5q8fbjrrkk04vgw5f9nxrrhwew6k1nhkyjgmprecyjqm3n3114vpd&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%26client%3Dca-pub-6593523210010154%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b41988678ce1fe15dbcf8e360e15e7ff6fda4a68a09c16e4dfb9071055722097

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ca8f4f69b498ff5-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:26 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2240 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50953
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 11:04:13 GMT
etag: 48472445140208031
expires: Sun, 21 May 2023 11:04:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 50DE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 551f7cc8da5934f99d3dc9a14238f4aa6f661540634664ca6f3ac7f7d29e41a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 2240 35 B
463 B 35ms
8ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFLDaRy6ib9XICpcGaPUqc4&google_cver=1&google_push=ATf1kGOktYwXVzudmbxn5x0kYO5Ewv-ZOgW2bEkiDoGYdC7QJy0QR0nUTTVEiAJJk0EZnnV5ubTVHbABvWv1h6obEICAP5CQiVZqtS4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2240
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UG5KeE50WGcxUTB4RHc1&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGPieE0SVsMVeO4BVkzOLrwntFd4qFl531ZrxR3jCYt...

170 B
232 B

19ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UG5KeE50WGcxUTB4RHc1&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGPieE0SVsMVeO4BVkzOLrwntFd4qFl531ZrxR3jCYtRGfIdOtmWq9R8D74-WJ_cVpnIgzYvdW_dkPXNLrwEu6Dp7mcKeTNoXe8

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 May 2023 01:13:26 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-085c90e762a864cb4@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UG5KeE50WGcxUTB4RHc1&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGPieE0SVsMVeO4BVkzOLrwntFd4qFl531ZrxR3jCYtRGfIdOtmWq9R8D74-WJ_cVpnIgzYvdW_dkPXNLrwEu6Dp7mcKeTNoXe8
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2240
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEIy3Y_9xk-XT4uSx2YoeDsM&google_cver=1&google_push=ATf1kGPDWVMstIsaPq1wlHFUoH8ve3X13IGJ5aIRBHXwgXYZ0l4cKbjZ6jlk-WbaHo4EzFmPvJWkbimOY_w__-O8bxfewVa...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIy3Y_9xk-XT4uSx2YoeDsM&google_cver=1&google_push=ATf1kGPDWVMstIsaPq1wlHFUoH8ve3X13IGJ5aIRBHXwgXYZ0l4cKbjZ6jlk-WbaHo4EzFmPvJWkbimOY_w__-O8bxfew...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPDWVMstIsaPq1wlHFUoH8ve3X13IGJ5aIRBHXwgXYZ0l4cKbjZ6jlk-WbaHo4EzFmPvJWkbimOY_w__-O8bxfewVaG4b2_aw

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPDWVMstIsaPq1wlHFUoH8ve3X13IGJ5aIRBHXwgXYZ0l4cKbjZ6jlk-WbaHo4EzFmPvJWkbimOY_w__-O8bxfewVaG4b2_aw

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPDWVMstIsaPq1wlHFUoH8ve3X13IGJ5aIRBHXwgXYZ0l4cKbjZ6jlk-WbaHo4EzFmPvJWkbimOY_w__-O8bxfewVaG4b2_aw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 2240 43 B
363 B 56ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESENRocxPoJtwOgkrqncTYgBk&google_cver=1&google_push=ATf1kGN3VwArwtFqG8ZukKYWrNhfgjDGhTXELVjD3yyIL5COh_vNlVaW1Sh_KH1CeSLT8tCY6ooSurXY0HOiKKYYHx9RtqXfQyo4NUM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 333021
expires: Sun, 21 May 2023 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 2240 43 B
245 B 49ms
14ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEN0wXQOwpu0hvSW0-mxKIlg&google_cver=1&google_push=ATf1kGOmxhCisbc-EhH-JdN6C2JlSem_zNw0sO0S7fsR5G2YQQW-jP9grqD_IGaxkBt0eykZm084WD_e1ASrMZ8tYHAmsxRCZYoZ5lU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631606509&bpp=1&bdt=71&idt=90&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6835022087184&frm=8&ife=1&pv=1&ga_vid=622753124.1684631607&ga_sid=1684631607&ga_hid=855266032&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=600283665&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759837%2C31071755%2C44788441%2C44789923&oid=2&pvsid=3797269709545832&tmod=905752032&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8rwbedpuusmu&fsb=1&dtd=93
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2240
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPjpiM77L-o8Tath8Uwh1o50l77-JGu6Lg7g6hXw19tuwhamMCSdUkMZcz2OtxKEWZ5Rzv2CHiwoVyGSxOZz7K2E_JygKfATng

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPjpiM77L-o8Tath8Uwh1o50l77-JGu6Lg7g6hXw19tuwhamMCSdUkMZcz2OtxKEWZ5Rzv2CHiwoVyGSxOZz7K2E_JygKfATng
date: Sun, 21 May 2023 01:13:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2240
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELcAfesAoKDY432PyOzz_b0&google_cver=1&google_push=ATf1kGN6NtnzmPH5guE3vMddWSXb-SFYgQmL8TbKo5BMVS6QC6MxU461w4d4-K8AHD3Gc7x5VRC...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGN6NtnzmPH5guE3vMddWSXb-SFYgQmL8TbKo5BMVS6QC6MxU461w4d4-K8AHD3Gc7x5VRCssmSaG6myyYK88yazt6fkfI550_I

170 B
329 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGN6NtnzmPH5guE3vMddWSXb-SFYgQmL8TbKo5BMVS6QC6MxU461w4d4-K8AHD3Gc7x5VRCssmSaG6myyYK88yazt6fkfI550_I

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGN6NtnzmPH5guE3vMddWSXb-SFYgQmL8TbKo5BMVS6QC6MxU461w4d4-K8AHD3Gc7x5VRCssmSaG6myyYK88yazt6fkfI550_I
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2240 0
130 B 56ms
16ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KqPn-D4-_4iYD6e9WOmAFmYvu-fcwjagz1qfrlEY8hQt4H4Yg2J9XfR1kU_SMLpubT6jHh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 2204 103 KB
13 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jn4qqvcsy9s0n4fk49ccqn8vj7abys0rj6ab4vphfrwxc61q4ymjfy2ssp6p98sq5qqaz5hf88mx7r4cm332yz7nv8txvdsvva519egcesx0qn0akx0dq2psdhesta8bpyrh9ycr9rdqnpmy24vmzyxqc90d0sqq99as9gwbzxae8yt4yh680ess9fmdhhs2y7v1y23yqwvswjp7kr9qznt7cgtfzxmgneamdzcfb1fee62k0d074nn94wfm3240m4snkmsahxc3pxctwekkykyxvb7bbtj5729rrhyteesy0n1r5dfy0qdy449nekhjxxgva7h4s37xm7012jaztgkfnqxdzj2777ad3ffnt55m6t1zkt4h96gy9k75fcm16tqer9byjk12md73re5q8fbjrrkk04vgw5f9nxrrhwew6k1nhkyjgmprecyjqm3n3114vpd&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jn4qqvcsy9s0n4fk49ccqn8vj7abys0rj6ab4vphfrwxc61q4ymjfy2ssp6p98sq5qqaz5hf88mx7r4cm332yz7nv8txvdsvva519egcesx0qn0akx0dq2psdhesta8bpyrh9ycr9rdqnpmy24vmzyxqc90d0sqq99as9gwbzxae8yt4yh680ess9fmdhhs2y7v1y23yqwvswjp7kr9qznt7cgtfzxmgneamdzcfb1fee62k0d074nn94wfm3240m4snkmsahxc3pxctwekkykyxvb7bbtj5729rrhyteesy0n1r5dfy0qdy449nekhjxxgva7h4s37xm7012jaztgkfnqxdzj2777ad3ffnt55m6t1zkt4h96gy9k75fcm16tqer9byjk12md73re5q8fbjrrkk04vgw5f9nxrrhwew6k1nhkyjgmprecyjqm3n3114vpd&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 1071250
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTiZPxO4CMRmH4LbxTou7C95IRBlLRVxegRJ8Q2XnrG3CXh9RcmlP83fvrU77Msgb8TIoVgyxnFQedSKX7qqxnZl12ajqWLjlHFwCK0GbitLR9VSLA1wkSf53Qe2r2uyJx4Jq8uUttg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7ca8f4f6db628ff5-FRA
expires: Sun, 21 May 2023 02:13:26 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 2204 25 KB
10 KB 29ms
19ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jn4qqvcsy9s0n4fk49ccqn8vj7abys0rj6ab4vphfrwxc61q4ymjfy2ssp6p98sq5qqaz5hf88mx7r4cm332yz7nv8txvdsvva519egcesx0qn0akx0dq2psdhesta8bpyrh9ycr9rdqnpmy24vmzyxqc90d0sqq99as9gwbzxae8yt4yh680ess9fmdhhs2y7v1y23yqwvswjp7kr9qznt7cgtfzxmgneamdzcfb1fee62k0d074nn94wfm3240m4snkmsahxc3pxctwekkykyxvb7bbtj5729rrhyteesy0n1r5dfy0qdy449nekhjxxgva7h4s37xm7012jaztgkfnqxdzj2777ad3ffnt55m6t1zkt4h96gy9k75fcm16tqer9byjk12md73re5q8fbjrrkk04vgw5f9nxrrhwew6k1nhkyjgmprecyjqm3n3114vpd&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 355164
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2B0CbSHn1JinE1b3Of%2FAtwtgEt9FTHgotG6LiPsMiFtU457VQFcd5FfI2Rg9fYG4anatBk8dBTW1k7Ps8A74dbaPRgDJuBatlyPIdD4FhrUmBceoZ5yKI3VOaPqrC8B8289Vhwo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7ca8f4f6eb658ff5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 May 2023 13:46:07 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 2204 3 KB
4 KB 44ms
17ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2441
x-guploader-uploadid: ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diqUNii%2B6pfT7NKK5mOMx6tPsqAVUGfqLErzlmdbegWGuc6NKb71DWO1fdcdc4hcUF7pP4wH3rFXgJrcIZnUhxAPzBTB2haeRSeUnraY2%2FJzywKq8oUJzjacpaz8ALZ2jO4iFnMJ%2BVAlyOadLHuMUBN%2F"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7ca8f4f73b693828-FRA
expires: Sun, 21 May 2023 01:24:00 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 566A 2 KB
1 KB 17ms
17ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 789411
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7ca8f4f71d512c00-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 21 May 2023 01:13:26 GMT
expires: Mon, 08 May 2023 00:16:30 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EklRZRnJspibLoV1RjNrTUgiWON%2FikgDrqRVSOMvjYp0tf1KhuNzSvdgsOw4fITMcEuj8l4LyTNxb8mFP61XMWAKuIqWQJS5iulWYQu10Fght%2FsbeN8SdiF2KDXv7QjoUEEUqp0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 5ed7638be4b07a92411bbffe
ng2.virgul.com/tck/imp/ Frame 75C4 0
209 B 315ms
49ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7638be4b07a92411bbffe?g=1&t=gb&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1684631605674&userId=vnet342eace4-dea7-4cff-ab23-5dd40df209ff
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 21 May 2023 01:13:27 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 38ms
27ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ca8f4f75fb5383e-FRA
content-length: 24
content-type: text/plain
date: Sun, 21 May 2023 01:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psEvHnf7b2ngMizTInrCw0%2ByOCXOAjkxGaHaYz0tzZQ5c%2BkbtyTFie3Wcue3%2Fxk8kzSyqOk5l5bdaAc442xeYVbltL7HbFPKgSspmqt%2F2mTyjAwpKyVBaqombEfHAU%2BzCqfE7ZA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-0pxx

POST
H3 200 rs Show response
ad4m.at/ Frame 2204 1 KB
2 KB 30ms
30ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d657a7640012b6b1ac16d888062a2d7c29dfcbb04167cf99e67f2dbfecb7651

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HM7iHYj26%2BrHFcKJ8Am9KUk8hlueSawBAmWDVp8fyzKY8W5egXPgYxALijLXyZWVynU7Z9myJY9RWnVL63jJFx5a3Gpi5Tq3DDo1S0VUP3M4VnjY%2BZMkglAkJhgoTvo72fE98g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7ca8f4f78fce383e-FRA
x-backend-server: aa-reachservice-group-europe-west1-0pxx
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DD03 0
0 63ms
46ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4P8M0hS96Tfw-mN4n7Vs9s1bvSjDBx5VwiVhzLyZD4hP_DGLNRAICzzgSYDOD4QsGwOf63kY57n0gBlvpAKQBsXc-hRRw_adceGv7mzAX414_5OiGQ1lJ_kIeX6F-dgcOLIVT-8st2ogqmPI3ZJUPNM50usBtldxe01muJXsd_CkWmvrgL_tmA7YDHx5r_3DLIWoXesXpKOC0m1Aly9UQCxKia-dRAwq6Rcfh3D3qnodzo1vqaHXV0BuDxC8g4IK3ZhIg2USmxfiaEoAxYDQ9lNhVUcwmGcMIqTnyOHTqlfZyzEBvlGwr2i-bR1ucQVYG37a40k3ecS4SO6AiUCquDFDRrk0LWf8ErS7MvKBC7xUOz866ZQ&sai=AMfl-YS6T9ernUOHvo24GBDHCp9F4xHRUPZUVoCgPlsZG2g5bjtEK7NcF5nO5EK_HAPbgs4TXrVVHvqMaCOFt-h4mVa6dbn04Hn-q8CITlda1pfK20fgYLqiR6zXzJXq3g&sig=Cg0ArKJSzEAfhHg7BRwqEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 21 May 2023 01:13:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DD03 15 KB
11 KB 24ms
24ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

960410ec7bbd13747fb88b8189ed7a31e91e302f4f01fdc8426c36804069c237

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11308
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 71E5 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7zu7WmoYqzVv4tRrDo9GIVBnH3M7wj60W0Ql9fUWzeGu6wRIL9MIRe3YBo0uT2TvZXMxSz8A97_PBm1WFRDDqG45Z0BGanzK4Z97f_G9Ca8RC_EEOM2AVJDpAb94a55sH2Ql1l2HDsuqe0ppHTF-PqtmuYc79MQs_h-rBP4KrVCnAnBCbsV35L0Ugnm8_GdhLkvLBdYSxu0XEu4c1mo9HbSetp3ZhEVX2iy3QukUf4NPtrmcrt7bA-pdRuOfBIB6lQSszY1kqSBJPicJH2EHOVV5BeOz6AZJWxh_mg9WS5t2CwTSOX3hMjtWwWZ42NzVQxqMUctKrTl_WQZIQ&sai=AMfl-YT3q1K3JY3jsMwd6IZ8EWdcW0f5WQcOaZLuWpTHacmTr-GeCsoIWCUH5mUiXAAqpqSwNB1euA-a3QTwT2JReG2FN8dBwjZT36gJbjRNlSvstRnKXI2pSzAtslDzzA&sig=Cg0ArKJSzDQYtYlepbaQEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 71E5 26 KB
26 KB 45ms
7ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 May 2023 01:13:26 GMT
x-content-type-options: nosniff
age: 707
x-jsd-version: 1.15.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26200
x-served-by: cache-fra-eddf8230113-FRA
x-jsd-version-type: version
etag: W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71E5 170 KB
53 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 01:13:26 GMT

GET
H3 200 container.html Show response
6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7D9E 6 KB
3 KB 12ms
11ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:26 GMT
expires: Mon, 20 May 2024 01:13:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E7B1 6 KB
3 KB 10ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:26 GMT
expires: Mon, 20 May 2024 01:13:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9E80 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:26 GMT
expires: Mon, 20 May 2024 01:13:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DD03 17 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 May 2023 01:13:27 GMT

GET
H3 200 container.html Show response
6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BF84 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:26 GMT
expires: Mon, 20 May 2024 01:13:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 991F 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:26 GMT
expires: Mon, 20 May 2024 01:13:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame BD55 9 KB
4 KB 33ms
32ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=24c8ee5bcd6e167fc93c53ec63e0f030%2F7046258601773954066&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631606978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvb47mgathztq2dc2bqzxs55zp9kjgxdn2r4avby48m7767y9yx2mevpvdpcyk4am0rpy6y0h064njscx9y1cpyhtb8dpj5jhtyecrr63gg6v2snad5edx9nk6xag3zw566g9r8gebz1617ba8sg4mh04pfhs0svxgf0kahb6v8q9w6af1bewxyzscgjybmd126ayq1z3zwp4awqx6g57d71ns0dfs7w7c5cq85bvmr6gybn8y42rbhxkkkb1gyggg7nj07k3wyzx704mmzb37y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9336a91d1ef218b018c3c93ea83d93befb8b130e7f00a9155a145b17c04851

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jn4qqvcsy9s0n4fk49ccqn8vj7abys0rj6ab4vphfrwxc61q4ymjfy2ssp6p98sq5qqaz5hf88mx7r4cm332yz7nv8txvdsvva519egcesx0qn0akx0dq2psdhesta8bpyrh9ycr9rdqnpmy24vmzyxqc90d0sqq99as9gwbzxae8yt4yh680ess9fmdhhs2y7v1y23yqwvswjp7kr9qznt7cgtfzxmgneamdzcfb1fee62k0d074nn94wfm3240m4snkmsahxc3pxctwekkykyxvb7bbtj5729rrhyteesy0n1r5dfy0qdy449nekhjxxgva7h4s37xm7012jaztgkfnqxdzj2777ad3ffnt55m6t1zkt4h96gy9k75fcm16tqer9byjk12md73re5q8fbjrrkk04vgw5f9nxrrhwew6k1nhkyjgmprecyjqm3n3114vpd&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%26client%3Dca-pub-6593523210010154%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ca8f4f7fdc12c00-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:27 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7D9E 24 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 14:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 123672
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 May 2024 14:52:15 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7D9E 135 KB
46 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15038bb771dec1b8d7124121fbe5ae6654c3b6d48dc7ead8cc6295a3930d00d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
Origin: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47332
x-xss-protection: 0
server: cafe
etag: 4409091967293444051
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 21 May 2023 01:13:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D9E 170 KB
53 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 01:13:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E7B1 9 KB
1005 B 56ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 May 2023 23:53:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 May 2023 01:13:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame E7B1 2 KB
765 B 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:38:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E7B1 0
0 54ms
54ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8C8rNnBpZLGTLf6i9u8PqZ-P4AiciNjyYY-vssyjEbbCvt6FAhABIMCygmtglfr1gZQHoAGbhue4AsgBCakCkmz4C7Mgsj7gAgCoAwHIA8sEqgSTAk_QsKOEUO6oCLmTJMrg08LVym3xeOrbHACMO_Ow1KVFBitEIvamJ1i0AJG1DmnmpdvwhZmQdEMjqYBfr7PfXvNVArR__pNzBJamk4p9DmWqOaFlzeI1iqbHVQNa7H23LdzT8qonRPXoU1HeuXUA04TG6divzZcL7VNFXt5BoxJM9malzMUjLz0ckjC-puAIZvx7bv5Fxh_4F4qc0LyE4UsiuQPSeykP2sfQmQFX9zEAviwRXpR6qRqbrsGCkUWNlroLyPReylrTTrhFgLySuci5iHalt3DukUgmCEq-ggjgS-YRIdt1ZbrugMyZ90YVJtQjB8hO0IPPdvhyedozghYQKcuKuLjkYxc9hCaMoJizdsT1wAS94rietwPgBAGSBQQIBBgBkgUECAUYBKAGLoAHzfmYxwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDXqgTSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsBuBOIBNgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=gU0xaQ8oEG4&uach_m=[UACH]&cid=CAQSOwBygQiDAgp7BBKuFrqOktXwT-sXEt4Mn9uhasyhm41p80setnZuWgx-zz36OusF5VGzyzt4aWSZYdKYGAE&template_id=520
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame E7B1 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:38:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:38:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame E7B1 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 23:31:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame E7B1 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:38:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E7B1 170 KB
53 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 01:13:27 GMT

GET
H2 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame E7B1 32 KB
14 KB 49ms
6ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 10:45:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9E80 9 KB
1 KB 44ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 May 2023 23:39:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 May 2023 01:13:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 9E80 2 KB
765 B 12ms
11ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:38:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9E80 0
0 53ms
53ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cgi7SNnBpZJC8LZGO7_UPgeCOiAXzz-K_cJCy1dasEbbCvt6FAhABIMCygmtglfr1gZQHoAGsqLugAsgBCakCkmz4C7Mgsj7gAgCoAwHIA8sEqgSTAk_QKlTQikApHc-B0RvNQFysmR6IWcWySqu-QD-mglSIGWEyidnpheCtRLzZp2cfHI8yt4DwGfuLjMArRaLzNK1lGx4uCm9F2MXb7cmw_cV_TVd9lMJaMR6cGFbg2oYPwLEJBV0-NIRVCpXIZUnrVHn8Ibi5YvfyFHJ-kR9OEMUBQMphLtKaeBBilrkaWeG9fXmM6OOOCevk9UPC4LPEB5as95AOh1U-fSBFgW9D_k0G_i4WCQN57LzHwodSN05oXoFuH2Hj1I1zvfcUc4pjZL9Rungf1gzJOaz6cvRSbzsFW9R7Ck5flNlRV2TTOykWFwXVGZmvjX1HGdOvkrpPw7G2TDCUtE9a4koE0qu1s1GbQQAqwASB38CtigTgBAGSBQQIBBgBkgUECAUYBKAGLoAHvNfE3wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDXqgTSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsBuBOIBNgTCtAVAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=keR5EJ_KKvk&uach_m=[UACH]&cid=CAQSOwBygQiDDNAtuvyhsVZF69OcvA1vyUEHpngcJSiOSdkoKfA86Rs8UCuBiLx8r1qWT8W-_xpeEJVvDRy1GAE&template_id=520
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 9E80 22 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:38:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:38:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 9E80 3 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 23:31:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 9E80 19 KB
8 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:38:12 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9E80 0
0 16ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQzqfvNrsaWf66MqvohGJssu_j6Tnf4xCN68kWmXa6gmQGb4a6UdTK8sbM5X_iLe6-PIx1h7J32cfbu4V6U6_FJOuvUVw
Requested by: Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E80 170 KB
53 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 01:13:27 GMT

GET
H2 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 9E80 32 KB
13 KB 29ms
13ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 10:45:03 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 71E5 1 KB
2 KB 34ms
21ms Script
text/javascript 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60438826;rtbwp=73cPhWAY7Q0PRDNw8LeHRazboUFQG3yp0;rtbdata=BY3hJnpXYg-_Y-5Z4zZWA59rV_p-asGI0L8Aoc-hmgBzkC1mTUpsCf9ISBkBAhNI9OlUxH-lgdrbJSm570sYAg2ZXli_taOsgzvyKIVxjRyEV2idAsGgjnJ4sHWh8QiARyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3tlwFkQqFw_-GgPi485A4WZAVKO74ELEhvag7eQU4_cLzV95U4YFfPwq1bMWmgi9vpFqVqMcV-N1tDi0uEszGOI4a6cfKZ21uPuVj4K9C0gIp7SDrVOpsB_KEtFRp07vfNnyCfbK0xoHZPSVCRcBPzE1;csid=95459;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Vpo3eOn6plUWcRYtgUbgFGQocRIG4T3Oa9II09ddfgcH-srQ7tT7Gtol5kSYxyp8a-WKcMFZWlaAymR4EJ3N3Yr2z4_CDPhST1aIorM99so_3iWFRoBp3cieCZy4aFIl3Jss8jl8gIklQvtAF33WP8DIhTbPwKUa5lYccHBC1RtnfaIJJ1vxOe9r5mjjYXtGebwH7-C6fvUjdRX9vQhYBpKnIACB__HK0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOE_5BuGhju-WbTZ6bFanMTfDjr-uASGvrxYbZ3FpkT6hW_cPauNOGkuN6vWmW1dlSa0;

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6f8304a3a7ea909164b0417964b4606212b067c54ef963badf21bd8a0c30db40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1314
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 71E5 62 KB
26 KB 172ms
23ms Script
application/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8ed86e2b928c1b3c7035f47e16f70e3e71131b34c86b59e783a0559fcc8de4b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
last-modified: Mon, 15 May 2023 06:47:18 GMT
server: nginx
x-amz-request-id: tx00000f199a5edf6568ac0-006461d90b-3295a825-default
etag: W/"cd30185b4774b9eb12ea46ca45e76972"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 css
fonts.googleapis.com/ Frame BF84 9 KB
1005 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 May 2023 23:24:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 May 2023 01:13:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame BF84 2 KB
765 B 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:38:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BF84 0
0 58ms
55ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqXupNnBpZOi0Ldii9u8PqZS7iA_zz-K_cIC01dasEbbCvt6FAhABIMCygmtglfr1gZQHoAGsqLugAsgBCakCkmz4C7Mgsj7gAgCoAwHIA8sEqgSUAk_QTSkoLukvTHmDkTaDnN0pNqYEvFBuYlj5uBsQbs5rLVlZk6DH2SHNpqpQRjc-v6i1GlO4S8-Cln3Pk-0CiLgNteeB92Rv5FvJd1RW1Q1cLaw7VXF2wAJ6aDmTbQ1qBapmOapsWpyVlz2W2BmJAISJMICaGv4SsD8W_znQXxFoS-f8JfHIwMGE15RIy58d2LY8pHNh8XouqssvATSYf7DJzaFozPihabQrmqJRd_jMrH8Mez8HwuSNoZm3xlCOssxBotidkgrSsGfj0QDmn7ZYFZxFUnxuUqOPbDzLi2hqv8IqCk4Jlfry8wEbLkSJ0k8-nOaQVlihaktItwBfI9ACeJ-Q7-skSya7TUs45LMbI-ixZ8AEgd_ArYoE4AQBkgUECAQYAZIFBAgFGASgBi6AB7zXxN8BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQyaEG0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA8gLAbgTiATYEwrQFQGAFwGyFx4KHAgAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBjqwW0&sigh=QgxYXj50pQU&uach_m=[UACH]&cid=CAQSOwBygQiDT5l-KU0zWDBO56iGOe0eIbOSBxVhqYgMJQYaXUdEmphGaEJ7W6VEffTU5Q18MO0yOybS8Ja0GAE&template_id=520
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame BF84 22 KB
9 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:38:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:38:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame BF84 3 KB
1 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 23:31:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame BF84 19 KB
8 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:38:12 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BF84 0
0 18ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgLY42EDJnoUUec-KqqUjlr6feDKTMNf8_34fmFp312Z1_ZEz4MIUHJQHPqegVOPqk9RkzPt9dA3ZDZahJCmI7ZQTfGw
Requested by: Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF84 170 KB
53 KB 36ms
33ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 01:13:27 GMT

GET
H2 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame BF84 32 KB
13 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 10:45:03 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame BD55 103 KB
13 KB 20ms
18ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=24c8ee5bcd6e167fc93c53ec63e0f030%2F7046258601773954066&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631606978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvb47mgathztq2dc2bqzxs55zp9kjgxdn2r4avby48m7767y9yx2mevpvdpcyk4am0rpy6y0h064njscx9y1cpyhtb8dpj5jhtyecrr63gg6v2snad5edx9nk6xag3zw566g9r8gebz1617ba8sg4mh04pfhs0svxgf0kahb6v8q9w6af1bewxyzscgjybmd126ayq1z3zwp4awqx6g57d71ns0dfs7w7c5cq85bvmr6gybn8y42rbhxkkkb1gyggg7nj07k3wyzx704mmzb37y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=24c8ee5bcd6e167fc93c53ec63e0f030%2F7046258601773954066&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631606978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvb47mgathztq2dc2bqzxs55zp9kjgxdn2r4avby48m7767y9yx2mevpvdpcyk4am0rpy6y0h064njscx9y1cpyhtb8dpj5jhtyecrr63gg6v2snad5edx9nk6xag3zw566g9r8gebz1617ba8sg4mh04pfhs0svxgf0kahb6v8q9w6af1bewxyzscgjybmd126ayq1z3zwp4awqx6g57d71ns0dfs7w7c5cq85bvmr6gybn8y42rbhxkkkb1gyggg7nj07k3wyzx704mmzb37y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 1071250
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ji%2Fpfrpn7Tg%2FB%2FjHpLqsBIvVPIp53AkQ5YRfwvhLH9EyIMg1ZdS0RVDF3UffB4fNiGHXdeJ2G5kytUSem3qeUYTUc8%2BVqi0cQC7BgBCv4xnldsigEcn21l2mFjrjIs9z9cFDB4%2FYVG8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7ca8f4f8ae162c00-FRA
expires: Sun, 21 May 2023 02:13:27 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame BD55 2 KB
3 KB 43ms
17ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=24c8ee5bcd6e167fc93c53ec63e0f030%2F7046258601773954066&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631606978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvb47mgathztq2dc2bqzxs55zp9kjgxdn2r4avby48m7767y9yx2mevpvdpcyk4am0rpy6y0h064njscx9y1cpyhtb8dpj5jhtyecrr63gg6v2snad5edx9nk6xag3zw566g9r8gebz1617ba8sg4mh04pfhs0svxgf0kahb6v8q9w6af1bewxyzscgjybmd126ayq1z3zwp4awqx6g57d71ns0dfs7w7c5cq85bvmr6gybn8y42rbhxkkkb1gyggg7nj07k3wyzx704mmzb37y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 879812
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvaaOhbhFCOyjjPpfEk%2F5Jb6iyZEMCCSZqzKa8pbJThqmr6f8SWkNGooc%2BLvNv3iA7VUJk1UD4jVm1lLJxL5A1WUj28DSjSDBTILrPWSqPtaHrGqCMJ3rqOB4Q5B7BSPRYE8Obi4ugGIBVyc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ca8f4f8dc1b8ff5-FRA
expires: Mon, 22 May 2023 01:13:27 GMT

GET
H3 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame BD55 339 KB
340 KB 18ms
18ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=24c8ee5bcd6e167fc93c53ec63e0f030%2F7046258601773954066&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631606978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvb47mgathztq2dc2bqzxs55zp9kjgxdn2r4avby48m7767y9yx2mevpvdpcyk4am0rpy6y0h064njscx9y1cpyhtb8dpj5jhtyecrr63gg6v2snad5edx9nk6xag3zw566g9r8gebz1617ba8sg4mh04pfhs0svxgf0kahb6v8q9w6af1bewxyzscgjybmd126ayq1z3zwp4awqx6g57d71ns0dfs7w7c5cq85bvmr6gybn8y42rbhxkkkb1gyggg7nj07k3wyzx704mmzb37y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2136194
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKAti8NS2c%2Bg2jhQsQ66mNctuNVTXRiS3ghpMo3lQhhseqTRgAHsycPMv44BRQlRsUsl%2B%2BtHl8ddx0vu17r8wbe925DwmD3axrhwLbFYGx7WQv6a0Ho%2BaT5sscCs4%2BF75SKIpqqOr24oaut5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ca8f4f8fe392c00-FRA
expires: Mon, 22 May 2023 01:13:27 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame BD55 43 B
703 B 106ms
43ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=24c8ee5bcd6e167fc93c53ec63e0f030%2F7046258601773954066&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631606978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvb47mgathztq2dc2bqzxs55zp9kjgxdn2r4avby48m7767y9yx2mevpvdpcyk4am0rpy6y0h064njscx9y1cpyhtb8dpj5jhtyecrr63gg6v2snad5edx9nk6xag3zw566g9r8gebz1617ba8sg4mh04pfhs0svxgf0kahb6v8q9w6af1bewxyzscgjybmd126ayq1z3zwp4awqx6g57d71ns0dfs7w7c5cq85bvmr6gybn8y42rbhxkkkb1gyggg7nj07k3wyzx704mmzb37y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 May 2023 01:13:27 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame BD55 74 KB
74 KB 58ms
52ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=24c8ee5bcd6e167fc93c53ec63e0f030%2F7046258601773954066&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631606978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvb47mgathztq2dc2bqzxs55zp9kjgxdn2r4avby48m7767y9yx2mevpvdpcyk4am0rpy6y0h064njscx9y1cpyhtb8dpj5jhtyecrr63gg6v2snad5edx9nk6xag3zw566g9r8gebz1617ba8sg4mh04pfhs0svxgf0kahb6v8q9w6af1bewxyzscgjybmd126ayq1z3zwp4awqx6g57d71ns0dfs7w7c5cq85bvmr6gybn8y42rbhxkkkb1gyggg7nj07k3wyzx704mmzb37y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1057217
cf-polished: origSize=115129, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75430
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AlKzPkrkCGpU2gfnOLnz14jfwDibDqF01Bp12wtwRhkhaXoIPVnwmXPHKNVmEQGSywNTtfmR%2FsV9ZPX9PTMi5UGvydXhs3wsm5g7jbEBgXEPyBGqA4PM9lQUnkMvmVloPD8J6Dq9xOoyc0a"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ca8f4f8fe3d2c00-FRA
expires: Mon, 22 May 2023 01:13:27 GMT

GET
H3 200 94776D1EA84A2C016C3E2F4F2FF5CAFAE59DCE9271B62B383432451DCE910FAAE81B73D3436E567532B91B0BB75A1A9BC40155D0E940C698B45E520EC40D2A19
assets.ad4m.at/product_image/ Frame BD55 10 KB
11 KB 60ms
53ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/94776D1EA84A2C016C3E2F4F2FF5CAFAE59DCE9271B62B383432451DCE910FAAE81B73D3436E567532B91B0BB75A1A9BC40155D0E940C698B45E520EC40D2A19
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=24c8ee5bcd6e167fc93c53ec63e0f030%2F7046258601773954066&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631606978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvb47mgathztq2dc2bqzxs55zp9kjgxdn2r4avby48m7767y9yx2mevpvdpcyk4am0rpy6y0h064njscx9y1cpyhtb8dpj5jhtyecrr63gg6v2snad5edx9nk6xag3zw566g9r8gebz1617ba8sg4mh04pfhs0svxgf0kahb6v8q9w6af1bewxyzscgjybmd126ayq1z3zwp4awqx6g57d71ns0dfs7w7c5cq85bvmr6gybn8y42rbhxkkkb1gyggg7nj07k3wyzx704mmzb37y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aa4aec3bf9cf0b1c0b6ac8db92c9c0126c3642e0ceb730601a0d2db7083cac3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1114692
cf-polished: qual=85, origFmt=jpeg, origSize=57873
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10528
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Oct 2021 12:57:42 GMT
server: cloudflare
etag: "cbdcca70875184d14fb32ad75cb24482"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPZDKQ7XzN41sonSGXtCF1TlQ9IGkfbhDAmw1uA%2BdJb%2BZT8HcS3s%2BKWlVw9YFVApODfHlJChYdET5LKlzLkBJKU%2Bxgi8MIgRFQnjflA%2FXgMCfIuQ2bZCQo7Q9D%2BzjkL1eRL7TplF7ppoL7i0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ca8f4f8fe3f2c00-FRA
expires: Mon, 22 May 2023 01:13:27 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame BD55
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPnGm-Sdhf8CFarxEQgdthkDrw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023052103132785118563527X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite...

49 B
1 KB

83ms
23ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023052103132785118563527X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023052103132785118563527X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=24c8ee5bcd6e167fc93c53ec63e0f030%2F7046258601773954066&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631606978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvb47mgathztq2dc2bqzxs55zp9kjgxdn2r4avby48m7767y9yx2mevpvdpcyk4am0rpy6y0h064njscx9y1cpyhtb8dpj5jhtyecrr63gg6v2snad5edx9nk6xag3zw566g9r8gebz1617ba8sg4mh04pfhs0svxgf0kahb6v8q9w6af1bewxyzscgjybmd126ayq1z3zwp4awqx6g57d71ns0dfs7w7c5cq85bvmr6gybn8y42rbhxkkkb1gyggg7nj07k3wyzx704mmzb37y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 01:13:27 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023052103132785118563527X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023052103132785118563527X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date: Sun, 21 May 2023 01:13:27 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame BD55 44 KB
44 KB 60ms
54ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=24c8ee5bcd6e167fc93c53ec63e0f030%2F7046258601773954066&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631606978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvb47mgathztq2dc2bqzxs55zp9kjgxdn2r4avby48m7767y9yx2mevpvdpcyk4am0rpy6y0h064njscx9y1cpyhtb8dpj5jhtyecrr63gg6v2snad5edx9nk6xag3zw566g9r8gebz1617ba8sg4mh04pfhs0svxgf0kahb6v8q9w6af1bewxyzscgjybmd126ayq1z3zwp4awqx6g57d71ns0dfs7w7c5cq85bvmr6gybn8y42rbhxkkkb1gyggg7nj07k3wyzx704mmzb37y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 486792
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbxW0%2BDbpmQeEZcW8TApChQ4ANTgAj7U5xKF9Uidv0ekU8Rr8sj6KBaLv5fdjOuE9nRjjRU3T6ZTtyT%2FlXiL1E02%2FlBWVbyrjY9M7xXeiKDur71hehGIASdxiWIHaDKd4noO74b%2FXO5%2B1kvc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ca8f4f8fe402c00-FRA
expires: Mon, 22 May 2023 01:13:27 GMT

GET
H3 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame BD55 222 KB
222 KB 26ms
19ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=24c8ee5bcd6e167fc93c53ec63e0f030%2F7046258601773954066&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631606978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvb47mgathztq2dc2bqzxs55zp9kjgxdn2r4avby48m7767y9yx2mevpvdpcyk4am0rpy6y0h064njscx9y1cpyhtb8dpj5jhtyecrr63gg6v2snad5edx9nk6xag3zw566g9r8gebz1617ba8sg4mh04pfhs0svxgf0kahb6v8q9w6af1bewxyzscgjybmd126ayq1z3zwp4awqx6g57d71ns0dfs7w7c5cq85bvmr6gybn8y42rbhxkkkb1gyggg7nj07k3wyzx704mmzb37y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 544512
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226916
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOGSbs207xs2AF31bJz8N8ysjTOGLjUeLO99ON%2FnWuzpMZC6fBX4GzyqrFeO35d42w%2FvwgWdalstfC%2FsS4WwPDyYdLpKskotZqylXDaXbr1hzqD70R4b80i%2FST5OATIrHGd6W3utY1Y3XyM0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ca8f4f8fe412c00-FRA
expires: Mon, 22 May 2023 01:13:27 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame BD55
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1684631607_b0cb64a0-f774-11ed-89a2-223974343f8d&insert=AW&&gdpr=0&gdpr_consent=

0
474 B

44ms
16ms

Image
text/plain

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1684631607_b0cb64a0-f774-11ed-89a2-223974343f8d&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
cache-control: no-cache
cf-ray: 7ca8f4fa5fb03a5e-FRA
content-length: 0
expires: -1

Redirect headers

Date: Sun, 21 May 2023 01:13:27 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1684631607_b0cb64a0-f774-11ed-89a2-223974343f8d&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ Frame E7B1 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9E80 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 data=gy61cPWRo-Ji1e5FiL440_ub2TD5XpeSgjmdKx0iqYDdg-7o6XiLBKS4_NFcd-uI1VUquoaQSCol9tPCrDslpA
mts0.google.com/vt/ Frame BF84 27 KB
27 KB 121ms
48ms Image
image/png 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=gy61cPWRo-Ji1e5FiL440_ub2TD5XpeSgjmdKx0iqYDdg-7o6XiLBKS4_NFcd-uI1VUquoaQSCol9tPCrDslpA

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

0e8b304a6f3d932fe712deefc8694196052a1f4137f67a8eb74c03d1af52b7da

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=40
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27703
x-xss-protection: 0
x-server-version-bin: CggIBBD9qpejBg==
server: scaffolding on HTTPServer2
etag: 027011628ee176a06
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Sun, 21 May 2023 02:13:27 GMT

GET
DATA 200
OK truncated
/ Frame BF84 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BF84 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BF84 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BF84 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame 991F 9 KB
1005 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 May 2023 01:10:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 May 2023 01:13:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 991F 2 KB
765 B 10ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:38:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 991F 0
0 56ms
53ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9hxfNnBpZNCJLrGO7_UPisyokAyciNjyYY-vssyjEabfwISGAhABIMCygmtglfr1gZQHoAGbhue4AsgBCakCkmz4C7Mgsj7gAgCoAwHIA8sEqgSTAk_Qe40njJDzLnRhY2CLM-dw7hnuqv8ITYrg53dRXnFM3KucI3EQQdeQlLbycc0rvsS7elc80z6MgypajvBMK7mdYtLrPhzsSxXDfA0TmkyrCsMFByFHqguj2Ay7DqI4cgvFPxH5kASDDDgeIFQL4HQ6AxRzEVA92bVf1YR1U13tmcF9i9EAujiFFySpoKZpqwxW2bEIl_l9Ma1SoiECQbGX2XL2KcJ3z5vLJA1cRiPUuFIt_tfDL7P2t3mIFfPUzYZrz8gJ38Oyu94riULgYTTp0UJZXDsJ2kYUEpnengQrrYvros2t2XU5rqFAepr8f6xacw-3p_aueyDt2hwfJfe_z_f0L58-px2XVJ-x_F62Ua5_wAS94rietwPgBAGSBQQIBBgBkgUECAUYBKAGLoAHzfmYxwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDXqgTSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsBuBOIBNgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=pc4ChWpATqw&uach_m=[UACH]&cid=CAQSOwBygQiDTdNHcS2gOZB_c8EhMNOD7oHQ1QcFQvw9m-EwoBWEJrtv5Ry6yjJ5Gy26N8BpXcqQeJuuqiQCGAE&template_id=520
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 991F 22 KB
9 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:38:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:38:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 991F 3 KB
1 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 23:31:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 991F 19 KB
8 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:38:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 991F 170 KB
53 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 01:13:27 GMT

GET
H2 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 991F 32 KB
13 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 10:45:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9D40 13 KB
5 KB 10ms
7ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6131
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 23:31:16 GMT
expires: Sun, 19 May 2024 23:31:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 41B0 783 B
534 B 19ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

28623cf365b435c10919912be0f9f28be4ff7695cc04a9741472e73942602243

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FwcqKlcFNr54fTvmYE20bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-FwcqKlcFNr54fTvmYE20bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:27 GMT
expires: Sun, 21 May 2023 01:13:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 991F 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 71E5 34 KB
16 KB 128ms
60ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60438826;rtbwp=73cPhWAY7Q0PRDNw8LeHRazboUFQG3yp0;rtbdata=BY3hJnpXYg-_Y-5Z4zZWA59rV_p-asGI0L8Aoc-hmgBzkC1mTUpsCf9ISBkBAhNI9OlUxH-lgdrbJSm570sYAg2ZXli_taOsgzvyKIVxjRyEV2idAsGgjnJ4sHWh8QiARyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3tlwFkQqFw_-GgPi485A4WZAVKO74ELEhvag7eQU4_cLzV95U4YFfPwq1bMWmgi9vpFqVqMcV-N1tDi0uEszGOI4a6cfKZ21uPuVj4K9C0gIp7SDrVOpsB_KEtFRp07vfNnyCfbK0xoHZPSVCRcBPzE1;csid=95459;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Vpo3eOn6plUWcRYtgUbgFGQocRIG4T3Oa9II09ddfgcH-srQ7tT7Gtol5kSYxyp8a-WKcMFZWlaAymR4EJ3N3Yr2z4_CDPhST1aIorM99so_3iWFRoBp3cieCZy4aFIl3Jss8jl8gIklQvtAF33WP8DIhTbPwKUa5lYccHBC1RtnfaIJJ1vxOe9r5mjjYXtGebwH7-C6fvUjdRX9vQhYBpKnIACB__HK0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOE_5BuGhju-WbTZ6bFanMTfDjr-uASGvrxYbZ3FpkT6hW_cPauNOGkuN6vWmW1dlSa0;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ae684e653cf5edc8bec110ff0669b6daa58f690d550735f98954697799f963da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
last-modified: Tue, 18 Apr 2023 08:19:00 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 19 Apr 2023 13:55:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7D9E 0
0 51ms
50ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvt5cGU_t1irpYT-HegOX5FdHxMgQtNcYIVw18FNj1_7wPSjYpCdpu5faphlQcjaOR83ouzuRm8NVwq_aZ58Mn8KFK5BwVs9sreAwmE8LVk54w9Qap_rCRKcqVqMaOBPDIjNhsAz97hnpGyw2U_o97_7tmq-j4GqfOljL_yEMFmphcP9x0AFFz4IJnWwpwpYJEIHGCsHqBJNoZ2XtyZHuKTbz50s83PYqAWLxKysMw80sQ8mSboQvNl59Cw6k46ESx8UC1WSM6XpnRDmGiXkxT0LKreG9-Wn027NddsmpXQIv0R-gFsDvMuvV0-lFaw3HG1ZNUg7JJ-2W6sMg&sai=AMfl-YRVBfD1SzCnItXQR8QDume8jJMIrJ4281pTFjxCqdbUk0v_bfwgNwowuJdj_r7AFTME2FqpeyjvyvfFvHHwvIohgDUUaN6VU8HWYlgdm_Ut6-9vvS5WEFDLsG2V9w&sig=Cg0ArKJSzAzMJtjrfYtLEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D59B 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50954
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 11:04:13 GMT
etag: 48472445140208031
expires: Sun, 21 May 2023 11:04:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3D64 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50954
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 11:04:13 GMT
etag: 48472445140208031
expires: Sun, 21 May 2023 11:04:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EBED 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50954
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 11:04:13 GMT
etag: 48472445140208031
expires: Sun, 21 May 2023 11:04:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame 7D9E 355 KB
120 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6b29fc904565d0e71927a5493cedcdb9892145b009e58c6fa65d2049e7e9385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122659
x-xss-protection: 0
server: cafe
etag: 11496975108263977578
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 21 May 2023 01:13:27 GMT

GET
DATA 200
OK truncated
/ Frame 7D9E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03a7244941bb58669efea0cc9e27fec4613e3757942783a2d8989856f0d59886

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E7B1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91a34f8cc1c743146f2e9f6363f45d6b6ce14a4d1661031b29307562d328461d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9E80 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7ab21d4cf57bd335f2032ce8e35ded899c69a9ce58b8ce3d1e93d72215a3ea3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BF84 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10dbe202434a8aa56bc0ead91fc284567b4224da97caaa046ab5164e1784c81f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6B2A 1 KB
643 B 8ms
8ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50954
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 11:04:13 GMT
etag: 48472445140208031
expires: Sun, 21 May 2023 11:04:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 41B0 0
0 41ms
41ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=3797269709545832&rc=
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 991F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e5fc69fc6f95a5c190c4022e1b82eda2a392bcfb0b4d3b91b89e3d38965d7b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D40 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 23:31:17 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 71E5 7 KB
4 KB 23ms
22ms Script
text/javascript 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=60438826;rtbwp=73cPhWAY7Q0PRDNw8LeHRazboUFQG3yp0;rtbdata=BY3hJnpXYg-_Y-5Z4zZWA59rV_p-asGI0L8Aoc-hmgBzkC1mTUpsCf9ISBkBAhNI9OlUxH-lgdrbJSm570sYAg2ZXli_taOsgzvyKIVxjRyEV2idAsGgjnJ4sHWh8QiARyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3tlwFkQqFw_-GgPi485A4WZAVKO74ELEhvag7eQU4_cLzV95U4YFfPwq1bMWmgi9vpFqVqMcV-N1tDi0uEszGOI4a6cfKZ21uPuVj4K9C0gIp7SDrVOpsB_KEtFRp07vfNnyCfbK0xoHZPSVCRcBPzE1;csid=95459;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Vpo3eOn6plUWcRYtgUbgFGQocRIG4T3Oa9II09ddfgcH-srQ7tT7Gtol5kSYxyp8a-WKcMFZWlaAymR4EJ3N3Yr2z4_CDPhST1aIorM99so_3iWFRoBp3cieCZy4aFIl3Jss8jl8gIklQvtAF33WP8DIhTbPwKUa5lYccHBC1RtnfaIJJ1vxOe9r5mjjYXtGebwH7-C6fvUjdRX9vQhYBpKnIACB__HK0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOE_5BuGhju-WbTZ6bFanMTfDjr-uASGvrxYbZ3FpkT6hW_cPauNOGkuN6vWmW1dlSa0;;js=1;adfxid=1x;1557;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fpcloak.blob.core.windows.net

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

97e7a3a0969c4d0b5bf90e5c4e7e488e82a182cda5a1e3d60093528b947b70d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3620
expires: -1

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame E7B1 29 KB
30 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 10017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 22:26:30 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 9E80 29 KB
29 KB 34ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 10017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 22:26:30 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame BF84 29 KB
29 KB 40ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 10017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 22:26:30 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 991F 29 KB
29 KB 35ms
19ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 10017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 22:26:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D59B
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFLDaRy6ib9XICpcGaPUqc4&google_cver=1&google_push=ATf1kGOlse0Sdoork1tS4030ne2OaL0BTCnCvfd3YPfNuKxMDcKmp7l1BC...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOlse0Sdoork1tS4030ne2OaL0BTCnCvfd3YPfNuKxMDcKmp7l1BCz0rN5aL91eBx2i8c7jL61_caeGgpYbOlPSVR5iHXc&google_hm=V0EK9X3Clz6tV...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOlse0Sdoork1tS4030ne2OaL0BTCnCvfd3YPfNuKxMDcKmp7l1BCz0rN5aL91eBx2i8c7jL61_caeGgpYbOlPSVR5iHXc&google_hm=V0EK9X3Clz6tVZRoin7laQ

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOlse0Sdoork1tS4030ne2OaL0BTCnCvfd3YPfNuKxMDcKmp7l1BCz0rN5aL91eBx2i8c7jL61_caeGgpYbOlPSVR5iHXc&google_hm=V0EK9X3Clz6tVZRoin7laQ
pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D59B
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEIy3Y_9xk-XT4uSx2YoeDsM&google_cver=1&google_push=ATf1kGMQvOIlomID6WJ7DMVPlZUt9XG2Eu1CVupTafu98vQwGMd9guOQ2nh9Ax14Ufospz2cXckEg81dY91OU0SioLowtz6...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMQvOIlomID6WJ7DMVPlZUt9XG2Eu1CVupTafu98vQwGMd9guOQ2nh9Ax14Ufospz2cXckEg81dY91OU0SioLowtz6RUAs

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMQvOIlomID6WJ7DMVPlZUt9XG2Eu1CVupTafu98vQwGMd9guOQ2nh9Ax14Ufospz2cXckEg81dY91OU0SioLowtz6RUAs

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMQvOIlomID6WJ7DMVPlZUt9XG2Eu1CVupTafu98vQwGMd9guOQ2nh9Ax14Ufospz2cXckEg81dY91OU0SioLowtz6RUAs
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame D59B 43 B
362 B 14ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESENRocxPoJtwOgkrqncTYgBk&google_cver=1&google_push=ATf1kGOkVk5ZrB1C2VRP6waRaUP-CLrO0dKGsAIH490vNrcP2Sj-HihnsitqvtyA7mPKe581uTclUF8T773GrMGe2wN20-07zeY

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 233860
expires: Sun, 21 May 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D59B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMRTZX36fc26KopqGlxU2XjhLmdiWHkFUixqjyAnlIKtSetawJ2dRRt6C9xFCv3Hkx9_8V0cEkbdlilez0e_rlP-ImNbw

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMRTZX36fc26KopqGlxU2XjhLmdiWHkFUixqjyAnlIKtSetawJ2dRRt6C9xFCv3Hkx9_8V0cEkbdlilez0e_rlP-ImNbw
date: Sun, 21 May 2023 01:13:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D59B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELcAfesAoKDY432PyOzz_b0&google_cver=1&google_push=ATf1kGOnMwJ0PbASvPQZyVVK3nDtcV39ydYIGr4dfe3Eku5nr7PJ3fsW4tuNyyQoMV5XwiBIQAN...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGOnMwJ0PbASvPQZyVVK3nDtcV39ydYIGr4dfe3Eku5nr7PJ3fsW4tuNyyQoMV5XwiBIQANh2eCc_BEQX9CEYawB0elMkA

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGOnMwJ0PbASvPQZyVVK3nDtcV39ydYIGr4dfe3Eku5nr7PJ3fsW4tuNyyQoMV5XwiBIQANh2eCc_BEQX9CEYawB0elMkA

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGOnMwJ0PbASvPQZyVVK3nDtcV39ydYIGr4dfe3Eku5nr7PJ3fsW4tuNyyQoMV5XwiBIQANh2eCc_BEQX9CEYawB0elMkA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D59B
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOBG2etN3jwwfvPotwv0G0Y&google_cver=1&google_push=ATf1kGONZY199lx64A29RT5AcWNGBF9jh6ZTN9DOh3AMzYhLa4yPqkZFWZDuWOtBgX6vizDd2TQGnamXXiBd07LZd...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOBG2etN3jwwfvPotwv0G0Y&google_cver=1&google_push=ATf1kGONZY199lx64A29RT5AcWNGBF9jh6ZTN9DOh3AMzYhLa4yPqkZFWZDuWOtBgX6vizDd2TQGnamXXiBd07LZd...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGONZY199lx64A29RT5AcWNGBF9jh6ZTN9DOh3AMzYhLa4yPqkZFWZDuWOtBgX6vizDd2TQGnamXXiBd07LZdtGdad0E9pU&google_hm=GrhJLGZHJw_XhuLbTbuGptBB

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGONZY199lx64A29RT5AcWNGBF9jh6ZTN9DOh3AMzYhLa4yPqkZFWZDuWOtBgX6vizDd2TQGnamXXiBd07LZdtGdad0E9pU&google_hm=GrhJLGZHJw_XhuLbTbuGptBB

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 21 May 2023 01:13:27 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGONZY199lx64A29RT5AcWNGBF9jh6ZTN9DOh3AMzYhLa4yPqkZFWZDuWOtBgX6vizDd2TQGnamXXiBd07LZdtGdad0E9pU&google_hm=GrhJLGZHJw_XhuLbTbuGptBB
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D59B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELkdn31dCdkiJXQSHuqGm3E&google_cver=1&google_push=ATf1kGPu0Dlswy6ceS2thgDJm5a6Qg6J96P4K_y_yYrAEztU_10rs2P0kmVlgmv6Q6hBVBohjy...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELkdn31dCdkiJXQSHuqGm3E&google_cver=1&google_push=ATf1kGPu0Dlswy6ceS2thgDJm5a6Qg6J96P4K_y_yYrAEztU_10rs2P0kmVlgmv6Q6hBVBohjy...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HZTBMSVBCRTJ1RkhpbzgzMHdVeEpOcWtxcDU2R1pnTn5B&google_push=ATf1kGPu0Dlswy6ceS2thgDJm5a6Qg6J96P4K_y_yYrAEztU_10rs2P0k...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HZTBMSVBCRTJ1RkhpbzgzMHdVeEpOcWtxcDU2R1pnTn5B&google_push=ATf1kGPu0Dlswy6ceS2thgDJm5a6Qg6J96P4K_y_yYrAEztU_10rs2P0kmVlgmv6Q6hBVBohjy-dEaD3ro-HOwOzGZqeIX-9vXg

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HZTBMSVBCRTJ1RkhpbzgzMHdVeEpOcWtxcDU2R1pnTn5B&google_push=ATf1kGPu0Dlswy6ceS2thgDJm5a6Qg6J96P4K_y_yYrAEztU_10rs2P0kmVlgmv6Q6hBVBohjy-dEaD3ro-HOwOzGZqeIX-9vXg
date: Sun, 21 May 2023 01:13:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D59B 0
12 B 16ms
15ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KwlPwNNlz5ScZGBioj-woHg9Zogy1Y0srfZITxMzz0FoeidaldWyHZ2YQrq8tS73mw0a0W1g

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D64
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFLDaRy6ib9XICpcGaPUqc4&google_cver=1&google_push=ATf1kGPp26Ii3MjseWg-9Ybd3DzQ3DdvCfAL1oHozXOEloNQVlzlNFcfYK...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGPp26Ii3MjseWg-9Ybd3DzQ3DdvCfAL1oHozXOEloNQVlzlNFcfYK1o7ehU7qni2t8p-NsvPY_P3kO-3J7yOd3zxZvkcX5i&google_hm=V0EK9X3Clz6t...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGPp26Ii3MjseWg-9Ybd3DzQ3DdvCfAL1oHozXOEloNQVlzlNFcfYK1o7ehU7qni2t8p-NsvPY_P3kO-3J7yOd3zxZvkcX5i&google_hm=V0EK9X3Clz6tVZRoin7laQ

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGPp26Ii3MjseWg-9Ybd3DzQ3DdvCfAL1oHozXOEloNQVlzlNFcfYK1o7ehU7qni2t8p-NsvPY_P3kO-3J7yOd3zxZvkcX5i&google_hm=V0EK9X3Clz6tVZRoin7laQ
pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D64
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UG5KeE50WGcxUTB4RHc1&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGNi8aJKM3VimopVCcimjOeoYca_8jHG6LXtPL_IgJs...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UG5KeE50WGcxUTB4RHc1&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGNi8aJKM3VimopVCcimjOeoYca_8jHG6LXtPL_IgJshGc7SrZLAWXOFaJDqQ3HHEK5m52gWeBXawJT1c4b_YCv_aaAVwyc

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 May 2023 01:13:26 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UG5KeE50WGcxUTB4RHc1&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGNi8aJKM3VimopVCcimjOeoYca_8jHG6LXtPL_IgJshGc7SrZLAWXOFaJDqQ3HHEK5m52gWeBXawJT1c4b_YCv_aaAVwyc
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 3D64 43 B
362 B 14ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESENRocxPoJtwOgkrqncTYgBk&google_cver=1&google_push=ATf1kGPgqFSh0-HUxi1bIdlTCWL7lz0lRgqm9GlWDqYAWYwUnjCikQ3Sp76LeS-kHQZGjlyBPKwVrX9ZeVi_6qsXe5ueqyku1jcs

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 258076
expires: Sun, 21 May 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D64
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGO026pMl9zV7OOhjcOIrOB0zn3cMxbHwDoSrnv9F7wmdfL2sHvI9J2FPJvWstvMvV_lj_I0UYPKvZ-T4d5M_8Te2OZkOoP6

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGO026pMl9zV7OOhjcOIrOB0zn3cMxbHwDoSrnv9F7wmdfL2sHvI9J2FPJvWstvMvV_lj_I0UYPKvZ-T4d5M_8Te2OZkOoP6
date: Sun, 21 May 2023 01:13:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D64
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELcAfesAoKDY432PyOzz_b0&google_cver=1&google_push=ATf1kGNN4i37luxOPMGGWFUHdqNZpOuSg5QaQsrLfnZKiHy02K786tJNaooepg_myM4v455bm4e...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGNN4i37luxOPMGGWFUHdqNZpOuSg5QaQsrLfnZKiHy02K786tJNaooepg_myM4v455bm4epP3XGFb-9h2RB9k0FG9XG7nyD

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGNN4i37luxOPMGGWFUHdqNZpOuSg5QaQsrLfnZKiHy02K786tJNaooepg_myM4v455bm4epP3XGFb-9h2RB9k0FG9XG7nyD

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGNN4i37luxOPMGGWFUHdqNZpOuSg5QaQsrLfnZKiHy02K786tJNaooepg_myM4v455bm4epP3XGFb-9h2RB9k0FG9XG7nyD
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D64
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOBG2etN3jwwfvPotwv0G0Y&google_cver=1&google_push=ATf1kGPpWyyHRdka8U17wXTJCwg5kcn3EsABpMi3eOop2MERhCvTYGloFRfs1Dp_LUnIqyR6qUhMidDIRoIsNnSQm...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOBG2etN3jwwfvPotwv0G0Y&google_cver=1&google_push=ATf1kGPpWyyHRdka8U17wXTJCwg5kcn3EsABpMi3eOop2MERhCvTYGloFRfs1Dp_LUnIqyR6qUhMidDIRoIsNnSQm...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPpWyyHRdka8U17wXTJCwg5kcn3EsABpMi3eOop2MERhCvTYGloFRfs1Dp_LUnIqyR6qUhMidDIRoIsNnSQmwlfDD2o8DQ&google_hm=GrhJLGZHI02ojr4tTx-WnXDQ

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPpWyyHRdka8U17wXTJCwg5kcn3EsABpMi3eOop2MERhCvTYGloFRfs1Dp_LUnIqyR6qUhMidDIRoIsNnSQmwlfDD2o8DQ&google_hm=GrhJLGZHI02ojr4tTx-WnXDQ

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 21 May 2023 01:13:27 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPpWyyHRdka8U17wXTJCwg5kcn3EsABpMi3eOop2MERhCvTYGloFRfs1Dp_LUnIqyR6qUhMidDIRoIsNnSQmwlfDD2o8DQ&google_hm=GrhJLGZHI02ojr4tTx-WnXDQ
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D64
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELkdn31dCdkiJXQSHuqGm3E&google_cver=1&google_push=ATf1kGNZwhogVXhgeG8UNJKG5Y3urbINxEJ9yKFnFRCfDizLpaPs2lb9Tb7fDQLI-NweKj6L7_...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELkdn31dCdkiJXQSHuqGm3E&google_cver=1&google_push=ATf1kGNZwhogVXhgeG8UNJKG5Y3urbINxEJ9yKFnFRCfDizLpaPs2lb9Tb7fDQLI-NweKj6L7_...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HZTBMSVBCRTJ1RkhpbzgzMHdVeEpOcWtxcDU2R1pnTn5B&google_push=ATf1kGNZwhogVXhgeG8UNJKG5Y3urbINxEJ9yKFnFRCfDizLpaPs2lb9T...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HZTBMSVBCRTJ1RkhpbzgzMHdVeEpOcWtxcDU2R1pnTn5B&google_push=ATf1kGNZwhogVXhgeG8UNJKG5Y3urbINxEJ9yKFnFRCfDizLpaPs2lb9Tb7fDQLI-NweKj6L7_6Yfo9_8vj9EOju0EG63DRFYC1yAw

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HZTBMSVBCRTJ1RkhpbzgzMHdVeEpOcWtxcDU2R1pnTn5B&google_push=ATf1kGNZwhogVXhgeG8UNJKG5Y3urbINxEJ9yKFnFRCfDizLpaPs2lb9Tb7fDQLI-NweKj6L7_6Yfo9_8vj9EOju0EG63DRFYC1yAw
date: Sun, 21 May 2023 01:13:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3D64 0
12 B 15ms
14ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JakyGwjotmxi7jifcsyGiBz5F6BgBm_f-i56nuaLPdquXnUlQvkXEUsuGeDLD1ZOUg0feJwQ

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EBED
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFLDaRy6ib9XICpcGaPUqc4&google_cver=1&google_push=ATf1kGMBFV6OUcp1a4cB2S2FP8RmTaRYpgQRnDxHPaDK_adDxpXvqZOBEn...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGMBFV6OUcp1a4cB2S2FP8RmTaRYpgQRnDxHPaDK_adDxpXvqZOBEnDObHULKk2TLYaKgV3QDT6cUE-27fAgKeVYEgDTjDAZIw&google_hm=V0EK9X3Clz...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGMBFV6OUcp1a4cB2S2FP8RmTaRYpgQRnDxHPaDK_adDxpXvqZOBEnDObHULKk2TLYaKgV3QDT6cUE-27fAgKeVYEgDTjDAZIw&google_hm=V0EK9X3Clz6tVZRoin7laQ

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGMBFV6OUcp1a4cB2S2FP8RmTaRYpgQRnDxHPaDK_adDxpXvqZOBEnDObHULKk2TLYaKgV3QDT6cUE-27fAgKeVYEgDTjDAZIw&google_hm=V0EK9X3Clz6tVZRoin7laQ
pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EBED
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEIy3Y_9xk-XT4uSx2YoeDsM&google_cver=1&google_push=ATf1kGP0Fa31qvt2xRqpW5mjo9ebmyvBvNNAgDPUv8Xlnb6GEf91KNeijOpwBcVkEbqUlYXbvnYRQ4vCrvcyZsn48DWgDv9...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGP0Fa31qvt2xRqpW5mjo9ebmyvBvNNAgDPUv8Xlnb6GEf91KNeijOpwBcVkEbqUlYXbvnYRQ4vCrvcyZsn48DWgDv9iiBM0gA

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGP0Fa31qvt2xRqpW5mjo9ebmyvBvNNAgDPUv8Xlnb6GEf91KNeijOpwBcVkEbqUlYXbvnYRQ4vCrvcyZsn48DWgDv9iiBM0gA

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGP0Fa31qvt2xRqpW5mjo9ebmyvBvNNAgDPUv8Xlnb6GEf91KNeijOpwBcVkEbqUlYXbvnYRQ4vCrvcyZsn48DWgDv9iiBM0gA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame EBED 43 B
362 B 14ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESENRocxPoJtwOgkrqncTYgBk&google_cver=1&google_push=ATf1kGOGzjOvpDvf0m_jGO0SKFm5T1YtPjiZjOgNd7S_ifIFfnsKElqN7BuTyM4ZIJPsZx2_APdgrCS8qkDlhxQHJxy3eEPD3p9m_A

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 230492
expires: Sun, 21 May 2023 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame EBED 43 B
103 B 16ms
15ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEN0wXQOwpu0hvSW0-mxKIlg&google_cver=1&google_push=ATf1kGNEd3hx0q_kewePY5y9ZUTcF2pPfk0z7KElszCXTRaAdz7YBSzIdEkQpx1axgs1fjcRdLxaq4CTFM--dcDh_6DMCO5Gxp6_pw
Requested by: Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EBED
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPeJK0iELkIhWgL9wu5c6ZbcKIXGtQ2ZWp0I-ohLehIPtsYpDhmj7oPynoSGawxXK0ClBUAtor-arYnG92YxCiZPJx3tU-1NA

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPeJK0iELkIhWgL9wu5c6ZbcKIXGtQ2ZWp0I-ohLehIPtsYpDhmj7oPynoSGawxXK0ClBUAtor-arYnG92YxCiZPJx3tU-1NA
date: Sun, 21 May 2023 01:13:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EBED
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOBG2etN3jwwfvPotwv0G0Y&google_cver=1&google_push=ATf1kGNhYPCrzZIP7gvm0RudIEIJ_ZDLkvjmhR134WiUhXQz9iMunUD55a3Oo0QrF0rO8r-FO_IJTeRTYJgMzYHKf...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOBG2etN3jwwfvPotwv0G0Y&google_cver=1&google_push=ATf1kGNhYPCrzZIP7gvm0RudIEIJ_ZDLkvjmhR134WiUhXQz9iMunUD55a3Oo0QrF0rO8r-FO_IJTeRTYJgMzYHKf...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNhYPCrzZIP7gvm0RudIEIJ_ZDLkvjmhR134WiUhXQz9iMunUD55a3Oo0QrF0rO8r-FO_IJTeRTYJgMzYHKffGquQ4w75Dpxg&google_hm=GrhJLGZHDHNrznemSD-t...

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNhYPCrzZIP7gvm0RudIEIJ_ZDLkvjmhR134WiUhXQz9iMunUD55a3Oo0QrF0rO8r-FO_IJTeRTYJgMzYHKffGquQ4w75Dpxg&google_hm=GrhJLGZHDHNrznemSD-t1CU-

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 21 May 2023 01:13:28 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNhYPCrzZIP7gvm0RudIEIJ_ZDLkvjmhR134WiUhXQz9iMunUD55a3Oo0QrF0rO8r-FO_IJTeRTYJgMzYHKffGquQ4w75Dpxg&google_hm=GrhJLGZHDHNrznemSD-t1CU-
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EBED
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELkdn31dCdkiJXQSHuqGm3E&google_cver=1&google_push=ATf1kGN46mzPttcB2bzxFy7SU-jQNpDI66Sz2ncga2DMoxyfFNRpgGZ16nTnIe1wPffyUC6CNc...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELkdn31dCdkiJXQSHuqGm3E&google_cver=1&google_push=ATf1kGN46mzPttcB2bzxFy7SU-jQNpDI66Sz2ncga2DMoxyfFNRpgGZ16nTnIe1wPffyUC6CNc...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HZTBMSVBCRTJ1RkhpbzgzMHdVeEpOcWtxcDU2R1pnTn5B&google_push=ATf1kGN46mzPttcB2bzxFy7SU-jQNpDI66Sz2ncga2DMoxyfFNRpgGZ16...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HZTBMSVBCRTJ1RkhpbzgzMHdVeEpOcWtxcDU2R1pnTn5B&google_push=ATf1kGN46mzPttcB2bzxFy7SU-jQNpDI66Sz2ncga2DMoxyfFNRpgGZ16nTnIe1wPffyUC6CNcUyMkx7OAwQ8UAUOOubPF4TxZK9Cg

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HZTBMSVBCRTJ1RkhpbzgzMHdVeEpOcWtxcDU2R1pnTn5B&google_push=ATf1kGN46mzPttcB2bzxFy7SU-jQNpDI66Sz2ncga2DMoxyfFNRpgGZ16nTnIe1wPffyUC6CNcUyMkx7OAwQ8UAUOOubPF4TxZK9Cg
date: Sun, 21 May 2023 01:13:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EBED 0
12 B 15ms
14ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KTIFplGqIYmBVXkU25r6M7lSLLJB2uGtYf-RqKp_spypI5wlVU95s-JcKQiMLkjP46gLopnA

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B2A
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFLDaRy6ib9XICpcGaPUqc4&google_cver=1&google_push=ATf1kGOy2RX6mKuu627Up57ImgA0TY8NKXlh6w8v4TDlP_3NatMtzAApz8...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOy2RX6mKuu627Up57ImgA0TY8NKXlh6w8v4TDlP_3NatMtzAApz8S22d18SthRRusiPhevF3jrMmIa3Lz12k_mg7pJKX_FVg&google_hm=V0EK9X3Clz...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOy2RX6mKuu627Up57ImgA0TY8NKXlh6w8v4TDlP_3NatMtzAApz8S22d18SthRRusiPhevF3jrMmIa3Lz12k_mg7pJKX_FVg&google_hm=V0EK9X3Clz6tVZRoin7laQ

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOy2RX6mKuu627Up57ImgA0TY8NKXlh6w8v4TDlP_3NatMtzAApz8S22d18SthRRusiPhevF3jrMmIa3Lz12k_mg7pJKX_FVg&google_hm=V0EK9X3Clz6tVZRoin7laQ
pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B2A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UG5KeE50WGcxUTB4RHc1&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGNPDrChMxWNTd_CtOu6iz32ahBrZ7n_rxPVYoANAEy...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UG5KeE50WGcxUTB4RHc1&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGNPDrChMxWNTd_CtOu6iz32ahBrZ7n_rxPVYoANAEySa3K0kIl5eOPw_4oomceLjRv-MJxLrhLrZGK_q218EBjYFdbI8JFn

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 May 2023 01:13:26 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0943143fd00beb9c6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UG5KeE50WGcxUTB4RHc1&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGNPDrChMxWNTd_CtOu6iz32ahBrZ7n_rxPVYoANAEySa3K0kIl5eOPw_4oomceLjRv-MJxLrhLrZGK_q218EBjYFdbI8JFn
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B2A
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEIy3Y_9xk-XT4uSx2YoeDsM&google_cver=1&google_push=ATf1kGOSgPTuGqwJQiWCK3JWHldwY0shn8ribrEZaAtIv2J2KzH3cW0SyLk1qE12mcnB2bjdf7MzpSrrKaWyYrKKqgOAL6c...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOSgPTuGqwJQiWCK3JWHldwY0shn8ribrEZaAtIv2J2KzH3cW0SyLk1qE12mcnB2bjdf7MzpSrrKaWyYrKKqgOAL6cif4eVRw

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOSgPTuGqwJQiWCK3JWHldwY0shn8ribrEZaAtIv2J2KzH3cW0SyLk1qE12mcnB2bjdf7MzpSrrKaWyYrKKqgOAL6cif4eVRw

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOSgPTuGqwJQiWCK3JWHldwY0shn8ribrEZaAtIv2J2KzH3cW0SyLk1qE12mcnB2bjdf7MzpSrrKaWyYrKKqgOAL6cif4eVRw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 6B2A 43 B
362 B 14ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESENRocxPoJtwOgkrqncTYgBk&google_cver=1&google_push=ATf1kGPH0u1gVJhgZNkP2sXI4W4uuIOSeyzLZ3F2dRzneh6IlPTXFkKH0y6Vkp4Ya1CtjdMvYSBmDBuIYouYwHanITPrMOHRKcj_9g

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 296948
expires: Sun, 21 May 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B2A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNDxnLhOY2-jhvLcO9_2VeSOT2C4aviYbgj0OpLmeKTu8x2UvbNOT5djpPCefcLHv7nuVx5mkt3JsdrIIC20mv4btvU14Ao

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNDxnLhOY2-jhvLcO9_2VeSOT2C4aviYbgj0OpLmeKTu8x2UvbNOT5djpPCefcLHv7nuVx5mkt3JsdrIIC20mv4btvU14Ao
date: Sun, 21 May 2023 01:13:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B2A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELcAfesAoKDY432PyOzz_b0&google_cver=1&google_push=ATf1kGMxOWMiAzndS3bfN-VgA_v0VA6l4trUFeV1OwCYFqRYpKeupfQ2zWV1UMXJ55Y0RcEhLfD...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGMxOWMiAzndS3bfN-VgA_v0VA6l4trUFeV1OwCYFqRYpKeupfQ2zWV1UMXJ55Y0RcEhLfDBrDYyU9FqijSIvTdIJYKyzEKUBQ

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGMxOWMiAzndS3bfN-VgA_v0VA6l4trUFeV1OwCYFqRYpKeupfQ2zWV1UMXJ55Y0RcEhLfDBrDYyU9FqijSIvTdIJYKyzEKUBQ

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGMxOWMiAzndS3bfN-VgA_v0VA6l4trUFeV1OwCYFqRYpKeupfQ2zWV1UMXJ55Y0RcEhLfDBrDYyU9FqijSIvTdIJYKyzEKUBQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B2A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELkdn31dCdkiJXQSHuqGm3E&google_cver=1&google_push=ATf1kGMY8bYN1_vJtoQbLromR0gtRFivgp7ySPIjEYv6KxnqgiiBfEWsWO_t6sDkcBk3pOQN4T...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELkdn31dCdkiJXQSHuqGm3E&google_cver=1&google_push=ATf1kGMY8bYN1_vJtoQbLromR0gtRFivgp7ySPIjEYv6KxnqgiiBfEWsWO_t6sDkcBk3pOQN4T...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HZTBMSVBCRTJ1RkhpbzgzMHdVeEpOcWtxcDU2R1pnTn5B&google_push=ATf1kGMY8bYN1_vJtoQbLromR0gtRFivgp7ySPIjEYv6KxnqgiiBfEWsW...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HZTBMSVBCRTJ1RkhpbzgzMHdVeEpOcWtxcDU2R1pnTn5B&google_push=ATf1kGMY8bYN1_vJtoQbLromR0gtRFivgp7ySPIjEYv6KxnqgiiBfEWsWO_t6sDkcBk3pOQN4TfpJi_dXwsVV-q9xuxN4jZ0ptDJUg

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HZTBMSVBCRTJ1RkhpbzgzMHdVeEpOcWtxcDU2R1pnTn5B&google_push=ATf1kGMY8bYN1_vJtoQbLromR0gtRFivgp7ySPIjEYv6KxnqgiiBfEWsWO_t6sDkcBk3pOQN4TfpJi_dXwsVV-q9xuxN4jZ0ptDJUg
date: Sun, 21 May 2023 01:13:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6B2A 0
12 B 14ms
14ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ji6D0eAmRPL6sfaNhBxBgPkeS9t0tMPUwzTnfuGc8OE7ZXQo6srJs0JwVNzmoGyjW6D9VdJw

Requested by

Host: 6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
URL: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7D9E 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7D9E 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 76FA 0
16 B 104ms
103ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407281013&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631607314&bpp=2&bdt=286&idt=143&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&nras=1&correlator=1257473034480&frm=8&ife=1&pv=2&ga_vid=782985121.1684631607&ga_sid=1684631607&ga_hid=1934057862&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2015535855&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759837%2C44759926%2C31074689%2C44772268%2C44785292%2C44788441%2C44792089&oid=2&pvsid=3317466819416913&tmod=1173862464&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.dgbq51bqm99c&fsb=1&dtd=159

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF99 32 KB
13 KB 227ms
227ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198791702&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631607316&bpp=1&bdt=288&idt=161&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1257473034480&frm=8&ife=1&pv=1&ga_vid=782985121.1684631607&ga_sid=1684631607&ga_hid=1934057862&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2015535855&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759837%2C44759926%2C31074689%2C44772268%2C44785292%2C44788441%2C44792089&oid=2&pvsid=3317466819416913&tmod=1173862464&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.gta3myz05xd&fsb=1&dtd=164

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

beac5d62c98fc8d644d4ddd94f7dc05e123f88dfee113dd35a65ba36ac228d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13635
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 71E5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 912560ec4542cc28538186bb2c683aaf4374e7046602e08f4b31b31b65af512b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 71E5 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssD-HlQVesrjzKmeJWYLJ8QVrLuNqAZylGC2vPndnp-Zt92NXTxzguzpwQJLg6vLtPKUMcVvGk3Htns-E4E6LF0SqyEGNrdgUvuC8GQza0gLfRRBaHQ8M_eXEkLKKYZ9VV9qmPDcRfxxPPb5cmHC98C2F5RdNPcabFxJEcV1sCPHAvsDSZPZadfhI9zcdhJFEdY3wLuOda7ZKDcDJz2Ehn87LYhgX7O11jwMv1o-4Qj8MtgeFOkVjWIVqmzgnF4JQapF4vPPuGes4MUhHRvG9VifOQwPHo6lvJKKCnlNPmM-wXq73y0sR4dxmSNZI_MnIP0BA0ISv5_5qDIslfvDcs&sai=AMfl-YTRJVZaiyshc-RQ-3CDhhsv66DNsmlZ69oxPXgY7tKV5954r0972rAVYhqzPTjrHL9Iwba_0MsHdN6Me9CWAbSC8Fwk87800X7t_vCADNKeOT7WTW17rZjLIYHYLw&sig=Cg0ArKJSzLb8NK7x3BFFEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 21 May 2023 01:13:27 GMT

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame F9C8 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 23:31:17 GMT

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame A9E7 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 23:31:17 GMT

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame DA63 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 23:31:17 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.228/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 71E5 85 KB
36 KB 30ms
30ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.228/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
last-modified: Tue, 18 Apr 2023 08:19:00 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 19 Apr 2023 13:55:16 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ Frame 75C4 89 KB
29 KB 119ms
26ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 22 May 2023 01:13:27 GMT

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame 4881 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 23:31:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame FF99 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198791702&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631607316&bpp=1&bdt=288&idt=161&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1257473034480&frm=8&ife=1&pv=1&ga_vid=782985121.1684631607&ga_sid=1684631607&ga_hid=1934057862&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2015535855&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759837%2C44759926%2C31074689%2C44772268%2C44785292%2C44788441%2C44792089&oid=2&pvsid=3317466819416913&tmod=1173862464&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.gta3myz05xd&fsb=1&dtd=164

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 23:31:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame FF99 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:38:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:38:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FF99 0
0 20ms
19ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTs0zsBQLArAMyLLRTh-3NudYyMn86VB07FHlALP0mJ4hIyoHMYrJIqy9Fb2HUeK_7siFhHoDsofDOlik3m6ydEz4p1mg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198791702&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631607316&bpp=1&bdt=288&idt=161&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1257473034480&frm=8&ife=1&pv=1&ga_vid=782985121.1684631607&ga_sid=1684631607&ga_hid=1934057862&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2015535855&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759837%2C44759926%2C31074689%2C44772268%2C44785292%2C44788441%2C44792089&oid=2&pvsid=3317466819416913&tmod=1173862464&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.gta3myz05xd&fsb=1&dtd=164
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF99 170 KB
53 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 01:13:27 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 71E5 35 B
588 B 22ms
22ms Ping
image/gif 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60438826&csi=xUJ1cIyMyrVhMs_5g-pSCrxy-Y7wuVnflaZkRfphmzvrygPkIxxfk1QeAXbNr4vbsw9c8BCVt0e6Pk_7LVbi6OLSFeXTyO4ccUAcIpDuM4T_kG4aGO75ZtNnpsVqcxN8OOv64BIa-vFhtncWmRPqFb9w9q404aS4zH7nPSI8lYRZFLNSA9fR3wO8_7rsP1jj0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 56822120.gif
s1.adform.net/Banners/56822120/ Frame 71E5 140 KB
140 KB 28ms
27ms Image
image/gif 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/56822120/56822120.gif?bv=3
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2778ec2d15bdda51710a28cb9620ced1a057d0443dc6f6fbafdabcd072ae9453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
last-modified: Wed, 21 Dec 2022 16:44:34 GMT
server: nginx
x-amz-request-id: tx00000dc33b0799a42e3a0-00645d8268-3295d04c-default
etag: "3801d4f4e0b6c1eb5295ef456aaccb3f"
x-cache-status: STALE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 143374

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FF99 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZrkfN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTTAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPODXVzkJhD6lc_iIQW8vDflcin8x8mm54vfOm86Kc4jD18b5yGfyABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY1OTM1MjMyMTAwMTAxNTQYAA&sigh=MRI5klrzHzU&uach_m=[UACH]&cid=CAQSKQBygQiDxtqjMU2-0mWUmzPVpDHWZwhYLL-T73oZfSnHuQhkBoRw7GR1GAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198791702&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631607316&bpp=1&bdt=288&idt=161&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1257473034480&frm=8&ife=1&pv=1&ga_vid=782985121.1684631607&ga_sid=1684631607&ga_hid=1934057862&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2015535855&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759837%2C44759926%2C31074689%2C44772268%2C44785292%2C44788441%2C44792089&oid=2&pvsid=3317466819416913&tmod=1173862464&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.gta3myz05xd&fsb=1&dtd=164
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 21 May 2023 01:13:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame FF99 0
0 18ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hasz05mchs0btxrft6cgrey73wapc6ag4asq9x0vt8x0gbjer8m27rv7en2hf7869p2swpv7d63q3bcx6je66tye5ys61h0028b57tr1xe8bzfw60b9a7znt10w0q13yj9hnmnbcpvjs77y6tg1gdh8mpbr489sf0dvkabzsgk5bjcvj15va3p9wke68y7qt72kgyq47n4ssssy5vmp97z2ad5p1nwggzpxsmghfkapkvvqr5js8m8aqjkq0pvmt85xtwb5sacd57whny7b6t4vc2awgpkz9869grqg3jpapvdz9s52x0x3yq8mtm9ka547bn02dhb7xh33ft4ga48xeta6rfv3r43qsx9mee44pb2wrnj17j32k4wgn4xv1ja2h7hhy3c9yjg&b=ZGlwNwAH7zIKsv1MAAAQopWGMGMIddF1T9qdpw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198791702&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631607316&bpp=1&bdt=288&idt=161&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1257473034480&frm=8&ife=1&pv=1&ga_vid=782985121.1684631607&ga_sid=1684631607&ga_hid=1934057862&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2015535855&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759837%2C44759926%2C31074689%2C44772268%2C44785292%2C44788441%2C44792089&oid=2&pvsid=3317466819416913&tmod=1173862464&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.gta3myz05xd&fsb=1&dtd=164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 21 May 2023 01:13:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 3DE0 2 KB
2 KB 27ms
26ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1j756tye0cp6psb14ve86chgm07vrz0nest8jdfyex9bbb0qz6xb8zhemmbtgxbp1hpwa30wnf36fk3xcaffm78bq3atk16atwf8xqzbpzr3r9rrs1jrk7w3be5ykymtebrv40qbfter826ywvd5mqeq9xprxsv26jmx1sb7efbcfr48y0tp2rc4yhs3t2tcdbv4m1dqjmmpmxysft50fxdtb929gnba64kbznbwbvchcz8xwcea8smtt2aez8jkwwrk7zy79zmqsvyeeyn5mnd4j1p1p6mcpt8atrzanwhr5m57f0915rs8rky7c7ys5rh2cjbtw8jmjy8t3fjzj3sptjp86262v7v62jqry7syya1v7r3g9yqsma6e0abt9369zn592gk2gdzabwpkyqdwaxre8w05bhva54wvmghvach1vytmmq62wvsdjqhf2dvp5n75xm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%26client%3Dca-pub-6593523210010154%26adurl%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cefe33668bc82464835fb72b855bb4f5e1ab56b82e38ac53f8abf18afc93d9f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ca8f4fd38642c00-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:27 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 695C 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50954
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 11:04:13 GMT
etag: 48472445140208031
expires: Sun, 21 May 2023 11:04:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame 75C4 0
209 B 50ms
50ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1684631605674&userId=vnet342eace4-dea7-4cff-ab23-5dd40df209ff
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 21 May 2023 01:13:27 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 75C4 89 KB
29 KB 51ms
25ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 22 May 2023 01:13:27 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 3DE0 103 KB
13 KB 18ms
18ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j756tye0cp6psb14ve86chgm07vrz0nest8jdfyex9bbb0qz6xb8zhemmbtgxbp1hpwa30wnf36fk3xcaffm78bq3atk16atwf8xqzbpzr3r9rrs1jrk7w3be5ykymtebrv40qbfter826ywvd5mqeq9xprxsv26jmx1sb7efbcfr48y0tp2rc4yhs3t2tcdbv4m1dqjmmpmxysft50fxdtb929gnba64kbznbwbvchcz8xwcea8smtt2aez8jkwwrk7zy79zmqsvyeeyn5mnd4j1p1p6mcpt8atrzanwhr5m57f0915rs8rky7c7ys5rh2cjbtw8jmjy8t3fjzj3sptjp86262v7v62jqry7syya1v7r3g9yqsma6e0abt9369zn592gk2gdzabwpkyqdwaxre8w05bhva54wvmghvach1vytmmq62wvsdjqhf2dvp5n75xm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1j756tye0cp6psb14ve86chgm07vrz0nest8jdfyex9bbb0qz6xb8zhemmbtgxbp1hpwa30wnf36fk3xcaffm78bq3atk16atwf8xqzbpzr3r9rrs1jrk7w3be5ykymtebrv40qbfter826ywvd5mqeq9xprxsv26jmx1sb7efbcfr48y0tp2rc4yhs3t2tcdbv4m1dqjmmpmxysft50fxdtb929gnba64kbznbwbvchcz8xwcea8smtt2aez8jkwwrk7zy79zmqsvyeeyn5mnd4j1p1p6mcpt8atrzanwhr5m57f0915rs8rky7c7ys5rh2cjbtw8jmjy8t3fjzj3sptjp86262v7v62jqry7syya1v7r3g9yqsma6e0abt9369zn592gk2gdzabwpkyqdwaxre8w05bhva54wvmghvach1vytmmq62wvsdjqhf2dvp5n75xm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 1071250
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELZGu5LcV%2BrxpXD8W9d3UBwsqjUk9G1qEMeCuABTRn%2BxAjE4PtIwPTBlKSzUdCG2730J6FuABoVDPRA3Uhl3avXNsV1vmIczV0cHA8Vlwb3Sh73sPzl%2Ft2LJkrNC%2FiqH2idPV4BQN5Q%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7ca8f4fd78852c00-FRA
expires: Sun, 21 May 2023 02:13:27 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 3DE0 25 KB
10 KB 17ms
17ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j756tye0cp6psb14ve86chgm07vrz0nest8jdfyex9bbb0qz6xb8zhemmbtgxbp1hpwa30wnf36fk3xcaffm78bq3atk16atwf8xqzbpzr3r9rrs1jrk7w3be5ykymtebrv40qbfter826ywvd5mqeq9xprxsv26jmx1sb7efbcfr48y0tp2rc4yhs3t2tcdbv4m1dqjmmpmxysft50fxdtb929gnba64kbznbwbvchcz8xwcea8smtt2aez8jkwwrk7zy79zmqsvyeeyn5mnd4j1p1p6mcpt8atrzanwhr5m57f0915rs8rky7c7ys5rh2cjbtw8jmjy8t3fjzj3sptjp86262v7v62jqry7syya1v7r3g9yqsma6e0abt9369zn592gk2gdzabwpkyqdwaxre8w05bhva54wvmghvach1vytmmq62wvsdjqhf2dvp5n75xm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 386852
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWRBo7j3z5si5ffTkOz%2FMu2tg8ZDhAkElz2WPqT%2BlailSTtszTozeNTxmNl9xs%2BlRAzRFVCu2FiUyY9MJn46ixmGppUs8jHZj4%2BdrDxBMTnQv5gqLpf6qTAFkKHOCbTtgH7lP0A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7ca8f4fd78862c00-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 09 May 2023 13:46:06 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 695C
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFLDaRy6ib9XICpcGaPUqc4&google_cver=1&google_push=ATf1kGOJQkvFPfoJhntX6Lswt2muzyhfCH3Rpd7EMDIyzYK_DitBKb6ysQ...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOJQkvFPfoJhntX6Lswt2muzyhfCH3Rpd7EMDIyzYK_DitBKb6ysQKJF4s6GccsZOIlWKe4zB5UEsVqdFdUwCN5Qfnp98FNRA&google_hm=V0EK9X3Clz...

170 B
188 B

20ms
19ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOJQkvFPfoJhntX6Lswt2muzyhfCH3Rpd7EMDIyzYK_DitBKb6ysQKJF4s6GccsZOIlWKe4zB5UEsVqdFdUwCN5Qfnp98FNRA&google_hm=V0EK9X3Clz6tVZRoin7laQ

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOJQkvFPfoJhntX6Lswt2muzyhfCH3Rpd7EMDIyzYK_DitBKb6ysQKJF4s6GccsZOIlWKe4zB5UEsVqdFdUwCN5Qfnp98FNRA&google_hm=V0EK9X3Clz6tVZRoin7laQ
pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 695C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UG5KeE50WGcxUTB4RHc1&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGPUlOfFBSs8GOKPtc7mQ8IAZNa9mA4P4mAJWJHMM7Y...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UG5KeE50WGcxUTB4RHc1&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGPUlOfFBSs8GOKPtc7mQ8IAZNa9mA4P4mAJWJHMM7YKqXiNOsw0VUv0nMVIjIyRnQ8keam8AsRTnwjVschWO9vcfV1rDwuEOQ

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 May 2023 01:13:27 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-03b3f67f69a828fdc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UG5KeE50WGcxUTB4RHc1&google_gid=CAESEJmuNqUkUqsnesz9wG9dLd0&google_cver=1&google_push=ATf1kGPUlOfFBSs8GOKPtc7mQ8IAZNa9mA4P4mAJWJHMM7YKqXiNOsw0VUv0nMVIjIyRnQ8keam8AsRTnwjVschWO9vcfV1rDwuEOQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 695C
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEIy3Y_9xk-XT4uSx2YoeDsM&google_cver=1&google_push=ATf1kGPfkpUzZhxOLUB4Rr6spsY9x43ziLnDYjJtBTz_ziSCj9jHw3MNFzhCEwUfkFvOl0sKWVv2lNiDg2L_1zeBVrrpaIM...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPfkpUzZhxOLUB4Rr6spsY9x43ziLnDYjJtBTz_ziSCj9jHw3MNFzhCEwUfkFvOl0sKWVv2lNiDg2L_1zeBVrrpaIM7fT7sUw

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPfkpUzZhxOLUB4Rr6spsY9x43ziLnDYjJtBTz_ziSCj9jHw3MNFzhCEwUfkFvOl0sKWVv2lNiDg2L_1zeBVrrpaIM7fT7sUw

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPfkpUzZhxOLUB4Rr6spsY9x43ziLnDYjJtBTz_ziSCj9jHw3MNFzhCEwUfkFvOl0sKWVv2lNiDg2L_1zeBVrrpaIM7fT7sUw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 695C 43 B
362 B 15ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESENRocxPoJtwOgkrqncTYgBk&google_cver=1&google_push=ATf1kGNb6TmYnFzmV2HmAXt6lyUm4Iss-_j3KarKegYgugz3eGbiWIspOReiVQsIIcoVCVMo87oK44aI7NZcbEf96wBHbQK_pgBVfA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 265779
expires: Sun, 21 May 2023 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 695C 43 B
58 B 17ms
15ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEN0wXQOwpu0hvSW0-mxKIlg&google_cver=1&google_push=ATf1kGPAkM1DLgCp3Qy50ZHNExbfgNpxKx-UF9c1YJA4U4Ml7XIRcOlsxDAPGcKxNjLdB8eH1Uu5w8ehJWmwNNK3G-mvTUujd-znRQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=600&slotname=9969362899&adk=4174262319&adf=4198791702&pi=t.ma~as.9969362899&w=160&fwrn=16&format=160x600&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631607316&bpp=1&bdt=288&idt=161&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1257473034480&frm=8&ife=1&pv=1&ga_vid=782985121.1684631607&ga_sid=1684631607&ga_hid=1934057862&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=600&ifk=2015535855&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759837%2C44759926%2C31074689%2C44772268%2C44785292%2C44788441%2C44792089&oid=2&pvsid=3317466819416913&tmod=1173862464&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.gta3myz05xd&fsb=1&dtd=164
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 695C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPhKmmwBbjOR8-Typ05QqJRMrlAtbQmywFZUwCtVhvm_YvHolVsbZe2NZ899iErFG6pB520kdjOOay_Iojr1p3GeFzv6bafog

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2J_9nCuPTrO-xDwvbnaOZA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPhKmmwBbjOR8-Typ05QqJRMrlAtbQmywFZUwCtVhvm_YvHolVsbZe2NZ899iErFG6pB520kdjOOay_Iojr1p3GeFzv6bafog
date: Sun, 21 May 2023 01:13:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 695C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELcAfesAoKDY432PyOzz_b0&google_cver=1&google_push=ATf1kGNiY6PHAKy0A3-bppn-YRbBt1nQDxCdjZ0V4DgKFuZCQElUEg8Uhk0GV1bENG2idro3h6B...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGNiY6PHAKy0A3-bppn-YRbBt1nQDxCdjZ0V4DgKFuZCQElUEg8Uhk0GV1bENG2idro3h6Bq-kzW8kySfjoIlPpTdyaPmFvWcUY

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGNiY6PHAKy0A3-bppn-YRbBt1nQDxCdjZ0V4DgKFuZCQElUEg8Uhk0GV1bENG2idro3h6Bq-kzW8kySfjoIlPpTdyaPmFvWcUY

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhXUTVVSDQtMi1GSDBO&google_push=ATf1kGNiY6PHAKy0A3-bppn-YRbBt1nQDxCdjZ0V4DgKFuZCQElUEg8Uhk0GV1bENG2idro3h6Bq-kzW8kySfjoIlPpTdyaPmFvWcUY
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 695C 0
12 B 17ms
16ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LPMcKkzsuexqLcLQ46KSlWPR5cbiAvkQK7BWoKUDpYTZkIVUFXhx39JMWgXlfeWuTcczhl

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9D40 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8rl6BQ
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame FF99 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6778b1b270c706ef9c0f41acf1b77d3c82ead3fd315677734bb0dce2616aa0b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3DE0 3 KB
4 KB 18ms
17ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2442
x-guploader-uploadid: ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tubrTZMjEzV5xWnPeYPoetm1Fc0ID%2Fub%2Baxh%2BfgWdET2qLzDj8%2BLpMontNDFuqJyOPl7II4a%2BEyVxuQCytYjMx7BmXF4UHdIwK7XMfO5RccOOMhGjuVHJpD3tety9GVfWj%2BTktcmSPP3IjoxYRraI9D8"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7ca8f4fdd89c3828-FRA
expires: Sun, 21 May 2023 01:24:00 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame F1ED 2 KB
1 KB 17ms
17ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 789412
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7ca8f4fdd8b52c00-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 21 May 2023 01:13:27 GMT
expires: Mon, 08 May 2023 00:16:30 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UV%2B1IeyOwvJHZkRrLJ4KEqXoAx1jIhcmEjzGhLVOTbpPPVMwjAx4SMlCFVtGw6%2F3BKg4yEY%2BkMbrjAbYfdIBqujSbGGUqp8z%2FCtaNBNtYki92IdlVhrLvEGGOpZRxtQfXdlEiHM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7D9E 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUFPnaChoYTrM8rU1jpIWRcXwOSsYNl6gzexTSdwKOKrYkaI-BqKK1ALb3Df9JMA9wuHu3XSXpWZ_UcH4ol1ZDxNRWsbQM3LvdF6p7Oiv0CauRRVwSvvmGqmKRBdCfUQpNxlbvRh7SP18STHI3_9PT9dU93fJqJe39bN2Gq8bHbAQSYVi3PMl3fgT4oaT_G_2iX3O2BM09gTl8vH4_Z_Ee6VooopfeUYhK8a65bpgTCthB7OVdpCLWoRmtqZwTXJ7pSt6wItr0Oqqoyf4Hhy06uCTQuyvjzovZIEAOXuz7epzihKF8N6ISvk_b0OX9OYWDN_RHzHfuwwADT90O&sai=AMfl-YS0xuZ9YeOWiLuPTrwH1QThh5ihUQXX9iKwbdEAlXj4W78ILPiVd8owD_kuQfLOzYwPKHN9vBApYc9yQbLgl84GFr3couIYYoIDcgE_-7RUUWzwEnhC6sCdp6u3bA&sig=Cg0ArKJSzKAOQnMb-iMgEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 21 May 2023 01:13:28 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7D9E 15 KB
11 KB 26ms
26ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99cbd149c9b358fd69d916fbf2e6ca478e3105ef035926e0b3c238b593b842fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11288
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 75C4 14 KB
11 KB 25ms
25ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab0c1d1cd5514ecb940c771ef794c7682ff0a2536c42372e474285a57891aa06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11142
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B74F 15 KB
6 KB 42ms
13ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:27 GMT
server: Kestrel
server-processing-duration-in-ticks: 434353
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 3DE0 1 KB
2 KB 30ms
29ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a61d06deb95045feb6214fd46a21c9fdbdd1f56ad3bed461b1c504b8d26619e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0rKNMGGbhn4zr7omBwSw0non41nveWOyWUTEmKjEehlIfqokUV84DWHIE%2FG3IaRUj8ZMG0639LEH1iX35nnKgaNeeY1X%2B8OBvFebaahu5jacgwC7J07jVYOeXpyMqXy2Mu8bqg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7ca8f4fe4c12383e-FRA
x-backend-server: aa-reachservice-group-europe-west1-0pxx
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 24ms
24ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ca8f4fe1bfd383e-FRA
content-length: 24
content-type: text/plain
date: Sun, 21 May 2023 01:13:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ltT9XywO6uQ29AucUZf%2Ban5rRYjXdI5Uyp1BnNpL3%2Bp7%2FY1PFhwi661EAT2fnxmVhvhHPS89tIO6iTw0fvAwymqu4frukozdkvKM810mkKhHkNq%2FSezjInDSbmuC%2BvdspML5Hw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-0pxx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7D9E 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 May 2023 01:13:28 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 75C4 17 KB
6 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 May 2023 01:13:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B32A 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 23:31:16 GMT
expires: Sun, 19 May 2024 23:31:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 32BE 783 B
536 B 18ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9b3a68aaef53deebc385a7c65629dfa931e8008b95297f99097b0787baefbe01

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eL73AMw79Y3qkqI8MUHjdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-eL73AMw79Y3qkqI8MUHjdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:28 GMT
expires: Sun, 21 May 2023 01:13:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

sid Show response
mug.criteo.com/ Frame B74F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=g5bp0HxWVndQOFNKMDVlQUlvUm5OY09lc0srdTBhVnNNamNZalFveUNTcWRndVJRbWRTK3JkUEo0M3g0cXc2ai8reDJOckxlOXlwUFY2Q2pPRVRiQlR1dFVTV1JhREw1aytqKytaTkpTRGV6YlV5SWhZWmpNVmNJdzV6S0...

422 B
667 B

450ms
18ms

Fetch
application/json

178.250.7.13

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=g5bp0HxWVndQOFNKMDVlQUlvUm5OY09lc0srdTBhVnNNamNZalFveUNTcWRndVJRbWRTK3JkUEo0M3g0cXc2ai8reDJOckxlOXlwUFY2Q2pPRVRiQlR1dFVTV1JhREw1aytqKytaTkpTRGV6YlV5SWhZWmpNVmNJdzV6S0tDaW03REZTSStKamxzZ2xDUUpGb3pHVUpjT2FhcU5DbllWK1BNVmxiMFg0NHJqOHJJaG0zMEYrSGtVTTB2cEhQY2ZjSFkxYmp5REUwRGczZ216RFVzZnJpRVRmczAvN2oxR1VRS3dIVkg3VzM2ZkZ3U3ZZbUh2LzdkUFNrVTUvSnVrWGU2N3ZoZldxN0NhVkwvVFlScUw4QjMxVTNyQT09fA&cppv=2

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Server

178.250.7.13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

6c3e9ca541d9079be8b884b18b14a888669f479d30641e3975a663d1b97b49d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1455385
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=g5bp0HxWVndQOFNKMDVlQUlvUm5OY09lc0srdTBhVnNNamNZalFveUNTcWRndVJRbWRTK3JkUEo0M3g0cXc2ai8reDJOckxlOXlwUFY2Q2pPRVRiQlR1dFVTV1JhREw1aytqKytaTkpTRGV6YlV5SWhZWmpNVmNJdzV6S0tDaW03REZTSStKamxzZ2xDUUpGb3pHVUpjT2FhcU5DbllWK1BNVmxiMFg0NHJqOHJJaG0zMEYrSGtVTTB2cEhQY2ZjSFkxYmp5REUwRGczZ216RFVzZnJpRVRmczAvN2oxR1VRS3dIVkg3VzM2ZkZ3U3ZZbUh2LzdkUFNrVTUvSnVrWGU2N3ZoZldxN0NhVkwvVFlScUw4QjMxVTNyQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 381536
content-length: 0
expires: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 4591 12 KB
4 KB 32ms
32ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C183975%2C15579&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=160&d=600&e=&g=aeee86e974299565104f4aa3dcc2e81f%2F14465600517323004686&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631608061&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08e17b5f98d735da1b2e647145a4cb550c0ba372d92765f89274c6715e133465

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1j756tye0cp6psb14ve86chgm07vrz0nest8jdfyex9bbb0qz6xb8zhemmbtgxbp1hpwa30wnf36fk3xcaffm78bq3atk16atwf8xqzbpzr3r9rrs1jrk7w3be5ykymtebrv40qbfter826ywvd5mqeq9xprxsv26jmx1sb7efbcfr48y0tp2rc4yhs3t2tcdbv4m1dqjmmpmxysft50fxdtb929gnba64kbznbwbvchcz8xwcea8smtt2aez8jkwwrk7zy79zmqsvyeeyn5mnd4j1p1p6mcpt8atrzanwhr5m57f0915rs8rky7c7ys5rh2cjbtw8jmjy8t3fjzj3sptjp86262v7v62jqry7syya1v7r3g9yqsma6e0abt9369zn592gk2gdzabwpkyqdwaxre8w05bhva54wvmghvach1vytmmq62wvsdjqhf2dvp5n75xm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%26client%3Dca-pub-6593523210010154%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ca8f4fe791e2c00-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:28 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 088D 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 23:31:16 GMT
expires: Sun, 19 May 2024 23:31:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F8E2 783 B
535 B 17ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8e4011f9c8b353ad7b7413a9988dc58bb249535d1f2e9c71b4318a7e370abb17

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TkaceWaNRB47YTQQcWpaIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-TkaceWaNRB47YTQQcWpaIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 01:13:28 GMT
expires: Sun, 21 May 2023 01:13:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame B32A 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 23:31:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 32BE 0
0 43ms
43ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=3317466819416913&rc=
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame 088D 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 23:31:17 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 4591 103 KB
13 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C15579&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=160&d=600&e=&g=aeee86e974299565104f4aa3dcc2e81f%2F14465600517323004686&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631608061&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C15579&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=160&d=600&e=&g=aeee86e974299565104f4aa3dcc2e81f%2F14465600517323004686&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631608061&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 1071251
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIKHlVzOriNzIgbt3pI0T8DsGmCCGNoHNSgStSfQW8GtnDgaLHfGYofEfE%2FATMTfK6idmdgSqQc1cyL0quYSg89W1pzmxrX0hrYJlcjtocZziyZuvEwgT%2Fhhhfvc5HLKSBEMCGKNf6I%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7ca8f4feb93c2c00-FRA
expires: Sun, 21 May 2023 02:13:28 GMT

GET
H3 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 4591 5 KB
5 KB 25ms
24ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C15579&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=160&d=600&e=&g=aeee86e974299565104f4aa3dcc2e81f%2F14465600517323004686&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631608061&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 878657
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtUOHyPcJ7kFoAq7QpbE248uKgjnfU0%2B3%2BbOrVZ8MBEYw3BJEKjjZrmSEi2LZPZd%2FEtss4I6ecwOeQJhZfqgpjnO4Y9wu3a28XFUJE8ltKVvSaNuVoo4DPu%2FyhbscA0owwWTkUbYJre4ADZI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ca8f4feb93e2c00-FRA
expires: Mon, 22 May 2023 01:13:28 GMT

GET
H3 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 4591 54 KB
55 KB 26ms
25ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C15579&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=160&d=600&e=&g=aeee86e974299565104f4aa3dcc2e81f%2F14465600517323004686&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631608061&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 368320
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55786
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MRyLW%2FJU8n9wKBt9iDn25SQXR4ocvE14FG2RzCC%2Fvw5iA%2B0dtuURGEval7o3dqHVHgBo0MWqqZkWak9RljtzBkwEW5dX9SKbvl16vqMOeSxw6Kb%2BvlQna9n5bjAGZkWtadgcgauN%2BrdQlpp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ca8f4fed9512c00-FRA
expires: Mon, 22 May 2023 01:13:28 GMT

GET
H3 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 4591 127 KB
128 KB 30ms
30ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C15579&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=160&d=600&e=&g=aeee86e974299565104f4aa3dcc2e81f%2F14465600517323004686&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631608061&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2441235
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130162
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpYNtet7oejtQ9r8mu%2FHxXw%2FK3bzMRYnNa2WUvJYqRqWdC9ht550nPhAupBWkmUVmtYIonjw4p0%2Bg3DX%2Bj55Lc82bQ3GjfJKOuFJdSvgXgIxsRkhkFcYx%2FepeuZluC5rOqea46DPT00CfRfV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ca8f4fed9552c00-FRA
expires: Mon, 22 May 2023 01:13:28 GMT

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 4591 637 KB
637 KB 19ms
18ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C15579&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=160&d=600&e=&g=aeee86e974299565104f4aa3dcc2e81f%2F14465600517323004686&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631608061&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 202421
cf-polished: origSize=731561, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 651990
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4w2EPQJ9%2Fje8t8nKpUhqeBwNllahE%2BL8gc4uUHj2NWLqJsOkNFM9V4j%2FCQ1vuqhrLZ9U%2Bs%2BFTxm846%2BEq96pmOlpUZW4yednTkzzhDF8zWcZHYDMgpmm2UtT2I%2FTD6VdYqQIIQk75ozc6Cv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ca8f4fed9572c00-FRA
expires: Mon, 22 May 2023 01:13:28 GMT

GET
H3 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 4591 10 KB
10 KB 25ms
24ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C15579&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=160&d=600&e=&g=aeee86e974299565104f4aa3dcc2e81f%2F14465600517323004686&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631608061&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1675514
cf-polished: qual=85, origFmt=jpeg, origSize=58124
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9782
cf-bgj: imgq:85,h2pri
last-modified: Fri, 08 Jul 2022 10:19:52 GMT
server: cloudflare
etag: "b4342e277c43aad9c5020a04564bfd1e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4RCCOnTjOSNUEfelYZcklCEEO4WlYI8oX%2BRE7Mp73Pw4L%2BnFEvN8m8fsACDetzt51xqk0ZIEne9r0TNzW8iMZZgB%2FJmG8L6GrmW%2FktKP9tUwW9lLFYWNlKuwDRKpbU%2BSPolQTdgxSXvofXB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ca8f4fed9582c00-FRA
expires: Mon, 22 May 2023 01:13:28 GMT

GET
H3 200 60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
assets.ad4m.at/ Frame 4591 62 KB
63 KB 24ms
23ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C15579&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=160&d=600&e=&g=aeee86e974299565104f4aa3dcc2e81f%2F14465600517323004686&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631608061&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3f315f9c2ca9ab147e1c1ab30c5791e09115bc12b4e06cf821796ab12d33db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2110053
cf-polished: qual=85, origFmt=jpeg, origSize=147073
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63400
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Apr 2023 15:04:55 GMT
server: cloudflare
etag: "e44a44957fe69adf713d422ccd04196f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzsdePOX7%2FEhfx7BB83SB1NkhPxHWr9ePZZFCzXA%2BjaZzCCAQYb%2F5MmnkpVb5LqsLDrrs3OULmrr5uDW5iey4SzXaAWW991EfvUytxDQnIM45Lm2M2FnjuYm0LddeQbukjqemmb7YBeltSz%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ca8f4fed95a2c00-FRA
expires: Mon, 22 May 2023 01:13:28 GMT

GET
H/1.1 200
OK 2aed39855b5f46b7d90f959867be60f8
pv.medialead.de/trck/epv/ Frame 4591 0
365 B 155ms
79ms Image
application/javascript 145.239.193.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C15579&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=160&d=600&e=&g=aeee86e974299565104f4aa3dcc2e81f%2F14465600517323004686&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631608061&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 -, , ASN (),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 01:13:28 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 515F0527:E9AC_91EFC182:01BB_64697038_D0174E2:6DD8
X-IPLB-Instance: 40027
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F8E2 0
0 41ms
40ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=2956025681526129&rc=
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 link.html Show response
track.webgains.com/ Frame 4591 2 KB
2 KB 172ms
97ms Script
text/html 18.133.209.175

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j37fwqp406m7jmh4r8hm9x59xm0hr2w6h3bss4sswrs27t1pyznrwy2hck282q7cc684d20xbdvwg7estpmkmqxpghpvwe0gap6206shgv54tspyehzc8egxawsdvmzhcs1dw95sarjcm6wtr3ha835zmmzezbr5gj9kzxcjewepg7f27an1174hszmmrdc41a86mbysv8dtfngsajv90qjc6yxcvwbyj8qyxck8zqz4fk8jjxc0cy3p83r0yj4d2tfc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C15579&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=160&d=600&e=&g=aeee86e974299565104f4aa3dcc2e81f%2F14465600517323004686&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631608061&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.209.175 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: 80eb6ce41e0ff2808a2916fef36755f98083faf85dcdc8b532ff4f39bc7dd480

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
last-modified: Sun, 21 May 2023 01:13:28 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 21 May 2023 01:14:28 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 4591 1 KB
2 KB 140ms
73ms Script
text/html 18.133.209.175

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kbdtt865mn2dpxab86vk0gapm5jqen69bwvdwjv1attketqjpcvs660gbbht0gvgdqa23t26n0bsh7xy8e8ds02aj0s6yj2kqtewevb1pxz0gatht679emq34280g2zwc1200jt727r5jfwn4rzsg146wm1p2a2hpd6m4yykfy977w89gsa41xghxyasf799vcwwdgfa7g5wtqwa0hs3azy79x214nrrw8h6vvsq372cq6ghk654dmkcjwt828jyf5r0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneid9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C15579&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=160&d=600&e=&g=aeee86e974299565104f4aa3dcc2e81f%2F14465600517323004686&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631608061&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.209.175 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: 56b11c48bb2563d1aa37c630c6ef26f4665967b5bd26baab092f400fdbc6810a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
last-modified: Sun, 21 May 2023 01:13:28 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 21 May 2023 01:14:28 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B32A 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7YYFCg
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 088D 0
10 B 9ms
9ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gua1XA
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 4591 85 KB
31 KB 210ms
7ms Script
text/javascript 18.66.147.120

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kbdtt865mn2dpxab86vk0gapm5jqen69bwvdwjv1attketqjpcvs660gbbht0gvgdqa23t26n0bsh7xy8e8ds02aj0s6yj2kqtewevb1pxz0gatht679emq34280g2zwc1200jt727r5jfwn4rzsg146wm1p2a2hpd6m4yykfy977w89gsa41xghxyasf799vcwwdgfa7g5wtqwa0hs3azy79x214nrrw8h6vvsq372cq6ghk654dmkcjwt828jyf5r0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneid9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 04:23:55 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 74973
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: gOvU-ojCs1tJ3DSMa77L5f2UQEui-gj9xEZgjabEbZIMPD7rpVx7cQ==

GET
H2 200 link.html
track.webgains.com/ Frame 4591 48 KB
49 KB 65ms
65ms Image
image/gif 18.133.209.175

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C15579&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=160&d=600&e=&g=aeee86e974299565104f4aa3dcc2e81f%2F14465600517323004686&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631608061&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.209.175 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 01:13:28 GMT
last-modified: Sun, 21 May 2023 01:13:28 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 21 May 2023 01:14:28 GMT

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 4591 15 KB
15 KB 195ms
13ms Image
image/png 99.86.4.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1684631908&Signature=ZUTcoB-HV7WtvIXn7B6dkgVankjhB82DD-3aUHoncIis8JAwCX2WcafdsIFNY6PoL0Oaa4LrZgA~TdrbTYHBTXbcVvwMjQlFC9wu9QLL1OG7QjMIxtheOTJaT0uRCETv9veMXQ6IMTkHBA2Lt0-BwfoAc8gD9EbsLg7U~pP59lEMaLzgM4A99ud6lYdls13L3Aicmls1LrFQljpugC20OV3QXX4ry58RKPUH59NnQRbHKXyPusaOSH-rnvVNapPp9vXyktbJwXSYo1pRsXkKrim9MV~juYlqx0rEtLv5zzR~tW4DDahVwbzJHLvZ7EkclTcz3nGekj7qKc3HSrxcmA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C15579&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=160&d=600&e=&g=aeee86e974299565104f4aa3dcc2e81f%2F14465600517323004686&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631608061&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 20 May 2023 20:19:00 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 17669
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: Lg8Z6Mx26DCZ76FAxFjb5773q-d5A1hEJ5nv0FPEUuqv5Y9yNJ8YzQ==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DD03 0
0 44ms
43ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=3797269709545832&bg=!ExClEETNAAZ8_aWmXP07ADkAdvg8WspSPGVOajedrGqXrjXAATWHPZNBbgr2iD-RRzJ9-kKKDSbCtOPcu0yIp-gyIY3-ffKSIKICAAABulIAAAACaAEHmQMNVTe7sz9jjcBD0c865-MFZR_u9KedZfklOc746Q4KTu_mqXk0MHVCjMiakqbK0_FCp-huf6DXkkiSvN1AfSNTRBzxsY9xXU4GY3wNnnf435INFuJxSQu4rfq8BHxdNneClgTvr0hlKc6dl5BfnzVyP7MEw7XOE-a050ZHoByJ15SvYXaAIOs832soIsxN5TfS_DZynmT5G0jBMzdvcMtdLP6QmeaNO_GaU5nVzqkpCqjz86oTa8lzvAHYx9kTXQxtJptY9A8kSGdYeFMyEshbOOeKoUezaGMdlUQ5NvQ3BQXu8kLox9P29nJ3W9VWyNoR24_qT_T1SNTFTShZUD8gGEXyIjbkgbk0G6B8LtD_3Y0niix28jJ07sdTZIdrVp-YgGrEYSvccdbT22qpooOI1B_m3S4x6IniHMD--cWXhDPB0Dc76yRvuopb1RdMzzTQ6VldW4jz-VUUjZVT_2R3YYQy2z92K-RhhQOXeNWDZ2XP62H55Vkrdf-8xm6D8WZJRUpLLCQYcNJ5d4DDExzUTftCi3yVR_OwX7wRmy5wrj_UMvwIYzdpXj0gUg3sFrd77eWeyjsK11MWBCKNAQXf0hem_kVi7jpIlZtPco6gKNATMfSXbIjol1VpxTDhQYpRggwryD379pnpxwW1drVy5FxujbhMkm2Vpy_fZeHskeh446cme2NX0ry6TVBPKcMa4Ia8oNaZRFgtlExGWvuKGifGo4n3Q_VlVXSLK5Yk7UZgW1pOyl2AqDEQrq53onr_a9eyR6nSf_teDcRP1eHu4iR2ttoJmngWCaQAsb0zlWWdkB-ezKw7gF3rD8Wpu89oF8zAzlOa1v8hQRpIczRhgefWLDfdAk8NS89vWZS0fRentW_AJ89dptCbri2J6ELLKAPg1k31hRY1gjnrZNW5FVXmLA489ivnvqligIEis8BiLJ5QpTs_aPOK8K3Y4s0OxH-mBhDsETP-xT77AVPOzmLxEXPxbr3jcPAtVjXpC4zVOYE_pgTT-wi_Q30860--qFiBk7vzt1zYAhzuxQ
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 71E5 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWudT5x99vJCzNA8vvAWXQiJS-Z3W37KAq3A5tbkTL5wJgyh0PBNUYzreb9Wn89Xwye7uB-2NPd8sp4Jl_vLS5TjCzX92og9wnkpT9jSkUIHpxL6gu&sig=Cg0ArKJSzMho4CTzserEEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=0.53&if=1&vu=1&app=0&itpl=19&adk=3203893797&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684631606947&rpt=624&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9E80 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueEZQE9kUklvq9mhPJvOFCuwt_HOtuyk_r7HzRiuTOpj2VW2Jg7-tRb30_h3AD-QN5HQ-oFHM8AUx3mPCeIkUW_SRquDK47CpW_VN-qbcoCP5R8e2y9vq3dRPg6aRdXaEFLJ8TUg&sai=AMfl-YTljDX5ilb5eerEo4SofSEM6nK3BV1VfGAEF4UWCurMZcHWriBE_QhmsuYQ_gRZMFlrmRhDzTalvRtks7Tz9hxmNPK6LZsgQqzPD_b9buWUFCqDj5Ok5r7pAXQ&sig=Cg0ArKJSzHmTK79lxwXmEAE&cid=CAQSOwBygQiDDNAtuvyhsVZF69OcvA1vyUEHpngcJSiOSdkoKfA86Rs8UCuBiLx8r1qWT8W-_xpeEJVvDRy1GAE&id=lidar2&mcvt=1003&p=0,0,90,976&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684631606990&rpt=514&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF84 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBNqqI3pPgO8zFEMVZPFDKtsW3P6KvujSfvFzTiA7fxirGp6FGnx9HS6hbw10F3cBTbtBoj290eYcG5BfzEraYGTOH3PwVCEmUcIupIu5PrN1r1MzPDVhdqHc-HMJGhLgg5LsX0A&sai=AMfl-YRRGugdGuy21WWOFF0bwjxv4uKbeZ8MEfBdfK-O50UssXEPQcW7cUUm1H3XKKmOw5mCGv1e0eQCWlKdYFzLNIfjpgSDyiBtMcdn-AKIBoFbm1ru9t_oF918XRA&sig=Cg0ArKJSzBOrjg2PamqTEAE&cid=CAQSOwBygQiDT5l-KU0zWDBO56iGOe0eIbOSBxVhqYgMJQYaXUdEmphGaEJ7W6VEffTU5Q18MO0yOybS8Ja0GAE&id=lidar2&mcvt=1000&p=0,0,250,996&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3050045420&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684631607004&rpt=582&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame 75C4 0
209 B 50ms
49ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1684631605674&userId=vnet342eace4-dea7-4cff-ab23-5dd40df209ff
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 21 May 2023 01:13:28 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7D9E 0
0 44ms
44ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=3317466819416913&bg=!zM-lz5vNAAZ8_aWmXP07ADkAdvg8WkZ-VdZSgSbSCKqswVL_vIdEtph6wTh05GrTB1x4D9m5G1r76tpsqrrODAyA4Vxgca__UoACAAAAmVIAAAADaAEHmQMI77NKsjUmSbpGoqLwiYjfGZIG6LBzTg3ADFD5cmLTB3C4rc6NsWwLJmocYiwV1DoSznph9jxJKprc7yXL8hlSbLWz2PCaTCd3bPWRrBJDxClh4WnY_KEmG9k3Vn4UK12DyqKjNsAwKWd6qbhDVUvoHW7xvCpYs24J3MIDbRVv5teUujljE4hkYH4k6ueLeUDnMcVNqI9dEa8q34pZ3iS1tIGPCXvLQcwlCpk-yrzzDcRw5D-CUs8cewmRjnGhmKtbuLRzKvLQbphifS7-qxIErtVNeNxZ-CsRmw5WaVmIqYTm2w63jkCdZRzB3dn_GX49-Z2HX0Vavw9NkRzLMkyPl0b67qGP5VyjwUleVUgo_Yl_xJuL_EYDrGDZD113jmmDerDKOeyIETAEtTuMcSXDITaDG_Eu7IGlmyckQ0_gYRX2kZ5Hcvicj8qzD33EIs68i2_Ho2XHGI41E8R9QQpOUeIugvDonf3phAFyAAZbUZTDl6FzKP-gWhBMxYK9-CQOHWhi9uf2kPfqmXV5a2slBLzIV8Prl5jNLfkjvmZw6YT8uE1L4kHcdXroWZupitR9D7FLe6kGbJE8MiuxDH66DBkvbaC-NugUKzxet4ExXkRX7eWt3v4wvs-o0H0Im9DYOFSDc83Ybkwy0SeT61ExEsQWRDq3lXZPbaFQ1y36WLkjrUwOU6nKkUYqhNC7MibI_KfgaxBcKdATvdmZPMrfTSDwcCMOcw42Z1YsJz-XkaDDYdqKE6GvkS0DeRUoU04m-_Ow01VygWdzHH2xesUHFASopZV5ecAzNQNJl9XVZ-5dpSRHiWjPDpXVkgp1p0njO98mVplcvRL1LtDqEJT1VFw-BpohZDUi4hChUXXJDraLbSaYDsnQiJJoJ-mJjPSWeO0quRPZJf_gu4ePvenqcjOg59b0w7IcA0fkKVW7jEHVolu3lYpupmQMBM9J5LWSTzRJjldL6cNo5BeB6CfjZCy6W9FOwVNg2aDjEopOLOZsAEI_1jmgrg1Cbmz_BWmUxU2I-yy7z5I
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 75C4 0
0 46ms
46ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=2956025681526129&bg=!MDOlM2fNAAZ8_aWmXP07ADkAdvg8WlQPjys58XXaLlcyNOu_9UWtECVEglpd7xrThFHNGe9Folpn171UuvNYYYXAk8mVoK4q4AECAAAAeVIAAAADaAEHmQLXZiUVc03rr42S69N9w0JzHv4teUVAQjWyJqZdFnfnjynkgBWDXNDKkc2_5ELfteiPIHY2DVUa3N9XM33VCiR-4zsVtdTyaahO6x2jGqSEl96UE7OmuuTWAabw1jidPA1dmF_ju2qmVsR3_UOlROz1P3S5TwM0tpV6Qf3fV6n_nMNVmc3TN546Mk4i0sTEAC_kbSmwmlH122hlI5Q36rmjRwi7Geat32AF9oHrRG_55qWO1kwdrozZI0_Utrm1T0QKshEZCF2iiyVjD9d9JSP_44il392CoUvp8XpqajPxeQz7ivzntgqvh9tnfC-cgDCGEdu-sGehnf_W1l0viLprDzY7jnnzubXp92fHMlJcDmNrsn5noaxMcthfi8ZuXrJXIoRY10XXr6H583sk9sQ5H6D3I1r607gA30bjWdL1Uw90omU2qZ-ts2J285MnIAVJ7NzaeTm1sTRyMrqsXchPMfIZfmVK2GKqpEYlY64zMBXwkBxpgFwYcSHCP4pmk7QvJlmqmGdQxW6lo8jMXF0_V5TrG7pD59u2_YCwooJQLIzpwDWM41Uzci0amQ-sIpFfoGF2UL4uPloiNtHm8P85Wu6Z8Pq4zEjcXcySaBu1HWN_5CnADru7v9f_EiBvioKixztI2sTlfuVvnWucl-1lLmAZunNgJi7PYzuij-46lic9Yi9DQaTweLJzJUeWwGDnFpVyV5cc05vCKaKnSaFCbd2zGp1aLlMo4frjFtoXhwo8Y6HHgzSSkFFoLqPlYWuB93MAFYikmrkqUNJm7QelI-nXvE-i8wh_73dGyFnmFgNA6YLCsKPIbaWMcw0vXT1eQcelXBVk3UmWKgYew3wfvkYo9Ha6vW2G0RCATefCKiQHriZfuoVJYSOFAZhN2KkE8X_1ffmnvD2y4pE6wT-g5-w4TUWmlIA-2RJbSAJuv6UyfLIIPDuf6rLTdUOuo7p_WrfzGrHpxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FF99 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCcbnUYG7lvRWwJm61G50Tg9iTPjggjoHpGvh9lv5XZqpr38Yu38PZ4a_T_-PalVI_RlpRsIBJB6rKp0q0Pq991Q97&sig=Cg0ArKJSzLRyFJhgrlXGEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4174262319&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684631607481&rpt=452&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5ed7638be4b07a92411bbffe
ng.virgul.com/tck/i_vb2/ Frame 75C4 0
209 B 50ms
49ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed7638be4b07a92411bbffe?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1684631609016&userId=vnet342eace4-dea7-4cff-ab23-5dd40df209ff
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 21 May 2023 01:13:29 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame 75C4 0
209 B 50ms
50ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1684631609016&userId=vnet342eace4-dea7-4cff-ab23-5dd40df209ff
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 21 May 2023 01:13:29 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame 75C4 0
209 B 50ms
50ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1684631609016&userId=vnet342eace4-dea7-4cff-ab23-5dd40df209ff
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 21 May 2023 01:13:29 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame 75C4 0
209 B 51ms
50ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1684631609016&userId=vnet342eace4-dea7-4cff-ab23-5dd40df209ff
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sun, 21 May 2023 01:13:29 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7D9E 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_jI7fTg732HFcJq-zafyZyYPGmOwEJAXMoI89JfqZ4AXCyb6_X6riV9FdIgTILax9gPqpffQhJqdEpsqlvT-07bV1ifJ8mjFR_pmpr0CaHXoLBkTd&sig=Cg0ArKJSzPT8BOG31rSAEAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3299242717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684631606967&rpt=1035&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 71E5 35 B
588 B 22ms
21ms Ping
image/gif 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=uHmWS5dVP57nMaB8tvIeQr7ZJPZXwA-AlUhBpApNdx_g8897D9yh7NZQhXXAhkGgJIZT12_hE3vop2K0EI1GHAHCDQogUpRShFdonQLBoI7q7mT6D8Np8sCD2kRc-hQVX5fzlYtb_i9arL3zcuahWercQux0vqOzb0m00KEWk1Ybm0R5QfDKcw2&unload=3769834614760582053@@60438826,6687626749137861291,53|1223|0|0|0|0|0|0|0||61|1|||0||1|0|0|ZCWmrFWhZr9Wgnf2ewtpCf9D8k8umtNhPh5_ifeyYnFNb8AEPValrQKEbC-4guyTGk-HNGyCNOQE8nMWNlgECgBGGw07hXiNe-vptcEb_y2_wvJHHQt5UiVRAq7Vw7zWvw4i_WttgK2pbCC05Whtw2jiQ7KgGLBu0|Vpo3eOn6plUWcRYtgUbgFGQocRIG4T3Oa9II09ddfgcH-srQ7tT7Gtol5kSYxyp8a-WKcMFZWlaAymR4EJ3N3Yr2z4_CDPhST1aIorM99so_3iWFRoBp3cieCZy4aFIl3Jss8jl8gIklQvtAF33WP8DIhTbPwKUa5lYccHBC1RtnfaIJJ1vxOe9r5mjjYXtGebwH7-C6fvUjdRX9vQhYBpKnIACB__HK0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/Serving/Event/ Frame 71E5 35 B
588 B 23ms
22ms Ping
image/gif 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=60438826&event=178&time=2&baid=56822120&name=Viewable%20impressions&imprid=6687626749137861291&icid=3769834614760582053&eData=xUJ1cIyMyrWL03V5U52V955j17GP6-_L4fn4X_ACi5jV8tHyPerwa5kS4P0sSjfgYYSBSzcdazsgfQuHuRVUBSTvO_Fq2i9m26ckpI0NsIDLlpjcLiz6_frno00ayFLFM4MKdgy2W0uLFJAi114H6aEGVTbYVMiyeUxKvW1wz881&adxvars=Vpo3eOn6plUWcRYtgUbgFGQocRIG4T3Oa9II09ddfgcH-srQ7tT7Gtol5kSYxyp8a-WKcMFZWlaAymR4EJ3N3Yr2z4_CDPhST1aIorM99so_3iWFRoBp3cieCZy4aFIl3Jss8jl8gIklQvtAF33WP8DIhTbPwKUa5lYccHBC1RtnfaIJJ1vxOe9r5mjjYXtGebwH7-C6fvUjdRX9vQhYBpKnIACB__HK0&rtbdata=BY3hJnpXYg-_Y-5Z4zZWA59rV_p-asGI0L8Aoc-hmgBzkC1mTUpsCf9ISBkBAhNI9OlUxH-lgdrbJSm570sYAg2ZXli_taOsgzvyKIVxjRyEV2idAsGgjnJ4sHWh8QiARyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3tlwFkQqFw_-GgPi485A4WZAVKO74ELEhvag7eQU4_cLzV95U4YFfPwq1bMWmgi9vpFqVqMcV-N1tDi0uEszGOI4a6cfKZ21uPuVj4K9C0gIp7SDrVOpsB_KEtFRp07vfNnyCfbK0xoHZPSVCRcBPzE1&rtbwp=73cPhWAY7Q0PRDNw8LeHRazboUFQG3yp0&rnd=881188298

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 71E5 35 B
588 B 22ms
22ms Ping
image/gif 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=3769834614760582053@@60438826,6687626749137861291,53|1223|0|0|0|0|0|0|0||61|1|||0||1|0|0|ZCWmrFWhZr9Wgnf2ewtpCf9D8k8umtNhPh5_ifeyYnFNb8AEPValrQKEbC-4guyTGk-HNGyCNOQE8nMWNlgECgBGGw07hXiNe-vptcEb_y2_wvJHHQt5UiVRAq7Vw7zWvw4i_WttgK2pbCC05Whtw2jiQ7KgGLBu0|Vpo3eOn6plUWcRYtgUbgFGQocRIG4T3Oa9II09ddfgcH-srQ7tT7Gtol5kSYxyp8a-WKcMFZWlaAymR4EJ3N3Yr2z4_CDPhST1aIorM99so_3iWFRoBp3cieCZy4aFIl3Jss8jl8gIklQvtAF33WP8DIhTbPwKUa5lYccHBC1RtnfaIJJ1vxOe9r5mjjYXtGebwH7-C6fvUjdRX9vQhYBpKnIACB__HK0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST tracking-event
api.webgains.io/ Frame 4591 0
0

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 81ms
18ms Preflight 13.42.73.96

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.73.96 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 21 May 2023 01:13:29 GMT
server: nginx

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 74ms
19ms Preflight 13.42.73.96

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.73.96 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 21 May 2023 01:13:29 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 4591 16 B
232 B 55ms
54ms Fetch
application/json 13.42.73.96

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.42.73.96 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 May 2023 01:13:29 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 71E5 35 B
485 B 22ms
21ms Ping
image/gif 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1684631609450

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 May 2023 01:13:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=1500&ts=1684631606055&src=pbjs

Domain: api.webgains.io
URL: https://api.webgains.io/tracking-event

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubiconproject.com/	1970-01-20 20:42:47	Name: khaos Value: LHWQ5UH4-2-FH0N
.rubiconproject.com/	1970-01-20 20:42:47	Name: audit Value: 1\|hLZGFuTafB3IvCDT5Hy7rV4C1LCtWBX9mfsNIvv6Qtrn/4TLQE0M/3yZgUlgbM6KDqDbQAwtYdFN+011ZXQEx2pNjxJ85LHdsqlSNZOaaDQ=
.doubleclick.net/	1970-01-20 21:18:47	Name: IDE Value: AHWqTUk_H-qHdKMImmEGLeM4QCRrNbKEo6K-UBev7fG3rSjabpUuyMQ1aJ0H_V5ABU8
.quantserve.com/	1970-01-20 14:06:47	Name: d Value: EDQBCQGFKYEA
.quantserve.com/	1970-01-20 21:27:26	Name: mc Value: 64697036-cc50a-c8bc5-2099e
.w55c.net/	1970-01-20 21:28:52	Name: wfivefivec Value: PnJxNtXg1Q0xDw5
.w55c.net/	1970-01-20 12:40:23	Name: matchgoogle Value: 5
.pubmatic.com/	1970-01-20 11:58:38	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 20:42:47	Name: KADUSERCOOKIE Value: D89FFD9C-2B8F-4EB3-BEC4-3C2F6E768E64
.de17a.com/	1970-01-20 20:35:35	Name: guid Value: 1.5987221459581546119
.adform.net/	1970-01-20 12:41:50	Name: C Value: 1
.awin1.com/	1970-01-20 12:01:30	Name: awpv11354 Value: 412871\|1684631607\|b0cb64a0-f774-11ed-89a2-223974343f8d
.awin1.com/	1970-01-20 12:00:04	Name: awpv20044 Value: 412871\|1684631607\|b0cc7610-f774-11ed-bcf6-22336c0ce064
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
www.conrad.de/	1970-01-20 12:01:30	Name: HTLP_timestamp Value: 1684631607428
www.conrad.de/	1970-01-20 12:01:30	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 11:57:13	Name: __cf_bm Value: Te5hj1IMj6XQpIr2IjcRN9p5IYKDLspwlHeTq82A.LQ-1684631607-0-ATztp/WDb8fw1QQuYbSQanIoN6Pxsuu6JrmXapHmw0UwTS11FNM5OEMM9Qgy+pJMMbbHZYFKcnM8If5sSLyFqL4=
.adform.net/	1970-01-20 13:23:35	Name: uid Value: 3769834614760582053
.adform.net/	1970-01-20 12:07:16	Name: TPC Value: 1684631607431
.yahoo.com/	1970-01-20 20:43:09	Name: A3 Value: d=AQABBDdwaWQCEH34sJAhTI2sQzy8Y-jh1zYFEgEBAQHBamRzZOAKyiMA_eMAAA&S=AQAAAgpPdbm7rWl6b6NBolu1mMU
.analytics.yahoo.com/	1970-01-20 20:42:47	Name: IDSYNC Value: 18yx~2brd
.o2online.de/	1970-01-20 12:07:16	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4NDYzMTYwN3ZsZWExZGUyMDIzMDUyMTAzMTMyNzg1MTE4NTYzNTI3WDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWQxUVl0YmZLZnFCUnU5SGRIOXRBdDIycmgyU0tUR0c4U3g3WFFvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2Nzk
.o2online.de/	1970-01-20 12:07:16	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 12:07:16	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023052103132785118563527X117679V1226132702MSviewoneid1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4NDYzMTYwN3ZsZWExZGUyMDIzMDUyMTAzMTMyNzg1MTE4NTYzNTI3WDExNzY3OVYxMjI2MTMyNzAyT
.criteo.com/	1970-01-20 21:18:47	Name: uid Value: f334a538-50d5-44f9-8c04-70e302856f1e
.lijit.com/	1970-01-20 20:42:47	Name: ljt_reader Value: GrhJLGZHDHNrznemSD-t1CU-

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript	error	URL: https://ye-mek.net/(Line 39) Message: Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684631605755&bpp=3&bdt=677&idt=85&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&nras=1&correlator=7848161654836&frm=24&ife=1&pv=2&ga_vid=1606866872.1684631605&ga_sid=1684631606&ga_hid=106614699&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759842%2C44759875%2C44788441%2C44789779&oid=2&pvsid=2956025681526129&tmod=1553968372&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.6mno76lntkpe&fsb=1&dtd=100 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://hb.emxdgt.com/?t=1500&ts=1684631606055&src=pbjs Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://s7.addthis.com/js/300/addthis_widget.js#pubid=ra-51c60ec002340f16 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://as.ad4m.at/ad/dr?ed=1jn4qqvcsy9s0n4fk49ccqn8vj7abys0rj6ab4vphfrwxc61q4ymjfy2ssp6p98sq5qqaz5hf88mx7r4cm332yz7nv8txvdsvva519egcesx0qn0akx0dq2psdhesta8bpyrh9ycr9rdqnpmy24vmzyxqc90d0sqq99as9gwbzxae8yt4yh680ess9fmdhhs2y7v1y23yqwvswjp7kr9qznt7cgtfzxmgneamdzcfb1fee62k0d074nn94wfm3240m4snkmsahxc3pxctwekkykyxvb7bbtj5729rrhyteesy0n1r5dfy0qdy449nekhjxxgva7h4s37xm7012jaztgkfnqxdzj2777ad3ffnt55m6t1zkt4h96gy9k75fcm16tqer9byjk12md73re5q8fbjrrkk04vgw5f9nxrrhwew6k1nhkyjgmprecyjqm3n3114vpd&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%26client%3Dca-pub-6593523210010154%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=117569%2C19456%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C1QYtbfKfqBRu9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2Cw7DHdfjf9AGtEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=24c8ee5bcd6e167fc93c53ec63e0f030%2F7046258601773954066&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631606978&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvb47mgathztq2dc2bqzxs55zp9kjgxdn2r4avby48m7767y9yx2mevpvdpcyk4am0rpy6y0h064njscx9y1cpyhtb8dpj5jhtyecrr63gg6v2snad5edx9nk6xag3zw566g9r8gebz1617ba8sg4mh04pfhs0svxgf0kahb6v8q9w6af1bewxyzscgjybmd126ayq1z3zwp4awqx6g57d71ns0dfs7w7c5cq85bvmr6gybn8y42rbhxkkkb1gyggg7nj07k3wyzx704mmzb37y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgZlUNnBpZNLdJdKHrATNirvoDpDhgYRctqjCivACwI23ARABIABglfr1gZQHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTVAU_Q24II57OGSeaFmX7zqBCBYd04G2x92jPIjnP4gmUtP60FcO3LI35UizPNCWKvyJXrbEnMXOpE1sXydh22TmjjUvu9-oJLM7RhQXgoxnIqmuOdaFgZ-coDtNKCv3ZTkx0DsvVHX1QCHXYjxdvIdXfFIykdlE_cnPypxWJOxV0KUWc-GXuG7om0HFMMRTNbdcGz082FtciliIWymc14UuHUAokmXeXmygleYin6eCOwhA3TD8OzsOz9x8Vsa0ByEvS08u_uhHzhaS4wa7hOfAa_Dv-Z04AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_11WicxZke5JhHicNkd7NB-_AiaTw%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1j756tye0cp6psb14ve86chgm07vrz0nest8jdfyex9bbb0qz6xb8zhemmbtgxbp1hpwa30wnf36fk3xcaffm78bq3atk16atwf8xqzbpzr3r9rrs1jrk7w3be5ykymtebrv40qbfter826ywvd5mqeq9xprxsv26jmx1sb7efbcfr48y0tp2rc4yhs3t2tcdbv4m1dqjmmpmxysft50fxdtb929gnba64kbznbwbvchcz8xwcea8smtt2aez8jkwwrk7zy79zmqsvyeeyn5mnd4j1p1p6mcpt8atrzanwhr5m57f0915rs8rky7c7ys5rh2cjbtw8jmjy8t3fjzj3sptjp86262v7v62jqry7syya1v7r3g9yqsma6e0abt9369zn592gk2gdzabwpkyqdwaxre8w05bhva54wvmghvach1vytmmq62wvsdjqhf2dvp5n75xm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%26client%3Dca-pub-6593523210010154%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C183975%2C15579&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=160&d=600&e=&g=aeee86e974299565104f4aa3dcc2e81f%2F14465600517323004686&i=71725%2C20597%2C26474&j=21%2C21%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684631608061&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jq55h4hxnxsmppjrpq10twvh8vrrrnjb00z96gdhznksvp9r4g9h2xsxe2q979434eh1vvdr3db0m0xwez2wzfjk6bavekngaqnp5w4d1tbpddsr4j2re2km54zqzd60w3j8bqcgh2znj74c2qsq8jxpepcy6vsmjef4a61937a32pn8vc9tf15zbjpw814jkjmfx9tmc67s9h5h8ky99jwbwxgjba244v1cj56ce91pvsz6547cvc171863cxem7x5n3bamtktbjg9x9qegtjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCpGgXN3BpZLLeH8z6ywWioYCIA5DhgYRctqjCivACwI23ARABIABglaqUgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpApJs-AuzILI-qAMBqgTWAU_QUtjtl1NevbR576NTViSd5sFAJ2KnWrkWhdXzsvCwZVYPZyu-82QG0L3wHYZtOBY6fiKXxKkHs4MPuwngM50l-4P5O_CQS0S_KDyxJzeTooChdd4_Eg0bCjMJiGvjDV_86G328_ZR5vZDsLenROvMZoxpBUG4hVee_KcIBfGE4zOKXs7nLB5KRQlYmvqN_9sDxxcPN87imfWcdQSeQcXdg-z3mcbwthoPU5LPejf0XJWYiOmUeWqGgYJRjG42lWF2tHalPTHvYVoI_BztJGLtWTQ4cLiABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2gG-KxSO0K_QRHfJswWLDOmcj6mQ%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6843b39a621b9b985d2d97b40088be11.safeframe.googlesyndication.com
a.teads.tv
aax.amazon-adsystem.com
ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
bidder.criteo.com
c.amazon-adsystem.com
c1.imgiz.com
cdn.jsdelivr.net
cdn.track.production.webgains.team
cdn.ye-mek.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cpm.programattik.com
d5p.de17a.com
dis.criteo.com
fastlane.rubiconproject.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
mp.4dex.io
mts0.google.com
mug.criteo.com
ng.virgul.com
ng2.virgul.com
pagead2.googlesyndication.com
partner.o2online.de
pcloak.blob.core.windows.net
pghub.io
pixel.rubiconproject.com
pm.w55c.net
prebid-server.rubiconproject.com
prebid.adnxs.com
prod-rtb.ad4mat.net
pv.medialead.de
rtb.openx.net
s1.adform.net
s7.addthis.com
script.4dex.io
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.criteo.net
static.virgul.com
tpc.googlesyndication.com
track.adform.net
track.webgains.com
ups.analytics.yahoo.com
www.awin1.com
www.cloakan.co
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
ye-mek.net
api.webgains.io
hb.emxdgt.com
s7.addthis.com
104.102.45.165
108.138.9.235
13.224.192.181
13.42.73.96
142.250.181.230
142.250.185.66
145.239.193.130
151.139.128.10
167.233.13.224
178.250.1.9
178.250.7.13
18.133.209.175
18.66.147.120
185.64.189.112
185.64.190.78
185.7.176.221
185.7.176.223
185.89.208.11
185.89.210.212
20.60.220.36
2001:4860:4802:38::178
213.155.156.182
2600:1901:0:76b9::
2602:803:c004:200::140
2606:4700:20::681a:9a9
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700::6812:372
2606:4700::6812:7f05
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2002
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::a
2a02:6ea0:c700::11
2a03:2880:f083:100:face:b00c:0:3
2a04:4e42:600::485
3.120.46.248
3.71.149.231
3.76.67.2
34.102.243.38
35.227.252.103
35.241.45.217
37.157.5.132
37.157.6.236
63.251.14.60
69.173.144.165
77.245.159.14
84.200.5.215
85.111.6.48
94.138.206.83
95.101.149.35
99.86.4.94
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
012507b5fdca4f3fdb6456805c89554a13e2c513579043c692a1d2fb247c62d6
0176a1a529fe1debdef0c37f3c662558f8c1331b21a23a42e2daf4b2d2d1f921
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
032d6b62e0c227635ed9778096b422f7e09c9686c3ca267c092b4dec728e3c8e
03a7244941bb58669efea0cc9e27fec4613e3757942783a2d8989856f0d59886
06117894b914359714aca44cb7df9e37e5fc3d01fb7a9b78b0cd4d99f34dae2d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c585d06e09e4eabb2f6c30698667352dd8a4249cf708486fe96409f531a4de
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
089371c2d0c637c172d5af2ba670a229c49df18790fa29a8c9a3d4af7796f2c7
08e17b5f98d735da1b2e647145a4cb550c0ba372d92765f89274c6715e133465
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e8b304a6f3d932fe712deefc8694196052a1f4137f67a8eb74c03d1af52b7da
10a53c815898ee13fa3584ffc789a348963965f77264875937a1e7941538c572
10dbe202434a8aa56bc0ead91fc284567b4224da97caaa046ab5164e1784c81f
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
14817d6a5f18f51a3e30cef055c442d64c626ed8e0f5d82ae4d8547b5d9de384
15038bb771dec1b8d7124121fbe5ae6654c3b6d48dc7ead8cc6295a3930d00d0
1722a72ddc413a493d56a297350e68b7f376ac4352a2744356aa30c47f1aab39
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
22b461732a145ca5f79987abc86b719e27a7672f37d263867a23bfb1b99d20d7
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437
275ba215efbc5194cfcc9edb7c977145adac73394965ce26dc46fca2a5504f4f
2778ec2d15bdda51710a28cb9620ced1a057d0443dc6f6fbafdabcd072ae9453
28623cf365b435c10919912be0f9f28be4ff7695cc04a9741472e73942602243
2a61d06deb95045feb6214fd46a21c9fdbdd1f56ad3bed461b1c504b8d26619e
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2bf8b00455ab9e961e6f7eec43decf2d7428ce6a5166b7e9a66b07aa4737c567
2c73a4fd0fd7485832d724635a0f83d873e3ad95fdcd2dfa9479f3839f9252d1
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2d657a7640012b6b1ac16d888062a2d7c29dfcbb04167cf99e67f2dbfecb7651
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
30fa114ebf33b9b401df7941f9bdc0610402a285010f1efd602201bba10edb95
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
350d847d9ddc3df8ff830adcc2a867fa1cd7f8abed7bb63dce564af67c70df49
3aadd556481555830157191cf0cf905f6fd863732b6ebab18cace98b411ff2d5
3bc501087c297a6f3d740843828eabab1f7f9de9787718f2ec63952faedbec0e
3ddbdaa529ef1a352c2940b0ef1d03adb64c3abd41e9b0c7ba586aadb8e04eb4
3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
3f7683f5253de7aedb52c7b7e9b34882c0ad806eb246d773a4b38cd994a9fc53
3fbcc045c1dc30eaf97fb51fe3240ab033239cfc8ec4422f3a557ba10fbdb4e5
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5fc69fc6f95a5c190c4022e1b82eda2a392bcfb0b4d3b91b89e3d38965d7b4
51849e49392c60728111494c15716b684bb111de17eef186b753d76c9cd20335
533d8ffc4c1408daebf6f167d5edecb89e85a63b896fee8bf9e952e054c4b6c2
551f7cc8da5934f99d3dc9a14238f4aa6f661540634664ca6f3ac7f7d29e41a7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b11c48bb2563d1aa37c630c6ef26f4665967b5bd26baab092f400fdbc6810a
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
58712a4f1909f78e6b3cb7b01dfbb8e2952037880985e4fc91ccf08d37a7bd84
59c6dfd49e7a076fc3232a038849e1b1fd128ac60e3f2a84a2da80b5cc427b2e
5a70edb812a423980a2a2e09aaa405e756562f9ae8be2bec35cdf85ff47d66c1
5c43ed02f9d0a2a773e7f13c481df34f9de77c425c368f5cb3398d7e67152e68
5c94dbc62949d4f1b130766f2640fbe13aecba7a93a753d0a62d0d80feb3cefb
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5edbd7e44da663fe3154846ac383a1516e681e69cd5fe15fa24331914a73904e
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ef244a7f7b27ce2c69ff28e1bb69f7bac2e6be7fe6dbbbcb82feeb11db7d84
636d06e79301d085b33ecd6961e4ed4dea2ba53f88bcd76e518b67dcc351a96d
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
68f8702c1d3fb44f6df07969952f51be1ce1a0be2dbf71c1831f0ccca70085d9
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6aa4aec3bf9cf0b1c0b6ac8db92c9c0126c3642e0ceb730601a0d2db7083cac3
6c2730ef2f8b327ae1aa59e0a1d2e9e389cc59010504fb56290b0710b93c5513
6c3e9ca541d9079be8b884b18b14a888669f479d30641e3975a663d1b97b49d3
6cefe33668bc82464835fb72b855bb4f5e1ab56b82e38ac53f8abf18afc93d9f
6d008456b54f647fa8c3ccf31d17f12a19b9cb78522442ff236392bccacd93b7
6f8304a3a7ea909164b0417964b4606212b067c54ef963badf21bd8a0c30db40
7392436c7d3b5ce39737bcf9d48db40f388ba85ddf03ae496b5cb4df29a03f28
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
77851be5afb51840c7809b09bcaf75d2220513c2d5a3ac5fb66b173cd3032c34
7cb6faffffa513846dd5bd141fe16779c15082515289a027c827d53128bf07bf
7db39f0b9931b338e9cd0eabeef7fd618ace0e5bc5990061ce13a0a2ed8e8a0a
7e6cadcc4078e0fbfc92f8e3decea2d269e88f56bf6a17795744c4c92f8f4f59
7fe20f94f7911d9fd80246050a5b0a6ba9b39f40021c07890c315431bacce19a
80eb6ce41e0ff2808a2916fef36755f98083faf85dcdc8b532ff4f39bc7dd480
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ba7fc956ef08c239767c08f97ac71a3c520cdec45b08fbcf6c9f51b0bcb7f4
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
8696856d40a33bb1143b9f31c9d507fccab76523f0f3e431bf6e03997017950e
8e2b2033aae5f2ebbc9b92291c3cdfa7a084429d21d85b382e39dfbd875b5f55
8e4011f9c8b353ad7b7413a9988dc58bb249535d1f2e9c71b4318a7e370abb17
8ed86e2b928c1b3c7035f47e16f70e3e71131b34c86b59e783a0559fcc8de4b6
912560ec4542cc28538186bb2c683aaf4374e7046602e08f4b31b31b65af512b
91a34f8cc1c743146f2e9f6363f45d6b6ce14a4d1661031b29307562d328461d
9411bf1dfb95ffcbe5a024e82847314c238e6bad89e17576f3b4247f45dc65ad
960410ec7bbd13747fb88b8189ed7a31e91e302f4f01fdc8426c36804069c237
97e7a3a0969c4d0b5bf90e5c4e7e488e82a182cda5a1e3d60093528b947b70d3
99cb03a6c5017ee44a4d9e8a1490d00e233016218a95c29ee548a8f9ba659754
99cbd149c9b358fd69d916fbf2e6ca478e3105ef035926e0b3c238b593b842fd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b3a68aaef53deebc385a7c65629dfa931e8008b95297f99097b0787baefbe01
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9d3e1f63cb9af3441911ffa72bf09eddacabf139270f046400954486fd1b4170
9d3f315f9c2ca9ab147e1c1ab30c5791e09115bc12b4e06cf821796ab12d33db
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
a0847b5e0373e2fd011803f2dc04baa326f849fe2b2684b4e89cb11122cb5b17
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a0c11a8a2ab6d690d760fa20b53c03ea59a06825be78f8374a094ce9a9101a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52ab1285c2fe36abb1ab3f6f299d736e7b41a382b41eb27a99614179579ac41
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
a8f7c822ad63a849206f187b5b4d812340f1b9a6b276d4b65d5510d7eea52657
a922254e89c4606e02b4490153175d02cb137c4799e0dc602a28216816980817
a9e0c3f2f8aa72179351f0b5edcde6cfcf708285785c4a358331e05da8bff5a3
ab0c1d1cd5514ecb940c771ef794c7682ff0a2536c42372e474285a57891aa06
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
ae684e653cf5edc8bec110ff0669b6daa58f690d550735f98954697799f963da
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
afc54b639e8a146f5abf77ea08e90afcbf4cf85546138ad591fb5fa3a985f485
b0a9edd9406b9e846d2613b16def49dca3d2307816622cb274acc4d0d2314245
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b41988678ce1fe15dbcf8e360e15e7ff6fda4a68a09c16e4dfb9071055722097
b50ffd6561ea35566998d330555e5df43a5d0846cd846909883a47b72b696081
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6778b1b270c706ef9c0f41acf1b77d3c82ead3fd315677734bb0dce2616aa0b
b6f3d2d3a07f89fc97ad747856637fd7d2347625848fcc361c3b500808a7374a
b9e6152eae010599803ae5f12dc1df3620259dd27248f3652a53140a4347a057
bd9b3105907a46f1a808c0fc4b8223e88064cbb5a3606ad642b34b8168388566
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
beac5d62c98fc8d644d4ddd94f7dc05e123f88dfee113dd35a65ba36ac228d43
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670
c7ab21d4cf57bd335f2032ce8e35ded899c69a9ce58b8ce3d1e93d72215a3ea3
c81d381a19a31fdbab018060f48649337198f96c444086f63ac21b5760107019
c8be41dcd90e9ada14698b4def48648a88968582eb8ecd8fceaa1c1efd68623f
c909c28a92bf7b48807218b7eb333d2e6700bd123064a9625b63e36764ae3d91
c910d13254908dbf2521da5a86363ed5328adc0decc7608c2135f7514518bd18
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c99efd6eb48d2d82d6851a147cd70e041f2ee9d579d251e04f545ced342639b6
ca52a0eec13c48696bf05cbe5e76a0b67c73967c1f8825cfe4b733e24a775580
ce0da5330728f20b8d550536ffbc9aaebece54338daeacce50a2d30f932b3de0
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d1fea1a1c2a23246ad78092cfc1629792fc1927112100bf71486c7dc0e7f9058
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
d8253c356b5991345fbdcb261d98bfad3a4a45e5211b8569a9fe6899704cc4bb
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
da26ab5b1ed87aea678637efb3c6c9cfaba6b998c146e228a98da50e215f3d51
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
e029375b626e30c975d68a8c546e46cca0be3381d9c25f52b61a538bb474999a
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e183dfed35d6921278c39359a5d34fbb9dfaaf4f990ec6d210a7217a95e897db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e6b29fc904565d0e71927a5493cedcdb9892145b009e58c6fa65d2049e7e9385
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7c7aa635136ed3cb4898a5a229deea718f771f2ddadada14b37bc05fbde5419
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea8f240546897acbfea3e09edecabc3ae63892d59dd7ae5416ec1813f8278a53
eb20f1c11a784518e218b27495f577f8316eef934d8c5e34e1beb983e78df4b5
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fd9336a91d1ef218b018c3c93ea83d93befb8b130e7f00a9155a145b17c04851
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

353 Requests

89 %HTTPS

46 %IPv6

47 Domains

76 Subdomains

63 IPs

7 Countries

5381 kBTransfer

10996 kBSize

26 Cookies

0 Outgoing links

Redirected requests

353 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

353
Requests

89 %
HTTPS

46 %
IPv6

47
Domains

76
Subdomains

63
IPs

7
Countries

5381 kB
Transfer

10996 kB
Size

26
Cookies

353 HTTP transactions
16 data transactions