urlscan.io logo urlscan.io
SecurityTrails logo

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36  Public Scan

Go To Rescan Add Verdict Report
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Submission: On July 03 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 47 IPs in 11 countries across 50 domains to perform 413 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.
This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 20.60.220.36 8075 (MICROSOFT...)
2 77.245.159.14 42868 (NIOBEBILI...)
2 94.138.206.83 49126 (AS49126)
1 2a00:1450:400... 15169 (GOOGLE)
40 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.139.128.10 20446 (STACKPATH...)
1 23.206.208.114 16625 (AKAMAI-AS)
19 185.7.176.221 42910 (PREMIERDC...)
2 2a03:2880:f08... 32934 (FACEBOOK)
13 2a00:1450:400... 15169 (GOOGLE)
80 2a00:1450:400... 15169 (GOOGLE)
3 18.66.23.147 16509 (AMAZON-02)
14 2a00:1450:400... 15169 (GOOGLE)
1 108.138.9.235 16509 (AMAZON-02)
1 35.241.45.217 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 185.7.176.222 42910 (PREMIERDC...)
1 34.102.243.38 396982 (GOOGLE-CL...)
57 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 3.122.44.22 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
1 154.58.197.185 174 (COGENT-174)
7 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
10 50 172.217.18.2 15169 (GOOGLE)
2 4 185.80.39.216 27381 (CASALE-MEDIA)
2 3 37.252.172.123 29990 (ASN-APPNEX)
2 35.244.159.8 15169 (GOOGLE)
2 104.75.89.75 16625 (AKAMAI-AS)
3 4 185.94.180.125 35220 (SPOTX-AMS)
4 3.75.62.37 16509 (AMAZON-02)
2 185.86.139.104 201081 (SMARTADSE...)
57 2a00:1450:400... 15169 (GOOGLE)
2 4 2001:678:cb4:... 56396 (AMOBEE)
2 2 151.101.2.49 54113 (FASTLY)
3 35.71.131.137 16509 (AMAZON-02)
3 3 35.186.193.173 15169 (GOOGLE)
2 2 198.47.127.19 3257 (GTT-BACKB...)
2 2 2600:9000:205... 16509 (AMAZON-02)
2 2 18.196.134.2 16509 (AMAZON-02)
3 3 185.29.134.248 30419 (MEDIAMATH...)
4 4 35.190.0.66 15169 (GOOGLE)
3 3 37.157.4.25 198622 (ADFORM)
10 142.250.181.226 15169 (GOOGLE)
1 213.202.235.8 24961 (MYLOC-AS ...)
1 1 69.173.144.165 26667 (RUBICONPR...)
2 2 52.17.64.122 16509 (AMAZON-02)
1 1 20.127.253.7 ()
1 162.19.138.118 ()
2 3 51.89.9.251 16276 (OVH)
2 2 35.204.74.118 396982 (GOOGLE-CL...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
4 4 213.155.156.167 1299 (TWELVE99 ...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
3 3 46.228.174.117 56396 (AMOBEE)
1 1 37.252.171.53 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 141.101.90.98 ()
413 47
4    20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pcloak.blob.core.windows.net
2    77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com
www.cloakan.co
2    94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)
ye-mek.net
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
40    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.ye-mek.net
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
images.dmca.com
1    23.206.208.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com
s7.addthis.com
19    185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
static.virgul.com
ng.virgul.com
ng2.virgul.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
13    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
80    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    18.66.23.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-147.vie50.r.cloudfront.net
c.amazon-adsystem.com
14    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
7    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
c1.imgiz.com
1    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
feed.pghub.io
57    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    3.122.44.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-44-22.eu-central-1.compute.amazonaws.com
i.w55c.net
pm.w55c.net
1    2600:9000:2251:8e00:3:4706:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cti.w55c.net
1    2600:9000:2491:6000:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)
ads.w55c.net
1    154.58.197.185 (Indonesia)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com
t.hspvst.com
7    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
50    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
cm.g.doubleclick.net
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
sync.teads.tv
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
4    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
57    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    2600:9000:2057:5a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    18.196.134.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-134-2.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
3    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
10    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
1    213.202.235.8 (Grenzach-Wyhlen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    52.17.64.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-64-122.eu-west-1.compute.amazonaws.com
match.360yield.com
1    20.127.253.7 (None, )

ASN- ()
sync.inmobi.com
1    162.19.138.118 (None, )

ASN- ()
id5-sync.com
3    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    2a05:d018:d29:3601:45e6:a1a0:b341:7958 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    213.155.156.167 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    141.101.90.98 (None, )

ASN- ()
portal.o2online.de
Apex Domain
Subdomains		 Transfer
144 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
1 MB
87 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346
455 KB
57 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 325
2 MB
42 ye-mek.net
ye-mek.net
cdn.ye-mek.net
621 KB
19 virgul.com
static.virgul.com — Cisco Umbrella Rank: 81866
ng.virgul.com — Cisco Umbrella Rank: 65490
ng2.virgul.com — Cisco Umbrella Rank: 74231
231 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 113
www.google.com — Cisco Umbrella Rank: 10
2 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
392 KB
6 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 391
126 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 338
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481
883 B
5 w55c.net
i.w55c.net — Cisco Umbrella Rank: 2590
cti.w55c.net — Cisco Umbrella Rank: 4192
ads.w55c.net — Cisco Umbrella Rank: 12943
pm.w55c.net — Cisco Umbrella Rank: 1044
35 KB
4 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5037
1 KB
4 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8041
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1067
r.turn.com — Cisco Umbrella Rank: 3947
2 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 794
2 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
secure.adnxs.com — Cisco Umbrella Rank: 469
4 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635
3 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 353
aax.amazon-adsystem.com — Cisco Umbrella Rank: 438
62 KB
4 windows.net
pcloak.blob.core.windows.net
3 KB
3 o2online.de
portal.o2online.de
2 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 857
827 B
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 633
2 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 577
2 KB
3 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 44074
1 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 383
793 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 613
2 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1777
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 981
1 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2409
812 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 359
1 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 822
885 B
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 812
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 796
898 B
2 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 623
227 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1425
326 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 496
418 B
2 imgiz.com
c1.imgiz.com — Cisco Umbrella Rank: 136022
131 KB
2 pghub.io
pghub.io — Cisco Umbrella Rank: 2090
feed.pghub.io — Cisco Umbrella Rank: 2360
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
89 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 13228
6 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 433
imasdk.googleapis.com — Cisco Umbrella Rank: 500
212 KB
2 cloakan.co
www.cloakan.co
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 274
23 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
574 B
1 id5-sync.com
id5-sync.com
1 KB
1 inmobi.com
sync.inmobi.com
712 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 374
461 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11731
1 KB
1 hspvst.com
t.hspvst.com — Cisco Umbrella Rank: 188023
922 B
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2484
361 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
82 KB
413 50
Domain Requested by
80 pagead2.googlesyndication.com static.virgul.com
pagead2.googlesyndication.com
2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
www.googletagservices.com
57 s0.2mdn.net pcloak.blob.core.windows.net
s0.2mdn.net
ye-mek.net
57 tpc.googlesyndication.com 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
ye-mek.net
googleads.g.doubleclick.net
pcloak.blob.core.windows.net
cdn.ampproject.org
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
50 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
ye-mek.net
2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
40 cdn.ye-mek.net ye-mek.net
cdn.ye-mek.net
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
13 securepubads.g.doubleclick.net static.virgul.com
securepubads.g.doubleclick.net
2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
pcloak.blob.core.windows.net
ye-mek.net
www.googletagservices.com
10 googleads4.g.doubleclick.net pcloak.blob.core.windows.net
8 ng.virgul.com static.virgul.com
ye-mek.net
7 www.google.com 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
7 www.googletagservices.com 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
7 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 static.virgul.com ye-mek.net
static.virgul.com
pcloak.blob.core.windows.net
6 cdn.ampproject.org securepubads.g.doubleclick.net
4 d5p.de17a.com 4 redirects
4 ads.travelaudience.com 4 redirects
4 ng2.virgul.com ye-mek.net
4 ups.analytics.yahoo.com googleads.g.doubleclick.net
2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 pcloak.blob.core.windows.net pcloak.blob.core.windows.net
3 portal.o2online.de ye-mek.net
s0.2mdn.net
3 onetag-sys.com 2 redirects 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
3 c1.adform.net 3 redirects
3 sync.mathtag.com 3 redirects
3 gcm.ctnsnet.com 3 redirects
3 match.adsrvr.org 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 c.amazon-adsystem.com static.virgul.com
c.amazon-adsystem.com
2 sync.1rx.io 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 um.simpli.fi 2 redirects
2 pm.w55c.net 2 redirects
2 match.360yield.com 2 redirects
2 x.bidswitch.net 2 redirects
2 s.ad.smaato.net 2 redirects
2 image6.pubmatic.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 r.turn.com ye-mek.net
2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 c1.imgiz.com static.virgul.com
c1.imgiz.com
2 adservice.google.com pagead2.googlesyndication.com
2 connect.facebook.net ye-mek.net
connect.facebook.net
2 images.dmca.com ye-mek.net
2 ye-mek.net www.cloakan.co
ye-mek.net
2 www.cloakan.co pcloak.blob.core.windows.net
1 cdnjs.cloudflare.com s0.2mdn.net
1 secure.adnxs.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 id5-sync.com ye-mek.net
1 sync.inmobi.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 m.exactag.com 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
1 t.hspvst.com 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
1 ads.w55c.net 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
1 cti.w55c.net 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
1 i.w55c.net pcloak.blob.core.windows.net
1 imasdk.googleapis.com c1.imgiz.com
1 feed.pghub.io pghub.io
1 pghub.io static.virgul.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 s7.addthis.com ye-mek.net
1 www.googletagmanager.com ye-mek.net
1 ajax.googleapis.com ye-mek.net
413 68

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2023-03-22 -
2024-03-22		 a year crt.sh
cpanel.cloakan.co
R3		 2023-07-03 -
2023-10-01		 3 months crt.sh
www.ye-mek.net
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-29 -
2023-07-07		 7 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
1099124734.rsc.cdn77.org
R3		 2023-06-13 -
2023-09-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
images.dmca.com
R3		 2023-05-13 -
2023-08-11		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
*.virgul.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-24 -
2023-09-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-04-12 -
2023-07-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.imgiz.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-27 -
2023-09-09		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.w55c.net
Amazon RSA 2048 M02		 2023-05-30 -
2024-06-27		 a year crt.sh
*.hspvst.com
Gandi Standard SSL CA 2		 2022-12-12 -
2023-12-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2023-04-03 -
2024-05-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
portal.o2online.de
E1		 2023-05-25 -
2023-08-23		 3 months crt.sh

This page contains 45 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Frame ID: 3349AA81172FE99A2976EFC49C89E065
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: CD6E99476E6738F63DB6D67EE2195E7B
Requests: 90 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 684F22F89223EADA2CC7AA489EC7C31B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html
Frame ID: 81C25A79719A059D9CDCB5841C1B95B1
Requests: 1 HTTP requests in this frame

Frame: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 59D8C94E309B24354D14813096DC8733
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539213&bpp=3&bdt=819&idt=194&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&nras=1&correlator=8598079543048&frm=24&ife=1&pv=2&ga_vid=1992585356.1688426539&ga_sid=1688426539&ga_hid=328638593&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759842%2C44759927%2C31075664%2C44788441%2C44789815&oid=2&pvsid=3042722088988478&tmod=1036388161&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.pzefjkqbpz2v&fsb=1&dtd=207
Frame ID: 8C74CA1C1CECDC7A390133C614DC139F
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: AECA5D6D33FA0F046D3B13A8208EEB10
Requests: 1 HTTP requests in this frame

Frame: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C62D42A9AF740D16611ED967259F653D
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539825&bpp=11&bdt=107&idt=103&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&nras=1&correlator=4741162245852&frm=8&ife=1&pv=2&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.r1bi5j2w20jt&fsb=1&dtd=120
Frame ID: 044B302F41D06BC1C55370C2A8BED2E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Frame ID: 48DCE6E1AB9706154C9DC3D93C2EB0AC
Requests: 19 HTTP requests in this frame

Frame: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 31A4420EEBB56D572CC2176422C227B5
Requests: 12 HTTP requests in this frame

Frame: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: BD0E78B585F16180FE7CD1239E162332
Requests: 21 HTTP requests in this frame

Frame: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4E3E7BD980B4C4E3CF0B40C574344A16
Requests: 20 HTTP requests in this frame

Frame: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 629F6DA24BE0874E75CEC0FEFF3F2787
Requests: 20 HTTP requests in this frame

Frame: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4F5C2D75A8396F8244F0E2FB7EBEA992
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Frame ID: A8CCF00F3BAFA7B78F76273CC8046D5D
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYn4Lo4gEwAQ&v=APEucNWan0RM4Eq6JZWLjxuYcW7WseVnZkZmgwWPBGy2U6KD_sPPJ4jNdbbNemurX4JtB3QokkblZg_GlxDU25bDjN2tuFYRMrAeYkfVmR5QQWIT9PqcoAqIOgubq0qYoK3sGzwhgn71vPRJ1ZUwl7V7uHgC-ARg_x8YAhjjNRn4Yh-eAJK9XQg
Frame ID: 7217005DD427521F7C1E9382D2E50FEE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjNmbXcATAB&v=APEucNUz9Ch3iEOhHwGjc4YxYyK5JK9Zh2bshki5s-dCo4dd8zIyWMS4pMFsT4E8mJ0FY0CdhLzTlkEksyDqKMo_T1-IsrhqDWnK3czhJU0wcxqYzwq6tNXcKN3DM74Av0e2y3JRIys2I-bEIBEa8-SOvVUcdG0mrjEt2SbrOxpygDxTA7bwV_I
Frame ID: E5D936A8A478C045D0C8281DE333EF64
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIY8ICq0gEwAQ&v=APEucNXW4A5v6gJxb_SsD3WkSLqCPhrCm190oQhO_d8CTvdLQgCNmOjnskH7KuKeQZw4JhKLxLUsb3LmGq9EoLOfaqsTbUvMWMQo56gbfnVwwDkCfbojEyCEXM5jnxCZHfXELpfRulH2qi2jxlZ2W0n3SKlfO6LsDSip7KUr7359V7d2QdotHDw
Frame ID: 34CE2DA47695EDA0FCBA1F2E48556801
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjfobXcATAB&v=APEucNVMF4cCy1HDk7A63KoQenGxUDuSiuW9rCeTf2FImhrNQhopt4bEGf2JQsLIT_O55UCBxzqGTyS-zbNVg5x_EO6N3DT2JjLhwHy8B0ufoQNhI-8wYHZBDFz2T072X5Uk4e0WHtGx_Cv1vmrliiGu6tNVJW1oBloJyun9WOx-g-GjY2t9jss
Frame ID: 7F4A191B51DE3B9A3410D6BEBF1A9D11
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DFB2ED6F1A0481CB782A1305C912240C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjfobXcATAB&v=APEucNWXSB-lU8wScrrPv2XdYSiSSxeqk2fGx1rzxxgPiNjYRffPVD9TgtDkF7pKvyWXQ4PAa3ZmonkGhuaR3RL8MfhJkEhE0gVfpCtz0Uw6czbTtR9ksfmYRgyKw7g4hBUbmNBWMzhsciaeQdjuwQMDYwHydGeRhcnqf9CvVrkNB7XLrZQEJT8
Frame ID: CE67C032B8830FA5B89A226E7932E06C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 57770209B3C35F99D042AFF3774037D3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E087451BC9F925559E6C19C71D4A0947
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AACF4D60BE2E725B3286398A55E1E09D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C8EEF8769BF3FD54516C2FB7CAC5E0E9
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
Frame ID: 6BA368ECFC87DB0CFCD4ADF4B04FF347
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=3xgDCnQV4x&t=1&renderingType=2&ev=01_250
Frame ID: 87E201EBC04BDA2F5D4C9AA79946D98B
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D1730FDACA4D125AE8A85FAA429EB96D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 82ECD7ED452B0AB218F6BC493A1EA199
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=FsfqMD376i&t=1&renderingType=2&ev=01_250
Frame ID: 1F234F1FC1B59811934634585A6F282D
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B9BE71D93CD7EF386F55EF53D7F2D707
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pFym5rkm9m&t=1&renderingType=2&ev=01_250
Frame ID: 545D446FEB544C246EB89755DE57E57F
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A13934E6429F07B7E8018D8AB4E08045
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D8E2CEF2A3BF0BC4A62F4FEE742D2568
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
Frame ID: 3D99456BADB316FEFAD57397203895F5
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 89D355A35F53F5416CF2A65096A7F1B6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Frame ID: 9E043EB8F76DA7D5DB2BD350107FF916
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Frame ID: F5BDB83345B209E07ABA29559FF03164
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Frame ID: D35F14417244E6ADE0F4429DA14D4EBD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9BA01501C4CB991FD49B2420BF3A105C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 47D26658CF5840BAEE7E6510F6B66795
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Frame ID: E9F73E88B7F11950BEF5A2C2ECFABEF0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E197FDE50FE852724081A2A40208CD45
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5773B3A3232E63BA19BB2769417CA4A0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

413
Requests

89 %
HTTPS

33 %
IPv6

50
Domains

68
Subdomains

47
IPs

11
Countries

5113 kB
Transfer

11637 kB
Size

44
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELID55FQnsf3AszzhkCsIDI&google_cver=1
Request Chain 174
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKNYLN97C.qw.aIYLVJ3QAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELID55FQnsf3AszzhkCsIDI&google_cver=1&google_hm=2
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELT8Qq32vYzCEF3mgmCugnU&google_cver=1
Request Chain 176
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2ODc3ODk2NzUxMjI4Mzk5OA%3D%3D
Request Chain 177
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECP5tnLgBqOC97Z9cKObQtY&google_cver=1
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEHuZPzkDXn7Lmo-2_KjaXwU&google_cver=1
Request Chain 181
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEAv5vgKCLxJhMW6cSs8Aig&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEAv5vgKCLxJhMW6cSs8Aig&google_cver=1&__user_check__=1&sync_id=7535c2ec-19f8-11ee-9229-199d37980406
Request Chain 182
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=752cabfb-19f8-11ee-a520-1a3cf9d10506 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzUyY2FiN2QtMTlmOC0xMWVlLWE1MjAtMWEzY2Y5ZDEwNTA2
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEELHa0cvC_m7VNk8P6yXDes&google_cver=1
Request Chain 228
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENu9yUii6sDwpS9aLQL4cLI&google_cver=1&google_push=AaAOQGG8AV4N2IsqnYI957BMsJagDBW5ejDv2CYpNe4Yze8kU708sZDA-eP2UnPG_JHP8gJLSmiZuRwOAXGeVVcKUU0qRRvTgFKK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzY4Mjk2MDU1MjQ4NzU2OTc2NA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC9F1MYdx8AefsE85k6cWtk&google_cver=1
Request Chain 229
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDXW-2JuZpkB_UidULHdRa0&google_cver=1&google_push=AaAOQGE_V_gBJwWlUyHzgrnqBYua9T180E-AOTagfsbG-w3zE03LhrjurHywOi-z0pTaCWnkVaf-D9Q69zESjh0winhZ0Ngwj-ahfA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDXW-2JuZpkB_UidULHdRa0&google_push=AaAOQGE_V_gBJwWlUyHzgrnqBYua9T180E-AOTagfsbG-w3zE03LhrjurHywOi-z0pTaCWnkVaf-D9Q69zESjh0winhZ0Ngwj-ahfA
Request Chain 231
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJhMZBL7PonRjVsCJr6dokA&google_cver=1&google_push=AaAOQGFvP9J9pDAS-GNyaMuwXb7rjzdy62MaOMN2wMQ5kPcvpdjUyyAL1Fvp1QEldPwl6JXFn760etCuz01rY831Y0j1YsGFaxQC-g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGFvP9J9pDAS-GNyaMuwXb7rjzdy62MaOMN2wMQ5kPcvpdjUyyAL1Fvp1QEldPwl6JXFn760etCuz01rY831Y0j1YsGFaxQC-g&google_hm=XtO9OExkTW-imgt69WrKRoU
Request Chain 232
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDB0_d0LOjOZDxatp2-ZSo8&google_cver=1&google_push=AaAOQGGq_cDdwhF8R2haRJgGDORqpOhU3vzK8mzkZRfnJY3U8P6cqhWOWaClR4_4_HPv5T2HrV2Xq1NRdGRzvo9KEzI3fSDIvUjy HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDB0_d0LOjOZDxatp2-ZSo8&google_cver=1&google_push=AaAOQGGq_cDdwhF8R2haRJgGDORqpOhU3vzK8mzkZRfnJY3U8P6cqhWOWaClR4_4_HPv5T2HrV2Xq1NRdGRzvo9KEzI3fSDIvUjy&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=--_q9P9NTsiwU1AjgFCSvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGGq_cDdwhF8R2haRJgGDORqpOhU3vzK8mzkZRfnJY3U8P6cqhWOWaClR4_4_HPv5T2HrV2Xq1NRdGRzvo9KEzI3fSDIvUjy
Request Chain 233
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIJHSaxfn39X4IGv4nc048s&google_cver=1&google_push=AaAOQGGtpMdHIJDbp1e7CEBGNOkIWPR2uzY3MQUqpQll78q0C4nhBOVuNzw1nD5TyOupuNBAtm00Qr5sPz-ZFTOdS5trrddlTOnsVA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGtpMdHIJDbp1e7CEBGNOkIWPR2uzY3MQUqpQll78q0C4nhBOVuNzw1nD5TyOupuNBAtm00Qr5sPz-ZFTOdS5trrddlTOnsVA
Request Chain 234
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKjgMMYakouABs9WzybaEfc&google_cver=1&google_push=AaAOQGEhR2PdJcJ9BEtqbXOylTF0w-wapBCZoDGiVdwT5YtPg_tTMKy7j802aqh6SnPk_5m6vjG9W0WELAFJG0I2XZ_b3C0Dh5l5VEI HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKjgMMYakouABs9WzybaEfc&google_cver=1&google_push=AaAOQGEhR2PdJcJ9BEtqbXOylTF0w-wapBCZoDGiVdwT5YtPg_tTMKy7j802aqh6SnPk_5m6vjG9W0WELAFJG0I2XZ_b3C0Dh5l5VEI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=1c746da5-88ee-4eac-8a85-6a58fa6f46e5&%%GOOGLE_PUSH_PAIR%%
Request Chain 250
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ0iiHSqS880bX8-CTG7ct8&google_cver=1&google_push=AaAOQGGipo4Zkh_T8XaK7KXdh8kJfNJjjwx_vJToIRJKwVEuirVJbJt5pkX4ANkOfLBVaWFCr7O3PyGkWtAnOWUbj2XNBYOu0pK3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzYxMDkwMjk1ODQ0OTY0MTgyOA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC9F1MYdx8AefsE85k6cWtk&google_cver=1
Request Chain 251
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBkCBhct1CVrcm4IqvqaIp4&google_cver=1&google_push=AaAOQGG8T2QfCD04OCLQ4cpgARsZwP43bJppqwckJFdmTGdyWnJkMQj0r5xUFn5P5PfibGj2IByUu9pKBCjpclYKFp7J8R-Q5jdb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGG8T2QfCD04OCLQ4cpgARsZwP43bJppqwckJFdmTGdyWnJkMQj0r5xUFn5P5PfibGj2IByUu9pKBCjpclYKFp7J8R-Q5jdb
Request Chain 252
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAgaMCCNYre0XPGBj36dGkU&google_cver=1&google_push=AaAOQGHfRsTxGqMh10UjLpDtOB-XeNmFXlUgfsH6d1jxASBjO08x_gnM6hwaNxRVM0fS7cfjPlq4Jusd0r4zJGXw9w3-x0_GsNGV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAgaMCCNYre0XPGBj36dGkU&google_push=AaAOQGHfRsTxGqMh10UjLpDtOB-XeNmFXlUgfsH6d1jxASBjO08x_gnM6hwaNxRVM0fS7cfjPlq4Jusd0r4zJGXw9w3-x0_GsNGV
Request Chain 254
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESENIO_rqlBi5gcdALsIb7_wk&google_cver=1&google_push=AaAOQGEa0Cqmksa7RZhFKEzTCI8wIE1Hi8lb7xH0fKYlzv5qdM86tc8D3GXHJHshSbJYEjyFlYVpjM9r3TN773vbogc7p65A_uCU HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5KVAgs5XQ62wcyq0qHRZQw2&google_push=AaAOQGEa0Cqmksa7RZhFKEzTCI8wIE1Hi8lb7xH0fKYlzv5qdM86tc8D3GXHJHshSbJYEjyFlYVpjM9r3TN773vbogc7p65A_uCU
Request Chain 255
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENAb4CE_Zl6HV5ecRDTZmRc&google_cver=1&google_push=AaAOQGFMCEVM74I-uwEj7sl398hYnKFY-u8WyuGArilOD_Eqqju_E6GtbGgX4oNHmVgeC2NihCmRGbKNmkT5T8WHkJqjVU4OJsGb HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENAb4CE_Zl6HV5ecRDTZmRc&google_cver=1&google_push=AaAOQGFMCEVM74I-uwEj7sl398hYnKFY-u8WyuGArilOD_Eqqju_E6GtbGgX4oNHmVgeC2NihCmRGbKNmkT5T8WHkJqjVU4OJsGb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ3MTk3MDk3NjI3MDc4MDc0NA&google_push=AaAOQGFMCEVM74I-uwEj7sl398hYnKFY-u8WyuGArilOD_Eqqju_E6GtbGgX4oNHmVgeC2NihCmRGbKNmkT5T8WHkJqjVU4OJsGb
Request Chain 263
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGU-geYIOyLd9oPnxUoKKlY&google_cver=1&google_push=AaAOQGGFWvHGKBiAzjcE5b_xDMpmhCF2PX9BrA2ZbTZMJ0MAYG1H7EC-8pYsHmxobOuQevz1p3iGvwpmAyDLnnWGS40LpZafRIS0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGFWvHGKBiAzjcE5b_xDMpmhCF2PX9BrA2ZbTZMJ0MAYG1H7EC-8pYsHmxobOuQevz1p3iGvwpmAyDLnnWGS40LpZafRIS0
Request Chain 264
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAYSf9gWcsJPVs-eTQZ7hSo&google_cver=1&google_push=AaAOQGGe9HZ8788fr5uRyt2imjy0yG6wf9HxAU2fPLHwoXfAsnhw9tEjaBO5D_zFiyHM3EAjZW1yBAxseBgAc6siQq4iRrrTdmU8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpOSEtHUzUtMVQtOUU3TQ==&google_push=AaAOQGGe9HZ8788fr5uRyt2imjy0yG6wf9HxAU2fPLHwoXfAsnhw9tEjaBO5D_zFiyHM3EAjZW1yBAxseBgAc6siQq4iRrrTdmU8
Request Chain 265
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPVr3JmkJySalrleo8JeWzU&google_cver=1&google_push=AaAOQGGTDHjwJQba3fdRr55l9EqhioVUT5LFVWF5zHcY3VEadTxhUkf1XbRw5UPaq_QNhZX0Cwvx21JIDHhIQMyh-Iu8G_KFVsRs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGTDHjwJQba3fdRr55l9EqhioVUT5LFVWF5zHcY3VEadTxhUkf1XbRw5UPaq_QNhZX0Cwvx21JIDHhIQMyh-Iu8G_KFVsRs
Request Chain 266
  • https://match.360yield.com/match/ebda?google_gid=CAESEOKv2PwRqXD_He5pxsLu_rI&google_cver=1&google_push=AaAOQGE1G8hKgAfuyyWcuZ5VS14GniUafD3PHh_mUh6PAm-YEOMfPT1SoNy-k66sUwG4Ovp-3vkYAa6CinXunQ2y92R-8_oTauu4ag HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOKv2PwRqXD_He5pxsLu_rI&google_cver=1&google_push=AaAOQGE1G8hKgAfuyyWcuZ5VS14GniUafD3PHh_mUh6PAm-YEOMfPT1SoNy-k66sUwG4Ovp-3vkYAa6CinXunQ2y92R-8_oTauu4ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vWBZDYNATn-r8EFIE3JtuA&google_push=AaAOQGE1G8hKgAfuyyWcuZ5VS14GniUafD3PHh_mUh6PAm-YEOMfPT1SoNy-k66sUwG4Ovp-3vkYAa6CinXunQ2y92R-8_oTauu4ag
Request Chain 268
  • https://sync.inmobi.com/gob?google_gid=CAESEMsRNpIsHStskKCYN9ftJ-0&google_cver=1&google_push=AaAOQGEW8yRUr3S6wU7cGd_95zTeoG8IoruNDNdpGNGn-MauVJxzqS7jYmCczuYxZM9vDVCl_WNNtLbxdLOFUNLf1v6gte-HJJabmcA HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEW8yRUr3S6wU7cGd_95zTeoG8IoruNDNdpGNGn-MauVJxzqS7jYmCczuYxZM9vDVCl_WNNtLbxdLOFUNLf1v6gte-HJJabmcA
Request Chain 269
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMIdqRGFBIVlafkHJYGLSFQ&google_cver=1&google_push=AaAOQGHYdPEbFozyqvIqr0r9kSu7fTYMvOxcEoTU70cL5NC_oMgSyRUZqEqcbtapE_U_u7v37U9XYNe2_ZVZfM5az7Uj61-5C4tRU4o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHYdPEbFozyqvIqr0r9kSu7fTYMvOxcEoTU70cL5NC_oMgSyRUZqEqcbtapE_U_u7v37U9XYNe2_ZVZfM5az7Uj61-5C4tRU4o HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 277
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEE6XLy-lKdzmBfkbfVS3c1U&google_cver=1&google_push=AaAOQGHmdlw43IW47RWMIEB5ikoAjT5c5lCDSHquAai3XYddSzENg94d07jD09VhuV20NFJFeUbMhHq2ALkzgLsxweOzafA-YXNO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QkNYdkRUZDQxUWdzUzg1&google_gid=CAESEE6XLy-lKdzmBfkbfVS3c1U&google_cver=1&google_push=AaAOQGHmdlw43IW47RWMIEB5ikoAjT5c5lCDSHquAai3XYddSzENg94d07jD09VhuV20NFJFeUbMhHq2ALkzgLsxweOzafA-YXNO
Request Chain 278
  • https://um.simpli.fi/gp_match?google_gid=CAESEPatRxSblVeW2gKxLPThNfs&google_cver=1&google_push=AaAOQGE7UnAoO8cujprwBI5LMMLpagbgPiEuWOVcEXUoy23MB7klE4IIFSMsFE_I4TEmuNGPvh7dbmX_AnpVxPKYD__2LlYp0tg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2F819472275C45F09D77A7EC9BC83F1C&google_push=AaAOQGE7UnAoO8cujprwBI5LMMLpagbgPiEuWOVcEXUoy23MB7klE4IIFSMsFE_I4TEmuNGPvh7dbmX_AnpVxPKYD__2LlYp0tg
Request Chain 280
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEM7QMNjqXDdS_AxZJfZVUYE&google_cver=1&google_push=AaAOQGH_5MYYdjGYyUC6Fmd4xtzR8o4OGWY7g0x93LCh-MAI914U7Y7FCJMY8yAT99qAb2J5ACiBlBRNU7fFm3U76yo9cvVYHqAR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGH_5MYYdjGYyUC6Fmd4xtzR8o4OGWY7g0x93LCh-MAI914U7Y7FCJMY8yAT99qAb2J5ACiBlBRNU7fFm3U76yo9cvVYHqAR&google_hm=XtO9OExkTW-imgt69WrKRoU
Request Chain 281
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEA60vMJxgo3wR7U_1AvQ71I&google_cver=1&google_push=AaAOQGHo5ZcuSlKn3uyCa3N7_bwUdP1ASPccjru1OhR0vZYTM8tVlQU4UjN5YjQWJjS4I6py9323J5DQTkd-x8ttNde0RwO1bh2a HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MJb-k1vhQwWPbFYJFBw0-Q2&google_push=AaAOQGHo5ZcuSlKn3uyCa3N7_bwUdP1ASPccjru1OhR0vZYTM8tVlQU4UjN5YjQWJjS4I6py9323J5DQTkd-x8ttNde0RwO1bh2a
Request Chain 282
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGpkmVtExCMWJVzrW23rCb0&google_cver=1&google_push=AaAOQGFv3ouUI_c8DRHQlv8f2BzRyxJwu2sW-xA600l9lqYYsnH_kRqdRCm3dXeInZ8Q9jZ3UtPoxF8L3XRfByB4A_o7IdT3CNIG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFv3ouUI_c8DRHQlv8f2BzRyxJwu2sW-xA600l9lqYYsnH_kRqdRCm3dXeInZ8Q9jZ3UtPoxF8L3XRfByB4A_o7IdT3CNIG&google_hm=eS1MX1U3QXBwRTJwR1Mxakx4QzAudE9MSy5aLkVLRGlQTH5B
Request Chain 283
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEE2rhLYmTFJ1KpPAx-AmcPM&google_cver=1&google_push=AaAOQGHTC1A5yfPeVpYVqJOohrBZXGsr2-nUGB8UvoP3MmL-eYNrQQH0_XqA1_txXsHAywD2nDmSXBFs31zBXafrUqhD6thzl7M HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEE2rhLYmTFJ1KpPAx-AmcPM&google_cver=1&google_push=AaAOQGHTC1A5yfPeVpYVqJOohrBZXGsr2-nUGB8UvoP3MmL-eYNrQQH0_XqA1_txXsHAywD2nDmSXBFs31zBXafrUqhD6thzl7M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHTC1A5yfPeVpYVqJOohrBZXGsr2-nUGB8UvoP3MmL-eYNrQQH0_XqA1_txXsHAywD2nDmSXBFs31zBXafrUqhD6thzl7M
Request Chain 286
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKiGjxYXmSDJ49YtuHNKb5Q&google_cver=1&google_push=AaAOQGE38-xPa0r-SgbD8TvDin4aiME0_dMy5N6vP9AkOoqOp36QDiPLgAlwxTge37P3HBxh644DC2PtljnGMt1fhwX-2V98Xp3W HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QkNYdkRUZDQxUWdzUzg1&google_gid=CAESEKiGjxYXmSDJ49YtuHNKb5Q&google_cver=1&google_push=AaAOQGE38-xPa0r-SgbD8TvDin4aiME0_dMy5N6vP9AkOoqOp36QDiPLgAlwxTge37P3HBxh644DC2PtljnGMt1fhwX-2V98Xp3W
Request Chain 287
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEH4GWFM-ayDFsGkJ6mSfJbA&google_cver=1&google_push=AaAOQGFDE_BPvrRNxO_bLiJzxCvVrZ2VhLs-y4DzwtdmSrUCuHLobr8kcTsnwkBZkDVwgMjFN5VNg_vBftAdSTvhwiMWl4jdk-fN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTczNjc3MTAxNDE2MjU3MQ%3D%3D&google_push=AaAOQGFDE_BPvrRNxO_bLiJzxCvVrZ2VhLs-y4DzwtdmSrUCuHLobr8kcTsnwkBZkDVwgMjFN5VNg_vBftAdSTvhwiMWl4jdk-fN
Request Chain 288
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFeV7XIysT2R9QIyQGctJLc&google_cver=1&google_push=AaAOQGEpebk8HY4Z8bads9LCrFLw62l-xQLDXxUrNJvqOwMEODgDX8seJ31tG6iMjnnDxzq-81YzloclfBqNCkUdz2raQvqtuqlZ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QAoNdRiVTM22NahFO7UP5w2&google_push=AaAOQGEpebk8HY4Z8bads9LCrFLw62l-xQLDXxUrNJvqOwMEODgDX8seJ31tG6iMjnnDxzq-81YzloclfBqNCkUdz2raQvqtuqlZ
Request Chain 289
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHzsS3q7gHxeNcNo8Q0yEcA&google_cver=1&google_push=AaAOQGGvWcBytqUqZhhWuXz6utZph16ycBguz63y21fG2-yP89C8EYz-N8ZfLnkLhYF-5qfXQemlMfb4HNFTf_VxPkIoG83bD-_y HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHzsS3q7gHxeNcNo8Q0yEcA&google_cver=1&google_push=AaAOQGGvWcBytqUqZhhWuXz6utZph16ycBguz63y21fG2-yP89C8EYz-N8ZfLnkLhYF-5qfXQemlMfb4HNFTf_VxPkIoG83bD-_y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGGvWcBytqUqZhhWuXz6utZph16ycBguz63y21fG2-yP89C8EYz-N8ZfLnkLhYF-5qfXQemlMfb4HNFTf_VxPkIoG83bD-_y
Request Chain 290
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMIt22DZYZI_fRpXO8rNRu4&google_cver=1&google_push=AaAOQGHAyVHoWJTQ4VrUuo6vy9kXZ7XZggwIKcqG2vrKfUHDqdAd03TVI1FpCMOhZm88SIzyMlNx_E1fJDKlP_7z_P83yPEXOx1Y HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGHAyVHoWJTQ4VrUuo6vy9kXZ7XZggwIKcqG2vrKfUHDqdAd03TVI1FpCMOhZm88SIzyMlNx_E1fJDKlP_7z_P83yPEXOx1Y&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1688426540978 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d0ab2335-9e20-40ec-ab5a-e62b8d68857f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGHAyVHoWJTQ4VrUuo6vy9kXZ7XZggwIKcqG2vrKfUHDqdAd03TVI1FpCMOhZm88SIzyMlNx_E1fJDKlP_7z_P83yPEXOx1Y%26google_hm%3DA9CrIzWeIEDsq1rmK41ohX8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHAyVHoWJTQ4VrUuo6vy9kXZ7XZggwIKcqG2vrKfUHDqdAd03TVI1FpCMOhZm88SIzyMlNx_E1fJDKlP_7z_P83yPEXOx1Y&google_hm=A9CrIzWeIEDsq1rmK41ohX8
Request Chain 292
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEPTokyL3NCtTdoIRoJoIXa4&google_cver=1&google_push=AaAOQGG9qx9OYWuEf-HNE_XoJ09jPv3NyjNYj5jX8JthH0yytf3uAoCLMHXd27rkQDlGW9sumCEY0LyPvkctTCZbB8CAItvx9Gx8gA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTM2ODc3ODk2NzUxMjI4Mzk5OA%3D%3D&google_gid=CAESEPTokyL3NCtTdoIRoJoIXa4&google_cver=1&google_push=AaAOQGG9qx9OYWuEf-HNE_XoJ09jPv3NyjNYj5jX8JthH0yytf3uAoCLMHXd27rkQDlGW9sumCEY0LyPvkctTCZbB8CAItvx9Gx8gA
Request Chain 320
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEI_ANnJBHy3gkyq4UnwhYqQ&google_cver=1&google_push=AaAOQGFAvcp2MPfdRrw_2ntiu5nqioPl9H-mH79hes9fs1HJQbZpeHIrZ5YfTBBRnHaDTJ1idO7EEvQ_aPpPa13hoJ3OIAUOlPfmfA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFAvcp2MPfdRrw_2ntiu5nqioPl9H-mH79hes9fs1HJQbZpeHIrZ5YfTBBRnHaDTJ1idO7EEvQ_aPpPa13hoJ3OIAUOlPfmfA
Request Chain 321
  • https://um.simpli.fi/gp_match?google_gid=CAESEMde4oRknNRD-86G6CeTmJU&google_cver=1&google_push=AaAOQGFFZgAqml6A22Yx5Xb5A9XrZblRo5Z1C1eAhNTOGoMbn-71ocH3QvXgkWJkaCoCbp-cqsUFZjqYapaPuxmtshEoXpA4zIIemw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2F819472275C45F09D77A7EC9BC83F1C&google_push=AaAOQGFFZgAqml6A22Yx5Xb5A9XrZblRo5Z1C1eAhNTOGoMbn-71ocH3QvXgkWJkaCoCbp-cqsUFZjqYapaPuxmtshEoXpA4zIIemw
Request Chain 322
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELSmOeLln7EUAqCiVAlPsb8&google_cver=1&google_push=AaAOQGEt9vzA3djQf-3CyzsewLGm_cUUBju5pFSOoopvMHyRceFNQfoAYa0UXcnC5e4c4DeNdj47i6d4sUdUAM7BuvmNUrmoWWvAqw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEt9vzA3djQf-3CyzsewLGm_cUUBju5pFSOoopvMHyRceFNQfoAYa0UXcnC5e4c4DeNdj47i6d4sUdUAM7BuvmNUrmoWWvAqw&google_hm=XtO9OExkTW-imgt69WrKRoU
Request Chain 323
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEVBGehm5gIhD62d_b7HPCE&google_cver=1&google_push=AaAOQGGUYVZ4L8wEgDtacta5O0dMnQIKyN9mbgNTXSJHWyMxYIbbt5aIWV2Zq5yUBZ4W3d_cH8RGnBUEhuEdbYehanyMU3qGndS6fA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTczNjc3MTAxNDE2MjU3MQ%3D%3D&google_push=AaAOQGGUYVZ4L8wEgDtacta5O0dMnQIKyN9mbgNTXSJHWyMxYIbbt5aIWV2Zq5yUBZ4W3d_cH8RGnBUEhuEdbYehanyMU3qGndS6fA
Request Chain 324
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEELN7OJMO9iiOdCFs1kD9RY&google_cver=1&google_push=AaAOQGF143a5fo004cbBzlMEQFd_NH4mJZz9y5RZMfq_YmBtihaAaF8FRwqt3q-s_Jfb4Hh2nfqRfdjJ4ec8pIeAcZr-qeEgwEOTXA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QAoNdRiVTM22NahFO7UP5w2&google_push=AaAOQGF143a5fo004cbBzlMEQFd_NH4mJZz9y5RZMfq_YmBtihaAaF8FRwqt3q-s_Jfb4Hh2nfqRfdjJ4ec8pIeAcZr-qeEgwEOTXA
Request Chain 325
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPBHdek5TOt-v4ymaoektCA&google_cver=1&google_push=AaAOQGEJ1oxFaG-BbVxyP4AcT9EihqKQhmUAKGyx6GhIF3sKGNMExKu43i6JqeV6wr6EEH-W13CPmajb1UjXgNhXC34PtKKWomIXFQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc3MDA5ODE4NjM3MTAyODM2MA&google_push=AaAOQGEJ1oxFaG-BbVxyP4AcT9EihqKQhmUAKGyx6GhIF3sKGNMExKu43i6JqeV6wr6EEH-W13CPmajb1UjXgNhXC34PtKKWomIXFQ
Request Chain 326
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJG8jtecGmKS7T9lT9mFqY4&google_cver=1&google_push=AaAOQGEoL2-0u78mypMxDnmxvKFjFH5BAZldXPaeLKLrdAi5Qc_sTetFbAUQbXpoY_lzscVLoNtFvX3uxTB5IX6P4hRXa5ZIKrOjhA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEoL2-0u78mypMxDnmxvKFjFH5BAZldXPaeLKLrdAi5Qc_sTetFbAUQbXpoY_lzscVLoNtFvX3uxTB5IX6P4hRXa5ZIKrOjhA

413 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6x69807j0b5.html
pcloak.blob.core.windows.net/web/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
1318
Content-MD5
+Dz/d7Mp2GQfilgWrAkqiw==
Content-Type
text/html
Date
Mon, 03 Jul 2023 23:22:16 GMT
ETag
0x8DB5ED0599CC10C
Last-Modified
Sat, 27 May 2023 16:35:15 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
cf2a76c6-601e-0028-5b05-ae23a5000000
x-ms-version
2009-09-19
jquery.min.js
pcloak.blob.core.windows.net/web/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-request-id
cf2a7724-601e-0028-3005-ae23a5000000
Date
Mon, 03 Jul 2023 23:22:17 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
cloakan.js
pcloak.blob.core.windows.net/web/ 		308 B
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 03 Jul 2023 23:22:17 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zPiKctHo6j8i1UGOFPpInw==
ETag
0x8DA4D4A263C11C2
Content-Type
text/javascript
x-ms-request-id
cf2a77e3-601e-0028-5805-ae23a5000000
x-ms-version
2009-09-19
Content-Length
308
style.css
pcloak.blob.core.windows.net/web/ 		166 B
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/style.css
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 03 Jul 2023 23:22:17 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
9ruAIrm4XHnQO3/sM8J0AQ==
ETag
0x8DA4D4A26527CA0
Content-Type
text/css
x-ms-request-id
cf2a7779-601e-0028-7405-ae23a5000000
x-ms-version
2009-09-19
Content-Length
166
px.php
www.cloakan.co/ 		743 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/px.php?id=6x69807j0b5
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:14 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
404
nv.php
www.cloakan.co/ 		232 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:15 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
112
/
ye-mek.net/ Frame CD6E 		76 KB
76 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/
Requested by
Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6488eb318dbc3525193fc112e75c9ec708845abb5e83bedce2a4eee3fd5aca3a

Request headers

Referer
https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
77592
content-type
text/html; charset=utf-8
date
Mon, 03 Jul 2023 23:22:17 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame CD6E 		90 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 18:18:28 GMT
x-content-type-options
nosniff
age
277430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92629
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Jun 2024 18:18:28 GMT
yemeknet.js
ye-mek.net/js/ Frame CD6E 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/js/yemeknet.js?v=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Mon, 03 Jul 2023 23:22:17 GMT
content-encoding
br
last-modified
Tue, 20 Aug 2019 13:15:54 GMT
server
Microsoft-IIS/10.0
etag
"0a144655957d51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=691200
accept-ranges
bytes
content-length
2179
maincss.css
cdn.ye-mek.net/ Frame CD6E 		40 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ye-mek.net/maincss.css?v=434
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
6617085
x-accel-date
1681809453
x-77-nzt
AcO1qhEiJ0T//fdkAA
x-accel-expires
@1713345453
last-modified
Tue, 24 Nov 2020 00:00:32 GMT
server
CDN77-Turbo
etag
W/"5fbc4d20-9e5b"
x-77-nzt-ray
4c1562243ed9fe802a58a3640f138425
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ Frame CD6E 		233 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6B70JBQEWN
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da18af6d3c8b59f86a4bd9b6bce1588f3dae025248713f9eb0fe5d1fb60bc993
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83390
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 03 Jul 2023 23:22:18 GMT
searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame CD6E 		542 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6617150
x-accel-date
1681809388
content-length
542
x-77-nzt
AcO1qhFTIHH/PvhkAA
x-accel-expires
@1713345388
last-modified
Sat, 22 Oct 2022 20:00:57 GMT
server
CDN77-Turbo
etag
"63544bf9-21e"
x-77-nzt-ray
4c1562243ed9fe802a58a36416bcdc27
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ara.png
cdn.ye-mek.net/App_UI/Img/ Frame CD6E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6617085
x-accel-date
1681809453
content-length
1651
x-77-nzt
AcO1qhEUHNz//fdkAA
x-accel-expires
@1713345453
last-modified
Mon, 14 May 2018 22:41:08 GMT
server
CDN77-Turbo
etag
"5afa1084-673"
x-77-nzt-ray
4c1562243ed9fe802a58a364fd913f28
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
visneli-dondurma-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/07/ Frame CD6E 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/07/visneli-dondurma-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e7d8342248029f1df308d3f2cb02a6a7a87714307aca80532eb853c198cc92f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
89066
x-accel-date
1688337472
content-length
13657
x-77-nzt
AcO1qhFW4NH/6lsBAA
x-accel-expires
@1719873472
last-modified
Sun, 02 Jul 2023 22:22:54 GMT
server
CDN77-Turbo
etag
"64a1f8be-3559"
x-77-nzt-ray
4c1562243ed9fe802a58a3647ce74328
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
bezelye-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/07/ Frame CD6E 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/07/bezelye-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
dd7419ac2c04d1920350f6b486f662f299717fb2b16b14a824f61cc4a362ad0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
175389
x-accel-date
1688251149
content-length
14413
x-77-nzt
AcO1qhGDNHP/Ha0CAA
x-accel-expires
@1719787149
last-modified
Sat, 01 Jul 2023 22:15:24 GMT
server
CDN77-Turbo
etag
"64a0a57c-384d"
x-77-nzt-ray
4c1562243ed9fe802a58a3648cac4f28
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
terbiyeli-kabak-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/07/ Frame CD6E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/07/terbiyeli-kabak-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3cf33fd1cc895fe26505c0677f183cec819f5d55d54905a1adf8e95322d67c19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
261249
x-accel-date
1688165289
content-length
11302
x-77-nzt
AcO1qhGbi+T/gfwDAA
x-accel-expires
@1719701289
last-modified
Fri, 30 Jun 2023 22:20:09 GMT
server
CDN77-Turbo
etag
"649f5519-2c26"
x-77-nzt-ray
4c1562243ed9fe802a58a3641b4e5428
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
soguk-kahve-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame CD6E 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/soguk-kahve-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
66f57830eba3793b6d407a90dc0636b5e5e028f466bec6045ebc0813acaf7afa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
352039
x-accel-date
1688074499
content-length
9818
x-77-nzt
AcO1qhEV3Bz/J18FAA
x-accel-expires
@1719610499
last-modified
Thu, 29 Jun 2023 21:14:19 GMT
server
CDN77-Turbo
etag
"649df42b-265a"
x-77-nzt-ray
4c1562243ed9fe802a58a364c1515828
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kofteli-sehzade-kebabi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame CD6E 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/kofteli-sehzade-kebabi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
93877a4648f07d0a209913c6a05dcdc1810fe91fb41c96320aea06de80b708c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6616225
x-accel-date
1681810313
content-length
15437
x-77-nzt
AcO1qhEICdn/ofRkAA
x-accel-expires
@1713346313
last-modified
Fri, 30 Apr 2021 23:49:24 GMT
server
CDN77-Turbo
etag
"608c9784-3c4d"
x-77-nzt-ray
4c1562243ed9fe802a58a3645e865a28
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-kofteli-patates-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/06/ Frame CD6E 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/06/firinda-kofteli-patates-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fcc8d02d1890db4b4310e06955eb7c309069e9672717fe97e043d6114cd105ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6616939
x-accel-date
1681809599
content-length
12649
x-77-nzt
AcO1qhF+ew//a/dkAA
x-accel-expires
@1713345599
last-modified
Wed, 01 May 2019 23:19:29 GMT
server
CDN77-Turbo
etag
"5cca2981-3169"
x-77-nzt-ray
4c1562243ed9fe802a58a364ebd55f28
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
somelek-kofte-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/04/ Frame CD6E 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/04/somelek-kofte-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a0a4cc3fe2d3f622420ca59c87382ef49c8810febf4eed0cf5f5b37b0df663fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6616924
x-accel-date
1681809614
content-length
14352
x-77-nzt
AcO1qhHwH5f/XPdkAA
x-accel-expires
@1713345614
last-modified
Sun, 11 Apr 2021 23:09:03 GMT
server
CDN77-Turbo
etag
"6073818f-3810"
x-77-nzt-ray
4c1562243ed9fe802a58a364fe356228
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
dalyan-kofte-rosto-kofte-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/02/ Frame CD6E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2015/02/dalyan-kofte-rosto-kofte-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
22c974ca84d1beebef37b4c95335f8ae6f597563bbb9246eed2f4f647a176128

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6616389
x-accel-date
1681810149
content-length
11371
x-77-nzt
AcO1qhFdBWD/RfVkAA
x-accel-expires
@1713346149
last-modified
Wed, 01 May 2019 22:37:27 GMT
server
CDN77-Turbo
etag
"5cca1fa7-2c6b"
x-77-nzt-ray
4c1562243ed9fe802a58a36402c4a129
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kesme-nevzine-tatlisi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/04/ Frame CD6E 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/04/kesme-nevzine-tatlisi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
650adc9dfd34c3f14598aef5d808373854959bb31c24f09b49b75db4b1c8af81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6616425
x-accel-date
1681810113
content-length
16255
x-77-nzt
AcO1qhFzxn3/afVkAA
x-accel-expires
@1713346113
last-modified
Sat, 15 Apr 2023 23:29:26 GMT
server
CDN77-Turbo
etag
"643b3356-3f7f"
x-77-nzt-ray
4c1562243ed9fe802a58a3640bffa429
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tas-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/10/ Frame CD6E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/10/tas-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6615587
x-accel-date
1681810951
content-length
10807
x-77-nzt
AcO1qhHURqv/I/JkAA
x-accel-expires
@1713346951
last-modified
Wed, 01 May 2019 23:24:41 GMT
server
CDN77-Turbo
etag
"5cca2ab9-2a37"
x-77-nzt-ray
4c1562243ed9fe802a58a3644026a829
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
mengen-pilavi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame CD6E 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/mengen-pilavi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
bb7675b559b6b715e1583e5b7267a368f56cb8961a364f5204695d500614bb67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6616565
x-accel-date
1681809973
content-length
16805
x-77-nzt
AcO1qhGOn7v/9fVkAA
x-accel-expires
@1713345973
last-modified
Mon, 20 Mar 2023 22:40:04 GMT
server
CDN77-Turbo
etag
"6418e0c4-41a5"
x-77-nzt-ray
4c1562243ed9fe802a58a36400fda929
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
atom-meze-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/04/ Frame CD6E 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/04/atom-meze-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0052f42a0eb025590c4a2c324f65ddac213225b383aed8a10687d4250138cc6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6615636
x-accel-date
1681810902
content-length
15669
x-77-nzt
AcO1qhFdIm7/VPJkAA
x-accel-expires
@1713346902
last-modified
Wed, 15 Apr 2020 00:26:30 GMT
server
CDN77-Turbo
etag
"5e9654b6-3d35"
x-77-nzt-ray
4c1562243ed9fe802a58a364d9d7ab29
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-kofte-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/06/ Frame CD6E 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2018/06/firinda-kofte-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5912818a6cbf7dd28046251c26630e960975ee5cf7f18865a8524e0d40e8a558

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6615099
x-accel-date
1681811439
content-length
13350
x-77-nzt
AcO1qhGhZQP/O/BkAA
x-accel-expires
@1713347439
last-modified
Wed, 01 May 2019 23:36:38 GMT
server
CDN77-Turbo
etag
"5cca2d86-3426"
x-77-nzt-ray
4c1562243ed9fe802a58a3646ff1ad29
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
besni-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame CD6E 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/besni-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
599bb6748f60ecce39049c7c6feed7bfd65e9ba09ef478ff0661381840117a9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6616418
x-accel-date
1681810120
content-length
18119
x-77-nzt
AcO1qhF2Aij/YvVkAA
x-accel-expires
@1713346120
last-modified
Wed, 29 Mar 2023 22:35:22 GMT
server
CDN77-Turbo
etag
"6424bd2a-46c7"
x-77-nzt-ray
4c1562243ed9fe802a58a364465eb029
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ev-koftesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ Frame CD6E 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ev-koftesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a1a1863860f40862a7df0b5316bc3805f213fa1c9fb01060bbd994d91dc140ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6617047
x-accel-date
1681809491
content-length
17248
x-77-nzt
AcO1qhH0FU3/1/dkAA
x-accel-expires
@1713345491
last-modified
Sun, 25 Dec 2022 22:38:25 GMT
server
CDN77-Turbo
etag
"63a8d0e1-4360"
x-77-nzt-ray
4c1562243ed9fe802a58a364fe87b229
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sodali-kofte-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame CD6E 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/sodali-kofte-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c95864adde9fe8a23911034d261ca90d154b87611afb584416b2b317c1357813

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6617047
x-accel-date
1681809491
content-length
15812
x-77-nzt
AcO1qhH8qzb/1/dkAA
x-accel-expires
@1713345491
last-modified
Fri, 29 Apr 2022 00:25:19 GMT
server
CDN77-Turbo
etag
"626b306f-3dc4"
x-77-nzt-ray
4c1562243ed9fe802a58a3646295b429
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-tavuk-kanat-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/11/ Frame CD6E 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/11/firinda-tavuk-kanat-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
81e566e70ca8804ec2feea476a39833bf39fb650efffdf3530cb0e94072990dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
205840
x-accel-date
1688220698
content-length
15895
x-77-nzt
AcO1qhGDn5H/ECQDAA
x-accel-expires
@1719756698
last-modified
Mon, 31 Oct 2022 23:01:54 GMT
server
CDN77-Turbo
etag
"636053e2-3e17"
x-77-nzt-ray
4c1562243ed9fe802a58a364796eb629
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cerkez-pilavi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/04/ Frame CD6E 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/04/cerkez-pilavi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
298e30cd4e01948d540e8aff796e294da1ae095578b2403f2b97280e3b969a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6617069
x-accel-date
1681809469
content-length
16373
x-77-nzt
AcO1qhG3vnH/7fdkAA
x-accel-expires
@1713345469
last-modified
Tue, 11 Apr 2023 16:32:39 GMT
server
CDN77-Turbo
etag
"64358ba7-3ff5"
x-77-nzt-ray
4c1562243ed9fe802a58a36416cbbb29
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-citir-tavuk-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame CD6E 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/firinda-citir-tavuk-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6e517f1f2da440c36103d61ae698974db84ded6b3ac8635a8c24d8ac8652c10d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1472203
x-accel-date
1686954335
content-length
14117
x-77-nzt
AcO1qhGW/oD/y3YWAA
x-accel-expires
@1718490335
last-modified
Fri, 16 Jun 2023 22:14:46 GMT
server
CDN77-Turbo
etag
"648cded6-3725"
x-77-nzt-ray
4c1562243ed9fe802a58a3641d24be29
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuklu-buhara-pilavi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame CD6E 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/tavuklu-buhara-pilavi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1b03fd3fa3f31290953a4de0da547b6f833489691c8f447fa19019095a60c8a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6617069
x-accel-date
1681809469
content-length
15804
x-77-nzt
AcO1qhGqOyL/7fdkAA
x-accel-expires
@1713345469
last-modified
Wed, 22 Mar 2023 20:32:55 GMT
server
CDN77-Turbo
etag
"641b65f7-3dbc"
x-77-nzt-ray
4c1562243ed9fe802a58a364f61bc129
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
domatesli-kabak-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/06/ Frame CD6E 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/06/domatesli-kabak-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c43a592c09224db2985a3e074e7b50afe274ddce2b680b73e8f3a9c5cda4d35b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6616433
x-accel-date
1681810105
content-length
14650
x-77-nzt
AcO1qhH2Idf/cfVkAA
x-accel-expires
@1713346105
last-modified
Wed, 16 Jun 2021 22:40:57 GMT
server
CDN77-Turbo
etag
"60ca7df9-393a"
x-77-nzt-ray
4c1562243ed9fe802a58a364ac8bc329
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
zeytinyagli-havuclu-taze-fasulye-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/09/ Frame CD6E 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/09/zeytinyagli-havuclu-taze-fasulye-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
372e646203759b4bf2ddab1f01469d03dd8bc920f187a3a09bb316f4edf6d604

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6614024
x-accel-date
1681812514
content-length
14135
x-77-nzt
AcO1qhEBgs//COxkAA
x-accel-expires
@1713348514
last-modified
Sat, 11 Sep 2021 20:22:26 GMT
server
CDN77-Turbo
etag
"613d1002-3737"
x-77-nzt-ray
4c1562243ed9fe802a58a364e293c529
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-yogurtlu-patates-kizartmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/12/ Frame CD6E 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/12/firinda-yogurtlu-patates-kizartmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b203eb6091b782e83f70a512b57200183965e591ed8fc29a3adbe790f0a4cfc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6616948
x-accel-date
1681809590
content-length
12834
x-77-nzt
AcO1qhEnwLb/dPdkAA
x-accel-expires
@1713345590
last-modified
Wed, 01 May 2019 23:09:58 GMT
server
CDN77-Turbo
etag
"5cca2746-3222"
x-77-nzt-ray
4c1562243ed9fe802a58a364ecf3c929
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-besamel-soslu-patates-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/10/ Frame CD6E 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2018/10/firinda-besamel-soslu-patates-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e59cb86b6c40e4790e944329cca2be7dbf0902764924226249869a8001ca54b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6616568
x-accel-date
1681809970
content-length
13662
x-77-nzt
AcO1qhFeqxv/+PVkAA
x-accel-expires
@1713345970
last-modified
Wed, 01 May 2019 23:40:39 GMT
server
CDN77-Turbo
etag
"5cca2e77-355e"
x-77-nzt-ray
4c1562243ed9fe802a58a36420e0cb29
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
mercimekli-tarhana-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/08/ Frame CD6E 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/08/mercimekli-tarhana-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
31e62e0b092bc9ff94b2b8e841ae9305955b398a7cd80116a4d79bc9fe3b6e39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6616720
x-accel-date
1681809818
content-length
12901
x-77-nzt
AcO1qhEumn//kPZkAA
x-accel-expires
@1713345818
last-modified
Mon, 23 Aug 2021 21:56:40 GMT
server
CDN77-Turbo
etag
"61241998-3265"
x-77-nzt-ray
4c1562243ed9fe802a58a36487c5cd29
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kremasiz-mantar-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ Frame CD6E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/12/kremasiz-mantar-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c3c8f737c2c30356f2b788246c529049e20b42a6454539265981b00d318536ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6616260
x-accel-date
1681810278
content-length
11203
x-77-nzt
AcO1qhH75+D/xPRkAA
x-accel-expires
@1713346278
last-modified
Fri, 23 Dec 2022 23:04:21 GMT
server
CDN77-Turbo
etag
"63a633f5-2bc3"
x-77-nzt-ray
4c1562243ed9fe802a58a3646a45d029
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
balkabagi-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/11/ Frame CD6E 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2015/11/balkabagi-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
37696e118071c7484a8001f32a4e80edaab20322d5c8ae8e2b1f48a1c45baad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
347207
x-accel-date
1688079331
content-length
13941
x-77-nzt
AcO1qhF5I5X/R0wFAA
x-accel-expires
@1719615331
last-modified
Wed, 01 May 2019 22:51:05 GMT
server
CDN77-Turbo
etag
"5cca22d9-3675"
x-77-nzt-ray
4c1562243ed9fe802a58a3643047d329
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
mantarli-domates-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ Frame CD6E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/12/mantarli-domates-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
57d6270f8a2410ea0ae988122b1d818fcf9a73b139b68c281c344bd48431558a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6617040
x-accel-date
1681809498
content-length
11238
x-77-nzt
AcO1qhGOCP//0PdkAA
x-accel-expires
@1713345498
last-modified
Wed, 30 Nov 2022 21:15:52 GMT
server
CDN77-Turbo
etag
"6387c808-2be6"
x-77-nzt-ray
4c1562243ed9fe802a58a3646a07d629
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
susamli-tepsi-keki-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/12/ Frame CD6E 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/12/susamli-tepsi-keki-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6a5c3836f01af05b52f926264495b7bac8dcef94acc6cfdbb3fbfa5054e941d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6613295
x-accel-date
1681813243
content-length
13737
x-77-nzt
AcO1qhH9qTD/L+lkAA
x-accel-expires
@1713349243
last-modified
Wed, 01 May 2019 23:09:05 GMT
server
CDN77-Turbo
etag
"5cca2711-35a9"
x-77-nzt-ray
4c1562243ed9fe802a58a36456afd729
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firin-sutlac-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/05/ Frame CD6E 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/05/firin-sutlac-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1d9b9d4dd0f38289082e966a0a53f5d354c6664023ed97207fdb428f8822c8c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6616386
x-accel-date
1681810152
content-length
16803
x-77-nzt
AcO1qhGU0IL/QvVkAA
x-accel-expires
@1713346152
last-modified
Sun, 08 May 2022 22:56:00 GMT
server
CDN77-Turbo
etag
"62784a80-41a3"
x-77-nzt-ray
4c1562243ed9fe802a58a364a2f7d929
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
portakalli-muhallebi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/12/ Frame CD6E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/12/portakalli-muhallebi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b62303207f083306afe16a9b3634280a39bf8ab0c1f873f9ba4bc114e10dc59e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6616800
x-accel-date
1681809738
content-length
11287
x-77-nzt
AcO1qhE+/XH/4PZkAA
x-accel-expires
@1713345738
last-modified
Fri, 13 Dec 2019 22:36:21 GMT
server
CDN77-Turbo
etag
"5df41265-2c17"
x-77-nzt-ray
4c1562243ed9fe802a58a36422fbdb29
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sultan-tatlisi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame CD6E 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/sultan-tatlisi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b6f592ba4dc1ddfac8ff32673d97d7aa580f6ea2ac20e5415d7ad6207d6f99f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6616287
x-accel-date
1681810251
content-length
17431
x-77-nzt
AcO1qhFjQbn/3/RkAA
x-accel-expires
@1713346251
last-modified
Fri, 15 May 2020 21:50:10 GMT
server
CDN77-Turbo
etag
"5ebf0e92-4417"
x-77-nzt-ray
4c1562243ed9fe802a58a3649148de29
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tava-boregi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/10/ Frame CD6E 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/10/tava-boregi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
00f3144b01e84e31eb08b2919a242a011735d97e954661e69536299b505af028

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
236435
x-accel-date
1688190103
content-length
12484
x-77-nzt
AcO1qhGEH7T/k5sDAA
x-accel-expires
@1719726103
last-modified
Mon, 17 Oct 2022 22:54:27 GMT
server
CDN77-Turbo
etag
"634ddd23-30c4"
x-77-nzt-ray
4c1562243ed9fe802a58a3646241e029
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
pofuduk-bulut-omlet-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/06/ Frame CD6E 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/06/pofuduk-bulut-omlet-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
296f1d7fdfd20eada2afea94621798ff10feabb9782f9ba00d13c8986ed01254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6614017
x-accel-date
1681812521
content-length
13553
x-77-nzt
AcO1qhH7oIj/AexkAA
x-accel-expires
@1713348521
last-modified
Tue, 23 Jun 2020 23:52:00 GMT
server
CDN77-Turbo
etag
"5ef295a0-34f1"
x-77-nzt-ray
4c1562243ed9fe802a58a36450ece429
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sutlu-kasik-dokmesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/07/ Frame CD6E 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/07/sutlu-kasik-dokmesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
552daca9a314234c9d54062363f358e66ae995a7d52efa0db8535408719d64fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6614406
x-accel-date
1681812132
content-length
16185
x-77-nzt
AcO1qhHlsTX/hu1kAA
x-accel-expires
@1713348132
last-modified
Thu, 22 Jul 2021 23:51:32 GMT
server
CDN77-Turbo
etag
"60fa0484-3f39"
x-77-nzt-ray
4c1562243ed9fe802a58a364d393ea29
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kayisi-receli-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/07/ Frame CD6E 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/07/kayisi-receli-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
326191eff8a94513a5b1e00816990e367b886533f3d180c4617b301d48553fcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6606194
x-accel-date
1681820344
content-length
10124
x-77-nzt
AcO1qhEnDkL/cs1kAA
x-accel-expires
@1713356344
last-modified
Wed, 01 May 2019 23:20:56 GMT
server
CDN77-Turbo
etag
"5cca29d8-278c"
x-77-nzt-ray
4c1562243ed9fe802a58a36470ecef29
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
_dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame CD6E 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:18 GMT
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
Microsoft-IIS/10.0
etag
"8ae3cdbd420cc1:0"
x-powered-by
ASP.NET
x-hw
1688426538.cds140.fr8.hn,1688426538.cds153.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length
5605
addthis_widget.js
s7.addthis.com/js/300/ Frame CD6E 		56 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 23:22:19 GMT
server
Oracle API Gateway
opc-request-id
/5374AF795076A4DC04BB333FDF108D1A/0BDE439A84E62FAFF09AD72B90395B8C
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block
DMCABadgeHelper.min.js
images.dmca.com/Badges/ Frame CD6E 		465 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:18 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
Microsoft-IIS/10.0
etag
"26b181f16d28d51:0"
x-powered-by
ASP.NET
x-hw
1688426538.cds140.fr8.hn,1688426538.cds057.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
395
outside.js
static.virgul.com/theme/mockups/adcode/ Frame CD6E 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19541
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
66413d92e3b48b21f37de7968a4c6ee6dafb956f4963d0557959a3d10db2c492

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:18 GMT
content-encoding
gzip
last-modified
Fri, 23 Jun 2023 06:55:07 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
sdk.js
connect.facebook.net/tr_TR/ Frame CD6E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
70702ae8b1042754803642728260678f471284d6ccfbc9dae2558c7a77c9dd54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 23:22:18 GMT
content-md5
elIIFO3TZq3HQDJ9aaO18A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
weZxf19LhqatGDhgRq/cwz/Xy5w7J30+zJv9adtMW6o55NykqNeFbXBR4N75T+7WrNYrCvYaVZ6XvCCz1sbQ8g==
x-fb-content-md5
fa86c66fa4a053805ab96e186c5147b0
cross-origin-opener-policy
same-origin-allow-popups
etag
"2e335b0d915d5d03d55189cfe025e168"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:25:47 GMT
sprite_3.png
cdn.ye-mek.net/grafik/ Frame CD6E 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by
Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ye-mek.net/maincss.css?v=434
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 03 Jul 2023 23:22:18 GMT
x-cache
HIT
x-77-cache
HIT
x-age
6617085
x-accel-date
1681809453
content-length
21525
x-77-nzt
AcO1qhE016T//fdkAA
x-accel-expires
@1713345453
last-modified
Mon, 14 May 2018 20:55:05 GMT
server
CDN77-Turbo
etag
"5af9f7a9-5415"
x-77-nzt-ray
4c1562243ed9fe802a58a364237bf229
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sdk.js
connect.facebook.net/tr_TR/ Frame CD6E 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js?hash=5c6ea9d44bd73548e66693a84af24d1a
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef5c9b08df28e3d904c503fabbeea3bae433e3b1e44d31edb4526aab745dba5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 23:22:18 GMT
content-md5
TX2BIJM6FDjKxCrC8nTpRA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88851
x-fb-debug
sq916c/4TC42kxdHGvQ5FCx8wUJ4zSuoDIWQNfnYy+SyllGQMSKHGHg0al1XY18uVxoKuJ+Dmi1TYU4UIdUzpQ==
x-fb-content-md5
e361782990c9f0a3cb017f06c4e1e404
cross-origin-opener-policy
same-origin-allow-popups
etag
"ce0cc21a61ab33fa40c42ad22aabc1c2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Tue, 02 Jul 2024 21:35:48 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame CD6E 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa9b2a4319e267d5156f271c64c57d5b9981ee0300dceda53dccd1bc34916edb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26067
x-xss-protection
0
server
cafe
etag
660 / 19541 / m202306280101 / config-hash: 9368321761009417704
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:19 GMT
ads.js
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame CD6E 		120 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19541
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
last-modified
Wed, 21 Dec 2022 18:47:42 GMT
server
openresty/1.15.8.3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
120
str.html
static.virgul.com/theme/mockups/outside/ Frame 684F 		891 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19541
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=5184000
content-length
891
content-type
text/html
date
Mon, 03 Jul 2023 23:22:19 GMT
last-modified
Wed, 28 Sep 2022 10:07:57 GMT
server
openresty/1.15.8.3
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame CD6E 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2eb176aaeeb413ad669d78865acf8fd6c1998dcfc6e571f727a79f730ba80fea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48872
x-xss-protection
0
server
cafe
etag
1693959615923479822
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:19 GMT
prebid7.38.0.js
static.virgul.com/theme/mockups/outside/ Frame CD6E 		489 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19541
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
gzip
last-modified
Mon, 27 Mar 2023 14:56:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
apstag.js
c.amazon-adsystem.com/aax2/ Frame CD6E 		236 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-147.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 22:41:14 GMT
content-encoding
gzip
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
last-modified
Thu, 29 Jun 2023 21:03:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, VIE50-P1
age
2466
x-amz-server-side-encryption
AES256
etag
W/"9352f20e556bff9fea6fd0461aac850d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
NLDUWeNEqHIxYzPyb7Yev1kRq6E8yV3EjjKo2yleD43YC4IyYnJUkA==
pageview
ng.virgul.com/ Frame CD6E 		32 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/pageview?c=site_geneli&mt=1688426539085&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.7858703553193929
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19541
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
c716deaefb4157036499c74547753506455d05368e5a156b9742f8f1c4f4590d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
yemek_net.js
static.virgul.com/theme/mockups/fallback/ Frame CD6E 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19541
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19541
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
gzip
last-modified
Tue, 20 Jun 2023 21:45:07 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
hb
ng.virgul.com/ Frame CD6E 		50 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=469007
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19541
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
3a08cd1d2e151590d93491d41b26b5d5f2a28ed561ddd9b9860602a5d855489c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
cache-control
max-age=3600
access-control-allow-credentials
true
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ Frame CD6E 		392 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 14:07:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
33315
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127514
x-xss-protection
0
server
cafe
etag
13498126467117012333
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 02 Jul 2024 14:07:04 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306230101/ Frame CD6E 		344 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31075664
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4239a0a1a01ef485176b82ccd5ceb4fc7088552af56b4b6ff6be1fc5b17981c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120897
x-xss-protection
0
server
cafe
etag
10667767897565848195
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/ Frame 81C2 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
20922
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 17:33:37 GMT
etag
12368291122986407432
expires
Mon, 17 Jul 2023 17:33:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
config
c.amazon-adsystem.com/cdn/prod/ Frame CD6E 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-147.vie50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 22:14:45 GMT
via
1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
VIE50-P1
age
4053
x-cache
Hit from cloudfront
access-control-allow-origin
https://ye-mek.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
Y9DzgmgQjayE6pQbimchv9dIMLEci7TI3b1XtcG8Ev9kJVhOYlfFFA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame CD6E 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-147.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
date
Mon, 03 Jul 2023 05:30:17 GMT
x-amz-cf-pop
VIE50-P1
age
64380
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
MD5oZtWdj2MlcdrZF0488NbjwxQqlH8gWbz-5uysqhlkqGGMajzADw==
empowerwebplayer3.js
static.virgul.com/theme/mockups/outside/ Frame CD6E 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
gzip
last-modified
Tue, 13 Jun 2023 13:36:40 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
bid
aax.amazon-adsystem.com/e/dtb/ Frame CD6E 		23 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=h7URnsr7uyujK&cb=0&ws=1600x1200&v=23.612.1758&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
RMXT8W7R6G9C4ZK10SJQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
P1BojLghn2PZ-gqM1cPuGBMI07VbQ1Zfl_vMMk9TdPoJz2zrNfGSAQ==
yemek_net.js
static.virgul.com/theme/mockups/sites/ Frame CD6E 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=469007
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19541
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 09:08:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
pandg-sdk.js
pghub.io/js/ Frame CD6E 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 22:29:32 GMT
content-encoding
gzip
age
3167
x-guploader-uploadid
ADPycdtJh_ckBU332jYd6b36gq5dSyKByU-Up_d2Q9oH4CGa-wpA2G83WTW2cIkk3E05qr4TVnEGL4A9Yrhce88SGa5-vg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5009
last-modified
Mon, 05 Jun 2023 16:36:50 GMT
server
UploadServer
etag
"47a886353056caf33a998c6041e20896"
vary
Accept-Encoding
x-goog-generation
1685983010517890
x-goog-hash
crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
5009
accept-ranges
bytes
content-type
application/javascript
zoneview
ng.virgul.com/ Frame CD6E 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1688426539365&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.24659931624626075
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 03 Jul 2023 23:22:19 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
ads
securepubads.g.doubleclick.net/gampad/ Frame CD6E 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3042722088988478&correlator=1461474639924856&eid=31073864%2C31075484&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688426539085%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6c8dc43f05f24af8b8871ac62d79bed6&sc=1&cdm=ye-mek.net&abxe=1&dt=1688426539390&lmt=1688426539&dlt=1688426538394&idt=880&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=4zw0n1ebkjpv&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1992585356.1688426539&ga_sid=1688426539&ga_hid=328638593&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8aee84085a9a8b44d7f57134e501990acfc64e88e0dd8023e0fa7062723a6df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11870
x-xss-protection
0
google-lineitem-id
6241543851
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425219174
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 59D8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:19 GMT
expires
Tue, 02 Jul 2024 23:22:19 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CD6E 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31075664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8C74 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539213&bpp=3&bdt=819&idt=194&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&nras=1&correlator=8598079543048&frm=24&ife=1&pv=2&ga_vid=1992585356.1688426539&ga_sid=1688426539&ga_hid=328638593&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759842%2C44759927%2C31075664%2C44788441%2C44789815&oid=2&pvsid=3042722088988478&tmod=1036388161&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.pzefjkqbpz2v&fsb=1&dtd=207
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31075664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
NoktaNpmPlayerApi.js
c1.imgiz.com/player_others/html5/ Frame CD6E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19541
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 11:58:21 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Mon, 10 Jul 2023 23:22:19 GMT
zoneview
ng.virgul.com/ Frame CD6E 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1688426539450&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.013545420893506854
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 03 Jul 2023 23:22:19 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
tag
feed.pghub.io/ Frame AECA 		13 B
257 B 		Document
General
Check archive.org
Download Go to
Full URL
https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Mon, 03 Jul 2023 23:22:19 GMT
strict-transport-security
max-age=31536000
via
1.1 google
ads
securepubads.g.doubleclick.net/gampad/ Frame CD6E 		36 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3042722088988478&correlator=3712284450289676&eid=31073864%2C31075484&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=3&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688426539085%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6c8dc43f05f24af8b8871ac62d79bed6&sc=1&cdm=ye-mek.net&abxe=1&dt=1688426539659&lmt=1688426539&dlt=1688426538394&idt=880&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=3wqaumu7g846&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1992585356.1688426539&ga_sid=1688426539&ga_hid=328638593&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad552005288cd4eaba1573df6d50052aa8b70c500430d5ce040feeb511e76353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15143
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame CD6E 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3042722088988478&correlator=2146097478283743&eid=31073864%2C31075484&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=4&adks=3299242717&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688426539085%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6c8dc43f05f24af8b8871ac62d79bed6&sc=1&cdm=ye-mek.net&abxe=1&dt=1688426539664&lmt=1688426539&dlt=1688426538394&idt=880&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=2dnrvsbu88wd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&ga_vid=1992585356.1688426539&ga_sid=1688426539&ga_hid=328638593&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4f389ffdd25abe4499194c06d7d562fc7db3560694624f7101471c65fd5bfbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11295
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame CD6E 		198 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3042722088988478&correlator=2320827540481154&eid=31073864%2C31075484&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160%7C640x205&fluid=height&ifi=5&adks=3050045420&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688426539085%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6c8dc43f05f24af8b8871ac62d79bed6&sc=1&cdm=ye-mek.net&abxe=1&dt=1688426539667&lmt=1688426539&dlt=1688426538394&idt=880&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=skxzna1ltekj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=996x0&msz=996x0&fws=388&ohw=1600&ga_vid=1992585356.1688426539&ga_sid=1688426539&ga_hid=328638593&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf56ddd9b52c12d839f441fe93423362142a3f5193e2506a488f25cb03649919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25907
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame CD6E 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3042722088988478&correlator=241800735747985&eid=31073864%2C31075484&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=6&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688426539085%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6c8dc43f05f24af8b8871ac62d79bed6&sc=1&cdm=ye-mek.net&abxe=1&dt=1688426539670&lmt=1688426539&dlt=1688426538394&idt=880&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=8u9mtiaic2jt&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1992585356.1688426539&ga_sid=1688426539&ga_hid=328638593&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eca0c235db29e023bc1a60ff08fda97284e6b01b5f58700e0a4bf50f3b0ea29b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11377
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame CD6E 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3042722088988478&correlator=4437472940254478&eid=31073864%2C31075484&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688426539085%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6c8dc43f05f24af8b8871ac62d79bed6&sc=1&cdm=ye-mek.net&abxe=1&dt=1688426539673&lmt=1688426539&dlt=1688426538394&idt=880&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=gsvcq93auegs&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1992585356.1688426539&ga_sid=1688426539&ga_hid=328638593&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
892236541c7a8ad179743c2d9624d51cc08ecb3e205ca8b41dc4c412465665eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11046
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame CD6E 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3042722088988478&correlator=2245560598055901&eid=31073864%2C31075484&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=8&adks=3203893797&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688426539085%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6c8dc43f05f24af8b8871ac62d79bed6&sc=1&cdm=ye-mek.net&abxe=1&dt=1688426539676&lmt=1688426539&dlt=1688426538394&idt=880&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=jdu5ehbbtv0w&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&ga_vid=1992585356.1688426539&ga_sid=1688426539&ga_hid=328638593&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d70af7949196c08c5fe3a641acaf77ccd1dc4860e3ff457edc137cc39f6ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11089
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C62D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:19 GMT
expires
Tue, 02 Jul 2024 23:22:19 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C62D 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 19:05:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
188210
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 30 Jun 2024 19:05:29 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C62D 		140 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e9f681bea9375dfa0df172cdef55bcb90ad3de558b96db3a2f1afc1ecedfa36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Origin
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49206
x-xss-protection
0
server
cafe
etag
12450108931096554984
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C62D 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:19 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame CD6E 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123120
x-xss-protection
0
expires
Mon, 03 Jul 2023 23:22:19 GMT
NoktaPlayer.js
c1.imgiz.com/player_others/html5/ Frame CD6E 		398 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/3/2023
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19541
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
gzip
last-modified
Mon, 29 May 2023 18:51:56 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Mon, 10 Jul 2023 23:22:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C62D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8YdewIfHBZVx8E4N9L1RLFZigpRvXrE4V1isso2VKVhoEesrXbqqFKkNmaaeIoIYUiqIoC1EMFB3ne0JXeYPhTru28IjeHm3EOyMpCNAMotHoyL7Nw4PvhUPrQRpVRnVyV7qwBZWbh7hDHUdGw1Onw4BgIOfrYRLd6C06jUtyRu89EstbytjYIboafRqK_G0i9vB6vJzQqelMzQN1RBrGnACwMHtlmXh2yECKR0B_EnkBgBfQ58NSTqdyqA5WRB8__M7vzJa9yH2KkvOp3-byPb1pslL_FdWU9AG6ujBo2Fc2csTyrjUyvjq9BU66INngq6J7-yqZZ32SM7sH802wD41WdV43M68DOdP8XqaU1FNkUOtF4Uq3rA&sai=AMfl-YSmf-a1evh4F9u4sdBKxsQZikniYpRYEJ2NI5X-9y0Ulxqm7dJRpRVtfkTBE4u6VOunn8Yt__Te_pKXFxZ5lHxBGplNh27QOxT9KBJtUVY&sig=Cg0ArKJSzEeqm72h_lVTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 03 Jul 2023 23:22:19 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/ Frame C62D 		346 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
279640665adc92d4244ed1cfbf8e8dc558eda38fc5bcf56cb9d8bad0c5c5de91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121735
x-xss-protection
0
server
cafe
etag
12685644302287297552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:19 GMT
truncated
/ Frame C62D 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7617d23b8c119da6844e2361e3cac16804206bfffd298c3898c4c518074ba04

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.com/adsid/ Frame C62D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 044B 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539825&bpp=11&bdt=107&idt=103&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&nras=1&correlator=4741162245852&frm=8&ife=1&pv=2&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.r1bi5j2w20jt&fsb=1&dtd=120
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 48DC 		23 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e969078ac82e4b5fd490d6c0a0231118b718512f6a4a1b35ee0efbc5234e8ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
11017
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:20 GMT
observe-browsing-topics
true
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
container.html
2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 31A4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:19 GMT
expires
Tue, 02 Jul 2024 23:22:19 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BD0E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:19 GMT
expires
Tue, 02 Jul 2024 23:22:19 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E3E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:19 GMT
expires
Tue, 02 Jul 2024 23:22:19 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 629F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:19 GMT
expires
Tue, 02 Jul 2024 23:22:19 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4F5C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:19 GMT
expires
Tue, 02 Jul 2024 23:22:19 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 31A4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Csg3mK1ijZP2kLKPF7_UPt9q2iA-6iLSPXJzX7u6pCMCNtwEQASAAYJWCoIKwB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMByAMCqgT1AU_QMl1WrVSX5120rd2ZSZRICckGHzxbyR1heswgjaWbe14qBOGJ3f0mGlwuvC5J71PfpPbO57_FN9wuMfc9Ffwq75VLz2ubhuwC2rTywAYTaBw7QVwnlzTy2wVakelaHbbQrqN7cReIHGnYSsaoCSBBgjTeePc0F9MJywZuY9FQXC9ubFyaN-vZl335GMTyabBD5rmXnfsGHT1V1cZFodC8kNFyTpV0kurFzZ4EN3xW7nWI0bnNHiwi09jaMnRn-8ztU7-wsHwByXbIIMeuCz4G3bklnpBsVyx_sqDTs8ClhhI5YR6jiKC-0Si2sUNOjR0T58D04AQBgAa2ufLw3vTjxIsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc5ODM2NTEyNTc4MzgyODIY6sFt&sigh=zSJXWnqMwtM&uach_m=[UACH]&cid=CAQSOwBygQiDNp4B7s3BUbuOOIHUStCEBr-MVNVbIgLtE1VdbNYLiOHaltcMEx4sU7o1brOBoJdn987Or3pnGAE
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
a.gif
i.w55c.net/ Frame 31A4 		42 B
582 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=REQ3N0U2MTM4MkQ5Qjk1MzczMTA0RUYyRTI0REUzNER8R0ZaZ1Yzd3h2UnwxNjg4NDI2NTM5Nzk1fDF8WG1FS1o4a2t0eHxYUks4TjRSd2FpfDIxMDg5MDc4MjNfRVh8NDkzMzB8fHx8LjBQfFVTRA&ei=GOOGLE&wp_exchange=ZKNYKwALEn0Iu-KjAA2tN7O9SMgVO-5WPmSDkg&ac=WFM2YVdYQTl2bjpYU1pHTkNKTWpzfDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCOCMwLjczMzczNjA0fElBQjgtOCMwLjU0NTE3NzY0fElBQjgtNyMwLjA3NTA5NjQ0fElBQjgtOSMwLjA1NTg2ODAyMnxJQUIxIzAuMDQ1MTQ3MjA3&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=ye-mek.net&s=https%3A%2F%2Fye-mek.net&ts=1688426539798&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-NW&rnd=7901023285380320&epid=R0wxNTIyMg&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1udVZVV21Ndg&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=0&euid=Q0FFU0VKRjZTUkJpUVRHUTVUYUxoel9fNEVN&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=i5q8qAuCC6Oo713cGEGY8A&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEJF6SRBiQTGQ5TaLhz__4EM&spidu=GOOGLE&pidu=15222&hmpvu=64a51591-7086-4431-850d-9d4468c3bdd0&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRK8N4Rwai&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.44.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-44-22.eu-central-1.compute.amazonaws.com
Software
PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-0afa2568184f9f5d2@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jul 2023 23:22:19 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-0afa2568184f9f5d2@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
creative_add_on.js
cti.w55c.net/ct/ Frame 31A4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRK8N4Rwai&btid=REQ3N0U2MTM4MkQ5Qjk1MzczMTA0RUYyRTI0REUzNER8R0ZaZ1Yzd3h2UnwxNjg4NDI2NTM5Nzk1fDF8WG1FS1o4a2t0eHxYUks4TjRSd2FpfDIxMDg5MDc4MjNfRVh8NDkzMzB8fHx8LjBQfFVTRA&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEJF6SRBiQTGQ5TaLhz__4EM&spidu=GOOGLE&pidu=15222&hmpvu=64a51591-7086-4431-850d-9d4468c3bdd0&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRK8N4Rwai&
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:8e00:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding
br
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 05:53:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-amz-cf-pop
FRA60-P3
age
494938
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 17 Sep 2021 21:17:39 GMT
server
AmazonS3
etag
W/"a6c8a5bdec77729759b220b95bf503f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
must-revalidate
x-amz-cf-id
bfsfKqmrVH1ljFBneyS-5U66aiO8RfLEkPAxrz7FCH4ev_51YmW6xA==
XassetJtVGFj2g.png
ads.w55c.net/t/d/ Frame 31A4 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.w55c.net/t/d/XassetJtVGFj2g.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=REQ3N0U2MTM4MkQ5Qjk1MzczMTA0RUYyRTI0REUzNER8R0ZaZ1Yzd3h2UnwxNjg4NDI2NTM5Nzk1fDF8WG1FS1o4a2t0eHxYUks4TjRSd2FpfDIxMDg5MDc4MjNfRVh8NDkzMzB8fHx8LjBQfFVTRA&ei=GOOGLE&ac=WFM2YVdYQTl2bjpYU1pHTkNKTWpzfDB8MHxFVVI7&js=0&ob=0&ccw=SUFCOCMwLjczMzczNjA0fElBQjgtOCMwLjU0NTE3NzY0fElBQjgtNyMwLjA3NTA5NjQ0fElBQjgtOSMwLjA1NTg2ODAyMnxJQUIxIzAuMDQ1MTQ3MjA3&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fye-mek.net&ts=1688426539798&c=DE&r=G-NW&epid=R0wxNTIyMg&mi=d2Vi&wp_exchange=NWP
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6000:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c5275956fa1bf68a0418dddb092a5881af6b6be10f6dca54dfacda6ba41992a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
8SPBXJhT_RiSNmerbyVsLrwEkkTx88nO
date
Mon, 03 Jul 2023 06:47:13 GMT
via
1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
59709
x-amz-server-side-encryption
AES256
x-amz-meta-width
728
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-filesize
29942
x-amz-meta-height
90
content-length
29942
last-modified
Thu, 15 Jun 2023 15:29:43 GMT
server
AmazonS3
etag
"1ff110a85bc3d8deeb9bac4954656b3b"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
bAy1K72xJSdU1SpmJpW22FaOplyPHoKI4EuGmFfkdbNvpbbOGd7Zgg==
pixel.php
t.hspvst.com/ Frame 31A4 		95 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.hspvst.com/pixel.php?id=2677&t=P&cb=7901023285380320
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.58.197.185 , Indonesia, ASN174 (COGENT-174, US),
Reverse DNS
staticip-hv4m185.hispavista.com
Software
Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 03 Jul 2023 23:22:20 GMT
Server
Apache
X-Powered-By
PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding
chunked
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
image/png
Cache-Control
max-age=315360000
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=3, max=1000
Expires
Thu, 30 Jun 2033 23:22:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 31A4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 21:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
8390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 21:02:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 31A4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 17:33:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
20918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8312
x-xss-protection
0
server
cafe
etag
5477749917372345267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:33:42 GMT
l
www.google.com/ads/measurement/ Frame 31A4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQm0fGWiS0VzbXWYABTY8AKSKbGNZ2a4GzbVv-llbehwOLl3znhlZs3PPErFUpRuNgE76a-Ds5Wpb-6jiScBim7DONOZA
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 31A4 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 19:05:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
188211
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 30 Jun 2024 19:05:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 31A4 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:20 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012306200257000/ Frame A8CC 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20f091e39a994eac247abb2db8c48d424cb5f3ea8280cea2194168c2bf5f437e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Jul 2023 17:13:26 GMT
age
22134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61862
x-xss-protection
0
server
sffe
etag
"53e838ddc697c5aa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 02 Jul 2024 17:13:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame A8CC 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db6c8330efd6e6bfd20dbed90de2e76fe0bac473c76abe90aaa91fac7bb067c6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Jul 2023 17:13:26 GMT
age
22134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5232
x-xss-protection
0
server
sffe
etag
"b6c1e0819a00bf67"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 02 Jul 2024 17:13:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame A8CC 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8169070527736f2296d9d72e169101428b2f9821205614dc54cd16d3130c70f8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Jul 2023 17:13:26 GMT
age
22134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28873
x-xss-protection
0
server
sffe
etag
"8e0d0270ff0659af"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 02 Jul 2024 17:13:26 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame A8CC 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d02205d1075cf66ef0543d8db3852b017a4883d969215df91bd3896eb1335b4e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Jul 2023 17:13:27 GMT
age
22133
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16664
x-xss-protection
0
server
sffe
etag
"23a306184e731580"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 02 Jul 2024 17:13:27 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame A8CC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e5a28a902c7f1edfc9c082269da365300b36ceb1eed186bf26523d6867ed986
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Jul 2023 17:13:26 GMT
age
22134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"381f894f71d56fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 02 Jul 2024 17:13:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame A8CC 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d660119d70fde473f7720a43fb960d95c8ff46768e67d762f9557179709b8942
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Jul 2023 17:13:26 GMT
age
22134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12958
x-xss-protection
0
server
sffe
etag
"542075413e45081b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 02 Jul 2024 17:13:26 GMT
truncated
/ Frame A8CC 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5761dd23014a59a80c28aa2e2e8f917452b16ba8c51b7c4ec1c7e3727fcef06e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
300x250_ZN_Range_motiv_01.jpg
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_motiv_01.jpg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d64c6d0f3aee8e256b9cfc4c1bb44e4daf20b50e8103038c5ab9aed27a5b5185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12556
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_motiv_02.jpg
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_motiv_02.jpg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
969ec3de890b69420b346cf069cf0fdd08a58828a83ce3dbea20c866c8c52536
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11755
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_motiv_03.jpg
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_motiv_03.jpg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bea79c8339103eb65c3c78986da954cef36ed141b02034e10314f572628fb729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13051
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_paper.jpg
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_paper.jpg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
849ba610d536297df4d56f5aec64fce464d4166c11b1d2d30a6e00ad23570afe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6254
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_overlay_02.png
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		472 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_overlay_02.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8652e27002bee7a3bbf2bea8cd73cbd19b134f00bda6528640ddd5c98826bdd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
472
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_overlay_01.png
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		787 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_overlay_01.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4bc923d5eba3e5804d9362ed9994e8f0b612ad8186fff426afa91860319c4b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
787
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_text_01_01.png
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		644 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_text_01_01.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a791bddf64e032cc49941dc2eba79c1346ba37b32d4be9acc63abb2643cc422
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
644
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_text_01_02.png
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		486 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_text_01_02.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a272f5ad880412d2337908257f33241b65a6d0bbff745bf3752b1d66e0781514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
486
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_text_01_03.png
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		763 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_text_01_03.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cbe00cc7557498845d55c1c32df378da128743b06bb6bc9b2af2af142beb5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
763
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_text_02_01_01.png
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_text_02_01_01.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fd79e4c8d7ffdd71d8790cb804978f011cac067718f363cdeda887e34947b39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1410
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_text_02_02_01.png
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		218 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_text_02_02_01.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d64cbbee56a7ac4037731942f74e80bc6f7044c6c9e5667dc8ac15fd0c8ef08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
218
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_text_02_01_02.png
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_text_02_01_02.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8fd6a726662c515878453612def3bab16559fb6bb33b1ebaf50708a311952401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1561
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_PS_01.png
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_PS_01.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7068eeade96f50e60559ce657a5f220dbb11de37f1db2f449c5417fe679d885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7141
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_PS_03.png
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_PS_03.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24c7796f3b3c9b051f952a478d7a5df944d83ff0ad7efb64130dd7af275c439c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6466
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_PS_02.png
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_PS_02.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6510df06a5fc59708e70510ef5b649004ae66f6c497741d58dabb223b5aef9f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8563
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_stoerer_01_01.png
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		481 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_stoerer_01_01.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fd76ea1aecdb515ce204d1d197f7cca3373f2cf12c1d844a22ac4bc697d2a1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
481
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_stoerer_01_02.png
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		759 B
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_stoerer_01_02.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c274d3c8508b96ddeb7a0f570316486d5fa96da90cdf758e33e55e2e6ef09102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
759
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_Range_stoerer_01_03.png
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		813 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_stoerer_01_03.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
280de5c42a75c9865c1bc0cb75c22c790ab35d98c1d06256a0656d1fabdc3212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
813
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
300x250_ZN_CI_logo.png
tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/ Frame A8CC 		310 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/7387083130156401348/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_CI_logo.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e76432c7710cb02ca0d891c67a2faa7d68040e1e1885ba68906233577d65a68c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 22:01:40 GMT
x-content-type-options
nosniff
age
91240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
310
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 12:45:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jul 2024 22:01:40 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A8CC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 19:04:08 GMT
x-content-type-options
nosniff
server
cafe
age
15492
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Tue, 04 Jul 2023 19:04:08 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A8CC 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
35230
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 04 Jul 2023 13:35:10 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7217 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYn4Lo4gEwAQ&v=APEucNWan0RM4Eq6JZWLjxuYcW7WseVnZkZmgwWPBGy2U6KD_sPPJ4jNdbbNemurX4JtB3QokkblZg_GlxDU25bDjN2tuFYRMrAeYkfVmR5QQWIT9PqcoAqIOgubq0qYoK3sGzwhgn71vPRJ1ZUwl7V7uHgC-ARg_x8YAhjjNRn4Yh-eAJK9XQg
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame BD0E 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD0E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0tBjFeGagxiiXWw6o2uQfraCMd1obDY4DjirOJXchRn9L2YT09PKONG4G43WHGe-eunpkm6z1EzgBe-UR9mUEatxKKm7Rt6ZsWiSuwH5qOAE_rK0
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD0E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2186336911989968138&x=1&ct=76
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame BD0E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 21:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
8390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 21:02:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame BD0E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 17:33:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
20918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8312
x-xss-protection
0
server
cafe
etag
5477749917372345267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:33:42 GMT
l
www.google.com/ads/measurement/ Frame BD0E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkHyuy8gm3xbRH4L8Wu72jyxN3SZex1CveNNVc7umQX_GK-I7zlkxb0TohOanTV-ntE8idm0yLrzdRnjMN9eXw2uJ8wQ
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BD0E 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:20 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E5D9 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjNmbXcATAB&v=APEucNUz9Ch3iEOhHwGjc4YxYyK5JK9Zh2bshki5s-dCo4dd8zIyWMS4pMFsT4E8mJ0FY0CdhLzTlkEksyDqKMo_T1-IsrhqDWnK3czhJU0wcxqYzwq6tNXcKN3DM74Av0e2y3JRIys2I-bEIBEa8-SOvVUcdG0mrjEt2SbrOxpygDxTA7bwV_I
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4E3E 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E3E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AqjRSUq5A7wpb72QiPyZ6v-Qmcdf-SYbhoNaD_VJj3muCUfzb-cC6dnlPYtbV7Od5lZK5dXUYYCVcO7Pw8Zr4GDrAn74mQvuEoGDmN0ZUG6velnsc
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E3E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9191009336661159281&x=1&ct=76
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 4E3E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 21:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
8390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 21:02:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 4E3E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 17:33:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
20918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8312
x-xss-protection
0
server
cafe
etag
5477749917372345267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:33:42 GMT
l
www.google.com/ads/measurement/ Frame 4E3E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUA0YoRs8R8q5H93WkKmUx-xsFKVmoY6tZaTfPz-iKAkUD7J5n1aJ0RRbzMBYGBXOeCBvzBt7ct0oPtNzzoNs_N9sU_w
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4E3E 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:20 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 34CE 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIY8ICq0gEwAQ&v=APEucNXW4A5v6gJxb_SsD3WkSLqCPhrCm190oQhO_d8CTvdLQgCNmOjnskH7KuKeQZw4JhKLxLUsb3LmGq9EoLOfaqsTbUvMWMQo56gbfnVwwDkCfbojEyCEXM5jnxCZHfXELpfRulH2qi2jxlZ2W0n3SKlfO6LsDSip7KUr7359V7d2QdotHDw
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 629F 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 629F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BxKki6tf_0WRV1B_EvgYU7hrVRRdKi_5L7PlljgNpa5rmJJd3WipJD2pW8LUv1ScnylxfLmm-DyyEY3OtmoJarfWZ1ROjKCOYjfCLIpFCyUzcDXiI
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 629F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6531176856135112530&x=1&ct=76
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 629F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 21:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
8390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 21:02:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 629F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 17:33:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
20918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8312
x-xss-protection
0
server
cafe
etag
5477749917372345267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:33:42 GMT
l
www.google.com/ads/measurement/ Frame 629F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2jjIOU5-fuZ_WJk6MzF2MT62GUhHaYCAUIFQy-uPMcQ_K3q1_POi981L0hEuHKgkOiuamFVnNa9ZPODYgCA8W5usNcQ
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 629F 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:20 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7F4A 		398 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjfobXcATAB&v=APEucNVMF4cCy1HDk7A63KoQenGxUDuSiuW9rCeTf2FImhrNQhopt4bEGf2JQsLIT_O55UCBxzqGTyS-zbNVg5x_EO6N3DT2JjLhwHy8B0ufoQNhI-8wYHZBDFz2T072X5Uk4e0WHtGx_Cv1vmrliiGu6tNVJW1oBloJyun9WOx-g-GjY2t9jss
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4F5C 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F5C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AQBmJX1e69t6-5Tp87wJGLNWtcJX2nn2pXRNu1Y9QoZmNh0eqw2JJsRTNjDZlmSqgeNQ5V-BnoSktnCNZRXSC1ZZyJ0eDA_MoiEVyZdBq7CJ1UQ8k
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F5C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10751858688525875243&x=1&ct=76
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 4F5C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 21:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
8390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 21:02:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 4F5C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 17:33:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
20918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8312
x-xss-protection
0
server
cafe
etag
5477749917372345267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:33:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4F5C 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:20 GMT
rum
dsum-sec.casalemedia.com/ Frame 7217
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELID55FQnsf3AszzhkCsIDI&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELID55FQnsf3AszzhkCsIDI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYn4Lo4gEwAQ&v=APEucNWan0RM4Eq6JZWLjxuYcW7WseVnZkZmgwWPBGy2U6KD_sPPJ4jNdbbNemurX4JtB3QokkblZg_GlxDU25bDjN2tuFYRMrAeYkfVmR5QQWIT9PqcoAqIOgubq0qYoK3sGzwhgn71vPRJ1ZUwl7V7uHgC-ARg_x8YAhjjNRn4Yh-eAJK9XQg
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jul 2023 23:22:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELID55FQnsf3AszzhkCsIDI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7217
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKNYLN97C.qw.aIYLVJ3QAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELID55FQnsf3AszzhkCsIDI&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELID55FQnsf3AszzhkCsIDI&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYn4Lo4gEwAQ&v=APEucNWan0RM4Eq6JZWLjxuYcW7WseVnZkZmgwWPBGy2U6KD_sPPJ4jNdbbNemurX4JtB3QokkblZg_GlxDU25bDjN2tuFYRMrAeYkfVmR5QQWIT9PqcoAqIOgubq0qYoK3sGzwhgn71vPRJ1ZUwl7V7uHgC-ARg_x8YAhjjNRn4Yh-eAJK9XQg
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jul 2023 23:22:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELID55FQnsf3AszzhkCsIDI&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7217
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELT8Qq32vYzCEF3mgmCugnU&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELT8Qq32vYzCEF3mgmCugnU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYn4Lo4gEwAQ&v=APEucNWan0RM4Eq6JZWLjxuYcW7WseVnZkZmgwWPBGy2U6KD_sPPJ4jNdbbNemurX4JtB3QokkblZg_GlxDU25bDjN2tuFYRMrAeYkfVmR5QQWIT9PqcoAqIOgubq0qYoK3sGzwhgn71vPRJ1ZUwl7V7uHgC-ARg_x8YAhjjNRn4Yh-eAJK9XQg
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Jul 2023 23:22:20 GMT
AN-X-Request-Uuid
d5d55778-9316-4c2d-9326-2f6a61e1d9be
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELT8Qq32vYzCEF3mgmCugnU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7217
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2ODc3ODk2NzUxMjI4Mzk5OA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2ODc3ODk2NzUxMjI4Mzk5OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYn4Lo4gEwAQ&v=APEucNWan0RM4Eq6JZWLjxuYcW7WseVnZkZmgwWPBGy2U6KD_sPPJ4jNdbbNemurX4JtB3QokkblZg_GlxDU25bDjN2tuFYRMrAeYkfVmR5QQWIT9PqcoAqIOgubq0qYoK3sGzwhgn71vPRJ1ZUwl7V7uHgC-ARg_x8YAhjjNRn4Yh-eAJK9XQg
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 03 Jul 2023 23:22:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4a1b3a20-598d-441c-b9a4-6fb0137a1a23
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2ODc3ODk2NzUxMjI4Mzk5OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E5D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECP5tnLgBqOC97Z9cKObQtY&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECP5tnLgBqOC97Z9cKObQtY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjNmbXcATAB&v=APEucNUz9Ch3iEOhHwGjc4YxYyK5JK9Zh2bshki5s-dCo4dd8zIyWMS4pMFsT4E8mJ0FY0CdhLzTlkEksyDqKMo_T1-IsrhqDWnK3czhJU0wcxqYzwq6tNXcKN3DM74Av0e2y3JRIys2I-bEIBEa8-SOvVUcdG0mrjEt2SbrOxpygDxTA7bwV_I
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECP5tnLgBqOC97Z9cKObQtY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame E5D9 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjNmbXcATAB&v=APEucNUz9Ch3iEOhHwGjc4YxYyK5JK9Zh2bshki5s-dCo4dd8zIyWMS4pMFsT4E8mJ0FY0CdhLzTlkEksyDqKMo_T1-IsrhqDWnK3czhJU0wcxqYzwq6tNXcKN3DM74Av0e2y3JRIys2I-bEIBEa8-SOvVUcdG0mrjEt2SbrOxpygDxTA7bwV_I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame E5D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEHuZPzkDXn7Lmo-2_KjaXwU&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEHuZPzkDXn7Lmo-2_KjaXwU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjNmbXcATAB&v=APEucNUz9Ch3iEOhHwGjc4YxYyK5JK9Zh2bshki5s-dCo4dd8zIyWMS4pMFsT4E8mJ0FY0CdhLzTlkEksyDqKMo_T1-IsrhqDWnK3czhJU0wcxqYzwq6tNXcKN3DM74Av0e2y3JRIys2I-bEIBEa8-SOvVUcdG0mrjEt2SbrOxpygDxTA7bwV_I
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 03 Jul 2023 23:22:20 GMT
pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEHuZPzkDXn7Lmo-2_KjaXwU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame E5D9 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjNmbXcATAB&v=APEucNUz9Ch3iEOhHwGjc4YxYyK5JK9Zh2bshki5s-dCo4dd8zIyWMS4pMFsT4E8mJ0FY0CdhLzTlkEksyDqKMo_T1-IsrhqDWnK3czhJU0wcxqYzwq6tNXcKN3DM74Av0e2y3JRIys2I-bEIBEa8-SOvVUcdG0mrjEt2SbrOxpygDxTA7bwV_I
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 03 Jul 2023 23:22:20 GMT
pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 34CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEAv5vgKCLxJhMW6cSs8Aig&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEAv5vgKCLxJhMW6cSs8Aig&google_cver=1&__user_check__=1&sync_id=7535c2ec-19f8-11ee-9229-199d37980406
43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEAv5vgKCLxJhMW6cSs8Aig&google_cver=1&__user_check__=1&sync_id=7535c2ec-19f8-11ee-9229-199d37980406
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIY8ICq0gEwAQ&v=APEucNXW4A5v6gJxb_SsD3WkSLqCPhrCm190oQhO_d8CTvdLQgCNmOjnskH7KuKeQZw4JhKLxLUsb3LmGq9EoLOfaqsTbUvMWMQo56gbfnVwwDkCfbojEyCEXM5jnxCZHfXELpfRulH2qi2jxlZ2W0n3SKlfO6LsDSip7KUr7359V7d2QdotHDw
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 03 Jul 2023 23:22:20 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
2
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 03 Jul 2023 23:22:20 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7025&uid=CAESEEAv5vgKCLxJhMW6cSs8Aig&google_cver=1&__user_check__=1&sync_id=7535c2ec-19f8-11ee-9229-199d37980406
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
51
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 34CE
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzUyY2FiN2QtMTlmOC0xMWVlLWE1MjAtMWEzY2Y5ZDEwNTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzUyY2FiN2QtMTlmOC0xMWVlLWE1MjAtMWEzY2Y5ZDEwNTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIY8ICq0gEwAQ&v=APEucNXW4A5v6gJxb_SsD3WkSLqCPhrCm190oQhO_d8CTvdLQgCNmOjnskH7KuKeQZw4JhKLxLUsb3LmGq9EoLOfaqsTbUvMWMQo56gbfnVwwDkCfbojEyCEXM5jnxCZHfXELpfRulH2qi2jxlZ2W0n3SKlfO6LsDSip7KUr7359V7d2QdotHDw
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 03 Jul 2023 23:22:20 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzUyY2FiN2QtMTlmOC0xMWVlLWE1MjAtMWEzY2Y5ZDEwNTA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
98
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 34CE 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIY8ICq0gEwAQ&v=APEucNXW4A5v6gJxb_SsD3WkSLqCPhrCm190oQhO_d8CTvdLQgCNmOjnskH7KuKeQZw4JhKLxLUsb3LmGq9EoLOfaqsTbUvMWMQo56gbfnVwwDkCfbojEyCEXM5jnxCZHfXELpfRulH2qi2jxlZ2W0n3SKlfO6LsDSip7KUr7359V7d2QdotHDw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD0E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9721164041720&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD0E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9721164041720&version=m202301230201&ct=76&x=1&cor=2186336911989968100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame BD0E 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AIrChUudQEhZJ0ArT0dXwY6busD7m4hez-Vqbnyh_NuVrrIC5xFCqBqyG2o3qNCzD9CcRpOpCnx2M05zEzOqDwbGioduxE3HGDj1WOp5z6hdEO1eY&cry=1&dbm_d=AKAmf-BB4tWiot9DMuvgImhw1AZlGU6RR-65ZcPFCiSAXwp7pb52UBClQnlbcmOWvKh2yQqIOsngQXLm7cqdS9dZzmUgEa5ifSotCQxGVPMU4mDU94le_buB8r-3UIN2YN5VVFiYaW9cyA_FOYXrZkR3zUmLStBqGhCkZ_wLvs3wHZYnTtJgFPsZiHXRfE84uSFx85I9lG1fgjT0zilJNG8kSVLcIZPjlOH7sg9kXo8aPFW1X-Gv3OzB-dfeN4tu8pR34TuH_GP6bKJVIEu_Cxwy1BYD3jneGphQiRGOmOREKj0TpQZRwSygTuQC0otwVQ1V3fce7DCnbZfecXRe_MfLyy9p_J_vibuQZ71tX_LNyyu-NwHygwcbzvsCcqQ-ZpdMty762hTo5o2wnSbiqwCtddNViCMu2dV6M7vOFF2-lq1u6PZUa46noboNUNcvSEuCTVqp9aYOUf-0tQklpQtfVO4bhSKj58miRUJ4CVLVcyX76R5GbNpbcFIjOTJY9kY9qDG1v4aV2JCoQ2LxdyHmEoQhiy9_XmOH2bFNdVIswqlJ0ltiqsi1wofMvrR8BNmUbk66g-LirMIAEBDV7IFoPLbHwLUSNlVHkoGmwieXNaxXyhVH4WmJ-MbUCB1Fe7zSbjRWYUZbn-bU-jaCcLQtI-5Mf4iXw7ESq1GCdfmjc-F8zXwpA-Bg_ShElnKQPj66dZrHnIe1xEBx2owTLDu50QJvjJuNYbu6FgV05xZ4wTm6DBQxsEbDyvVLpq0--o35Nxe6XRI4jC6J13uPQkxptOx1BwgnJePSlSnIb1L2OWdgsCvfS43TvWrhcriaQcqdGRdWYZESxGf4I-nh-E4vIyAAi-TO2c7Fers8BCnSIamMDVjyhFLcIrdke-iEAmQyRf2MgcJ6ClDCALbRjLmCfhGaa_sI05fEkuKq1oL_KIAYIVzfKNVpJJotuR7zjMLHaz1hBwF7OqKgj7CQ0ZpAqScNcTGE0DVFXP-2r-3cdGJL0BRdQB7DCbBhvmT2pF_adSfAgnjCJ-O1A0isC3AvcJ7n6sJvYKsQqof-rqXYhZgtYaRPrtMVV8yM-SIUROumRlOF4efp2hiaFKNEiEE2RYjDcpkUhillDFuG1Bod_R5iS8Xh8hs7n5X50CqYS1EugwMPyYQTAfyvH5Voh5_G1xNpTOqqYv-dBK9W6LhSK7-Vpfj-dcDcqIX7VtWCWCQpFQDA4KWGwg63LPAwmazsNiPHRJjlwrwzvXiSFVwhs9PGjDCw5eIKOgkveqbzf5qA1GHrOq4t_ZNK1EVycAw3z-xgvk_pGYyjZz_qmusQcGw-OKifcEmblZ_7W9uBYW98fzSN_fOPPjkMMcaJ9jKzg0_qeODzdXYhzW5xLsOG1FB6FYgS8qvaRoQUA37AIyy-pPiV7ZLHiElOZ-ftyBDT-nsKdrnf51LSXdT_o0yuAcPlPtTCYQJsqugQcRAX-_EcjrftFVSUlmhc1rp3_a7zlqLAqObfy81NifgwEU6x8CiPzIXKHF7BfSTtS6X1fvNxTXkBr5uvWGlRaa7Tn4CZHG0Xfv2lCdoOxADdDyw2JRQdmcb9NM6MZJ600PP2mUmFt-IsPw2yQKY09N5O67uIiruiJkg72GDD5lylDjcUF2G7aS7r26FnoCufQAsYCDnhr2wYTA-iU0PwfnSe4dURLyTZXhNCWvYZbVqsvf2rGg1Oj0n66U4x82bhychJ7uRENIKPEYRS7hoql3TAW9Si1acRibWxOytb9Qfeps30_OoNMRAVx8Je2cHYaEcHScRVuSefubBBpPtyxwaArIRIuFU68JbfJVJP_YyZ_qPIhN9l9ojGthG5KMH_rgaB10wShwLrRHnEU3lPfP73x8R98OvlnnVwtKOzzLXWd0r-haDAOCx49fZZl-_8xgpeCvmj5LK37rMHCjgPU6rcIgiZeOIuPk_bpwFZ0EJgAsgdSj4SUZ4LMA0AB5lls6PR6_x2Qzk5gMD5syrAq33kO1sI2gn_IZwBsb5jgeOFBxj7SDB8bBN5H7KGph62Lne9D5tRQ1YLyGhUn8YXdOYGDTtksXmfT4vd-vM0ACbBT39AVBM53vsTTgW078IxXpV0yHhf0PMiUr3IrDldot4SUVdVKfJ6a9LwHs11BU3P8MTXtzg3ZFQoq8DZ8L0PT3LOBnN60_L3tVRzvtHAhbHE-AlWL_eZW2UIrYyzv8lAu7fP97NHFiYEfTZMewsmWe6AOVlngO214kJPmvebMpPi59svFtZaoWSvnM-bubJQNOeTurJmvWXuNpQxDleIPWLmBYJSNDdyBcMYQ0y4MfOIJw88XyvLQRyDN074jlpn9wW17p0WxC2pKyhS0irLj51h2FMFq13mi-xBgTrrRw4-ZfTuTO_B6DnEjlVYW_8W4hi4XkCZf9dP7FQbq0WSFXXcewn09AndyJ6EGXkdOHjJ1dF0DH61JkYtIBX_O8tmJaXdswMy-NXpULTBEDnZoaCUuo-C6J7KxVCl7ArmzKlbNFBHHaPMNgLjM0oMPVxDXh-x8jIrTscSPkpeSk9uPZWm8COPHb0oYcS7RBeeYPNPHf4R274bEuFojUMQKoWEpZ0lphFczams62VRX5BV5rmCIMf9Cr2E9X2_a5_-OhY-EsTdIR5ALOjYMFVOjHSz7vbCzteRqQrAMJ0Gm2R_hGWVyrOp6WhN9pZTRLxmNFsrOX0p_fdVbVJI2eZ3jAi8CiKoDni7A3dv0o70WWzeCUuMmSUHlkInCEHMRdBsFGoDqYBGCpZGbXK0bTsKU0Dc-h9fpHN6gjp0SLcnQzb2dZ0bwZwFVMB3FG7oSaGaPu_cKSu7ZOPETNxeUm6ji9yvndSO06VNwn1C_XlKaCvmvHJCAv9GOqbIAfbLtHZS3J1h-MXvyODJoOIxnbZYevFsVx7AVFGzaqawAX-vGMn7cnYSIBfLsJo3tSTk8k69rAeHvCoZaprjht8jG95ZmRqXftA7V65ctCA2cM8WNJkNn8ZI34ZLDZU7vRMD6Ib25sH6f648zH5IzrmGPWfJJXjZWWgqGCrOa5ZHoBV2lI-Tk2NBqAINQJy1Ae7z0tqQJw2vbBuwB-d6ZCc-vgkJd0_Jzjpca35RVOr9OEeAO4k0BeJv0FlZYQp7fh_YjslVjp7obCkL-upKHleY9_kdJh8rmLE3-v9jO8hPj8izwEdTu4RpwdSBXH6q7ePEfL5r66KEUDsP-qou4MlUprNuJoq88gqheeAN8EDdDYmFDJi593kFPgoMj6xGOZkPu_aUEzu92cklom0bPZuphyZdAbZFR-3pKdVEsH5gDl_aTrz7RtYB8bYAR8oHgFu2p2olyWB9DyLWHMdrcQJ2EwHCbE5Lg7mv42SJ86boLoNFb1zs5M4JkcOp-9NG4jQ4e8r2sfgAyoMtV7jnmVHqTcN8SiiCgGlrpKYHAnvt0Fd-i_E7IgVhsq-t63QHzrdl&cid=CAQSOwBygQiDDHZ6arnIXMVRTk6nZ-IzJiAh0cCT-PUyirqZb9-XBQe1VvWhRJtG257q8Xo-xd_9BxiAaXqUGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2186336911989968100&adk=1599433117&idt=65&cac=0&dtd=44
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61d02738bf43e95644b1e74f9bfa7bd2d51e394469bf9edf130d52a674d9991e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38179
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E3E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5066984137592&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E3E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5066984137592&version=m202301230201&ct=76&x=1&cor=9191009336661159000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4E3E 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUHUMXrdbjq2IxE5zcGjAEM_4QcKKQ8xRiPTF0H-i90jAMtQbtWRIxEHlQqbyj__WYOp0kNZmmt1jRwK2ZTSx2vQ4vpf5R7hQMzwqIOq3gAPN2VNI&cry=1&dbm_d=AKAmf-Azuaxf-a8sYzg-NoBbhOC-zhxjWeDmsodxRMMglRsO62FaGB3fJRSF-v0iP71bldwAGidPlBsvbuumSCgV0QpNr07JNDGksibOCAk38CcfyGoTBGuCKrcWthwuDizu35HUsH7beNqmGI-BrwykMm9gA5mnMQYbu6nuWrYKowt-EnTW7x-m0ypUbg9g4F1-jkAHw_jOQZPNJEsxWnuM16z0mhyZYCSgAkNGUL27fvXXMCIDJ9SEjpI0FxgJN6p_SQbK_X9yfPUeT85q3lX4dKoFw8NHPuZ2PclyTkQor0cjTllhA4kTts_0-zQr6FH3cFr2uGhlrh4_VuB4zjoANrffsGtPlSTaVgmgpUgondl3FDlmYDbJQljUKy2nxxUuNkGNfpwBDKl5iBt1rfCDhshURk0stJaswAzHwIsW2nfoNqE-AMICJdI73DEk71rnQWLp2odsGl6Bnq9SadzV-sM3fumIrYb5rN--55nW90b1JfEn-iUJCN1gRF1xnFZUnqaVICP7V0aK9EA625o8QO4s92RNCNfZMRTcw16r3c4GCyvsjcHnese8-7MC3yn4jjnELf5j45PGvimmplmVlChwGnHaG8tim6_sRpSogfjNlsP0jz8XOTnl9OSFtrAc6iTH5GUIUkvb06dv1XUdMz0Bc1iIZZaRDOb4Ur032NNTJYmvyFkG-zlh5ZNOIMewzQhH62_Xun4C1sNzzLbnmCJsCNCcyk3n9RohMaqoz1l2ECR7G4SLntkCXsxTFaiQVluOPZRXP4T1WePJ9kS7DhMyrWOmBJxEXP0deyHg1-l0XOb_8t6UKrZc0_bLdkzO9OpL5r5IgIzCPKrrduP6icAfAW78-4LA7A-Q3tSrsWDFhMYlUVM1215gtBSCsgbnJrJk9YS6mDFhjLcO5uPYj9vBrCdVHof4hdx3ki6vq-CxA6pFDEj4sOSPzxNV1jJto4olEmroZdFRa0ESHN0bujTDNjSWBCAtPVCu3qMOGz3fneYJLQn0S6yt3hil8MNIcf3XjcIKfbVsIlr-Jg1RIoae7uXye9HdCCdmGfB4PDzaJJTSsm8f21asFXwyE8s-ck46dpzZJazgi_MgUkDafgz8zE6nYW5Dz47YfTzRy77VD48u_sy5LieDxsrfn2XPQ_kyJmFd-45NPkrktxMwTsNrp55NayY8qjqebL9R4mes2_R9PUdL6V1MTHAfQ-KWpCXFd3rxP2Vn99HEkV3mgT_G9LbR48alW4hR57q7ixJiZ8o1G-_j-_Je1kzOlXmG82xhy7Uvt2zKXYaKCtD9vpHUJmA4_S_UV6MWq_cSpsVmigdqSFKh36KCwSXKjm0i1PW0QCL3iV_VrkRD2pVEHzglFhegL0rDbAMa6PtEle-HdX7LBEFQP5XIP2uZPzDZKaUskc76gtjnUlgU6P9Ch1ZKKKFHAj9CWdIQ7wx88AGYh1grN3fMoTfEYuf0AbuVzyjj2I5xrAbRLTGXa450oWyAAVP_XPZcHCcxO5BrEWjjTzsHqUJ3YLwOsM-XUbDsXivDtjzfcuHnrM0wMEniDLuym6nSpnBlga12r2Q0of-RgbFZdjQW44EgHD8SwBrUl9-vtocPvItyH6Nz0Pn_o6wbfbF6nCDWBgIhqhxQehIN1-1keZtzP-TR3s6JXPnHHjmyqgmE9ZQvfEpPMJBQw7jeLvMRboApEbn0KkaAB26_p0-cxSezdpPrhe_urcFi0wm4cuOXL5eM9YkCHvGJ4nXz5bCj07AONS8T95oB27oD_xBXLQ4An-0wOy2wtLZijLh78W71SCpkYdDsmLe0y5m1Tr3Z1cbRGWbJUH51qn15LfeKtDFlS5yLKezZvc8TBkX77C050Lk7F4BBWaFKnh1M8PDBqmyFDkg5EQ4xJ9_Wbumi6LkFFRp1wVNysHHhLWhFx4Av1hfM2ZnMHpUp-rwb7ae5c99S2IytCub3WjeNdH7O4e8kFr4PYdALo5BETmgh6q3K9pzJEJV8l1JnM88Kbvu95V3uxtbn65fIZsVPCt2j8ezWdANi2In_hpSao_MZACc9RkvZO0f3Qu0Izkd0lSbZ49N3y0PbDC3dtWibUvTcaLAZK25eMOk4Z6Ad4ginZHlMMUjXD6skHappRZmqdYrjMpjbk96Kyo5-EbRrD8TM7g5IOA9Ls6y2Rs2eUaDQCgEIEEVfojYkKLRie8q6RqjLc-hBgBaqh7Roaf5MvkZ2Ycp5slmgTZA5UKJrP3NL32MtjBKfrX1MI8pyGprzCV8tvRknOA3fnMGK9RRlV6bTkk51jOymI_APxKlMvqqGYa7aa2hci8k765nxRa9nLZD5kyfuscIVoDgv-H09nqlq5h2FSTlc0i6OaiMuNI2a30uKLlJ7tDZTVfGQxlFEwQrb_USXcjRHOpum_22tKRveg0t8O_35gArQkofcoQ-K3qbxy5GyPrutNXkZdTVuX4cv1-EudYvPUbz6jbzjg8FKH_HcrkfWU7AyrGM5xtx_Np6VqkE6f7bl0uJtC16c0xfjMQIgfS1YKkdR_doGmz05FNYrho5Sbxt0WnvzmBxNfFuFuLgauXs93ih_bgUMX_hWH283dC2TYgJiuC2vlgu9yaXVcVsRFZIQ7jecnc1cg1OSbBe7MQUJQx6ACeJLbkXH8PCFoA-AQ4MZip1c-j5zMHsKg7ghG-S3diSzRzPju0s3NwzZmMqXny-jLXUkBip5IHJYt_YGcZC_1UJM543NvHdCVuUsF3y_sXgMicMHj-NGdw2m086mw3rOs7lYlCK6jz0jNsZ9ugqkGtm_NuSVhhVVSqIe82yMRw-GofPDhh2aWREnkRU8kmysYo1S8iE3pkHfOyhqcOparQJmwu2IomS6yzXgqzV5eUGGcs8EFIvC_QbadWdaIaGNuRxjICrM4R4NT0l5WUQXtBz0w-QOXmOdWtekLDA5cTNpVKnfzvMZGbJ5ACY_c3IqY38YClm0dIWDTaRgu68Y7lKZG0kiEUlJ_uulYzWoxkWHqQArVOChWteBqUlUWKzHaXwL7wDYPIcCZJnJ4f7imYPkwMIvufuDYfUwqOBsp3bhK_UPKPoC-pGsv65aoRLjciSp_t3vrtTkN_H_-TNynf5n6CS4OwBSLZw8InJFjT9xAL9DtzZBFUKah71P8egeO7XjAEJJosVqQicHRsTmsX5STuk00MV7nkfgApX6lD1H6yDh-oBZ-xOFj9MJYxITmJDjvOSIKyEQtn3ztpfPm0Rc-ndroU4CNAMiTL0VdvDc1a0K2e-xujkD9Fj6wVwcNrnliHO8Vh4XPG6IJDIUq4xmxcdu92uqhKLSUgKrP_rmQhgNupXz00D7XjUDMiejq2BN150bXs7Xa_7T2CG5wGrcl9xBqr_zXR6VO_Vw3pMDW2bGuJhmXnwqQ5Yc1l_pDM6dKXOWYOMAVisc1Vy5AdwHP6t6yIwIshZ9mNVzeqLaLBEXKdy9WXEHnkMDLZSWeCJWnKfeIhvqhs_rBYborywMMlxxu7Q4s7uhaR_nt2HkddnRldTwb7xe_MzvAcSq5euaQycR4HX5JH-fxYTJJSMvocvyjvUm5_bFCGE4qhvKa50THNWVlCudfyPf3uUAzHYAuCpc2w&cid=CAQSOwBygQiD4M317ZcIeH3uYgh3fMVU7UweichxXU6cyRsYhhDFckt3wmvx68JVogCGB9mrlfupjVQrfPgVGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=9191009336661159000&adk=2465470143&idt=63&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdaeb6e5969dada1b47f782f0b127a95c6b27e8844e72891f198d9592a4f8538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37949
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 7F4A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEELHa0cvC_m7VNk8P6yXDes&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEELHa0cvC_m7VNk8P6yXDes&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjfobXcATAB&v=APEucNVMF4cCy1HDk7A63KoQenGxUDuSiuW9rCeTf2FImhrNQhopt4bEGf2JQsLIT_O55UCBxzqGTyS-zbNVg5x_EO6N3DT2JjLhwHy8B0ufoQNhI-8wYHZBDFz2T072X5Uk4e0WHtGx_Cv1vmrliiGu6tNVJW1oBloJyun9WOx-g-GjY2t9jss
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEELHa0cvC_m7VNk8P6yXDes&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 7F4A 		43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjfobXcATAB&v=APEucNVMF4cCy1HDk7A63KoQenGxUDuSiuW9rCeTf2FImhrNQhopt4bEGf2JQsLIT_O55UCBxzqGTyS-zbNVg5x_EO6N3DT2JjLhwHy8B0ufoQNhI-8wYHZBDFz2T072X5Uk4e0WHtGx_Cv1vmrliiGu6tNVJW1oBloJyun9WOx-g-GjY2t9jss
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:19 GMT
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 48DC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CkRciVUMgHpsZVOjCTGb7bnP-fpcrZGuOMmNOr7Q6IS41tFq_UjIG8cl_6l4oe_oRWp-DQO-kX7sOHLQ1A6tdyt557gJOs9UgE2CmTgcZsdEE5jYk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 48DC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13506009272160894950&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 48DC 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
372ee4f606f66d460727f0502b688f2049ce405679f274e8fb1ed175417479a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29790
x-xss-protection
0
server
cafe
etag
4661881725859498467
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 48DC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 21:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
8390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 21:02:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 48DC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 17:33:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
20918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8312
x-xss-protection
0
server
cafe
etag
5477749917372345267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:33:42 GMT
l
www.google.com/ads/measurement/ Frame 48DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTeyeG58I8mCcXQFhTA631V9JEPVaE7UwqZ39JWXkkFOb7tyIlh5CO7PHQJDoMVdF-srOi4qCFLXUGIIKvyV3Iu9iaf3w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 48DC 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DFB2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23384
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 16:52:36 GMT
etag
48472445140208031
expires
Tue, 04 Jul 2023 16:52:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 629F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2376678986822&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 629F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2376678986822&version=m202301230201&ct=76&x=1&cor=6531176856135113000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 629F 		89 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4iSxLkCajtN94ZaSqXPGgE3IqBaRO9b402PUi5W_aZe57pQQhGFkofJEM-vOCoOsSOlIprRuM_fpFJS_ljcVKk_IQkg&cry=1&dbm_d=AKAmf-DGqteuY7oy8dRNusWcs-QaRCnx34ndhZwXUV83ye19BtKMeNerv8pGUC1ge7vNtiHaNmnU-TJ7DOafdGqfjvUElc0x3mJubcwBEnNnBDDq2UT1pP4PMZ4b79X5SX2EwAJk2bfnKV6fzv9VowxzyjC1zgvN4JGLQb5WzStNkR-AOymOAjfJHHyuMzTkuNaMUv4rPpGceByP1B3J3KN3Xne126IYweKiBrZ9BHGhuCjaFjgEOEZi_eJlzniWqY5sM2LuDyrDSh3WTX9603TBkG9Cwn1DMJRoIFpEC5BqRMjI9vd9T72Nz3mSl-b3UG3yP7ijNBwmkK6zhd5rEu1FkE60POjhUDSY62nQ-DQi3tPATXMlTRikQSiVDpWLy6FwILl9jon6z3inhG_eE0kjZGxWdoXh4L0O07n8T-ZijkPB95d9pDhUzA4PsUVfg95ranbIHN2dXvS23iTN-z366PSqSUGVKcsk8QxfbQVBrF9iUQf5YSYoQAltHIW1PPDye7yshv4jGUpTNy2Vx0QvQKxYSWlNTKbCs2a9GTCT-T6wEXWLUYykAqJ290Lqf4SbdjS_EHZstFvqR32KxVIn4UG3cwlK4BwWrFX_72g6QnlpyNqADIvFgBLx0vc3qrvKYL4ZdjZN4IbL77fXrdrwMzlG-iOVMa5EjJmzyJ3qSTlI7FQEcJfIpyrCCi2Pv5ZD6Yc2ReMCJmEHdSR4ZBgmQ7lHrLNUKDkeyK115RlID55FSMH6ugeYLQbWJ5vgkohz4xsha5rhKO-aHXBENTd2edXB4SSQqj0MMqZ1qnoNQVkYhKIFhu2PRs9866aIDREf8LXf3KuMY1aVBefsIeky3YUEy41W53R-X19wHWEGhmBmlU3oh-73LbnljKV-3mrySysR5S_RR5Lv-IZ3ABMxRKip77_ALImTvEyjJ38fE5RfZDby2M-fDyjS3RXJawMZvcLWwwiDiDmC2Wnb2VUn7VRXSRPkSZivagyip9z17RJYoRAP7nMSaUThwKUxQtewbxYriXKz7YKOaFUvkpvfJtp1RwhHZuhkjgwb45ROv9pmvC4ACcd5qCA2HE-r4IiWw_8zx7t4tYKyeLkR1gelFnqe1j1Dog4XvvWXHGE7UOpkaXfEgkqfPF6l-Jg7uZCpWWlJDhIGSU8Iz3Q6glxYs44o1073NErThQCjwsd5yyX8EfHW_KgaCaLlezUaIg8j050EHIPvP4IhpF2omvQmAFHw1kpjrL-rUOHNBWHbCOmuS5VUGYOSCytH4e78hCyqYdPA_I6DjGvPi1aZcJJp_8e4NckuQowCEkCNpgqkMNL79ebnCpKHla0FbrlMfWY2VyStLRbdBsjhM7_ys3z1SLbITxRFPnnINuiJ5k-ZnAuCyvCxEDgSadRzugsRLMWHYT_NW2PUINxF6zOVR37uRO881-Pa9DmxqjdLDZs0XWsFYgJFH5zR1wTWhi1KXJ3qUSH-hOAVMnv7gNVgvV6QHAFrGb_XncDWD0Mll0n5o1YUfgn-bp2cerxQHtau_0IKaDN1N1zJDEmPqzIVsIqXrFakLplSoBaniSze_XJN27BD2swZBgKj2lpRImm20i1zHGzxZoCyWT5zC24x0CdCw1rzO91Avmi22RvtwdP_uVnAawj8-EGh4vpEkt1qld0g32zkLQrEWQBkQzCmuRzqrPY3slHy1a8kSGp2hxBsjAd0DpD7Fl34FaHUdcypjwKEoYR1gqVE8536PEhmEmPPxcRmoqqy960O9wxcmK_wf8MXN3t9YoOcJZk6C3su2MyFCqyBvIaVxnmk3uF5dbCm1p_VxwPidLel20LfcuKmHdiR-Ojia4Coa29gCU3UAewNkrEKPfb82I2OntbNdZa8piKsljkNx7bh1mY16vsya3mVdNn_FmvbFmvnVadsKBzp3-bsaXSnwU_Eq3L4OR0SpRNo86hMKsh-pgI2aaCtKEUCt31OEE3NF--RXHA6vHexkgZC7GOOfPBTMJGFOQU0Fx3sNmkNsAmO4HTcVsbqzQABCzVUTUPnA1fgyoypOaUJw1Onq4_gWWp5GB_MelIsvfGrGEOMTqQlORuHcA0dxDf11aHlV4Hz7RdvFPwVPV5x66KUYLwCF9LsaAqpff8PMQviWdJ67bF0dXu41j8JIdaL6JnOOfZHG_uvwENuROgEmMhKTU45KrlsQshMUr_-h5ZkIlYDMXK7WfL9fbwyGva7wX74lID4Tg9g5axKzF61D5g0rsqinjY615IcjEnh0DVL1EpHPHFCmgLZS876e5_cS6bH9qDUH6502BsSBc254zNOjL1YmhFA83lYheX4PadLfWC8Khdp1kdGHC99xLR_A8-Sjx6Tyttn8AHBX5UsOqp0c3JlcAEoO-oX6OauV4nozk4HXZ-vnG_iZ4P1QBNqDpbTai4qR43RuIfx3rke25VDvun_X3VQ3M0C2LP96Q-iwh0fokccaQ-WfYCpcnGqbERn8Vrq5YmM6iD0auSYIG4cBZ_mooBksoC0gx-934DzsRi1FthRfW8mDqE_7hz3z48q4hubPU7hKOYK12H-ochWxBMLt5OMkjHpO9wof1pJG1s2AginKHB-kEYeZnK1tmeU2IqL4qjzEpS5YKgJkdFYY995SCtT7_AxcDfyamt_hTbuqFvHqg1Ju1YoSlIH4nU9SPdeGsQZtiV4NYaWJos8yhLqVB0Fyx8EQL7S1awyv6n2qy-V8vPrCv3B033MYMulToEhpIRJn4h54cUxA7_Vgxr2jJGxCLOsI3XPHGyQfEYpDPyLMnQtetTHq3zVrYSx8nuFAcPNJf3WSAeaXCgQRpEMLQFfR7PxlC_BX5AH1hzdduaSiKtGpmLQ76j12mpB9YLX5fgoxRANCMY7Uv_GqN1tQ3I53eGb2uNwzCkIabTGYBuZ695_Bc3C6-dExI88LiLEd2Hl1ntMOo9aMY1M8BnaOz-pl6GL03MVFHkvh4VOeVK5F3GJoHe5s-YuvxiEmj-XDMm5dSligizDGDqxKoSVi2tk0xm8psHRj4qROGc72f7D8-z9ufXoVfuIICYn8OfB1uUrker4okQXFGHyRd69GoLSZzRVoEQsQ1xfbY0waf72m8_RdVg015d6G-WfVKnkE5caPpM7nxe1rkkEFeGw4IklCR8Bcdx2MKjf7TfR3ygzsH8GCSuoPSmlB8F4-ERXaLEUNcFwrTu5y3uNYPOkYMp_uwRSaTcBUvelz_uCfy2POsFJ02MNXkGQnQ1orKndKX-lypLOzq_HP2RV3qB17jWdUlFQWcI5ymLLCxwjeuf-Y4U9W6h_TlXEkMxxJZdouPOvfm6IUvzw09eSba6henMZ1OOpOVPdn2SPr65akNjzgqEErGDvNKOUcNe0AIrIQgizvUXUd71faSIyGHCwu42bSLH7m0keI5GRYrIMRyahFzN6NGwmldbFkuOVjWoZLFx_WROod8hUjJe4hKS_VHGisHcw41OonTiCXOWeBfJE_i7QnFHhrqmwPgnegCg1qERx4WExstSUIZtz7cjlYyrld-N_pbp48HWwhOmswL_X51N1Ba1EX5kMarCrubUBJ-U6-wLsjEa07ild0xCXKZLTsqrby-eFRy_XxgZC-LeCuIsmQJrSw4ecru7gi9fNsMjrKtYXuymUE5S9BtEzGH8nYpQv_sfRzFDU3GedMJWKOYTy4QFXh3v7_2t-zUZCubg8siS3YtJ4dCFtlHv6&cid=CAQSOwBygQiDt-NH8THXzpnvcFHfnsOPG0Qs-iJCzZfpIaFyQ98albDrOVxZxJh8QQQqTZqCygtYC5_YohPBGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=6531176856135113000&adk=212707235&idt=59&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed9f97a3b5d0987521c06f189cb3688ac17b011fe51ecf6440a060b709debe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36939
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F5C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3172506028357&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F5C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3172506028357&version=m202301230201&ct=76&x=1&cor=10751858688525875000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4F5C 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CpTQWZEECBWngQkxeZCp088yNXtQRHJICAOT_V0kkg3J42geynfFwOWPr4DSzXP07oUepW5dazbliV0ZtkerVEGKVEYe6xHuGpiCYvvFhAfP7csVI&cry=1&dbm_d=AKAmf-Ah11cdAnJZQRYWEFHaVWSOUF8ws9PRa-hVFutmX2dOm2PmdaiT4W6s8sqGVXFmRo7FUr1Yb_dsH9b2f0nz-RMxEwAqwcTvuChD_ezyPYXz1m0Y33C1XgOcF6u5iwMRCYTcvjSIJhCDGf1D3kKSZlgdH9ve7BuyElPqLF3OS8WQwwDMdz_49k19CAANRhWk2B2RzibwEo8YOxvAYpjMdvmKRXuu07tIy2NKhtD2lvEpMBu2DTwGtt88Nypjr9OdEqScLCNDQFb-OsY0hUh97o1RXOcNJXpkvYjZKsuv09B9M-cG-K8OqMY8gf7PiEMfGmX0nwgV4ZFGPVUizPDsM3kHbYKOgymyNEWko8rQSak2yrsTV-4axn0zyWGebNJkNM4sIY3l_nonYU2abxN6KnxZg8l63H-QBNM2WCyWn_zeVmgIEJ46tUD4xBmyUbpzwtZQaHAyf41_02gZ8K6hlfWxb-zGMuAUN0o3M2kU4nKgRogSH-eNhofZlylNawuCvfhD266AHzquUjEaoBG7qSXa2S41hZKqQsuHC_0LjadKXj_veZKFkGfkUWkS79qZQmUjAiq44Pg0qcQ3kFWvKJ3DBjQsEVP8dGHmaZxfxDX9D8AOfYbqa8hxVwN6LhpvSn_CZmc_eSqaKl_C--szfcff40A1YIT5H5VsszfIVTSn8QaZYS_4jMx73cLZUdHaYF4mzke5kLQP05hXSF62H-RMuu0J05UJnLrg4Grji2JXZcKaP_d-kwnvtYDnUFAcrJ4jtzFZCIYovfYzYUf2gjE3UV-jYK3OvUPHRxL_C24qI9u2PUNCY6ophuMhi-8uLFfjuYusH-wyFJaKcgfGtyB8GhXhZWvROE1nLmzbloGT1fkTYpVJy8Xdl8rVNMIXnj0sWWa-ALzwETalY6TH9p2IXxGKpxMEx9ua6ykoXRSdr97l95YNhM1qucUJyHHOwr5DhVkfwwBK1I7xvdSeZeVY157AnXMcBJ51po7xikT06ak_hlTKujjgZ7xdF3DkMIWPNHBeKUsUdy--bKO0MgiHJ69b6uoYRdoBjhzO1FsR08AGbPfpu0hlzvbD0VEsJ_wvy8pD4U8KvWrYQqkREh9jcYZxPSd5BmnhvzkueL0x_KoW8ora0IayuVhGGVYB-AtdEmgvsQZe5icThTU9f0u207c8MVhOI4lzvz-_-xRBnn5nE2RVe_neyFm09hzOIhKwgbchm9sX_ooatT3J0gXdsNWFkLzN79n-4NHzsmIAjuoTttl4gZL2BiYPzorX7Vao5OCLrlKjFCweAXAsYPXvTgBlTWEIvbZ3IaYmdpBDfVvUoXD0_PvItyUpmkKd6ErZgC5io4I3aDf44NEWbcKqFLACTc8dQKkjoEMHt0moCYYMNUj1LZFscXjiTqToOrZH96MbgoZQlFkkkSjHQGQFiSsTsOO97EVUxpteRvTV2RKE67SLjI2khvfMGoVXjWkwIPXR14OsIkow5CA1CzwyCB0Hhw6CrYazvLMJR-0RS2ruk92j0eZ4903YRh07nu9RRfYiaBJ8sYd-W89XJR1j4A8ePzZ4ErdktRYP9OgpwjnAFhDNB22cFoLWKhIgBDYZAgXVfbP-2JjRIT4lF2s2FOpG9ghglGNngVvCghnAdlyb_uaNC8WQlH3lPXZLgcm5QkwzuD5T1g-HxYTWrnGTZ384Y3HkDkfJ4HC0NQUkUhRh7yUZdKP4sYiMDiykxdScIARSUNTuysGbDdEqA9CybtcqV9pwX8z_fMRglvrAe6RtKPUA9VlkguVajPO32rNkFQYLf8MPjfpwJVJmBgdY30UvzYyAYC7fCiE9Po2qTCCX5Jjgh0SVJuiiOxeW8zOLzdvHGmU-sHysQyzLWwZVVvQGDataII4_2UiJYTawOvfwEYZDtrC1hZ_UAazARWuzPamztA33xWK90jt7Cwhd5PV3wBVf5D1eesCxgXnVdKJChcdoPxB8hCkIhrcSEEa2tr-L3JdI_4ToTBE5HB7qA76St5XkTwvYT-mc9Kox5MQ3e1zvBjlX2vo-nfYG2dLZpvaYUNcxxQ4TFuu5ud3pfrD-pAIpgPVXftNrGGpv5GzhH6Ahpb0E36vtiNjKzOxSt4raj03Hc0v4ubV70Z9ihdIO1kJ-IlxzpUmKxYob1HZfKfD3WSWBonxbhR4PGenE41UTagUskYRJBjZ48I1Sr9zYfSXPoe9ehkBDOKr4xcw81VUXC-wRDDHO-nUGUnQw-YK-BhaCDNwcb-FJYiTPkw3o37vi_LvpsvgBUeBqjZoFaGHQFqSPRYRreNTE__IKoRN0JyxCFWeVUWP6UF9VfrbUoJ_lLvTAgssqLxGeNgpfwmE80dOkedOu6trk6CIudHN_s9f65l70OEZbxKTaTjfiF5ak1LJAfly-y_Ovl-M8uWeHUdkFcwgdBNNWmLAz4RNagrZl82t4EF77pGAJjfLZWNfWz4C9cV3Spq39PipBAlZ6NAlK2fKZssi77fKAfhdsoV9IlBTOO5QivfWKApQ9PxnTg1SCJTWjEsLd7EPmmUurj4npkSZQsUjiI12HzjdrmA9uI-fC8LikTkuGLUPKM29i11XvtBz6wtQuhOYCmgSreCqoDW1P_A96FBstMQCsDytEK87uCLhFmNaPTWi_O1G0Iu3DhD8GfViPGUZ9y8CqSSmqyuZTh78ETM4Wa9OTQ0JzIshBEaHohCww6_FbYUcbSeS3Kbq4ytwfwePZ1qiWqcbWb89E6siYDSSZDSKA1SfbY4p4b7zwC4gW628HRWpEcLIYsdCluqHPZcssz-HIyWo1A2K1lm5ze71ePR5RZcBM06s9eaRnAuHiXiiKkjzo7SM-sy7-Sy3uprH0juRHUoJhNhZpHYTxD-sb5gVigJcmWtfinAk_-UM0f3buDHksh3SUOVkJj3Crx2mqKcw0hqtFhLfZViRDRKqBJdVHDwS6B5d4gIA8Fa5Hy28Dgubm1LaViDc7Y3WYTaQg7RUfEDPXWLruNIeeS6a-6o_iU2GME7j7-aeITX0bi08VoF59O5j2PhVPvwL1lSGjJ3MZ9Kq-IfbB1WSJzJ1Ogj60Z_aAj4ignMrKOYE6c4f1k98pvoUpKWrjN6_y6HYbmc8RSCrH_dSv4xTlZ4S_w3sEM4qjm4lrdH9aNbOeC0n-X2w4f2fcTJ77zDnh5CYHHtg-_YsqYBPbN3vzHDWBN2UFlzV3duQW4jwLrpKPqYUGkygGIanalNbyM9ovHzb23OyR65W8wt0Dav33JqMweGNeQskUHL4dCKlbiYnkyqHfLVEG3C3Sm-lOz-qDJim9Jyg2PK5QdzBLJMaVNChp99Z3I1gSo6GkdUXZXl2nojsxqP5hq7NXynxLLXWfmG1-sSlWqZYdzdwjawlFHj6ikCfpWKaR-acILOtci-5rSPJOgznCHLxCz_cgSt3xWL9RpS8idtqm4Rh1RGknMpvkAvLDq1HY8j_Id0LINK1fKEBQkvvSkCZX5q0gbA4LPLuzhw87xDfEasSEL9BLX884XT3booZyavnwCFVUW4JDkQArEqJapYsAd3jOBMi2C5h8NWIdwMU_c0HJ9CJYDAg00FMq8WF1rsS5m-L2uscocQzc__nBiDwkI5bBV_imZU5HVykzeyTbGZtSWlwS69X5cTLwIGGE6Zp2AoZ0cD3zJJvDg-0O2c63LmNf31vqBBTliuarm_JqEgidZfbKV48I8rG5HS4V6_VoiewUqVCXGSHJBrHOS5GAQ94mc_m_bK2YvOU&cid=CAQSOwBygQiDMzoSU9lK63anHlxMgylrB_z-PAkXqNXkWahw-H1Ni6lpYvnizRvJ60Po-XMyayKa86JaqQi9GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=10751858688525875000&adk=3587751834&idt=48&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c355c8ac90cadd84baca4b13543ef28df03fdce52fcc14583da36e875cafab37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38109
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CE67 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjfobXcATAB&v=APEucNWXSB-lU8wScrrPv2XdYSiSSxeqk2fGx1rzxxgPiNjYRffPVD9TgtDkF7pKvyWXQ4PAa3ZmonkGhuaR3RL8MfhJkEhE0gVfpCtz0Uw6czbTtR9ksfmYRgyKw7g4hBUbmNBWMzhsciaeQdjuwQMDYwHydGeRhcnqf9CvVrkNB7XLrZQEJT8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 31A4 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50fccd815c37c4f9e41b0edfd0d821c10b482723a0420526ac6415d593e7b8ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
5ed7638be4b07a92411bbffe
ng2.virgul.com/tck/imp/ Frame CD6E 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7638be4b07a92411bbffe?g=1&t=gb&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1688426539085&userId=vnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 03 Jul 2023 23:22:20 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame BD0E 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Origin
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34185
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 13:52:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame BD0E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AIrChUudQEhZJ0ArT0dXwY6busD7m4hez-Vqbnyh_NuVrrIC5xFCqBqyG2o3qNCzD9CcRpOpCnx2M05zEzOqDwbGioduxE3HGDj1WOp5z6hdEO1eY&cry=1&dbm_d=AKAmf-BB4tWiot9DMuvgImhw1AZlGU6RR-65ZcPFCiSAXwp7pb52UBClQnlbcmOWvKh2yQqIOsngQXLm7cqdS9dZzmUgEa5ifSotCQxGVPMU4mDU94le_buB8r-3UIN2YN5VVFiYaW9cyA_FOYXrZkR3zUmLStBqGhCkZ_wLvs3wHZYnTtJgFPsZiHXRfE84uSFx85I9lG1fgjT0zilJNG8kSVLcIZPjlOH7sg9kXo8aPFW1X-Gv3OzB-dfeN4tu8pR34TuH_GP6bKJVIEu_Cxwy1BYD3jneGphQiRGOmOREKj0TpQZRwSygTuQC0otwVQ1V3fce7DCnbZfecXRe_MfLyy9p_J_vibuQZ71tX_LNyyu-NwHygwcbzvsCcqQ-ZpdMty762hTo5o2wnSbiqwCtddNViCMu2dV6M7vOFF2-lq1u6PZUa46noboNUNcvSEuCTVqp9aYOUf-0tQklpQtfVO4bhSKj58miRUJ4CVLVcyX76R5GbNpbcFIjOTJY9kY9qDG1v4aV2JCoQ2LxdyHmEoQhiy9_XmOH2bFNdVIswqlJ0ltiqsi1wofMvrR8BNmUbk66g-LirMIAEBDV7IFoPLbHwLUSNlVHkoGmwieXNaxXyhVH4WmJ-MbUCB1Fe7zSbjRWYUZbn-bU-jaCcLQtI-5Mf4iXw7ESq1GCdfmjc-F8zXwpA-Bg_ShElnKQPj66dZrHnIe1xEBx2owTLDu50QJvjJuNYbu6FgV05xZ4wTm6DBQxsEbDyvVLpq0--o35Nxe6XRI4jC6J13uPQkxptOx1BwgnJePSlSnIb1L2OWdgsCvfS43TvWrhcriaQcqdGRdWYZESxGf4I-nh-E4vIyAAi-TO2c7Fers8BCnSIamMDVjyhFLcIrdke-iEAmQyRf2MgcJ6ClDCALbRjLmCfhGaa_sI05fEkuKq1oL_KIAYIVzfKNVpJJotuR7zjMLHaz1hBwF7OqKgj7CQ0ZpAqScNcTGE0DVFXP-2r-3cdGJL0BRdQB7DCbBhvmT2pF_adSfAgnjCJ-O1A0isC3AvcJ7n6sJvYKsQqof-rqXYhZgtYaRPrtMVV8yM-SIUROumRlOF4efp2hiaFKNEiEE2RYjDcpkUhillDFuG1Bod_R5iS8Xh8hs7n5X50CqYS1EugwMPyYQTAfyvH5Voh5_G1xNpTOqqYv-dBK9W6LhSK7-Vpfj-dcDcqIX7VtWCWCQpFQDA4KWGwg63LPAwmazsNiPHRJjlwrwzvXiSFVwhs9PGjDCw5eIKOgkveqbzf5qA1GHrOq4t_ZNK1EVycAw3z-xgvk_pGYyjZz_qmusQcGw-OKifcEmblZ_7W9uBYW98fzSN_fOPPjkMMcaJ9jKzg0_qeODzdXYhzW5xLsOG1FB6FYgS8qvaRoQUA37AIyy-pPiV7ZLHiElOZ-ftyBDT-nsKdrnf51LSXdT_o0yuAcPlPtTCYQJsqugQcRAX-_EcjrftFVSUlmhc1rp3_a7zlqLAqObfy81NifgwEU6x8CiPzIXKHF7BfSTtS6X1fvNxTXkBr5uvWGlRaa7Tn4CZHG0Xfv2lCdoOxADdDyw2JRQdmcb9NM6MZJ600PP2mUmFt-IsPw2yQKY09N5O67uIiruiJkg72GDD5lylDjcUF2G7aS7r26FnoCufQAsYCDnhr2wYTA-iU0PwfnSe4dURLyTZXhNCWvYZbVqsvf2rGg1Oj0n66U4x82bhychJ7uRENIKPEYRS7hoql3TAW9Si1acRibWxOytb9Qfeps30_OoNMRAVx8Je2cHYaEcHScRVuSefubBBpPtyxwaArIRIuFU68JbfJVJP_YyZ_qPIhN9l9ojGthG5KMH_rgaB10wShwLrRHnEU3lPfP73x8R98OvlnnVwtKOzzLXWd0r-haDAOCx49fZZl-_8xgpeCvmj5LK37rMHCjgPU6rcIgiZeOIuPk_bpwFZ0EJgAsgdSj4SUZ4LMA0AB5lls6PR6_x2Qzk5gMD5syrAq33kO1sI2gn_IZwBsb5jgeOFBxj7SDB8bBN5H7KGph62Lne9D5tRQ1YLyGhUn8YXdOYGDTtksXmfT4vd-vM0ACbBT39AVBM53vsTTgW078IxXpV0yHhf0PMiUr3IrDldot4SUVdVKfJ6a9LwHs11BU3P8MTXtzg3ZFQoq8DZ8L0PT3LOBnN60_L3tVRzvtHAhbHE-AlWL_eZW2UIrYyzv8lAu7fP97NHFiYEfTZMewsmWe6AOVlngO214kJPmvebMpPi59svFtZaoWSvnM-bubJQNOeTurJmvWXuNpQxDleIPWLmBYJSNDdyBcMYQ0y4MfOIJw88XyvLQRyDN074jlpn9wW17p0WxC2pKyhS0irLj51h2FMFq13mi-xBgTrrRw4-ZfTuTO_B6DnEjlVYW_8W4hi4XkCZf9dP7FQbq0WSFXXcewn09AndyJ6EGXkdOHjJ1dF0DH61JkYtIBX_O8tmJaXdswMy-NXpULTBEDnZoaCUuo-C6J7KxVCl7ArmzKlbNFBHHaPMNgLjM0oMPVxDXh-x8jIrTscSPkpeSk9uPZWm8COPHb0oYcS7RBeeYPNPHf4R274bEuFojUMQKoWEpZ0lphFczams62VRX5BV5rmCIMf9Cr2E9X2_a5_-OhY-EsTdIR5ALOjYMFVOjHSz7vbCzteRqQrAMJ0Gm2R_hGWVyrOp6WhN9pZTRLxmNFsrOX0p_fdVbVJI2eZ3jAi8CiKoDni7A3dv0o70WWzeCUuMmSUHlkInCEHMRdBsFGoDqYBGCpZGbXK0bTsKU0Dc-h9fpHN6gjp0SLcnQzb2dZ0bwZwFVMB3FG7oSaGaPu_cKSu7ZOPETNxeUm6ji9yvndSO06VNwn1C_XlKaCvmvHJCAv9GOqbIAfbLtHZS3J1h-MXvyODJoOIxnbZYevFsVx7AVFGzaqawAX-vGMn7cnYSIBfLsJo3tSTk8k69rAeHvCoZaprjht8jG95ZmRqXftA7V65ctCA2cM8WNJkNn8ZI34ZLDZU7vRMD6Ib25sH6f648zH5IzrmGPWfJJXjZWWgqGCrOa5ZHoBV2lI-Tk2NBqAINQJy1Ae7z0tqQJw2vbBuwB-d6ZCc-vgkJd0_Jzjpca35RVOr9OEeAO4k0BeJv0FlZYQp7fh_YjslVjp7obCkL-upKHleY9_kdJh8rmLE3-v9jO8hPj8izwEdTu4RpwdSBXH6q7ePEfL5r66KEUDsP-qou4MlUprNuJoq88gqheeAN8EDdDYmFDJi593kFPgoMj6xGOZkPu_aUEzu92cklom0bPZuphyZdAbZFR-3pKdVEsH5gDl_aTrz7RtYB8bYAR8oHgFu2p2olyWB9DyLWHMdrcQJ2EwHCbE5Lg7mv42SJ86boLoNFb1zs5M4JkcOp-9NG4jQ4e8r2sfgAyoMtV7jnmVHqTcN8SiiCgGlrpKYHAnvt0Fd-i_E7IgVhsq-t63QHzrdl&cid=CAQSOwBygQiDDHZ6arnIXMVRTk6nZ-IzJiAh0cCT-PUyirqZb9-XBQe1VvWhRJtG257q8Xo-xd_9BxiAaXqUGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2186336911989968100&adk=1599433117&idt=65&cac=0&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 17:56:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:56:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame BD0E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AIrChUudQEhZJ0ArT0dXwY6busD7m4hez-Vqbnyh_NuVrrIC5xFCqBqyG2o3qNCzD9CcRpOpCnx2M05zEzOqDwbGioduxE3HGDj1WOp5z6hdEO1eY&cry=1&dbm_d=AKAmf-BB4tWiot9DMuvgImhw1AZlGU6RR-65ZcPFCiSAXwp7pb52UBClQnlbcmOWvKh2yQqIOsngQXLm7cqdS9dZzmUgEa5ifSotCQxGVPMU4mDU94le_buB8r-3UIN2YN5VVFiYaW9cyA_FOYXrZkR3zUmLStBqGhCkZ_wLvs3wHZYnTtJgFPsZiHXRfE84uSFx85I9lG1fgjT0zilJNG8kSVLcIZPjlOH7sg9kXo8aPFW1X-Gv3OzB-dfeN4tu8pR34TuH_GP6bKJVIEu_Cxwy1BYD3jneGphQiRGOmOREKj0TpQZRwSygTuQC0otwVQ1V3fce7DCnbZfecXRe_MfLyy9p_J_vibuQZ71tX_LNyyu-NwHygwcbzvsCcqQ-ZpdMty762hTo5o2wnSbiqwCtddNViCMu2dV6M7vOFF2-lq1u6PZUa46noboNUNcvSEuCTVqp9aYOUf-0tQklpQtfVO4bhSKj58miRUJ4CVLVcyX76R5GbNpbcFIjOTJY9kY9qDG1v4aV2JCoQ2LxdyHmEoQhiy9_XmOH2bFNdVIswqlJ0ltiqsi1wofMvrR8BNmUbk66g-LirMIAEBDV7IFoPLbHwLUSNlVHkoGmwieXNaxXyhVH4WmJ-MbUCB1Fe7zSbjRWYUZbn-bU-jaCcLQtI-5Mf4iXw7ESq1GCdfmjc-F8zXwpA-Bg_ShElnKQPj66dZrHnIe1xEBx2owTLDu50QJvjJuNYbu6FgV05xZ4wTm6DBQxsEbDyvVLpq0--o35Nxe6XRI4jC6J13uPQkxptOx1BwgnJePSlSnIb1L2OWdgsCvfS43TvWrhcriaQcqdGRdWYZESxGf4I-nh-E4vIyAAi-TO2c7Fers8BCnSIamMDVjyhFLcIrdke-iEAmQyRf2MgcJ6ClDCALbRjLmCfhGaa_sI05fEkuKq1oL_KIAYIVzfKNVpJJotuR7zjMLHaz1hBwF7OqKgj7CQ0ZpAqScNcTGE0DVFXP-2r-3cdGJL0BRdQB7DCbBhvmT2pF_adSfAgnjCJ-O1A0isC3AvcJ7n6sJvYKsQqof-rqXYhZgtYaRPrtMVV8yM-SIUROumRlOF4efp2hiaFKNEiEE2RYjDcpkUhillDFuG1Bod_R5iS8Xh8hs7n5X50CqYS1EugwMPyYQTAfyvH5Voh5_G1xNpTOqqYv-dBK9W6LhSK7-Vpfj-dcDcqIX7VtWCWCQpFQDA4KWGwg63LPAwmazsNiPHRJjlwrwzvXiSFVwhs9PGjDCw5eIKOgkveqbzf5qA1GHrOq4t_ZNK1EVycAw3z-xgvk_pGYyjZz_qmusQcGw-OKifcEmblZ_7W9uBYW98fzSN_fOPPjkMMcaJ9jKzg0_qeODzdXYhzW5xLsOG1FB6FYgS8qvaRoQUA37AIyy-pPiV7ZLHiElOZ-ftyBDT-nsKdrnf51LSXdT_o0yuAcPlPtTCYQJsqugQcRAX-_EcjrftFVSUlmhc1rp3_a7zlqLAqObfy81NifgwEU6x8CiPzIXKHF7BfSTtS6X1fvNxTXkBr5uvWGlRaa7Tn4CZHG0Xfv2lCdoOxADdDyw2JRQdmcb9NM6MZJ600PP2mUmFt-IsPw2yQKY09N5O67uIiruiJkg72GDD5lylDjcUF2G7aS7r26FnoCufQAsYCDnhr2wYTA-iU0PwfnSe4dURLyTZXhNCWvYZbVqsvf2rGg1Oj0n66U4x82bhychJ7uRENIKPEYRS7hoql3TAW9Si1acRibWxOytb9Qfeps30_OoNMRAVx8Je2cHYaEcHScRVuSefubBBpPtyxwaArIRIuFU68JbfJVJP_YyZ_qPIhN9l9ojGthG5KMH_rgaB10wShwLrRHnEU3lPfP73x8R98OvlnnVwtKOzzLXWd0r-haDAOCx49fZZl-_8xgpeCvmj5LK37rMHCjgPU6rcIgiZeOIuPk_bpwFZ0EJgAsgdSj4SUZ4LMA0AB5lls6PR6_x2Qzk5gMD5syrAq33kO1sI2gn_IZwBsb5jgeOFBxj7SDB8bBN5H7KGph62Lne9D5tRQ1YLyGhUn8YXdOYGDTtksXmfT4vd-vM0ACbBT39AVBM53vsTTgW078IxXpV0yHhf0PMiUr3IrDldot4SUVdVKfJ6a9LwHs11BU3P8MTXtzg3ZFQoq8DZ8L0PT3LOBnN60_L3tVRzvtHAhbHE-AlWL_eZW2UIrYyzv8lAu7fP97NHFiYEfTZMewsmWe6AOVlngO214kJPmvebMpPi59svFtZaoWSvnM-bubJQNOeTurJmvWXuNpQxDleIPWLmBYJSNDdyBcMYQ0y4MfOIJw88XyvLQRyDN074jlpn9wW17p0WxC2pKyhS0irLj51h2FMFq13mi-xBgTrrRw4-ZfTuTO_B6DnEjlVYW_8W4hi4XkCZf9dP7FQbq0WSFXXcewn09AndyJ6EGXkdOHjJ1dF0DH61JkYtIBX_O8tmJaXdswMy-NXpULTBEDnZoaCUuo-C6J7KxVCl7ArmzKlbNFBHHaPMNgLjM0oMPVxDXh-x8jIrTscSPkpeSk9uPZWm8COPHb0oYcS7RBeeYPNPHf4R274bEuFojUMQKoWEpZ0lphFczams62VRX5BV5rmCIMf9Cr2E9X2_a5_-OhY-EsTdIR5ALOjYMFVOjHSz7vbCzteRqQrAMJ0Gm2R_hGWVyrOp6WhN9pZTRLxmNFsrOX0p_fdVbVJI2eZ3jAi8CiKoDni7A3dv0o70WWzeCUuMmSUHlkInCEHMRdBsFGoDqYBGCpZGbXK0bTsKU0Dc-h9fpHN6gjp0SLcnQzb2dZ0bwZwFVMB3FG7oSaGaPu_cKSu7ZOPETNxeUm6ji9yvndSO06VNwn1C_XlKaCvmvHJCAv9GOqbIAfbLtHZS3J1h-MXvyODJoOIxnbZYevFsVx7AVFGzaqawAX-vGMn7cnYSIBfLsJo3tSTk8k69rAeHvCoZaprjht8jG95ZmRqXftA7V65ctCA2cM8WNJkNn8ZI34ZLDZU7vRMD6Ib25sH6f648zH5IzrmGPWfJJXjZWWgqGCrOa5ZHoBV2lI-Tk2NBqAINQJy1Ae7z0tqQJw2vbBuwB-d6ZCc-vgkJd0_Jzjpca35RVOr9OEeAO4k0BeJv0FlZYQp7fh_YjslVjp7obCkL-upKHleY9_kdJh8rmLE3-v9jO8hPj8izwEdTu4RpwdSBXH6q7ePEfL5r66KEUDsP-qou4MlUprNuJoq88gqheeAN8EDdDYmFDJi593kFPgoMj6xGOZkPu_aUEzu92cklom0bPZuphyZdAbZFR-3pKdVEsH5gDl_aTrz7RtYB8bYAR8oHgFu2p2olyWB9DyLWHMdrcQJ2EwHCbE5Lg7mv42SJ86boLoNFb1zs5M4JkcOp-9NG4jQ4e8r2sfgAyoMtV7jnmVHqTcN8SiiCgGlrpKYHAnvt0Fd-i_E7IgVhsq-t63QHzrdl&cid=CAQSOwBygQiDDHZ6arnIXMVRTk6nZ-IzJiAh0cCT-PUyirqZb9-XBQe1VvWhRJtG257q8Xo-xd_9BxiAaXqUGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2186336911989968100&adk=1599433117&idt=65&cac=0&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 17:56:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11545
x-xss-protection
0
server
cafe
etag
12064860844701496540
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:56:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BD0E 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:09:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
490371
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jun 2024 07:09:29 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 4E3E 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Origin
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34185
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 13:52:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 4E3E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUHUMXrdbjq2IxE5zcGjAEM_4QcKKQ8xRiPTF0H-i90jAMtQbtWRIxEHlQqbyj__WYOp0kNZmmt1jRwK2ZTSx2vQ4vpf5R7hQMzwqIOq3gAPN2VNI&cry=1&dbm_d=AKAmf-Azuaxf-a8sYzg-NoBbhOC-zhxjWeDmsodxRMMglRsO62FaGB3fJRSF-v0iP71bldwAGidPlBsvbuumSCgV0QpNr07JNDGksibOCAk38CcfyGoTBGuCKrcWthwuDizu35HUsH7beNqmGI-BrwykMm9gA5mnMQYbu6nuWrYKowt-EnTW7x-m0ypUbg9g4F1-jkAHw_jOQZPNJEsxWnuM16z0mhyZYCSgAkNGUL27fvXXMCIDJ9SEjpI0FxgJN6p_SQbK_X9yfPUeT85q3lX4dKoFw8NHPuZ2PclyTkQor0cjTllhA4kTts_0-zQr6FH3cFr2uGhlrh4_VuB4zjoANrffsGtPlSTaVgmgpUgondl3FDlmYDbJQljUKy2nxxUuNkGNfpwBDKl5iBt1rfCDhshURk0stJaswAzHwIsW2nfoNqE-AMICJdI73DEk71rnQWLp2odsGl6Bnq9SadzV-sM3fumIrYb5rN--55nW90b1JfEn-iUJCN1gRF1xnFZUnqaVICP7V0aK9EA625o8QO4s92RNCNfZMRTcw16r3c4GCyvsjcHnese8-7MC3yn4jjnELf5j45PGvimmplmVlChwGnHaG8tim6_sRpSogfjNlsP0jz8XOTnl9OSFtrAc6iTH5GUIUkvb06dv1XUdMz0Bc1iIZZaRDOb4Ur032NNTJYmvyFkG-zlh5ZNOIMewzQhH62_Xun4C1sNzzLbnmCJsCNCcyk3n9RohMaqoz1l2ECR7G4SLntkCXsxTFaiQVluOPZRXP4T1WePJ9kS7DhMyrWOmBJxEXP0deyHg1-l0XOb_8t6UKrZc0_bLdkzO9OpL5r5IgIzCPKrrduP6icAfAW78-4LA7A-Q3tSrsWDFhMYlUVM1215gtBSCsgbnJrJk9YS6mDFhjLcO5uPYj9vBrCdVHof4hdx3ki6vq-CxA6pFDEj4sOSPzxNV1jJto4olEmroZdFRa0ESHN0bujTDNjSWBCAtPVCu3qMOGz3fneYJLQn0S6yt3hil8MNIcf3XjcIKfbVsIlr-Jg1RIoae7uXye9HdCCdmGfB4PDzaJJTSsm8f21asFXwyE8s-ck46dpzZJazgi_MgUkDafgz8zE6nYW5Dz47YfTzRy77VD48u_sy5LieDxsrfn2XPQ_kyJmFd-45NPkrktxMwTsNrp55NayY8qjqebL9R4mes2_R9PUdL6V1MTHAfQ-KWpCXFd3rxP2Vn99HEkV3mgT_G9LbR48alW4hR57q7ixJiZ8o1G-_j-_Je1kzOlXmG82xhy7Uvt2zKXYaKCtD9vpHUJmA4_S_UV6MWq_cSpsVmigdqSFKh36KCwSXKjm0i1PW0QCL3iV_VrkRD2pVEHzglFhegL0rDbAMa6PtEle-HdX7LBEFQP5XIP2uZPzDZKaUskc76gtjnUlgU6P9Ch1ZKKKFHAj9CWdIQ7wx88AGYh1grN3fMoTfEYuf0AbuVzyjj2I5xrAbRLTGXa450oWyAAVP_XPZcHCcxO5BrEWjjTzsHqUJ3YLwOsM-XUbDsXivDtjzfcuHnrM0wMEniDLuym6nSpnBlga12r2Q0of-RgbFZdjQW44EgHD8SwBrUl9-vtocPvItyH6Nz0Pn_o6wbfbF6nCDWBgIhqhxQehIN1-1keZtzP-TR3s6JXPnHHjmyqgmE9ZQvfEpPMJBQw7jeLvMRboApEbn0KkaAB26_p0-cxSezdpPrhe_urcFi0wm4cuOXL5eM9YkCHvGJ4nXz5bCj07AONS8T95oB27oD_xBXLQ4An-0wOy2wtLZijLh78W71SCpkYdDsmLe0y5m1Tr3Z1cbRGWbJUH51qn15LfeKtDFlS5yLKezZvc8TBkX77C050Lk7F4BBWaFKnh1M8PDBqmyFDkg5EQ4xJ9_Wbumi6LkFFRp1wVNysHHhLWhFx4Av1hfM2ZnMHpUp-rwb7ae5c99S2IytCub3WjeNdH7O4e8kFr4PYdALo5BETmgh6q3K9pzJEJV8l1JnM88Kbvu95V3uxtbn65fIZsVPCt2j8ezWdANi2In_hpSao_MZACc9RkvZO0f3Qu0Izkd0lSbZ49N3y0PbDC3dtWibUvTcaLAZK25eMOk4Z6Ad4ginZHlMMUjXD6skHappRZmqdYrjMpjbk96Kyo5-EbRrD8TM7g5IOA9Ls6y2Rs2eUaDQCgEIEEVfojYkKLRie8q6RqjLc-hBgBaqh7Roaf5MvkZ2Ycp5slmgTZA5UKJrP3NL32MtjBKfrX1MI8pyGprzCV8tvRknOA3fnMGK9RRlV6bTkk51jOymI_APxKlMvqqGYa7aa2hci8k765nxRa9nLZD5kyfuscIVoDgv-H09nqlq5h2FSTlc0i6OaiMuNI2a30uKLlJ7tDZTVfGQxlFEwQrb_USXcjRHOpum_22tKRveg0t8O_35gArQkofcoQ-K3qbxy5GyPrutNXkZdTVuX4cv1-EudYvPUbz6jbzjg8FKH_HcrkfWU7AyrGM5xtx_Np6VqkE6f7bl0uJtC16c0xfjMQIgfS1YKkdR_doGmz05FNYrho5Sbxt0WnvzmBxNfFuFuLgauXs93ih_bgUMX_hWH283dC2TYgJiuC2vlgu9yaXVcVsRFZIQ7jecnc1cg1OSbBe7MQUJQx6ACeJLbkXH8PCFoA-AQ4MZip1c-j5zMHsKg7ghG-S3diSzRzPju0s3NwzZmMqXny-jLXUkBip5IHJYt_YGcZC_1UJM543NvHdCVuUsF3y_sXgMicMHj-NGdw2m086mw3rOs7lYlCK6jz0jNsZ9ugqkGtm_NuSVhhVVSqIe82yMRw-GofPDhh2aWREnkRU8kmysYo1S8iE3pkHfOyhqcOparQJmwu2IomS6yzXgqzV5eUGGcs8EFIvC_QbadWdaIaGNuRxjICrM4R4NT0l5WUQXtBz0w-QOXmOdWtekLDA5cTNpVKnfzvMZGbJ5ACY_c3IqY38YClm0dIWDTaRgu68Y7lKZG0kiEUlJ_uulYzWoxkWHqQArVOChWteBqUlUWKzHaXwL7wDYPIcCZJnJ4f7imYPkwMIvufuDYfUwqOBsp3bhK_UPKPoC-pGsv65aoRLjciSp_t3vrtTkN_H_-TNynf5n6CS4OwBSLZw8InJFjT9xAL9DtzZBFUKah71P8egeO7XjAEJJosVqQicHRsTmsX5STuk00MV7nkfgApX6lD1H6yDh-oBZ-xOFj9MJYxITmJDjvOSIKyEQtn3ztpfPm0Rc-ndroU4CNAMiTL0VdvDc1a0K2e-xujkD9Fj6wVwcNrnliHO8Vh4XPG6IJDIUq4xmxcdu92uqhKLSUgKrP_rmQhgNupXz00D7XjUDMiejq2BN150bXs7Xa_7T2CG5wGrcl9xBqr_zXR6VO_Vw3pMDW2bGuJhmXnwqQ5Yc1l_pDM6dKXOWYOMAVisc1Vy5AdwHP6t6yIwIshZ9mNVzeqLaLBEXKdy9WXEHnkMDLZSWeCJWnKfeIhvqhs_rBYborywMMlxxu7Q4s7uhaR_nt2HkddnRldTwb7xe_MzvAcSq5euaQycR4HX5JH-fxYTJJSMvocvyjvUm5_bFCGE4qhvKa50THNWVlCudfyPf3uUAzHYAuCpc2w&cid=CAQSOwBygQiD4M317ZcIeH3uYgh3fMVU7UweichxXU6cyRsYhhDFckt3wmvx68JVogCGB9mrlfupjVQrfPgVGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=9191009336661159000&adk=2465470143&idt=63&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 17:56:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:56:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 4E3E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUHUMXrdbjq2IxE5zcGjAEM_4QcKKQ8xRiPTF0H-i90jAMtQbtWRIxEHlQqbyj__WYOp0kNZmmt1jRwK2ZTSx2vQ4vpf5R7hQMzwqIOq3gAPN2VNI&cry=1&dbm_d=AKAmf-Azuaxf-a8sYzg-NoBbhOC-zhxjWeDmsodxRMMglRsO62FaGB3fJRSF-v0iP71bldwAGidPlBsvbuumSCgV0QpNr07JNDGksibOCAk38CcfyGoTBGuCKrcWthwuDizu35HUsH7beNqmGI-BrwykMm9gA5mnMQYbu6nuWrYKowt-EnTW7x-m0ypUbg9g4F1-jkAHw_jOQZPNJEsxWnuM16z0mhyZYCSgAkNGUL27fvXXMCIDJ9SEjpI0FxgJN6p_SQbK_X9yfPUeT85q3lX4dKoFw8NHPuZ2PclyTkQor0cjTllhA4kTts_0-zQr6FH3cFr2uGhlrh4_VuB4zjoANrffsGtPlSTaVgmgpUgondl3FDlmYDbJQljUKy2nxxUuNkGNfpwBDKl5iBt1rfCDhshURk0stJaswAzHwIsW2nfoNqE-AMICJdI73DEk71rnQWLp2odsGl6Bnq9SadzV-sM3fumIrYb5rN--55nW90b1JfEn-iUJCN1gRF1xnFZUnqaVICP7V0aK9EA625o8QO4s92RNCNfZMRTcw16r3c4GCyvsjcHnese8-7MC3yn4jjnELf5j45PGvimmplmVlChwGnHaG8tim6_sRpSogfjNlsP0jz8XOTnl9OSFtrAc6iTH5GUIUkvb06dv1XUdMz0Bc1iIZZaRDOb4Ur032NNTJYmvyFkG-zlh5ZNOIMewzQhH62_Xun4C1sNzzLbnmCJsCNCcyk3n9RohMaqoz1l2ECR7G4SLntkCXsxTFaiQVluOPZRXP4T1WePJ9kS7DhMyrWOmBJxEXP0deyHg1-l0XOb_8t6UKrZc0_bLdkzO9OpL5r5IgIzCPKrrduP6icAfAW78-4LA7A-Q3tSrsWDFhMYlUVM1215gtBSCsgbnJrJk9YS6mDFhjLcO5uPYj9vBrCdVHof4hdx3ki6vq-CxA6pFDEj4sOSPzxNV1jJto4olEmroZdFRa0ESHN0bujTDNjSWBCAtPVCu3qMOGz3fneYJLQn0S6yt3hil8MNIcf3XjcIKfbVsIlr-Jg1RIoae7uXye9HdCCdmGfB4PDzaJJTSsm8f21asFXwyE8s-ck46dpzZJazgi_MgUkDafgz8zE6nYW5Dz47YfTzRy77VD48u_sy5LieDxsrfn2XPQ_kyJmFd-45NPkrktxMwTsNrp55NayY8qjqebL9R4mes2_R9PUdL6V1MTHAfQ-KWpCXFd3rxP2Vn99HEkV3mgT_G9LbR48alW4hR57q7ixJiZ8o1G-_j-_Je1kzOlXmG82xhy7Uvt2zKXYaKCtD9vpHUJmA4_S_UV6MWq_cSpsVmigdqSFKh36KCwSXKjm0i1PW0QCL3iV_VrkRD2pVEHzglFhegL0rDbAMa6PtEle-HdX7LBEFQP5XIP2uZPzDZKaUskc76gtjnUlgU6P9Ch1ZKKKFHAj9CWdIQ7wx88AGYh1grN3fMoTfEYuf0AbuVzyjj2I5xrAbRLTGXa450oWyAAVP_XPZcHCcxO5BrEWjjTzsHqUJ3YLwOsM-XUbDsXivDtjzfcuHnrM0wMEniDLuym6nSpnBlga12r2Q0of-RgbFZdjQW44EgHD8SwBrUl9-vtocPvItyH6Nz0Pn_o6wbfbF6nCDWBgIhqhxQehIN1-1keZtzP-TR3s6JXPnHHjmyqgmE9ZQvfEpPMJBQw7jeLvMRboApEbn0KkaAB26_p0-cxSezdpPrhe_urcFi0wm4cuOXL5eM9YkCHvGJ4nXz5bCj07AONS8T95oB27oD_xBXLQ4An-0wOy2wtLZijLh78W71SCpkYdDsmLe0y5m1Tr3Z1cbRGWbJUH51qn15LfeKtDFlS5yLKezZvc8TBkX77C050Lk7F4BBWaFKnh1M8PDBqmyFDkg5EQ4xJ9_Wbumi6LkFFRp1wVNysHHhLWhFx4Av1hfM2ZnMHpUp-rwb7ae5c99S2IytCub3WjeNdH7O4e8kFr4PYdALo5BETmgh6q3K9pzJEJV8l1JnM88Kbvu95V3uxtbn65fIZsVPCt2j8ezWdANi2In_hpSao_MZACc9RkvZO0f3Qu0Izkd0lSbZ49N3y0PbDC3dtWibUvTcaLAZK25eMOk4Z6Ad4ginZHlMMUjXD6skHappRZmqdYrjMpjbk96Kyo5-EbRrD8TM7g5IOA9Ls6y2Rs2eUaDQCgEIEEVfojYkKLRie8q6RqjLc-hBgBaqh7Roaf5MvkZ2Ycp5slmgTZA5UKJrP3NL32MtjBKfrX1MI8pyGprzCV8tvRknOA3fnMGK9RRlV6bTkk51jOymI_APxKlMvqqGYa7aa2hci8k765nxRa9nLZD5kyfuscIVoDgv-H09nqlq5h2FSTlc0i6OaiMuNI2a30uKLlJ7tDZTVfGQxlFEwQrb_USXcjRHOpum_22tKRveg0t8O_35gArQkofcoQ-K3qbxy5GyPrutNXkZdTVuX4cv1-EudYvPUbz6jbzjg8FKH_HcrkfWU7AyrGM5xtx_Np6VqkE6f7bl0uJtC16c0xfjMQIgfS1YKkdR_doGmz05FNYrho5Sbxt0WnvzmBxNfFuFuLgauXs93ih_bgUMX_hWH283dC2TYgJiuC2vlgu9yaXVcVsRFZIQ7jecnc1cg1OSbBe7MQUJQx6ACeJLbkXH8PCFoA-AQ4MZip1c-j5zMHsKg7ghG-S3diSzRzPju0s3NwzZmMqXny-jLXUkBip5IHJYt_YGcZC_1UJM543NvHdCVuUsF3y_sXgMicMHj-NGdw2m086mw3rOs7lYlCK6jz0jNsZ9ugqkGtm_NuSVhhVVSqIe82yMRw-GofPDhh2aWREnkRU8kmysYo1S8iE3pkHfOyhqcOparQJmwu2IomS6yzXgqzV5eUGGcs8EFIvC_QbadWdaIaGNuRxjICrM4R4NT0l5WUQXtBz0w-QOXmOdWtekLDA5cTNpVKnfzvMZGbJ5ACY_c3IqY38YClm0dIWDTaRgu68Y7lKZG0kiEUlJ_uulYzWoxkWHqQArVOChWteBqUlUWKzHaXwL7wDYPIcCZJnJ4f7imYPkwMIvufuDYfUwqOBsp3bhK_UPKPoC-pGsv65aoRLjciSp_t3vrtTkN_H_-TNynf5n6CS4OwBSLZw8InJFjT9xAL9DtzZBFUKah71P8egeO7XjAEJJosVqQicHRsTmsX5STuk00MV7nkfgApX6lD1H6yDh-oBZ-xOFj9MJYxITmJDjvOSIKyEQtn3ztpfPm0Rc-ndroU4CNAMiTL0VdvDc1a0K2e-xujkD9Fj6wVwcNrnliHO8Vh4XPG6IJDIUq4xmxcdu92uqhKLSUgKrP_rmQhgNupXz00D7XjUDMiejq2BN150bXs7Xa_7T2CG5wGrcl9xBqr_zXR6VO_Vw3pMDW2bGuJhmXnwqQ5Yc1l_pDM6dKXOWYOMAVisc1Vy5AdwHP6t6yIwIshZ9mNVzeqLaLBEXKdy9WXEHnkMDLZSWeCJWnKfeIhvqhs_rBYborywMMlxxu7Q4s7uhaR_nt2HkddnRldTwb7xe_MzvAcSq5euaQycR4HX5JH-fxYTJJSMvocvyjvUm5_bFCGE4qhvKa50THNWVlCudfyPf3uUAzHYAuCpc2w&cid=CAQSOwBygQiD4M317ZcIeH3uYgh3fMVU7UweichxXU6cyRsYhhDFckt3wmvx68JVogCGB9mrlfupjVQrfPgVGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=9191009336661159000&adk=2465470143&idt=63&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 17:56:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11545
x-xss-protection
0
server
cafe
etag
12064860844701496540
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:56:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4E3E 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:09:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
490371
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jun 2024 07:09:29 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 629F 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Origin
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:52:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 13:52:54 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 629F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4iSxLkCajtN94ZaSqXPGgE3IqBaRO9b402PUi5W_aZe57pQQhGFkofJEM-vOCoOsSOlIprRuM_fpFJS_ljcVKk_IQkg&cry=1&dbm_d=AKAmf-DGqteuY7oy8dRNusWcs-QaRCnx34ndhZwXUV83ye19BtKMeNerv8pGUC1ge7vNtiHaNmnU-TJ7DOafdGqfjvUElc0x3mJubcwBEnNnBDDq2UT1pP4PMZ4b79X5SX2EwAJk2bfnKV6fzv9VowxzyjC1zgvN4JGLQb5WzStNkR-AOymOAjfJHHyuMzTkuNaMUv4rPpGceByP1B3J3KN3Xne126IYweKiBrZ9BHGhuCjaFjgEOEZi_eJlzniWqY5sM2LuDyrDSh3WTX9603TBkG9Cwn1DMJRoIFpEC5BqRMjI9vd9T72Nz3mSl-b3UG3yP7ijNBwmkK6zhd5rEu1FkE60POjhUDSY62nQ-DQi3tPATXMlTRikQSiVDpWLy6FwILl9jon6z3inhG_eE0kjZGxWdoXh4L0O07n8T-ZijkPB95d9pDhUzA4PsUVfg95ranbIHN2dXvS23iTN-z366PSqSUGVKcsk8QxfbQVBrF9iUQf5YSYoQAltHIW1PPDye7yshv4jGUpTNy2Vx0QvQKxYSWlNTKbCs2a9GTCT-T6wEXWLUYykAqJ290Lqf4SbdjS_EHZstFvqR32KxVIn4UG3cwlK4BwWrFX_72g6QnlpyNqADIvFgBLx0vc3qrvKYL4ZdjZN4IbL77fXrdrwMzlG-iOVMa5EjJmzyJ3qSTlI7FQEcJfIpyrCCi2Pv5ZD6Yc2ReMCJmEHdSR4ZBgmQ7lHrLNUKDkeyK115RlID55FSMH6ugeYLQbWJ5vgkohz4xsha5rhKO-aHXBENTd2edXB4SSQqj0MMqZ1qnoNQVkYhKIFhu2PRs9866aIDREf8LXf3KuMY1aVBefsIeky3YUEy41W53R-X19wHWEGhmBmlU3oh-73LbnljKV-3mrySysR5S_RR5Lv-IZ3ABMxRKip77_ALImTvEyjJ38fE5RfZDby2M-fDyjS3RXJawMZvcLWwwiDiDmC2Wnb2VUn7VRXSRPkSZivagyip9z17RJYoRAP7nMSaUThwKUxQtewbxYriXKz7YKOaFUvkpvfJtp1RwhHZuhkjgwb45ROv9pmvC4ACcd5qCA2HE-r4IiWw_8zx7t4tYKyeLkR1gelFnqe1j1Dog4XvvWXHGE7UOpkaXfEgkqfPF6l-Jg7uZCpWWlJDhIGSU8Iz3Q6glxYs44o1073NErThQCjwsd5yyX8EfHW_KgaCaLlezUaIg8j050EHIPvP4IhpF2omvQmAFHw1kpjrL-rUOHNBWHbCOmuS5VUGYOSCytH4e78hCyqYdPA_I6DjGvPi1aZcJJp_8e4NckuQowCEkCNpgqkMNL79ebnCpKHla0FbrlMfWY2VyStLRbdBsjhM7_ys3z1SLbITxRFPnnINuiJ5k-ZnAuCyvCxEDgSadRzugsRLMWHYT_NW2PUINxF6zOVR37uRO881-Pa9DmxqjdLDZs0XWsFYgJFH5zR1wTWhi1KXJ3qUSH-hOAVMnv7gNVgvV6QHAFrGb_XncDWD0Mll0n5o1YUfgn-bp2cerxQHtau_0IKaDN1N1zJDEmPqzIVsIqXrFakLplSoBaniSze_XJN27BD2swZBgKj2lpRImm20i1zHGzxZoCyWT5zC24x0CdCw1rzO91Avmi22RvtwdP_uVnAawj8-EGh4vpEkt1qld0g32zkLQrEWQBkQzCmuRzqrPY3slHy1a8kSGp2hxBsjAd0DpD7Fl34FaHUdcypjwKEoYR1gqVE8536PEhmEmPPxcRmoqqy960O9wxcmK_wf8MXN3t9YoOcJZk6C3su2MyFCqyBvIaVxnmk3uF5dbCm1p_VxwPidLel20LfcuKmHdiR-Ojia4Coa29gCU3UAewNkrEKPfb82I2OntbNdZa8piKsljkNx7bh1mY16vsya3mVdNn_FmvbFmvnVadsKBzp3-bsaXSnwU_Eq3L4OR0SpRNo86hMKsh-pgI2aaCtKEUCt31OEE3NF--RXHA6vHexkgZC7GOOfPBTMJGFOQU0Fx3sNmkNsAmO4HTcVsbqzQABCzVUTUPnA1fgyoypOaUJw1Onq4_gWWp5GB_MelIsvfGrGEOMTqQlORuHcA0dxDf11aHlV4Hz7RdvFPwVPV5x66KUYLwCF9LsaAqpff8PMQviWdJ67bF0dXu41j8JIdaL6JnOOfZHG_uvwENuROgEmMhKTU45KrlsQshMUr_-h5ZkIlYDMXK7WfL9fbwyGva7wX74lID4Tg9g5axKzF61D5g0rsqinjY615IcjEnh0DVL1EpHPHFCmgLZS876e5_cS6bH9qDUH6502BsSBc254zNOjL1YmhFA83lYheX4PadLfWC8Khdp1kdGHC99xLR_A8-Sjx6Tyttn8AHBX5UsOqp0c3JlcAEoO-oX6OauV4nozk4HXZ-vnG_iZ4P1QBNqDpbTai4qR43RuIfx3rke25VDvun_X3VQ3M0C2LP96Q-iwh0fokccaQ-WfYCpcnGqbERn8Vrq5YmM6iD0auSYIG4cBZ_mooBksoC0gx-934DzsRi1FthRfW8mDqE_7hz3z48q4hubPU7hKOYK12H-ochWxBMLt5OMkjHpO9wof1pJG1s2AginKHB-kEYeZnK1tmeU2IqL4qjzEpS5YKgJkdFYY995SCtT7_AxcDfyamt_hTbuqFvHqg1Ju1YoSlIH4nU9SPdeGsQZtiV4NYaWJos8yhLqVB0Fyx8EQL7S1awyv6n2qy-V8vPrCv3B033MYMulToEhpIRJn4h54cUxA7_Vgxr2jJGxCLOsI3XPHGyQfEYpDPyLMnQtetTHq3zVrYSx8nuFAcPNJf3WSAeaXCgQRpEMLQFfR7PxlC_BX5AH1hzdduaSiKtGpmLQ76j12mpB9YLX5fgoxRANCMY7Uv_GqN1tQ3I53eGb2uNwzCkIabTGYBuZ695_Bc3C6-dExI88LiLEd2Hl1ntMOo9aMY1M8BnaOz-pl6GL03MVFHkvh4VOeVK5F3GJoHe5s-YuvxiEmj-XDMm5dSligizDGDqxKoSVi2tk0xm8psHRj4qROGc72f7D8-z9ufXoVfuIICYn8OfB1uUrker4okQXFGHyRd69GoLSZzRVoEQsQ1xfbY0waf72m8_RdVg015d6G-WfVKnkE5caPpM7nxe1rkkEFeGw4IklCR8Bcdx2MKjf7TfR3ygzsH8GCSuoPSmlB8F4-ERXaLEUNcFwrTu5y3uNYPOkYMp_uwRSaTcBUvelz_uCfy2POsFJ02MNXkGQnQ1orKndKX-lypLOzq_HP2RV3qB17jWdUlFQWcI5ymLLCxwjeuf-Y4U9W6h_TlXEkMxxJZdouPOvfm6IUvzw09eSba6henMZ1OOpOVPdn2SPr65akNjzgqEErGDvNKOUcNe0AIrIQgizvUXUd71faSIyGHCwu42bSLH7m0keI5GRYrIMRyahFzN6NGwmldbFkuOVjWoZLFx_WROod8hUjJe4hKS_VHGisHcw41OonTiCXOWeBfJE_i7QnFHhrqmwPgnegCg1qERx4WExstSUIZtz7cjlYyrld-N_pbp48HWwhOmswL_X51N1Ba1EX5kMarCrubUBJ-U6-wLsjEa07ild0xCXKZLTsqrby-eFRy_XxgZC-LeCuIsmQJrSw4ecru7gi9fNsMjrKtYXuymUE5S9BtEzGH8nYpQv_sfRzFDU3GedMJWKOYTy4QFXh3v7_2t-zUZCubg8siS3YtJ4dCFtlHv6&cid=CAQSOwBygQiDt-NH8THXzpnvcFHfnsOPG0Qs-iJCzZfpIaFyQ98albDrOVxZxJh8QQQqTZqCygtYC5_YohPBGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=6531176856135113000&adk=212707235&idt=59&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 17:56:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:56:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 629F 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4iSxLkCajtN94ZaSqXPGgE3IqBaRO9b402PUi5W_aZe57pQQhGFkofJEM-vOCoOsSOlIprRuM_fpFJS_ljcVKk_IQkg&cry=1&dbm_d=AKAmf-DGqteuY7oy8dRNusWcs-QaRCnx34ndhZwXUV83ye19BtKMeNerv8pGUC1ge7vNtiHaNmnU-TJ7DOafdGqfjvUElc0x3mJubcwBEnNnBDDq2UT1pP4PMZ4b79X5SX2EwAJk2bfnKV6fzv9VowxzyjC1zgvN4JGLQb5WzStNkR-AOymOAjfJHHyuMzTkuNaMUv4rPpGceByP1B3J3KN3Xne126IYweKiBrZ9BHGhuCjaFjgEOEZi_eJlzniWqY5sM2LuDyrDSh3WTX9603TBkG9Cwn1DMJRoIFpEC5BqRMjI9vd9T72Nz3mSl-b3UG3yP7ijNBwmkK6zhd5rEu1FkE60POjhUDSY62nQ-DQi3tPATXMlTRikQSiVDpWLy6FwILl9jon6z3inhG_eE0kjZGxWdoXh4L0O07n8T-ZijkPB95d9pDhUzA4PsUVfg95ranbIHN2dXvS23iTN-z366PSqSUGVKcsk8QxfbQVBrF9iUQf5YSYoQAltHIW1PPDye7yshv4jGUpTNy2Vx0QvQKxYSWlNTKbCs2a9GTCT-T6wEXWLUYykAqJ290Lqf4SbdjS_EHZstFvqR32KxVIn4UG3cwlK4BwWrFX_72g6QnlpyNqADIvFgBLx0vc3qrvKYL4ZdjZN4IbL77fXrdrwMzlG-iOVMa5EjJmzyJ3qSTlI7FQEcJfIpyrCCi2Pv5ZD6Yc2ReMCJmEHdSR4ZBgmQ7lHrLNUKDkeyK115RlID55FSMH6ugeYLQbWJ5vgkohz4xsha5rhKO-aHXBENTd2edXB4SSQqj0MMqZ1qnoNQVkYhKIFhu2PRs9866aIDREf8LXf3KuMY1aVBefsIeky3YUEy41W53R-X19wHWEGhmBmlU3oh-73LbnljKV-3mrySysR5S_RR5Lv-IZ3ABMxRKip77_ALImTvEyjJ38fE5RfZDby2M-fDyjS3RXJawMZvcLWwwiDiDmC2Wnb2VUn7VRXSRPkSZivagyip9z17RJYoRAP7nMSaUThwKUxQtewbxYriXKz7YKOaFUvkpvfJtp1RwhHZuhkjgwb45ROv9pmvC4ACcd5qCA2HE-r4IiWw_8zx7t4tYKyeLkR1gelFnqe1j1Dog4XvvWXHGE7UOpkaXfEgkqfPF6l-Jg7uZCpWWlJDhIGSU8Iz3Q6glxYs44o1073NErThQCjwsd5yyX8EfHW_KgaCaLlezUaIg8j050EHIPvP4IhpF2omvQmAFHw1kpjrL-rUOHNBWHbCOmuS5VUGYOSCytH4e78hCyqYdPA_I6DjGvPi1aZcJJp_8e4NckuQowCEkCNpgqkMNL79ebnCpKHla0FbrlMfWY2VyStLRbdBsjhM7_ys3z1SLbITxRFPnnINuiJ5k-ZnAuCyvCxEDgSadRzugsRLMWHYT_NW2PUINxF6zOVR37uRO881-Pa9DmxqjdLDZs0XWsFYgJFH5zR1wTWhi1KXJ3qUSH-hOAVMnv7gNVgvV6QHAFrGb_XncDWD0Mll0n5o1YUfgn-bp2cerxQHtau_0IKaDN1N1zJDEmPqzIVsIqXrFakLplSoBaniSze_XJN27BD2swZBgKj2lpRImm20i1zHGzxZoCyWT5zC24x0CdCw1rzO91Avmi22RvtwdP_uVnAawj8-EGh4vpEkt1qld0g32zkLQrEWQBkQzCmuRzqrPY3slHy1a8kSGp2hxBsjAd0DpD7Fl34FaHUdcypjwKEoYR1gqVE8536PEhmEmPPxcRmoqqy960O9wxcmK_wf8MXN3t9YoOcJZk6C3su2MyFCqyBvIaVxnmk3uF5dbCm1p_VxwPidLel20LfcuKmHdiR-Ojia4Coa29gCU3UAewNkrEKPfb82I2OntbNdZa8piKsljkNx7bh1mY16vsya3mVdNn_FmvbFmvnVadsKBzp3-bsaXSnwU_Eq3L4OR0SpRNo86hMKsh-pgI2aaCtKEUCt31OEE3NF--RXHA6vHexkgZC7GOOfPBTMJGFOQU0Fx3sNmkNsAmO4HTcVsbqzQABCzVUTUPnA1fgyoypOaUJw1Onq4_gWWp5GB_MelIsvfGrGEOMTqQlORuHcA0dxDf11aHlV4Hz7RdvFPwVPV5x66KUYLwCF9LsaAqpff8PMQviWdJ67bF0dXu41j8JIdaL6JnOOfZHG_uvwENuROgEmMhKTU45KrlsQshMUr_-h5ZkIlYDMXK7WfL9fbwyGva7wX74lID4Tg9g5axKzF61D5g0rsqinjY615IcjEnh0DVL1EpHPHFCmgLZS876e5_cS6bH9qDUH6502BsSBc254zNOjL1YmhFA83lYheX4PadLfWC8Khdp1kdGHC99xLR_A8-Sjx6Tyttn8AHBX5UsOqp0c3JlcAEoO-oX6OauV4nozk4HXZ-vnG_iZ4P1QBNqDpbTai4qR43RuIfx3rke25VDvun_X3VQ3M0C2LP96Q-iwh0fokccaQ-WfYCpcnGqbERn8Vrq5YmM6iD0auSYIG4cBZ_mooBksoC0gx-934DzsRi1FthRfW8mDqE_7hz3z48q4hubPU7hKOYK12H-ochWxBMLt5OMkjHpO9wof1pJG1s2AginKHB-kEYeZnK1tmeU2IqL4qjzEpS5YKgJkdFYY995SCtT7_AxcDfyamt_hTbuqFvHqg1Ju1YoSlIH4nU9SPdeGsQZtiV4NYaWJos8yhLqVB0Fyx8EQL7S1awyv6n2qy-V8vPrCv3B033MYMulToEhpIRJn4h54cUxA7_Vgxr2jJGxCLOsI3XPHGyQfEYpDPyLMnQtetTHq3zVrYSx8nuFAcPNJf3WSAeaXCgQRpEMLQFfR7PxlC_BX5AH1hzdduaSiKtGpmLQ76j12mpB9YLX5fgoxRANCMY7Uv_GqN1tQ3I53eGb2uNwzCkIabTGYBuZ695_Bc3C6-dExI88LiLEd2Hl1ntMOo9aMY1M8BnaOz-pl6GL03MVFHkvh4VOeVK5F3GJoHe5s-YuvxiEmj-XDMm5dSligizDGDqxKoSVi2tk0xm8psHRj4qROGc72f7D8-z9ufXoVfuIICYn8OfB1uUrker4okQXFGHyRd69GoLSZzRVoEQsQ1xfbY0waf72m8_RdVg015d6G-WfVKnkE5caPpM7nxe1rkkEFeGw4IklCR8Bcdx2MKjf7TfR3ygzsH8GCSuoPSmlB8F4-ERXaLEUNcFwrTu5y3uNYPOkYMp_uwRSaTcBUvelz_uCfy2POsFJ02MNXkGQnQ1orKndKX-lypLOzq_HP2RV3qB17jWdUlFQWcI5ymLLCxwjeuf-Y4U9W6h_TlXEkMxxJZdouPOvfm6IUvzw09eSba6henMZ1OOpOVPdn2SPr65akNjzgqEErGDvNKOUcNe0AIrIQgizvUXUd71faSIyGHCwu42bSLH7m0keI5GRYrIMRyahFzN6NGwmldbFkuOVjWoZLFx_WROod8hUjJe4hKS_VHGisHcw41OonTiCXOWeBfJE_i7QnFHhrqmwPgnegCg1qERx4WExstSUIZtz7cjlYyrld-N_pbp48HWwhOmswL_X51N1Ba1EX5kMarCrubUBJ-U6-wLsjEa07ild0xCXKZLTsqrby-eFRy_XxgZC-LeCuIsmQJrSw4ecru7gi9fNsMjrKtYXuymUE5S9BtEzGH8nYpQv_sfRzFDU3GedMJWKOYTy4QFXh3v7_2t-zUZCubg8siS3YtJ4dCFtlHv6&cid=CAQSOwBygQiDt-NH8THXzpnvcFHfnsOPG0Qs-iJCzZfpIaFyQ98albDrOVxZxJh8QQQqTZqCygtYC5_YohPBGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=6531176856135113000&adk=212707235&idt=59&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 17:56:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11545
x-xss-protection
0
server
cafe
etag
12064860844701496540
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:56:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 629F 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:09:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
490371
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jun 2024 07:09:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 48DC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4493967863916&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 48DC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4493967863916&version=m202306200101&ct=76&x=1&cor=13506009272160895000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 48DC 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVvqG1mgzTPCwt8dayS55aAhaM_Xyfo3Lr3YG0wRLtHFj9uc-9BkakiEnoxUFjwsLQoYY0j26T65nps86TzeUyLG8dkufLHPoQQqhoDN_KtiBlpWI&cry=1&dbm_d=AKAmf-A5fDKpkvTe8Q8Gr2OoZiH5E94AWF-ndzenAsurdmPaFuK9epxZ8N5KvV2EGVtlQsnOStpSo3v6F1wk27rdUn-LIwpN1ALlZ96Ux9quxjHwUfowhu8CuscpFYOKGB4ONdSh6nHxnkOL2g-6FY05lPF_wfHGcL_8XbYZJ9UJOV4JUBDN362SgtZCW7HYeCqTJWsfDuJDyN_mK3204xpEoEYCyxcR1QbZK_DVInummCPH9J70l_2_ANSa2DoujYNJg3eGsQz6DMoCuR14CBzDVo23utJ-zAOZ_vwKWbSLdQMtoiZRPJi_HT4RSS78FtTdlwyXRyKhsEawV3PiVXoOAOZz05vogEsSPqy3NQ5xFctBI7Qbh2Igct8hThtOP-M-YIEWaPiMJAxwy4z5wl3aQV0-lSbSDSG0M2KMoc-EagZgMEDYMNowiaZQJAxopSQqTZDyqcToq0l7sOweOQn33XgX6XtckDqoOufQYlnw01LFRUWobNug-vqvhKwm0cWfeN-tO-sxUsKpnYd1mH4vZbtxYN3cQJKvUlyNpx0_xqlRV_UwLVu1PmegvZDlZPy3LUVKIBkvjoRY_h1vKAkmbjMyK0LcVulLGZrxLVaN1peMM7RjF2pK0_maGFNA-mdmllcyk8n2IVFE5uj5RIvH6ptcov9H0k8I142IB2KY2I9kE3vAan2QO5ACZ1yWsW62h4Ntntb2JC9AqXseg4_Yi3L7ACZWr7FsLloRCITlbDmWyObVCr00VRZ37oeUa2WBsKIn5bAuVfherz9dcD9Jsl0sGnGWolsQn77O2WZ9Mtnvydxxk60VJCzTVzfsajNlZVKF42-DM7BNx4mMhSiupe0tO3lNKjCegBVz2FAl2BhDR_V4yKWIQZ4VngK1CTZji7VQUh6DjmgJgeCobaCUnvl9GEMbFhtUQI7xlBQDA26LQP6a-FCUW2OB3UeEkGOHyJFzCMpKStxhqWf4OodOC2HorvzikweFnUXZOXJzZ0U0KHTB8XwqSpzpeiMQQq7Y3UI5CqtDR6MqE_qsyx3MdOUyMkBel8do-OszbYNLRYHfKOIgXBOYZ8eiqFGhE6Dmzjh1aYNjXBN8Q_rYjv09rMoflBsjfeAKa7VEblef8pCcHmuGpczoOCPabZNmtpMLbymK0O7_lUNTMa-KzEFyMM2ELP6sc_wg6MufSQzGxi97kQwkODEeRUMipVC5CtDrob0SoGGD-mKtg0UOKCxRxuT7B3o7UI1iO622drtsDoPHtFxpJspeyjVDvotYUIYDeeNjgwSXiriz-MpbCI9O5CUMHvtigmcmWfozyQfa-x3upOHX6gHO-786nk0vJl2Eam4lPR7ihEFqT9ZFKbtpjdnVHBnZh3LuW8bDxjcdkd2LuXbC5KrCWU73ZpFb6XRU_-a8qmcyCUtVQ58gUYr6aV6-CFO6qQpQ4XeItOZ_MDYlM4YC5ApI4bN-zcd-w5TPmw36--5cGnb2iGLJa9mUcPdaD2qNuLVo-F9ydTTGzuDGG8CufTwNYPQu9vbQldNfuNrfUBEY5ukbWjJjCSGlamo21KF707n5Alu6ya8fYU5cbdHB_nV7gFrBkj40UdrMNrqsIuPavsfk5vV24hAIk8-W9CHRzMqWk_MBsednfJvWcgX9Bq-Uyp4cIIZiKo7GqogOIKmnp88ZLeKsLp76uR9fwlnRjvn912Pkr-DMdfRUZe7AwK1WZYJ7VXjgMiswDZx9_ONKdCion1qeFdOW-OBYrvQt-9nYgI9QvPDLE3twXtAjMgHtU3yjC40pfSJjpgYU4E8mjYW0Ud4cw-lIfuTotLFfAOXlTrkH961TApZvS-10BHr4MICFP53A3xpRVdPr9iaRP73saJFCMC1sjZZ-zTdW1la93beHHZw9-eWX6HCqC5dnhIHAY48gbnpOwarO9NcVPCQnx0qzdYZRoCP2E7fdqs1gnAuXm0D8z9XCb5Vl7apb5sABiYYNUkVLxPyD3mIMeAuxavUxP7r0jmvNeQ4-JSyiJKd_keoJ0aY5qsBrrfiXFcicfU9VmagZl0mVSPGOvNJLblMZRbxYGVw021ymsWkqfETaHRGhxXgIj9PYnO3qbJnLpaBr7_gtPKIBDBRBJXhx9NxpJwBoaDdvhScLXjgGwIwjsAnWWCP0m4vTE7ZzMY8uhZ3024kMUIu2Ws1xkCSgyeHcZH1QGFQUDd5aE4EPJFARA65LjaHcGSc-6cvhhJSv9NaFjU0mY-h5Zz6fj5XclVnoN2cDzcDC0eGnmKQgX5eaPAPIJj3IejGc03lVUmMpyxN8duOwQRVeIOujtF0Hw5ZdCXFKLE8pFIANmf_aH2joP81GblAE-xqB9kJbxBbWkvIxIJLqFSgOj61MwiQIZvs2l9Bs_64T7doG7Zh3IrIi5Uol7smzFvnjb4RaTdy_k4R8epQ1Ze-qiVXItOfH6ohL6tpFI8ULCeX4lwulP_scrBsoJy63OxICEZtjV3NCYcltsCnkjwPfCoxCUt4tCpvOKO8AanHO-t9HtpUTLfkTa5LvueFIQA1Wmp6VKGAymg8cd0mVhH4nn9Lhbh4MiAXFETig6wcS9ACyF9oU3MwD6dHC5ItYVAamei4DGBFBDbmnVIjziSt1wvPX35pVOOzMfVBCHjTo5U5NIpovrGuZhH4EEUX6zsJuT1aW4KPgrrPVgNCQj-lasPJ80vdOj6G9NECAnniE9Qp73pwmi72PiZ1gt8GHcCt4aFXlvhEdoi9L_MrD8NIm5oPemlto-MdLvxuaGC93Yjf8vKZvfXNqzeVu1agPkLxnyQOh5sXbesJZ1f1j3gPMI7wabh7kQuYc7RIy0wiaraFNO8pnHT9KoJcZ-ZuUVDGQTEUD4Gmx3E2uLzeCrDpWUBiRCI601oLKUIdQgRnuQYV2emqp0or1NO-UoiXDmApFz7YCzD2MNA_uNaveHtWcMdu92XyJdO2Ou19C4zXNhDRMyiezKKNAWV7ResdPOeVEzlv2mp0Om6wfsAzsIq9mEkspkDbCh1TNsL_VuKWkIXke_cQzdz1hy8O7MtLCOWjoi8pEHUXX1OzMr-w1oQVM8e34MfdIgTnawnuo3SqAPpqM8v6oFBWA-fTGAEopfvPoCebdyGTjZIP5UCfwvN-WtZ8ZSIlIB5TUfHUzt5QzLNft0EOVK7eNEH-mSIKNjifm1ljU_eYiZSCOxailNV0R6Vi1F88YXcQorqTyfpafo7MABjRziUOhGT0jt1uKgONvhOI8mLj2yWO2LTI6Q4D6TMt67XBRc6OCXm4lNRf8q4fyABXg68c1ZkOy53v7DMXFHrUj-ITng2qnzQC5_jU5zgsl68Vw2iWg8-DjPeDQewEjv7pKDG-GMlqxdzFm7qfAzVzHvtDBbNCB4c0QRvNHNagjOSqxHDMSbWPtQPd8jJk9ioy-V26pn8wjjAJ3sUREixvcHSeZyxPiW07PIJi8pyvSrOoiv9Y_nwzpubOJHwrKaetyLw5tvmYTjWFOe47v3rO_d2DMw3Au2expJ4_MI2virFIN-Ajbg7VENguNjh7Evb7pL7YluT3_l-lyqJiWNpoBC34xgmX975MQE3vLxBbsv7ydVXrGoWd3GWlEE1RPsAFzisPNzyJRMlzrVcIhTW9H5kwJvnh802946_Ztuy-kA0TlmOt0PS5aAXdUuyN2XvjNe54EZ7rfpHCGR58PBEC7aMfUx9PQ1Npb6tji5VrELVI9RQN771y6TmKT0Zg6LA&cid=CAQSKQBygQiD17CB29X2JQH2g7jr1qPQUrILqROc7n0SgPvutoUlsMqMhmNgGAE&dc_eid=31075530&dv3_ver=m202306200101&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=13506009272160895000&adk=2719198038&idt=88&cac=0&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef79057056a1772b710a81e939167af5ff1d2160411220ac0a8ebffa719ebac7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37781
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5777 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23384
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 16:52:36 GMT
etag
48472445140208031
expires
Tue, 04 Jul 2023 16:52:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BD0E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0a083e23a0124242c65bc2d8f2859938fcd725354845e2221fb1748aa365223

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A8CC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 19:04:08 GMT
x-content-type-options
nosniff
server
cafe
age
15492
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Tue, 04 Jul 2023 19:04:08 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A8CC 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
35230
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 04 Jul 2023 13:35:10 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame DFB2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENu9yUii6sDwpS9aLQL4cLI&google_cver=1&google_push=AaAOQGG8AV4N2IsqnYI957BMsJagDBW5ejDv2CYpNe4Yze8kU708sZDA-eP2UnPG_JHP8gJLSmiZuRwOAXGeVVcKUU0qRRvTgFKK
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzY4Mjk2MDU1MjQ4NzU2OTc2NA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC9F1MYdx8AefsE85k6cWtk&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC9F1MYdx8AefsE85k6cWtk&google_cver=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC9F1MYdx8AefsE85k6cWtk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DFB2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDXW-2JuZpkB_UidULHdRa0&google_push=AaAOQGE_V_gBJwWlUyHzgrnqBYua9T180E-AOTagfsbG-w3zE03LhrjurH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDXW-2JuZpkB_UidULHdRa0&google_push=AaAOQGE_V_gBJwWlUyHzgrnqBYua9T180E-AOTagfsbG-w3zE03LhrjurHywOi-z0pTaCWnkVaf-D9Q69zESjh0winhZ0Ngwj-ahfA
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220023-FRA
pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1688426541.569515,VS0,VE88
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDXW-2JuZpkB_UidULHdRa0&google_push=AaAOQGE_V_gBJwWlUyHzgrnqBYua9T180E-AOTagfsbG-w3zE03LhrjurHywOi-z0pTaCWnkVaf-D9Q69zESjh0winhZ0Ngwj-ahfA
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame DFB2 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEESgv9Zv56TjzgCESayQ_TY&google_cver=1&google_push=AaAOQGF7x9tGxQO0Coy5K5iCwKKVG254Pj97Tp_1ylnf0xZ1TF62kPCINs1RjrjHeugc4AxYJbMTxiVCFPzYrIFvE-PRipymzBB-
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame DFB2
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJhMZBL7PonRjVsCJr6dokA&google_cver=1&google_push=AaAOQGFvP9J9pDAS-GNyaMuwXb7rjzdy62MaOMN2wMQ5kPcvpdjUyyAL1Fvp1QEldPwl6JXFn760etCuz01...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGFvP9J9pDAS-GNyaMuwXb7rjzdy62MaOMN2wMQ5kPcvpdjUyyAL1Fvp1QEldPwl6JXFn760etCuz01rY831Y0j1YsGFaxQC-g&google_hm=XtO9OExkTW-imgt69W...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGFvP9J9pDAS-GNyaMuwXb7rjzdy62MaOMN2wMQ5kPcvpdjUyyAL1Fvp1QEldPwl6JXFn760etCuz01rY831Y0j1YsGFaxQC-g&google_hm=XtO9OExkTW-imgt69WrKRoU
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:19 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGFvP9J9pDAS-GNyaMuwXb7rjzdy62MaOMN2wMQ5kPcvpdjUyyAL1Fvp1QEldPwl6JXFn760etCuz01rY831Y0j1YsGFaxQC-g&google_hm=XtO9OExkTW-imgt69WrKRoU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DFB2
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=--_q9P9NTsiwU1AjgFCSvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=--_q9P9NTsiwU1AjgFCSvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGGq_cDdwhF8R2haRJgGDORqpOhU3vzK8mzkZRfnJY3U8P6cqhWOWaClR4_4_HPv5T2HrV2Xq1NRdGRzvo9KEzI3fSDIvUjy
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=--_q9P9NTsiwU1AjgFCSvA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGGq_cDdwhF8R2haRJgGDORqpOhU3vzK8mzkZRfnJY3U8P6cqhWOWaClR4_4_HPv5T2HrV2Xq1NRdGRzvo9KEzI3fSDIvUjy
date
Mon, 03 Jul 2023 23:22:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame DFB2
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIJHSaxfn39X4IGv4nc048s&google_cver=1&google_push=AaAOQGGtpMdHIJDbp1e7CEBGNOkIWPR2uzY3MQUqpQll78q0C4nhBOVuNzw1nD5TyOupuNBAtm00Qr5sPz-ZFTOd...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGtpMdHIJDbp1e7CEBGNOkIWPR2uzY3MQUqpQll78q0C4nhBOVuNzw1nD5TyOupuNBAtm00Qr5sPz-ZFTOdS5trrddlTOnsVA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGtpMdHIJDbp1e7CEBGNOkIWPR2uzY3MQUqpQll78q0C4nhBOVuNzw1nD5TyOupuNBAtm00Qr5sPz-ZFTOdS5trrddlTOnsVA
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 03 Jul 2023 23:22:20 GMT
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGtpMdHIJDbp1e7CEBGNOkIWPR2uzY3MQUqpQll78q0C4nhBOVuNzw1nD5TyOupuNBAtm00Qr5sPz-ZFTOdS5trrddlTOnsVA
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
1Moq8Fo1YLsXH02UM9UYqRo2fPKlOhYmygoiDFGMt26hfzbD--xdow==
pixel
cm.g.doubleclick.net/ Frame DFB2
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKjgMMYak...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKj...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=1c746da5-88ee-4eac-8a85-6a58fa6f46e5&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=1c746da5-88ee-4eac-8a85-6a58fa6f46e5&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=1c746da5-88ee-4eac-8a85-6a58fa6f46e5&%%GOOGLE_PUSH_PAIR%%
date
Mon, 03 Jul 2023 23:22:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame DFB2 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KNeNcn3OcEX3Rl_QSHZYCbrfmcCe46jzNcWSQhxbE0h6jLfbLEERJ_UBAI67AmOL2V3nT0zg
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 4F5C 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Origin
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34185
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 13:52:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 4F5C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CpTQWZEECBWngQkxeZCp088yNXtQRHJICAOT_V0kkg3J42geynfFwOWPr4DSzXP07oUepW5dazbliV0ZtkerVEGKVEYe6xHuGpiCYvvFhAfP7csVI&cry=1&dbm_d=AKAmf-Ah11cdAnJZQRYWEFHaVWSOUF8ws9PRa-hVFutmX2dOm2PmdaiT4W6s8sqGVXFmRo7FUr1Yb_dsH9b2f0nz-RMxEwAqwcTvuChD_ezyPYXz1m0Y33C1XgOcF6u5iwMRCYTcvjSIJhCDGf1D3kKSZlgdH9ve7BuyElPqLF3OS8WQwwDMdz_49k19CAANRhWk2B2RzibwEo8YOxvAYpjMdvmKRXuu07tIy2NKhtD2lvEpMBu2DTwGtt88Nypjr9OdEqScLCNDQFb-OsY0hUh97o1RXOcNJXpkvYjZKsuv09B9M-cG-K8OqMY8gf7PiEMfGmX0nwgV4ZFGPVUizPDsM3kHbYKOgymyNEWko8rQSak2yrsTV-4axn0zyWGebNJkNM4sIY3l_nonYU2abxN6KnxZg8l63H-QBNM2WCyWn_zeVmgIEJ46tUD4xBmyUbpzwtZQaHAyf41_02gZ8K6hlfWxb-zGMuAUN0o3M2kU4nKgRogSH-eNhofZlylNawuCvfhD266AHzquUjEaoBG7qSXa2S41hZKqQsuHC_0LjadKXj_veZKFkGfkUWkS79qZQmUjAiq44Pg0qcQ3kFWvKJ3DBjQsEVP8dGHmaZxfxDX9D8AOfYbqa8hxVwN6LhpvSn_CZmc_eSqaKl_C--szfcff40A1YIT5H5VsszfIVTSn8QaZYS_4jMx73cLZUdHaYF4mzke5kLQP05hXSF62H-RMuu0J05UJnLrg4Grji2JXZcKaP_d-kwnvtYDnUFAcrJ4jtzFZCIYovfYzYUf2gjE3UV-jYK3OvUPHRxL_C24qI9u2PUNCY6ophuMhi-8uLFfjuYusH-wyFJaKcgfGtyB8GhXhZWvROE1nLmzbloGT1fkTYpVJy8Xdl8rVNMIXnj0sWWa-ALzwETalY6TH9p2IXxGKpxMEx9ua6ykoXRSdr97l95YNhM1qucUJyHHOwr5DhVkfwwBK1I7xvdSeZeVY157AnXMcBJ51po7xikT06ak_hlTKujjgZ7xdF3DkMIWPNHBeKUsUdy--bKO0MgiHJ69b6uoYRdoBjhzO1FsR08AGbPfpu0hlzvbD0VEsJ_wvy8pD4U8KvWrYQqkREh9jcYZxPSd5BmnhvzkueL0x_KoW8ora0IayuVhGGVYB-AtdEmgvsQZe5icThTU9f0u207c8MVhOI4lzvz-_-xRBnn5nE2RVe_neyFm09hzOIhKwgbchm9sX_ooatT3J0gXdsNWFkLzN79n-4NHzsmIAjuoTttl4gZL2BiYPzorX7Vao5OCLrlKjFCweAXAsYPXvTgBlTWEIvbZ3IaYmdpBDfVvUoXD0_PvItyUpmkKd6ErZgC5io4I3aDf44NEWbcKqFLACTc8dQKkjoEMHt0moCYYMNUj1LZFscXjiTqToOrZH96MbgoZQlFkkkSjHQGQFiSsTsOO97EVUxpteRvTV2RKE67SLjI2khvfMGoVXjWkwIPXR14OsIkow5CA1CzwyCB0Hhw6CrYazvLMJR-0RS2ruk92j0eZ4903YRh07nu9RRfYiaBJ8sYd-W89XJR1j4A8ePzZ4ErdktRYP9OgpwjnAFhDNB22cFoLWKhIgBDYZAgXVfbP-2JjRIT4lF2s2FOpG9ghglGNngVvCghnAdlyb_uaNC8WQlH3lPXZLgcm5QkwzuD5T1g-HxYTWrnGTZ384Y3HkDkfJ4HC0NQUkUhRh7yUZdKP4sYiMDiykxdScIARSUNTuysGbDdEqA9CybtcqV9pwX8z_fMRglvrAe6RtKPUA9VlkguVajPO32rNkFQYLf8MPjfpwJVJmBgdY30UvzYyAYC7fCiE9Po2qTCCX5Jjgh0SVJuiiOxeW8zOLzdvHGmU-sHysQyzLWwZVVvQGDataII4_2UiJYTawOvfwEYZDtrC1hZ_UAazARWuzPamztA33xWK90jt7Cwhd5PV3wBVf5D1eesCxgXnVdKJChcdoPxB8hCkIhrcSEEa2tr-L3JdI_4ToTBE5HB7qA76St5XkTwvYT-mc9Kox5MQ3e1zvBjlX2vo-nfYG2dLZpvaYUNcxxQ4TFuu5ud3pfrD-pAIpgPVXftNrGGpv5GzhH6Ahpb0E36vtiNjKzOxSt4raj03Hc0v4ubV70Z9ihdIO1kJ-IlxzpUmKxYob1HZfKfD3WSWBonxbhR4PGenE41UTagUskYRJBjZ48I1Sr9zYfSXPoe9ehkBDOKr4xcw81VUXC-wRDDHO-nUGUnQw-YK-BhaCDNwcb-FJYiTPkw3o37vi_LvpsvgBUeBqjZoFaGHQFqSPRYRreNTE__IKoRN0JyxCFWeVUWP6UF9VfrbUoJ_lLvTAgssqLxGeNgpfwmE80dOkedOu6trk6CIudHN_s9f65l70OEZbxKTaTjfiF5ak1LJAfly-y_Ovl-M8uWeHUdkFcwgdBNNWmLAz4RNagrZl82t4EF77pGAJjfLZWNfWz4C9cV3Spq39PipBAlZ6NAlK2fKZssi77fKAfhdsoV9IlBTOO5QivfWKApQ9PxnTg1SCJTWjEsLd7EPmmUurj4npkSZQsUjiI12HzjdrmA9uI-fC8LikTkuGLUPKM29i11XvtBz6wtQuhOYCmgSreCqoDW1P_A96FBstMQCsDytEK87uCLhFmNaPTWi_O1G0Iu3DhD8GfViPGUZ9y8CqSSmqyuZTh78ETM4Wa9OTQ0JzIshBEaHohCww6_FbYUcbSeS3Kbq4ytwfwePZ1qiWqcbWb89E6siYDSSZDSKA1SfbY4p4b7zwC4gW628HRWpEcLIYsdCluqHPZcssz-HIyWo1A2K1lm5ze71ePR5RZcBM06s9eaRnAuHiXiiKkjzo7SM-sy7-Sy3uprH0juRHUoJhNhZpHYTxD-sb5gVigJcmWtfinAk_-UM0f3buDHksh3SUOVkJj3Crx2mqKcw0hqtFhLfZViRDRKqBJdVHDwS6B5d4gIA8Fa5Hy28Dgubm1LaViDc7Y3WYTaQg7RUfEDPXWLruNIeeS6a-6o_iU2GME7j7-aeITX0bi08VoF59O5j2PhVPvwL1lSGjJ3MZ9Kq-IfbB1WSJzJ1Ogj60Z_aAj4ignMrKOYE6c4f1k98pvoUpKWrjN6_y6HYbmc8RSCrH_dSv4xTlZ4S_w3sEM4qjm4lrdH9aNbOeC0n-X2w4f2fcTJ77zDnh5CYHHtg-_YsqYBPbN3vzHDWBN2UFlzV3duQW4jwLrpKPqYUGkygGIanalNbyM9ovHzb23OyR65W8wt0Dav33JqMweGNeQskUHL4dCKlbiYnkyqHfLVEG3C3Sm-lOz-qDJim9Jyg2PK5QdzBLJMaVNChp99Z3I1gSo6GkdUXZXl2nojsxqP5hq7NXynxLLXWfmG1-sSlWqZYdzdwjawlFHj6ikCfpWKaR-acILOtci-5rSPJOgznCHLxCz_cgSt3xWL9RpS8idtqm4Rh1RGknMpvkAvLDq1HY8j_Id0LINK1fKEBQkvvSkCZX5q0gbA4LPLuzhw87xDfEasSEL9BLX884XT3booZyavnwCFVUW4JDkQArEqJapYsAd3jOBMi2C5h8NWIdwMU_c0HJ9CJYDAg00FMq8WF1rsS5m-L2uscocQzc__nBiDwkI5bBV_imZU5HVykzeyTbGZtSWlwS69X5cTLwIGGE6Zp2AoZ0cD3zJJvDg-0O2c63LmNf31vqBBTliuarm_JqEgidZfbKV48I8rG5HS4V6_VoiewUqVCXGSHJBrHOS5GAQ94mc_m_bK2YvOU&cid=CAQSOwBygQiDMzoSU9lK63anHlxMgylrB_z-PAkXqNXkWahw-H1Ni6lpYvnizRvJ60Po-XMyayKa86JaqQi9GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=10751858688525875000&adk=3587751834&idt=48&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 17:56:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:56:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 4F5C 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CpTQWZEECBWngQkxeZCp088yNXtQRHJICAOT_V0kkg3J42geynfFwOWPr4DSzXP07oUepW5dazbliV0ZtkerVEGKVEYe6xHuGpiCYvvFhAfP7csVI&cry=1&dbm_d=AKAmf-Ah11cdAnJZQRYWEFHaVWSOUF8ws9PRa-hVFutmX2dOm2PmdaiT4W6s8sqGVXFmRo7FUr1Yb_dsH9b2f0nz-RMxEwAqwcTvuChD_ezyPYXz1m0Y33C1XgOcF6u5iwMRCYTcvjSIJhCDGf1D3kKSZlgdH9ve7BuyElPqLF3OS8WQwwDMdz_49k19CAANRhWk2B2RzibwEo8YOxvAYpjMdvmKRXuu07tIy2NKhtD2lvEpMBu2DTwGtt88Nypjr9OdEqScLCNDQFb-OsY0hUh97o1RXOcNJXpkvYjZKsuv09B9M-cG-K8OqMY8gf7PiEMfGmX0nwgV4ZFGPVUizPDsM3kHbYKOgymyNEWko8rQSak2yrsTV-4axn0zyWGebNJkNM4sIY3l_nonYU2abxN6KnxZg8l63H-QBNM2WCyWn_zeVmgIEJ46tUD4xBmyUbpzwtZQaHAyf41_02gZ8K6hlfWxb-zGMuAUN0o3M2kU4nKgRogSH-eNhofZlylNawuCvfhD266AHzquUjEaoBG7qSXa2S41hZKqQsuHC_0LjadKXj_veZKFkGfkUWkS79qZQmUjAiq44Pg0qcQ3kFWvKJ3DBjQsEVP8dGHmaZxfxDX9D8AOfYbqa8hxVwN6LhpvSn_CZmc_eSqaKl_C--szfcff40A1YIT5H5VsszfIVTSn8QaZYS_4jMx73cLZUdHaYF4mzke5kLQP05hXSF62H-RMuu0J05UJnLrg4Grji2JXZcKaP_d-kwnvtYDnUFAcrJ4jtzFZCIYovfYzYUf2gjE3UV-jYK3OvUPHRxL_C24qI9u2PUNCY6ophuMhi-8uLFfjuYusH-wyFJaKcgfGtyB8GhXhZWvROE1nLmzbloGT1fkTYpVJy8Xdl8rVNMIXnj0sWWa-ALzwETalY6TH9p2IXxGKpxMEx9ua6ykoXRSdr97l95YNhM1qucUJyHHOwr5DhVkfwwBK1I7xvdSeZeVY157AnXMcBJ51po7xikT06ak_hlTKujjgZ7xdF3DkMIWPNHBeKUsUdy--bKO0MgiHJ69b6uoYRdoBjhzO1FsR08AGbPfpu0hlzvbD0VEsJ_wvy8pD4U8KvWrYQqkREh9jcYZxPSd5BmnhvzkueL0x_KoW8ora0IayuVhGGVYB-AtdEmgvsQZe5icThTU9f0u207c8MVhOI4lzvz-_-xRBnn5nE2RVe_neyFm09hzOIhKwgbchm9sX_ooatT3J0gXdsNWFkLzN79n-4NHzsmIAjuoTttl4gZL2BiYPzorX7Vao5OCLrlKjFCweAXAsYPXvTgBlTWEIvbZ3IaYmdpBDfVvUoXD0_PvItyUpmkKd6ErZgC5io4I3aDf44NEWbcKqFLACTc8dQKkjoEMHt0moCYYMNUj1LZFscXjiTqToOrZH96MbgoZQlFkkkSjHQGQFiSsTsOO97EVUxpteRvTV2RKE67SLjI2khvfMGoVXjWkwIPXR14OsIkow5CA1CzwyCB0Hhw6CrYazvLMJR-0RS2ruk92j0eZ4903YRh07nu9RRfYiaBJ8sYd-W89XJR1j4A8ePzZ4ErdktRYP9OgpwjnAFhDNB22cFoLWKhIgBDYZAgXVfbP-2JjRIT4lF2s2FOpG9ghglGNngVvCghnAdlyb_uaNC8WQlH3lPXZLgcm5QkwzuD5T1g-HxYTWrnGTZ384Y3HkDkfJ4HC0NQUkUhRh7yUZdKP4sYiMDiykxdScIARSUNTuysGbDdEqA9CybtcqV9pwX8z_fMRglvrAe6RtKPUA9VlkguVajPO32rNkFQYLf8MPjfpwJVJmBgdY30UvzYyAYC7fCiE9Po2qTCCX5Jjgh0SVJuiiOxeW8zOLzdvHGmU-sHysQyzLWwZVVvQGDataII4_2UiJYTawOvfwEYZDtrC1hZ_UAazARWuzPamztA33xWK90jt7Cwhd5PV3wBVf5D1eesCxgXnVdKJChcdoPxB8hCkIhrcSEEa2tr-L3JdI_4ToTBE5HB7qA76St5XkTwvYT-mc9Kox5MQ3e1zvBjlX2vo-nfYG2dLZpvaYUNcxxQ4TFuu5ud3pfrD-pAIpgPVXftNrGGpv5GzhH6Ahpb0E36vtiNjKzOxSt4raj03Hc0v4ubV70Z9ihdIO1kJ-IlxzpUmKxYob1HZfKfD3WSWBonxbhR4PGenE41UTagUskYRJBjZ48I1Sr9zYfSXPoe9ehkBDOKr4xcw81VUXC-wRDDHO-nUGUnQw-YK-BhaCDNwcb-FJYiTPkw3o37vi_LvpsvgBUeBqjZoFaGHQFqSPRYRreNTE__IKoRN0JyxCFWeVUWP6UF9VfrbUoJ_lLvTAgssqLxGeNgpfwmE80dOkedOu6trk6CIudHN_s9f65l70OEZbxKTaTjfiF5ak1LJAfly-y_Ovl-M8uWeHUdkFcwgdBNNWmLAz4RNagrZl82t4EF77pGAJjfLZWNfWz4C9cV3Spq39PipBAlZ6NAlK2fKZssi77fKAfhdsoV9IlBTOO5QivfWKApQ9PxnTg1SCJTWjEsLd7EPmmUurj4npkSZQsUjiI12HzjdrmA9uI-fC8LikTkuGLUPKM29i11XvtBz6wtQuhOYCmgSreCqoDW1P_A96FBstMQCsDytEK87uCLhFmNaPTWi_O1G0Iu3DhD8GfViPGUZ9y8CqSSmqyuZTh78ETM4Wa9OTQ0JzIshBEaHohCww6_FbYUcbSeS3Kbq4ytwfwePZ1qiWqcbWb89E6siYDSSZDSKA1SfbY4p4b7zwC4gW628HRWpEcLIYsdCluqHPZcssz-HIyWo1A2K1lm5ze71ePR5RZcBM06s9eaRnAuHiXiiKkjzo7SM-sy7-Sy3uprH0juRHUoJhNhZpHYTxD-sb5gVigJcmWtfinAk_-UM0f3buDHksh3SUOVkJj3Crx2mqKcw0hqtFhLfZViRDRKqBJdVHDwS6B5d4gIA8Fa5Hy28Dgubm1LaViDc7Y3WYTaQg7RUfEDPXWLruNIeeS6a-6o_iU2GME7j7-aeITX0bi08VoF59O5j2PhVPvwL1lSGjJ3MZ9Kq-IfbB1WSJzJ1Ogj60Z_aAj4ignMrKOYE6c4f1k98pvoUpKWrjN6_y6HYbmc8RSCrH_dSv4xTlZ4S_w3sEM4qjm4lrdH9aNbOeC0n-X2w4f2fcTJ77zDnh5CYHHtg-_YsqYBPbN3vzHDWBN2UFlzV3duQW4jwLrpKPqYUGkygGIanalNbyM9ovHzb23OyR65W8wt0Dav33JqMweGNeQskUHL4dCKlbiYnkyqHfLVEG3C3Sm-lOz-qDJim9Jyg2PK5QdzBLJMaVNChp99Z3I1gSo6GkdUXZXl2nojsxqP5hq7NXynxLLXWfmG1-sSlWqZYdzdwjawlFHj6ikCfpWKaR-acILOtci-5rSPJOgznCHLxCz_cgSt3xWL9RpS8idtqm4Rh1RGknMpvkAvLDq1HY8j_Id0LINK1fKEBQkvvSkCZX5q0gbA4LPLuzhw87xDfEasSEL9BLX884XT3booZyavnwCFVUW4JDkQArEqJapYsAd3jOBMi2C5h8NWIdwMU_c0HJ9CJYDAg00FMq8WF1rsS5m-L2uscocQzc__nBiDwkI5bBV_imZU5HVykzeyTbGZtSWlwS69X5cTLwIGGE6Zp2AoZ0cD3zJJvDg-0O2c63LmNf31vqBBTliuarm_JqEgidZfbKV48I8rG5HS4V6_VoiewUqVCXGSHJBrHOS5GAQ94mc_m_bK2YvOU&cid=CAQSOwBygQiDMzoSU9lK63anHlxMgylrB_z-PAkXqNXkWahw-H1Ni6lpYvnizRvJ60Po-XMyayKa86JaqQi9GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=10751858688525875000&adk=3587751834&idt=48&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 17:56:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11545
x-xss-protection
0
server
cafe
etag
12064860844701496540
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:56:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4F5C 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:09:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
490371
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jun 2024 07:09:29 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E087 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23384
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 16:52:36 GMT
etag
48472445140208031
expires
Tue, 04 Jul 2023 16:52:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4E3E 		205 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e5520ba075994b3e2332e7fa5c711892423b375175cf94a314d7572fef0d1fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AACF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23384
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 16:52:36 GMT
etag
48472445140208031
expires
Tue, 04 Jul 2023 16:52:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 629F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afc10e1ac098f95e336e080366c3ab7391534d94a0d33e44574cdf8e14324b43

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C8EE 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23384
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 16:52:36 GMT
etag
48472445140208031
expires
Tue, 04 Jul 2023 16:52:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4F5C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04919d53426e5299acd085555cdb0c6ed43c4c4dc050bf23181f09509d4cc2f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 48DC 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34185
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 13:52:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 48DC 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVvqG1mgzTPCwt8dayS55aAhaM_Xyfo3Lr3YG0wRLtHFj9uc-9BkakiEnoxUFjwsLQoYY0j26T65nps86TzeUyLG8dkufLHPoQQqhoDN_KtiBlpWI&cry=1&dbm_d=AKAmf-A5fDKpkvTe8Q8Gr2OoZiH5E94AWF-ndzenAsurdmPaFuK9epxZ8N5KvV2EGVtlQsnOStpSo3v6F1wk27rdUn-LIwpN1ALlZ96Ux9quxjHwUfowhu8CuscpFYOKGB4ONdSh6nHxnkOL2g-6FY05lPF_wfHGcL_8XbYZJ9UJOV4JUBDN362SgtZCW7HYeCqTJWsfDuJDyN_mK3204xpEoEYCyxcR1QbZK_DVInummCPH9J70l_2_ANSa2DoujYNJg3eGsQz6DMoCuR14CBzDVo23utJ-zAOZ_vwKWbSLdQMtoiZRPJi_HT4RSS78FtTdlwyXRyKhsEawV3PiVXoOAOZz05vogEsSPqy3NQ5xFctBI7Qbh2Igct8hThtOP-M-YIEWaPiMJAxwy4z5wl3aQV0-lSbSDSG0M2KMoc-EagZgMEDYMNowiaZQJAxopSQqTZDyqcToq0l7sOweOQn33XgX6XtckDqoOufQYlnw01LFRUWobNug-vqvhKwm0cWfeN-tO-sxUsKpnYd1mH4vZbtxYN3cQJKvUlyNpx0_xqlRV_UwLVu1PmegvZDlZPy3LUVKIBkvjoRY_h1vKAkmbjMyK0LcVulLGZrxLVaN1peMM7RjF2pK0_maGFNA-mdmllcyk8n2IVFE5uj5RIvH6ptcov9H0k8I142IB2KY2I9kE3vAan2QO5ACZ1yWsW62h4Ntntb2JC9AqXseg4_Yi3L7ACZWr7FsLloRCITlbDmWyObVCr00VRZ37oeUa2WBsKIn5bAuVfherz9dcD9Jsl0sGnGWolsQn77O2WZ9Mtnvydxxk60VJCzTVzfsajNlZVKF42-DM7BNx4mMhSiupe0tO3lNKjCegBVz2FAl2BhDR_V4yKWIQZ4VngK1CTZji7VQUh6DjmgJgeCobaCUnvl9GEMbFhtUQI7xlBQDA26LQP6a-FCUW2OB3UeEkGOHyJFzCMpKStxhqWf4OodOC2HorvzikweFnUXZOXJzZ0U0KHTB8XwqSpzpeiMQQq7Y3UI5CqtDR6MqE_qsyx3MdOUyMkBel8do-OszbYNLRYHfKOIgXBOYZ8eiqFGhE6Dmzjh1aYNjXBN8Q_rYjv09rMoflBsjfeAKa7VEblef8pCcHmuGpczoOCPabZNmtpMLbymK0O7_lUNTMa-KzEFyMM2ELP6sc_wg6MufSQzGxi97kQwkODEeRUMipVC5CtDrob0SoGGD-mKtg0UOKCxRxuT7B3o7UI1iO622drtsDoPHtFxpJspeyjVDvotYUIYDeeNjgwSXiriz-MpbCI9O5CUMHvtigmcmWfozyQfa-x3upOHX6gHO-786nk0vJl2Eam4lPR7ihEFqT9ZFKbtpjdnVHBnZh3LuW8bDxjcdkd2LuXbC5KrCWU73ZpFb6XRU_-a8qmcyCUtVQ58gUYr6aV6-CFO6qQpQ4XeItOZ_MDYlM4YC5ApI4bN-zcd-w5TPmw36--5cGnb2iGLJa9mUcPdaD2qNuLVo-F9ydTTGzuDGG8CufTwNYPQu9vbQldNfuNrfUBEY5ukbWjJjCSGlamo21KF707n5Alu6ya8fYU5cbdHB_nV7gFrBkj40UdrMNrqsIuPavsfk5vV24hAIk8-W9CHRzMqWk_MBsednfJvWcgX9Bq-Uyp4cIIZiKo7GqogOIKmnp88ZLeKsLp76uR9fwlnRjvn912Pkr-DMdfRUZe7AwK1WZYJ7VXjgMiswDZx9_ONKdCion1qeFdOW-OBYrvQt-9nYgI9QvPDLE3twXtAjMgHtU3yjC40pfSJjpgYU4E8mjYW0Ud4cw-lIfuTotLFfAOXlTrkH961TApZvS-10BHr4MICFP53A3xpRVdPr9iaRP73saJFCMC1sjZZ-zTdW1la93beHHZw9-eWX6HCqC5dnhIHAY48gbnpOwarO9NcVPCQnx0qzdYZRoCP2E7fdqs1gnAuXm0D8z9XCb5Vl7apb5sABiYYNUkVLxPyD3mIMeAuxavUxP7r0jmvNeQ4-JSyiJKd_keoJ0aY5qsBrrfiXFcicfU9VmagZl0mVSPGOvNJLblMZRbxYGVw021ymsWkqfETaHRGhxXgIj9PYnO3qbJnLpaBr7_gtPKIBDBRBJXhx9NxpJwBoaDdvhScLXjgGwIwjsAnWWCP0m4vTE7ZzMY8uhZ3024kMUIu2Ws1xkCSgyeHcZH1QGFQUDd5aE4EPJFARA65LjaHcGSc-6cvhhJSv9NaFjU0mY-h5Zz6fj5XclVnoN2cDzcDC0eGnmKQgX5eaPAPIJj3IejGc03lVUmMpyxN8duOwQRVeIOujtF0Hw5ZdCXFKLE8pFIANmf_aH2joP81GblAE-xqB9kJbxBbWkvIxIJLqFSgOj61MwiQIZvs2l9Bs_64T7doG7Zh3IrIi5Uol7smzFvnjb4RaTdy_k4R8epQ1Ze-qiVXItOfH6ohL6tpFI8ULCeX4lwulP_scrBsoJy63OxICEZtjV3NCYcltsCnkjwPfCoxCUt4tCpvOKO8AanHO-t9HtpUTLfkTa5LvueFIQA1Wmp6VKGAymg8cd0mVhH4nn9Lhbh4MiAXFETig6wcS9ACyF9oU3MwD6dHC5ItYVAamei4DGBFBDbmnVIjziSt1wvPX35pVOOzMfVBCHjTo5U5NIpovrGuZhH4EEUX6zsJuT1aW4KPgrrPVgNCQj-lasPJ80vdOj6G9NECAnniE9Qp73pwmi72PiZ1gt8GHcCt4aFXlvhEdoi9L_MrD8NIm5oPemlto-MdLvxuaGC93Yjf8vKZvfXNqzeVu1agPkLxnyQOh5sXbesJZ1f1j3gPMI7wabh7kQuYc7RIy0wiaraFNO8pnHT9KoJcZ-ZuUVDGQTEUD4Gmx3E2uLzeCrDpWUBiRCI601oLKUIdQgRnuQYV2emqp0or1NO-UoiXDmApFz7YCzD2MNA_uNaveHtWcMdu92XyJdO2Ou19C4zXNhDRMyiezKKNAWV7ResdPOeVEzlv2mp0Om6wfsAzsIq9mEkspkDbCh1TNsL_VuKWkIXke_cQzdz1hy8O7MtLCOWjoi8pEHUXX1OzMr-w1oQVM8e34MfdIgTnawnuo3SqAPpqM8v6oFBWA-fTGAEopfvPoCebdyGTjZIP5UCfwvN-WtZ8ZSIlIB5TUfHUzt5QzLNft0EOVK7eNEH-mSIKNjifm1ljU_eYiZSCOxailNV0R6Vi1F88YXcQorqTyfpafo7MABjRziUOhGT0jt1uKgONvhOI8mLj2yWO2LTI6Q4D6TMt67XBRc6OCXm4lNRf8q4fyABXg68c1ZkOy53v7DMXFHrUj-ITng2qnzQC5_jU5zgsl68Vw2iWg8-DjPeDQewEjv7pKDG-GMlqxdzFm7qfAzVzHvtDBbNCB4c0QRvNHNagjOSqxHDMSbWPtQPd8jJk9ioy-V26pn8wjjAJ3sUREixvcHSeZyxPiW07PIJi8pyvSrOoiv9Y_nwzpubOJHwrKaetyLw5tvmYTjWFOe47v3rO_d2DMw3Au2expJ4_MI2virFIN-Ajbg7VENguNjh7Evb7pL7YluT3_l-lyqJiWNpoBC34xgmX975MQE3vLxBbsv7ydVXrGoWd3GWlEE1RPsAFzisPNzyJRMlzrVcIhTW9H5kwJvnh802946_Ztuy-kA0TlmOt0PS5aAXdUuyN2XvjNe54EZ7rfpHCGR58PBEC7aMfUx9PQ1Npb6tji5VrELVI9RQN771y6TmKT0Zg6LA&cid=CAQSKQBygQiD17CB29X2JQH2g7jr1qPQUrILqROc7n0SgPvutoUlsMqMhmNgGAE&dc_eid=31075530&dv3_ver=m202306200101&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=13506009272160895000&adk=2719198038&idt=88&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 17:56:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:56:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 48DC 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVvqG1mgzTPCwt8dayS55aAhaM_Xyfo3Lr3YG0wRLtHFj9uc-9BkakiEnoxUFjwsLQoYY0j26T65nps86TzeUyLG8dkufLHPoQQqhoDN_KtiBlpWI&cry=1&dbm_d=AKAmf-A5fDKpkvTe8Q8Gr2OoZiH5E94AWF-ndzenAsurdmPaFuK9epxZ8N5KvV2EGVtlQsnOStpSo3v6F1wk27rdUn-LIwpN1ALlZ96Ux9quxjHwUfowhu8CuscpFYOKGB4ONdSh6nHxnkOL2g-6FY05lPF_wfHGcL_8XbYZJ9UJOV4JUBDN362SgtZCW7HYeCqTJWsfDuJDyN_mK3204xpEoEYCyxcR1QbZK_DVInummCPH9J70l_2_ANSa2DoujYNJg3eGsQz6DMoCuR14CBzDVo23utJ-zAOZ_vwKWbSLdQMtoiZRPJi_HT4RSS78FtTdlwyXRyKhsEawV3PiVXoOAOZz05vogEsSPqy3NQ5xFctBI7Qbh2Igct8hThtOP-M-YIEWaPiMJAxwy4z5wl3aQV0-lSbSDSG0M2KMoc-EagZgMEDYMNowiaZQJAxopSQqTZDyqcToq0l7sOweOQn33XgX6XtckDqoOufQYlnw01LFRUWobNug-vqvhKwm0cWfeN-tO-sxUsKpnYd1mH4vZbtxYN3cQJKvUlyNpx0_xqlRV_UwLVu1PmegvZDlZPy3LUVKIBkvjoRY_h1vKAkmbjMyK0LcVulLGZrxLVaN1peMM7RjF2pK0_maGFNA-mdmllcyk8n2IVFE5uj5RIvH6ptcov9H0k8I142IB2KY2I9kE3vAan2QO5ACZ1yWsW62h4Ntntb2JC9AqXseg4_Yi3L7ACZWr7FsLloRCITlbDmWyObVCr00VRZ37oeUa2WBsKIn5bAuVfherz9dcD9Jsl0sGnGWolsQn77O2WZ9Mtnvydxxk60VJCzTVzfsajNlZVKF42-DM7BNx4mMhSiupe0tO3lNKjCegBVz2FAl2BhDR_V4yKWIQZ4VngK1CTZji7VQUh6DjmgJgeCobaCUnvl9GEMbFhtUQI7xlBQDA26LQP6a-FCUW2OB3UeEkGOHyJFzCMpKStxhqWf4OodOC2HorvzikweFnUXZOXJzZ0U0KHTB8XwqSpzpeiMQQq7Y3UI5CqtDR6MqE_qsyx3MdOUyMkBel8do-OszbYNLRYHfKOIgXBOYZ8eiqFGhE6Dmzjh1aYNjXBN8Q_rYjv09rMoflBsjfeAKa7VEblef8pCcHmuGpczoOCPabZNmtpMLbymK0O7_lUNTMa-KzEFyMM2ELP6sc_wg6MufSQzGxi97kQwkODEeRUMipVC5CtDrob0SoGGD-mKtg0UOKCxRxuT7B3o7UI1iO622drtsDoPHtFxpJspeyjVDvotYUIYDeeNjgwSXiriz-MpbCI9O5CUMHvtigmcmWfozyQfa-x3upOHX6gHO-786nk0vJl2Eam4lPR7ihEFqT9ZFKbtpjdnVHBnZh3LuW8bDxjcdkd2LuXbC5KrCWU73ZpFb6XRU_-a8qmcyCUtVQ58gUYr6aV6-CFO6qQpQ4XeItOZ_MDYlM4YC5ApI4bN-zcd-w5TPmw36--5cGnb2iGLJa9mUcPdaD2qNuLVo-F9ydTTGzuDGG8CufTwNYPQu9vbQldNfuNrfUBEY5ukbWjJjCSGlamo21KF707n5Alu6ya8fYU5cbdHB_nV7gFrBkj40UdrMNrqsIuPavsfk5vV24hAIk8-W9CHRzMqWk_MBsednfJvWcgX9Bq-Uyp4cIIZiKo7GqogOIKmnp88ZLeKsLp76uR9fwlnRjvn912Pkr-DMdfRUZe7AwK1WZYJ7VXjgMiswDZx9_ONKdCion1qeFdOW-OBYrvQt-9nYgI9QvPDLE3twXtAjMgHtU3yjC40pfSJjpgYU4E8mjYW0Ud4cw-lIfuTotLFfAOXlTrkH961TApZvS-10BHr4MICFP53A3xpRVdPr9iaRP73saJFCMC1sjZZ-zTdW1la93beHHZw9-eWX6HCqC5dnhIHAY48gbnpOwarO9NcVPCQnx0qzdYZRoCP2E7fdqs1gnAuXm0D8z9XCb5Vl7apb5sABiYYNUkVLxPyD3mIMeAuxavUxP7r0jmvNeQ4-JSyiJKd_keoJ0aY5qsBrrfiXFcicfU9VmagZl0mVSPGOvNJLblMZRbxYGVw021ymsWkqfETaHRGhxXgIj9PYnO3qbJnLpaBr7_gtPKIBDBRBJXhx9NxpJwBoaDdvhScLXjgGwIwjsAnWWCP0m4vTE7ZzMY8uhZ3024kMUIu2Ws1xkCSgyeHcZH1QGFQUDd5aE4EPJFARA65LjaHcGSc-6cvhhJSv9NaFjU0mY-h5Zz6fj5XclVnoN2cDzcDC0eGnmKQgX5eaPAPIJj3IejGc03lVUmMpyxN8duOwQRVeIOujtF0Hw5ZdCXFKLE8pFIANmf_aH2joP81GblAE-xqB9kJbxBbWkvIxIJLqFSgOj61MwiQIZvs2l9Bs_64T7doG7Zh3IrIi5Uol7smzFvnjb4RaTdy_k4R8epQ1Ze-qiVXItOfH6ohL6tpFI8ULCeX4lwulP_scrBsoJy63OxICEZtjV3NCYcltsCnkjwPfCoxCUt4tCpvOKO8AanHO-t9HtpUTLfkTa5LvueFIQA1Wmp6VKGAymg8cd0mVhH4nn9Lhbh4MiAXFETig6wcS9ACyF9oU3MwD6dHC5ItYVAamei4DGBFBDbmnVIjziSt1wvPX35pVOOzMfVBCHjTo5U5NIpovrGuZhH4EEUX6zsJuT1aW4KPgrrPVgNCQj-lasPJ80vdOj6G9NECAnniE9Qp73pwmi72PiZ1gt8GHcCt4aFXlvhEdoi9L_MrD8NIm5oPemlto-MdLvxuaGC93Yjf8vKZvfXNqzeVu1agPkLxnyQOh5sXbesJZ1f1j3gPMI7wabh7kQuYc7RIy0wiaraFNO8pnHT9KoJcZ-ZuUVDGQTEUD4Gmx3E2uLzeCrDpWUBiRCI601oLKUIdQgRnuQYV2emqp0or1NO-UoiXDmApFz7YCzD2MNA_uNaveHtWcMdu92XyJdO2Ou19C4zXNhDRMyiezKKNAWV7ResdPOeVEzlv2mp0Om6wfsAzsIq9mEkspkDbCh1TNsL_VuKWkIXke_cQzdz1hy8O7MtLCOWjoi8pEHUXX1OzMr-w1oQVM8e34MfdIgTnawnuo3SqAPpqM8v6oFBWA-fTGAEopfvPoCebdyGTjZIP5UCfwvN-WtZ8ZSIlIB5TUfHUzt5QzLNft0EOVK7eNEH-mSIKNjifm1ljU_eYiZSCOxailNV0R6Vi1F88YXcQorqTyfpafo7MABjRziUOhGT0jt1uKgONvhOI8mLj2yWO2LTI6Q4D6TMt67XBRc6OCXm4lNRf8q4fyABXg68c1ZkOy53v7DMXFHrUj-ITng2qnzQC5_jU5zgsl68Vw2iWg8-DjPeDQewEjv7pKDG-GMlqxdzFm7qfAzVzHvtDBbNCB4c0QRvNHNagjOSqxHDMSbWPtQPd8jJk9ioy-V26pn8wjjAJ3sUREixvcHSeZyxPiW07PIJi8pyvSrOoiv9Y_nwzpubOJHwrKaetyLw5tvmYTjWFOe47v3rO_d2DMw3Au2expJ4_MI2virFIN-Ajbg7VENguNjh7Evb7pL7YluT3_l-lyqJiWNpoBC34xgmX975MQE3vLxBbsv7ydVXrGoWd3GWlEE1RPsAFzisPNzyJRMlzrVcIhTW9H5kwJvnh802946_Ztuy-kA0TlmOt0PS5aAXdUuyN2XvjNe54EZ7rfpHCGR58PBEC7aMfUx9PQ1Npb6tji5VrELVI9RQN771y6TmKT0Zg6LA&cid=CAQSKQBygQiD17CB29X2JQH2g7jr1qPQUrILqROc7n0SgPvutoUlsMqMhmNgGAE&dc_eid=31075530&dv3_ver=m202306200101&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=13506009272160895000&adk=2719198038&idt=88&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 17:56:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
19542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11545
x-xss-protection
0
server
cafe
etag
12064860844701496540
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Jul 2023 17:56:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 48DC 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 07:09:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
490371
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jun 2024 07:09:29 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5777
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ0iiHSqS880bX8-CTG7ct8&google_cver=1&google_push=AaAOQGGipo4Zkh_T8XaK7KXdh8kJfNJjjwx_vJToIRJKwVEuirVJbJt5pkX4ANkOfLBVaWFCr7O3PyGkWtAnOWUbj2XNBYOu0pK3
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzYxMDkwMjk1ODQ0OTY0MTgyOA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC9F1MYdx8AefsE85k6cWtk&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC9F1MYdx8AefsE85k6cWtk&google_cver=1
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC9F1MYdx8AefsE85k6cWtk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5777
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBkCBhct1CVrcm4IqvqaIp4&google_cver=1&google_push=AaAOQGG8T2QfCD04OCLQ4cpgARsZwP43bJppqwckJFdmTGdyWnJkMQj0r5xUFn5P5PfibGj2IByUu9pKBCjpclYK...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGG8T2QfCD04OCLQ4cpgARsZwP43bJppqwckJFdmTGdyWnJkMQj0r5xUFn5P5PfibGj2IByUu9pKBCjpclYKFp7J8R-Q5jdb
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGG8T2QfCD04OCLQ4cpgARsZwP43bJppqwckJFdmTGdyWnJkMQj0r5xUFn5P5PfibGj2IByUu9pKBCjpclYKFp7J8R-Q5jdb
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 03 Jul 2023 23:22:20 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x16 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGG8T2QfCD04OCLQ4cpgARsZwP43bJppqwckJFdmTGdyWnJkMQj0r5xUFn5P5PfibGj2IByUu9pKBCjpclYKFp7J8R-Q5jdb
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 03 Jul 2023 23:22:19 GMT
pixel
cm.g.doubleclick.net/ Frame 5777
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAgaMCCNYre0XPGBj36dGkU&google_push=AaAOQGHfRsTxGqMh10UjLpDtOB-XeNmFXlUgfsH6d1jxASBjO08x_gnM6h...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAgaMCCNYre0XPGBj36dGkU&google_push=AaAOQGHfRsTxGqMh10UjLpDtOB-XeNmFXlUgfsH6d1jxASBjO08x_gnM6hwaNxRVM0fS7cfjPlq4Jusd0r4zJGXw9w3-x0_GsNGV
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220023-FRA
pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1688426541.676212,VS0,VE94
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAgaMCCNYre0XPGBj36dGkU&google_push=AaAOQGHfRsTxGqMh10UjLpDtOB-XeNmFXlUgfsH6d1jxASBjO08x_gnM6hwaNxRVM0fS7cfjPlq4Jusd0r4zJGXw9w3-x0_GsNGV
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 5777 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPYWAPCRLKI-OXOsT06QtNg&google_cver=1&google_push=AaAOQGHcnLXIO61_htBi2x_eWLudV7AnqsrMQ2nh61e2Y_ADDVUi2F8rt9wQga5ZaMZNKkIJQtdSQWMiOSSRxp9mDxqjoTMzKZo
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5777
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESENIO_rqlBi5gcdALsIb7_wk&google_cver=1&google_push=AaAOQGEa0Cqmksa7RZhFKEzTCI8wIE1Hi8lb7xH0fKYlzv5qdM86tc8D3GXHJHshSbJYEjyFlYVpjM9r3TN773vb...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5KVAgs5XQ62wcyq0qHRZQw2&google_push=AaAOQGEa0Cqmksa7RZhFKEzTCI8wIE1Hi8lb7xH0fKYlzv5qdM86tc8D3GXHJHshSbJYEjyFlYVpjM9r3TN773vbogc7p65A_uCU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5KVAgs5XQ62wcyq0qHRZQw2&google_push=AaAOQGEa0Cqmksa7RZhFKEzTCI8wIE1Hi8lb7xH0fKYlzv5qdM86tc8D3GXHJHshSbJYEjyFlYVpjM9r3TN773vbogc7p65A_uCU
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 03 Jul 2023 23:22:20 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5KVAgs5XQ62wcyq0qHRZQw2&google_push=AaAOQGEa0Cqmksa7RZhFKEzTCI8wIE1Hi8lb7xH0fKYlzv5qdM86tc8D3GXHJHshSbJYEjyFlYVpjM9r3TN773vbogc7p65A_uCU
x-host
tde-deliveryengine-production-7c97bc8457-bn8lx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5777
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENAb4CE_Zl6HV5ecRDTZmRc&google_cver=1&google_push=AaAOQGFMCEVM74I-uwEj7sl398hYnKFY-u8WyuGArilOD_Eqqju_E6GtbGgX4oNHmVgeC2NihCmRGbKN...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENAb4CE_Zl6HV5ecRDTZmRc&google_cver=1&google_push=AaAOQGFMCEVM74I-uwEj7sl398hYnKFY-u8WyuGArilOD_Eqqju_E6GtbGgX4oNHmVgeC2NihCm...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ3MTk3MDk3NjI3MDc4MDc0NA&google_push=AaAOQGFMCEVM74I-uwEj7sl398hYnKFY-u8WyuGArilOD_Eqqju_E6GtbGgX4oNHmVgeC2NihCmRGb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ3MTk3MDk3NjI3MDc4MDc0NA&google_push=AaAOQGFMCEVM74I-uwEj7sl398hYnKFY-u8WyuGArilOD_Eqqju_E6GtbGgX4oNHmVgeC2NihCmRGbKNmkT5T8WHkJqjVU4OJsGb
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ3MTk3MDk3NjI3MDc4MDc0NA&google_push=AaAOQGFMCEVM74I-uwEj7sl398hYnKFY-u8WyuGArilOD_Eqqju_E6GtbGgX4oNHmVgeC2NihCmRGbKNmkT5T8WHkJqjVU4OJsGb
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
ups.analytics.yahoo.com/ups/58281/ Frame 5777 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJMmWTRQC2-9F6kgpmsZPcM&google_cver=1&google_push=AaAOQGHwN2sDmf6oMwq1P6ucSxm2L1pvIq-IDDS8mXT1IC2zn3WHPVgCDGWxGNdEFGLkiiNsxr9Fl1dUGqHZvrKH-EIr9FmsHjtZ0w
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 5777 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LpiD8XyaObWRMI_wYyUyM2a8Qoc3geeM9kjtVv0AyyWJhJxE3LTOb8GbTiyjtPDmJ9_Yv-2Q
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/ Frame 6BA3 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
879254ae9fd0631033574177bb532d71a1c3fe654135fbf1ccafd7740884f451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
303973
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3998
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 10:56:07 GMT
expires
Sat, 29 Jun 2024 10:56:07 GMT
last-modified
Wed, 03 Aug 2022 14:03:37 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 629F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstq7kgbEyz6cLqHDDC3yE-prwRzUbxbV0njeZk_a4z5TlZwsmXoTv8jPaX_jN6ebAoEhPv2_aXPCQVuSxklgKefdUhN_allcRaoPhz7LSkiIxAf5zGv6gysG7xyTsUTCU3af7uyIwRb8t3EmUyKlKI_16uY4VAsU4ol1l9UITqBx0PELJaGTcls310j3SC9igTsu1N3BDe7FOfR7xuWhKUR7yKysrzEe-NAKrEfq86DKA3CCNmEEgiG-MEcuj2Ub7pRJfTR0eI6vlrdc4Fe3kV4BBI5BfHk9mf_jGA_6giLqUyXpOI0pvPj6DtgRoMR5sf86O5FtAXbqZqJQ5T4ZjlZQqz0Pi282QTx6e3d3WgI5c6JfnIfqfilm8daLfaUxggYwJ3NkiOT_DX1RECw36Fy7C-wfuczZcYMjGOoMAGMwds5d_dmE2nTptjODpQ2BsCg_nEF5SGyfKjBU8pke_XNbo8tG-MrGS5PkiMTKJF5JzwBnT_7y0gYVAkNmK6579LSeQUH-PhZuZ29EVkuqDonMeW2q8tAWWLkIFnQVHIKWl4idB_am_S57d8InIcNi9oqpKN_IeuyYl9s69S3K587KkTTEI2R4Cy4Vqgimn_f_X-eHSMYOXQ588oVUVcm2FGlSx8Q9A1TXwBwEPDaPFKpaouf15YJl6yhz2KzrFSIEVK8mDSvwcGDI1gEo29GzBOBob5TS5xd0LQ1xcGkjKQVsdlC-VV-6ht7L3IVFDEjXN-ACCMxIyeJMxV8HaCx1dXq3_zajhNKkdndJEHTsFsxXyO3iXw_7fyHpruTIwG6HAfx5W3uBWV6zxMEDD3KXEPZfcFPQMd5JXAFLBraUYeqkC5ngtZS9iKWBLgJVekpVl-3in8Ldm45EBr77EQ286xPvBRuqK68LxCNfWMQfuc-w9Joxtc9VqwKhZzJCaVNgkkcDVq0LPZdNaYy8nUPx5oOLNwweSNEXnq2KmAwlxJ0vOlT2waWcG3HwPfnXpTKbWtyi_CgYI5UJFpRNILR8n4f5Qd5qLWjP3FtoXXBsO68axYkgVtbv6HN9682deyKM1S_x3mF689DZdmetrVvNnzDdJKfaFLAVDihaZfakYlz0xBEHG9VpTTg8rBc4wZDddq9cPff1WT3j1JWk2D1nff6R9Agw8DnYhsYHCT0IvAu4BW7oiL8BmuxEyJdbBlZiQg1lz-DZBl9cJhZtgsR51r1mOzSYkb_r3O2b9JUf-jqEyxuGemQpwGJRVQpyVSGCszGUo-qz80QabzkNwp0CyFrLyU5PKvw0SKUcfJZF2Z2eSX7KubrRA&sai=AMfl-YT055JMW3-Zwm3efuMvGwUc4rtK8UTxu32Ql1PTc2YrWxUJwvoSFRpaK557tqeN0KDRRprPhHxpfge6KfkhZwlnDfK6GchKrOR4Mm92dJZULq-wN9vSm7_iZxnyi1UY2pKLIZC08OLCmRCC2FWMNIokzZbuEoDthpaDPc29l0j_aZ10fk3SBfY1FT7_CR4nMiGSRh33mfWM49XnKcnuebYVBstIdLbVx59tq36TmEGHdpFZE0iweMSj8RXgxLNzDaHG&sig=Cg0ArKJSzJKtXjcgPDQ8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=242&cbvp=1&cstd=240&cisv=r20230627.05389&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:20 GMT
index.html
s0.2mdn.net/sadbundle/12943809228921786815/ Frame 87E2 		1 KB
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=3xgDCnQV4x&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68b34a28617137221b76b93546359bf577aea1d6b3aadbd65b40e8bbdae7dd0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
739
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:20 GMT
expires
Tue, 02 Jul 2024 23:22:20 GMT
last-modified
Thu, 27 Apr 2023 13:46:02 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame BD0E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuW3h1y6KBjf6MVE-ZWKxX2Oqu_OTYPUyJYvBjNtCnuM3KkS7XNQTddJ5AS5cEUO7WIGNhnQXUBIOskSTdzd-u35Kxxcfv4-ITyWPv1xDhP17Rkrg-PV6_quWvCbS-QeuqulVpT9LeywuryE6Fe_o0TVKMSCOpV-Su8zF3nccVjktmE6_a2WfVlqF-jZ9yW1kvghiYYM4uVJNHnhj-pq-oJa2uzy1uv2MRjV43SmcEbWHx7tEi6xpUA1a8U-l-GiGArhPIisyFLdiIOzLrLXEmPLmW0CA4wSzwMPCkNeLKTMow6R7pwuL_fc9Co8jCgPss9dlYi_oxtpDRpvR6w7g0SaLffiqf0ANOen6EF8pkMzlBQ0L6IR_sfW0w43KL0a914VAuDsuEB1JPFJrbeJ_BMEQB5FwDhDgbzGlBY9P9v64v3ObT60Cpn1WS-UoMLBh9v4GH5t--ObKXfIQ7sQToHn4B67BpTA0tyL0JMH6kBPEFG_mfQW4DPtO2g2cyM7Y8W90PVaeUXs0KOaHa61LsEVrJh1aMgVblmLFQBpJtSJl4Fnc7PNYYxItXb3_uu6EdCB0cNsYm3fquo_Dq9HbRM_Zquxot9NDF--rWgqCRlMkFYgfflSF26idYSzOdZjgS9tAXj7ox8H_llv3Ug0sMERICDnjk5oarThXy5JCdWG14fWPnnm6M_MU-VU0PGsghPNgzNrmTnY7vMjyOmxIIqEyb0nESGHCa5wji9pSEhUZJDyV1WdrMcQWrQhssimA7IEjpjwXyJgftys2M7gWhE4ov_BF7ECIFiaXJojJWmGvZw2Zm1jo3ozR1VhjAoYbOBJ9j8xeeVw2uvZJmshtLozFNEojlmSjBLazEEtOUCDSO-1oHMzekOcjUzM-v38Lti5AuvXSxqyBtgz5SLAECq59rEDt3vnwgrrwQf1rQDot4jxmoJcvMeoSGQgMyqoxzqo9GrWKDziaveEi14DKv2sjUaO17_WGAbSdlZyjvwiW6TQ3Gm75W98DmngXnjdabGo4dTbR0lo1jq4CSMse9O4Rfx44o5usePA3R_BmKJMDIPpeczB66_78xh97-Nk-tQchxq3_R9Oq94XK-ku-ZOm_2Gg7oztY6K_ZU_wFtGRgDLNR4lMQPg65N_wTOFsdPBMxPvzTzSj78ObZBBM5Bi5f3gckE9M_Rtg2mhsQEy1T41clA9jEIYXmRPtsIksGvO2u2qeoPdPX2QeZ3UXWvn84mUJSOQtxTtPBfLwasp2Ydx3ljnm9Zb6NLdnBe5Kh_1cw8zucUcsQPk2hH24XjuVpFVD-vwnCkITCV164H9NxFL2YX_ZOB0IQtnMWen6g&sai=AMfl-YSSALDRpa-AgRaawLzED2rS0GWiCu8vqA9W8GTEqjcYNr_CHhxv5rFW58O_dfQwkgk4iYqbk1SXbGWNdKb8lMU8nF0l9pNGeMiZ7XDmh7i2unI71le3419FRceU1SJcWb6MqwUHtzJpqTPo9IPuUAIoWaca2NzkuzSyVSFv2_3J5nR13ltNnzimVctjzXsXgpNgiM8iK-3amfmCr2Uscpo2BSG0nMO6VZhbCOsIoa6TPpbZIpwIgEuGSuMiaCmIJv6w&sig=Cg0ArKJSzKk2S6GSAzW9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=295&cbvp=1&cstd=287&cisv=r20230627.35103&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:20 GMT
ai.aspx
m.exactag.com/ Frame BD0E 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180662177&extPm=361577769&gdpr_consent=&gdpr=
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.8 Grenzach-Wyhlen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 03 Jul 2023 23:22:20 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mo, 03 Jul 2023 11:22:20 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1119
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E087
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGU-geYIOyLd9oPnxUoKKlY&google_cver=1&google_push=AaAOQGGFWvHGKBiAzjcE5b_xDMpmhCF2PX9BrA2ZbTZMJ0MAYG1H7EC-8pYsHmxobOuQevz1p3iGvwpmAyDLnnWG...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGFWvHGKBiAzjcE5b_xDMpmhCF2PX9BrA2ZbTZMJ0MAYG1H7EC-8pYsHmxobOuQevz1p3iGvwpmAyDLnnWGS40LpZafRIS0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGFWvHGKBiAzjcE5b_xDMpmhCF2PX9BrA2ZbTZMJ0MAYG1H7EC-8pYsHmxobOuQevz1p3iGvwpmAyDLnnWGS40LpZafRIS0
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 03 Jul 2023 23:22:20 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x34 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGFWvHGKBiAzjcE5b_xDMpmhCF2PX9BrA2ZbTZMJ0MAYG1H7EC-8pYsHmxobOuQevz1p3iGvwpmAyDLnnWGS40LpZafRIS0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 03 Jul 2023 23:22:19 GMT
pixel
cm.g.doubleclick.net/ Frame E087
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAYSf9gWcsJPVs-eTQZ7hSo&google_cver=1&google_push=AaAOQGGe9HZ8788fr5uRyt2imjy0yG6wf9HxAU2fPLHwoXfAsnhw9tEjaBO5D_zFiyHM3EAjZW1...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpOSEtHUzUtMVQtOUU3TQ==&google_push=AaAOQGGe9HZ8788fr5uRyt2imjy0yG6wf9HxAU2fPLHwoXfAsnhw9tEjaBO5D_zFiyHM3EAjZW1yBAxseBgAc6siQq4iRrrTdmU8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpOSEtHUzUtMVQtOUU3TQ==&google_push=AaAOQGGe9HZ8788fr5uRyt2imjy0yG6wf9HxAU2fPLHwoXfAsnhw9tEjaBO5D_zFiyHM3EAjZW1yBAxseBgAc6siQq4iRrrTdmU8
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpOSEtHUzUtMVQtOUU3TQ==&google_push=AaAOQGGe9HZ8788fr5uRyt2imjy0yG6wf9HxAU2fPLHwoXfAsnhw9tEjaBO5D_zFiyHM3EAjZW1yBAxseBgAc6siQq4iRrrTdmU8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Expires
0
pixel
cm.g.doubleclick.net/ Frame E087
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPVr3JmkJySalrleo8JeWzU&google_cver=1&google_push=AaAOQGGTDHjwJQba3fdRr55l9EqhioVUT5LFVWF5zHcY3VEadTxhUkf1XbRw5UPaq_QNhZX0Cwvx21JIDHhIQMyh...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGTDHjwJQba3fdRr55l9EqhioVUT5LFVWF5zHcY3VEadTxhUkf1XbRw5UPaq_QNhZX0Cwvx21JIDHhIQMyh-Iu8G_KFVsRs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGTDHjwJQba3fdRr55l9EqhioVUT5LFVWF5zHcY3VEadTxhUkf1XbRw5UPaq_QNhZX0Cwvx21JIDHhIQMyh-Iu8G_KFVsRs
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 03 Jul 2023 23:22:20 GMT
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGTDHjwJQba3fdRr55l9EqhioVUT5LFVWF5zHcY3VEadTxhUkf1XbRw5UPaq_QNhZX0Cwvx21JIDHhIQMyh-Iu8G_KFVsRs
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
T-q7Hu5K_4Q8S_WbwLlKva_y5hJiBLXLHqb9IwxOipUZHzywIkgYRQ==
pixel
cm.g.doubleclick.net/ Frame E087
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEOKv2PwRqXD_He5pxsLu_rI&google_cver=1&google_push=AaAOQGE1G8hKgAfuyyWcuZ5VS14GniUafD3PHh_mUh6PAm-YEOMfPT1SoNy-k66sUwG4Ovp-3vkYAa6CinXunQ2y92R-8_...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOKv2PwRqXD_He5pxsLu_rI&google_cver=1&google_push=AaAOQGE1G8hKgAfuyyWcuZ5VS14GniUafD3PHh_mUh6PAm-YEOMfPT1SoNy-k66sUwG4Ovp-3vkYAa6CinXunQ2y...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vWBZDYNATn-r8EFIE3JtuA&google_push=AaAOQGE1G8hKgAfuyyWcuZ5VS14GniUafD3PHh_mUh6PAm-YEOMfPT1SoNy-k66sUwG4Ovp-3vkYAa6CinXunQ2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vWBZDYNATn-r8EFIE3JtuA&google_push=AaAOQGE1G8hKgAfuyyWcuZ5VS14GniUafD3PHh_mUh6PAm-YEOMfPT1SoNy-k66sUwG4Ovp-3vkYAa6CinXunQ2y92R-8_oTauu4ag
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vWBZDYNATn-r8EFIE3JtuA&google_push=AaAOQGE1G8hKgAfuyyWcuZ5VS14GniUafD3PHh_mUh6PAm-YEOMfPT1SoNy-k66sUwG4Ovp-3vkYAa6CinXunQ2y92R-8_oTauu4ag
access-control-allow-origin
*
date
Mon, 03 Jul 2023 23:22:21 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ups.analytics.yahoo.com/ups/58281/ Frame E087 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEES4VKpgnnKdip7e6Gpyg6U&google_cver=1&google_push=AaAOQGGPWovgl9vQLa4SdXVnbjEsSE_iXTvJTqAeQP_C_RmRnmZPzPOtQWR8mK2YEJKi6AdaL0Y9DhgcFqXtgBiO3q3i7hiqRXLnSGA
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0.gif
id5-sync.com/i/495/ Frame E087
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEMsRNpIsHStskKCYN9ftJ-0&google_cver=1&google_push=AaAOQGEW8yRUr3S6wU7cGd_95zTeoG8IoruNDNdpGNGn-MauVJxzqS7jYmCczuYxZM9vDVCl_WNNtLbxdLOFUNLf1v6gte-HJJabmcA
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEW8yRUr3S6wU7cGd_95zTeoG8IoruNDNdpGNGn-Mau...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEW8yRUr3S6wU7cGd_95zTeoG8IoruNDNdpGNGn-MauVJxzqS7jYmCczuYxZM9vDVCl_WNNtLbxdLOFUNLf1v6gte-HJJabmcA
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Server
162.19.138.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 03 Jul 2023 23:22:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Mon, 03 Jul 2023 23:22:21 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEW8yRUr3S6wU7cGd_95zTeoG8IoruNDNdpGNGn-MauVJxzqS7jYmCczuYxZM9vDVCl_WNNtLbxdLOFUNLf1v6gte-HJJabmcA
x-download-options
noopen
vary
Accept
content-length
274
x-xss-protection
0
/
onetag-sys.com/match/ Frame E087
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMIdqRGFBIVlafkHJYGLSFQ&google_cver=1&google_push=AaAOQGHYdPEbFozyqvIqr0r9kSu7fTYMvOxcEoTU70cL5NC_oMgSyRUZqEqcbtapE_U_u7v37U9XYNe2_ZV...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHYdPEbFozyqvIqr0r9kSu7fTYMvOxcEoTU70cL5NC_oMgSyRUZqEqcbtapE_U_u7v37U9XYNe2_ZVZfM5az7Uj61-5C4tRU4o
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E087 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JCYzN8-vkVgIoyydQ_ThPWe-jCtXRJN0EheMs7U6-JpGMZ199C7UMLlta1IzpuHjvOafbEvrVj
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D173 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23384
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 16:52:36 GMT
etag
48472445140208031
expires
Tue, 04 Jul 2023 16:52:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 48DC 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f093fa1089ad25478bdddea481ff24f2d967755a2fb86e61ddd8826a1483d9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 82EC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
490307
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 07:10:33 GMT
expires
Thu, 27 Jun 2024 07:10:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
728x090.html
s0.2mdn.net/sadbundle/17952959967271059456/ Frame 1F23 		47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=FsfqMD376i&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:20 GMT
expires
Tue, 02 Jul 2024 23:22:20 GMT
last-modified
Wed, 15 Feb 2023 15:44:22 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4E3E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKeozqlTlw9bUUWHS3JV8L19K-BIWYeUyLHQxuwmtilUkT_ebPwmrtFs9Ed4IviuHzULjwSTih2NXaYYXnmok63HS2u254nyRMbzFimVyHK8iZD78ip_7YQuHxbSVpcvMjpLzgR2RjYaS3ZRSJv_0waULWKDdUI3gqe1rvSl4h1HpHlAgAaB8mSGPbcmKHxUAVxGy9vi5XI2Vi2Rzty38hheVClmwC02disg_rWM428KVVpMP8-ZEGRCjSHInrQlMu5PQT5QDOaA-WCi0vuSoddsS3LovCUqwCb0ooZ3sbsDfuIUlJcY-Z7Bgh73UBrdCswjFtg9tnS9wS_wskWNwEVgqtVuGSjuglq3JhS9LiXN2ipdOGPwGvdYIBiBy4boB8zweafmkvLUCOFLDvKezMgh80cN-uli23OaSLAhBjUoAMR6mc7QqYJvIKdljkvfGsZ3tEmPP2i99Gu_UtMqE4EkLy1MoafFjRsFGE9YTL3zJ4NTm1Sm2_t1culQoidXhK22uBrwNJdZjFE_P_1MBq6HuRrPiTss8HkaWlpfH3ErwWNHImz8S8Qb9b0C99vSCadKNF13gElsY6GDj9ZAIYtzqzDrvsCYPe1rs_uSCyWj1z32aFcT6FBAm0VMSfvC4vABPPkRGKeDxbvbAX2FFX06m6sSON7hIy1kOCFdMbhVFsAJPzVKKuRVCOonmKi987SEw_Lq0yorq_mMktFXNonYGVd1C1WopBLWq_A3k2EaqJ9KHRK6_Bliu2A3SWWA_dDabDJ5q9NRKb6-MBM9P-vSK8GzJbi6baIGSD7Qk2U4SK9Jf99a_1fXJEEE-O2m9uO_2QzNkz85dM8VIKrumGLIqsWLx9B2AMpl2SSNkUldPdX9zfy9ITWL1VjzNHxVpQo8gmdmtPdxBCBhUsL8UQf8zg3LIcxUXdgfhKYjFDutlwdXIHSbnedn9Nq3ztPOYMWe3LqCzgPv2WWFmlaiwscelQ4iyoXRsl9nwFWUlBCAUAzezKhE7OmtFNRr_5JQfKx8mT_CB2_PNkF3_9tP28ZrFwHMb-76H0PadwZbSlM-1GiIkCT9GBDtjM7mgrzJDZPZqXo_YBC-PHBnd4DdI8xjbj8aL7LIRfA4X04oIOiMEJT9MFSG2wHjYmMsh7UjezvzGh8S5_YtlbAR1-YtfX-RCCzVVoxQqZZXrWMoxhlr-iGJ_Ev8XYiiTVIXp8fYIEk6Gxo_mymGycAbnFpaPzvlz77FWvcLp-W9g4thRX_DXA1Vhbs5EbTkhRLkasPPD5n-4LJoq6GEQfRjuRPvrys4pcIak5J9OQOXa_NsXPXIceQaySIU11UoVVS4KkoVUQgBeP&sai=AMfl-YQaLDkIL-VOv2sLuu7slg5Io9MuhP3GzxOJQsNAgosJ2XxPbI0SHfon-oq9Ory9gEdJIsbtOsoHOZGdWs0VBPX6c-wKvRzhqwZUy17nVD9ZaKjh17YYSnsHmFNZuax6Nzi-MfKOJuDUslz_Ri5rn7ygQDUfyiyg67lJGLVMCX8F4H2WiB_PHHD7qZvH9A9BXzGjA4cU2Yk6y3zQYQWa860RvGyqwRi2Bb7iXgmPb6OWu8cC2kbIi0Aq3q7k7bNDGc1zaxHaa5Iv7wYsIivkDQ-n7K-eYw&sig=Cg0ArKJSzFKJdbU0QHJbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=317&cbvp=1&cstd=310&cisv=r20230627.64935&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:20 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A8CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cyj31K1ijZJ7yLISS9u8P6YS1yAGozYy8ce2p5r6qEdrZHhABIMCygmtglYKggrAHoAGL4PfBKMgBCakCC94UsJJQsj7gAgCoAwHIAwiqBNkBT9AXVG9qCTXNcHLHhZsW1kA13d1RcId6FuEwPJq9pVWGusHnFiRK92vu-D6WLXuKNn5XLq0ZI_TnnOKJqfMqLirNtJSIaaLU0IMOegldEj1QDmRfdOfVGdcvuxF6ziGdtwlcxftpsfmeAQ5yTApi6FFA7FxU9Wtmk9VGWFZUKmA6VtCD-_uuhqhBfF9_j7q2gqceUKiaPbqUNR14SLK3soG_AWfwYA-cCMAhxd4PjnrokqBMn1geAi9FaUlrrY3_f0WhnEKe9mF2VrxRMjL1IksKkuOLnV2DW8AE55ToyrkE4AQBoAYugAeLmMihA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPrkBNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgPICwHYEwPQFQGAFwGyFx4KHAgAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBjqwW0&sigh=hoeYhpG0KQ0&uach_m=[]&cid=CAQSOwBygQiDH-n2r6ZuR-FmDX8Ylbn2VjEAsI79p7burFPKh0aR002eMugQqu2DgsSwCAq6z5mfjcjVgVCpGAE&template_id=419&cbvp=2
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame AACF
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEE6XLy-lKdzmBfkbfVS3c1U&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QkNYdkRUZDQxUWdzUzg1&google_gid=CAESEE6XLy-lKdzmBfkbfVS3c1U&google_cver=1&google_push=AaAOQGHmdlw43IW47RWMIEB5ikoAjT5c5lCDSHquAai3XYd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QkNYdkRUZDQxUWdzUzg1&google_gid=CAESEE6XLy-lKdzmBfkbfVS3c1U&google_cver=1&google_push=AaAOQGHmdlw43IW47RWMIEB5ikoAjT5c5lCDSHquAai3XYddSzENg94d07jD09VhuV20NFJFeUbMhHq2ALkzgLsxweOzafA-YXNO
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 03 Jul 2023 23:22:20 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-036c9e308bb7e39b5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QkNYdkRUZDQxUWdzUzg1&google_gid=CAESEE6XLy-lKdzmBfkbfVS3c1U&google_cver=1&google_push=AaAOQGHmdlw43IW47RWMIEB5ikoAjT5c5lCDSHquAai3XYddSzENg94d07jD09VhuV20NFJFeUbMhHq2ALkzgLsxweOzafA-YXNO
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AACF
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPatRxSblVeW2gKxLPThNfs&google_cver=1&google_push=AaAOQGE7UnAoO8cujprwBI5LMMLpagbgPiEuWOVcEXUoy23MB7klE4IIFSMsFE_I4TEmuNGPvh7dbmX_AnpVxPKYD__2LlYp0tg
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2F819472275C45F09D77A7EC9BC83F1C&google_push=AaAOQGE7UnAoO8cujprwBI5LMMLpagbgPiEuWOVcEXUoy23MB7klE4IIFSMsFE_I4TEmuNGPvh7dbmX_AnpVxPK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2F819472275C45F09D77A7EC9BC83F1C&google_push=AaAOQGE7UnAoO8cujprwBI5LMMLpagbgPiEuWOVcEXUoy23MB7klE4IIFSMsFE_I4TEmuNGPvh7dbmX_AnpVxPKYD__2LlYp0tg
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 03 Jul 2023 23:22:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2F819472275C45F09D77A7EC9BC83F1C&google_push=AaAOQGE7UnAoO8cujprwBI5LMMLpagbgPiEuWOVcEXUoy23MB7klE4IIFSMsFE_I4TEmuNGPvh7dbmX_AnpVxPKYD__2LlYp0tg
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 02 Jul 2023 23:22:20 GMT
google
match.adsrvr.org/track/cmf/ Frame AACF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEETcpuRSla4qfQlbDLydQKI&google_cver=1&google_push=AaAOQGEMGGzof_AMVvvbreb6VGH3tVawAFW2Oe9QUMlwt0AT5X2i4YW1bo3pvu-0MPncK9QqrPc3VmCPMvhJcegOTZ3xjxx4-fE
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame AACF
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEM7QMNjqXDdS_AxZJfZVUYE&google_cver=1&google_push=AaAOQGH_5MYYdjGYyUC6Fmd4xtzR8o4OGWY7g0x93LCh-MAI914U7Y7FCJMY8yAT99qAb2J5ACiBlBRNU7f...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGH_5MYYdjGYyUC6Fmd4xtzR8o4OGWY7g0x93LCh-MAI914U7Y7FCJMY8yAT99qAb2J5ACiBlBRNU7fFm3U76yo9cvVYHqAR&google_hm=XtO9OExkTW-imgt69WrKRoU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGH_5MYYdjGYyUC6Fmd4xtzR8o4OGWY7g0x93LCh-MAI914U7Y7FCJMY8yAT99qAb2J5ACiBlBRNU7fFm3U76yo9cvVYHqAR&google_hm=XtO9OExkTW-imgt69WrKRoU
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGH_5MYYdjGYyUC6Fmd4xtzR8o4OGWY7g0x93LCh-MAI914U7Y7FCJMY8yAT99qAb2J5ACiBlBRNU7fFm3U76yo9cvVYHqAR&google_hm=XtO9OExkTW-imgt69WrKRoU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AACF
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEA60vMJxgo3wR7U_1AvQ71I&google_cver=1&google_push=AaAOQGHo5ZcuSlKn3uyCa3N7_bwUdP1ASPccjru1OhR0vZYTM8tVlQU4UjN5YjQWJjS4I6py9323J5DQTkd-x8tt...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MJb-k1vhQwWPbFYJFBw0-Q2&google_push=AaAOQGHo5ZcuSlKn3uyCa3N7_bwUdP1ASPccjru1OhR0vZYTM8tVlQU4UjN5YjQWJjS4I6py9323J5DQTkd-x8ttNde0RwO1bh2a
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MJb-k1vhQwWPbFYJFBw0-Q2&google_push=AaAOQGHo5ZcuSlKn3uyCa3N7_bwUdP1ASPccjru1OhR0vZYTM8tVlQU4UjN5YjQWJjS4I6py9323J5DQTkd-x8ttNde0RwO1bh2a
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 03 Jul 2023 23:22:20 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MJb-k1vhQwWPbFYJFBw0-Q2&google_push=AaAOQGHo5ZcuSlKn3uyCa3N7_bwUdP1ASPccjru1OhR0vZYTM8tVlQU4UjN5YjQWJjS4I6py9323J5DQTkd-x8ttNde0RwO1bh2a
x-host
tde-deliveryengine-production-7c97bc8457-bn8lx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame AACF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGpkmVtExCMWJVzrW23rCb0&google_cver=1&google_push=AaAOQGFv3ouUI_c8DRHQlv8f2BzRyxJwu2sW-xA600l9lqYYsnH_kRqdRCm3dXeInZ8Q9jZ3UtPoxF8L3XRfByB4A_o7IdT...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFv3ouUI_c8DRHQlv8f2BzRyxJwu2sW-xA600l9lqYYsnH_kRqdRCm3dXeInZ8Q9jZ3UtPoxF8L3XRfByB4A_o7IdT3CNIG&google_hm=eS1MX1U3QXBwRTJwR1Mxak...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFv3ouUI_c8DRHQlv8f2BzRyxJwu2sW-xA600l9lqYYsnH_kRqdRCm3dXeInZ8Q9jZ3UtPoxF8L3XRfByB4A_o7IdT3CNIG&google_hm=eS1MX1U3QXBwRTJwR1Mxakx4QzAudE9MSy5aLkVLRGlQTH5B
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 03 Jul 2023 23:22:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFv3ouUI_c8DRHQlv8f2BzRyxJwu2sW-xA600l9lqYYsnH_kRqdRCm3dXeInZ8Q9jZ3UtPoxF8L3XRfByB4A_o7IdT3CNIG&google_hm=eS1MX1U3QXBwRTJwR1Mxakx4QzAudE9MSy5aLkVLRGlQTH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame AACF
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEE2rhLYmTFJ1KpPAx-AmcPM&google_cver=1&google_push=AaAOQGHTC1A5yfPeVpYVqJOohrBZXGsr2-nUGB8UvoP3MmL-eYNrQQH0_XqA1_txXsHAywD2nDmSXBFs31zBXafrUqhD6th...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEE2rhLYmTFJ1KpPAx-AmcPM&google_cver=1&google_push=AaAOQGHTC1A5yfPeVpYVqJOohrBZXGsr2-nUGB8UvoP3MmL-eYNrQQH0_XqA1_txXsHAywD2nDmSXBFs31zBXafrUqhD6...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHTC1A5yfPeVpYVqJOohrBZXGsr2-nUGB8UvoP3MmL-eYNrQQH0_XqA1_txXsHAywD2nDmSXBFs31zBXafrUqhD6thzl7M
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHTC1A5yfPeVpYVqJOohrBZXGsr2-nUGB8UvoP3MmL-eYNrQQH0_XqA1_txXsHAywD2nDmSXBFs31zBXafrUqhD6thzl7M
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHTC1A5yfPeVpYVqJOohrBZXGsr2-nUGB8UvoP3MmL-eYNrQQH0_XqA1_txXsHAywD2nDmSXBFs31zBXafrUqhD6thzl7M
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame AACF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KeZ-gZtXPLj47-yGuJ9wHBrHWPsigtb1O79ijJr6OZIcrWsQSFGf2PHsIjVCxsHaSEOqZ-
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B9BE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
490307
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 07:10:33 GMT
expires
Thu, 27 Jun 2024 07:10:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame C8EE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKiGjxYXmSDJ49YtuHNKb5Q&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QkNYdkRUZDQxUWdzUzg1&google_gid=CAESEKiGjxYXmSDJ49YtuHNKb5Q&google_cver=1&google_push=AaAOQGE38-xPa0r-SgbD8TvDin4aiME0_dMy5N6vP9AkOoq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QkNYdkRUZDQxUWdzUzg1&google_gid=CAESEKiGjxYXmSDJ49YtuHNKb5Q&google_cver=1&google_push=AaAOQGE38-xPa0r-SgbD8TvDin4aiME0_dMy5N6vP9AkOoqOp36QDiPLgAlwxTge37P3HBxh644DC2PtljnGMt1fhwX-2V98Xp3W
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 03 Jul 2023 23:22:20 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-008a7b4f528d14c6d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QkNYdkRUZDQxUWdzUzg1&google_gid=CAESEKiGjxYXmSDJ49YtuHNKb5Q&google_cver=1&google_push=AaAOQGE38-xPa0r-SgbD8TvDin4aiME0_dMy5N6vP9AkOoqOp36QDiPLgAlwxTge37P3HBxh644DC2PtljnGMt1fhwX-2V98Xp3W
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C8EE
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEH4GWFM-ayDFsGkJ6mSfJbA&google_cver=1&google_push=AaAOQGFDE_BPvrRNxO_bLiJzxCvVrZ2VhLs-y4DzwtdmSrUCuHLobr8kcTsnwkBZkDVwgMjFN5VNg_vBftAdST...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTczNjc3MTAxNDE2MjU3MQ%3D%3D&google_push=AaAOQGFDE_BPvrRNxO_bLiJzxCvVrZ2VhLs-y4DzwtdmSrUCuHLobr8kcTsnwkBZkDVwgMjFN5VNg_vBftAdSTvhwi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTczNjc3MTAxNDE2MjU3MQ%3D%3D&google_push=AaAOQGFDE_BPvrRNxO_bLiJzxCvVrZ2VhLs-y4DzwtdmSrUCuHLobr8kcTsnwkBZkDVwgMjFN5VNg_vBftAdSTvhwiMWl4jdk-fN
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTczNjc3MTAxNDE2MjU3MQ%3D%3D&google_push=AaAOQGFDE_BPvrRNxO_bLiJzxCvVrZ2VhLs-y4DzwtdmSrUCuHLobr8kcTsnwkBZkDVwgMjFN5VNg_vBftAdSTvhwiMWl4jdk-fN
Date
Mon, 03 Jul 2023 23:22:20 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame C8EE
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFeV7XIysT2R9QIyQGctJLc&google_cver=1&google_push=AaAOQGEpebk8HY4Z8bads9LCrFLw62l-xQLDXxUrNJvqOwMEODgDX8seJ31tG6iMjnnDxzq-81YzloclfBqNCkUd...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QAoNdRiVTM22NahFO7UP5w2&google_push=AaAOQGEpebk8HY4Z8bads9LCrFLw62l-xQLDXxUrNJvqOwMEODgDX8seJ31tG6iMjnnDxzq-81YzloclfBqNCkUdz2raQvqtuqlZ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QAoNdRiVTM22NahFO7UP5w2&google_push=AaAOQGEpebk8HY4Z8bads9LCrFLw62l-xQLDXxUrNJvqOwMEODgDX8seJ31tG6iMjnnDxzq-81YzloclfBqNCkUdz2raQvqtuqlZ
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 03 Jul 2023 23:22:20 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QAoNdRiVTM22NahFO7UP5w2&google_push=AaAOQGEpebk8HY4Z8bads9LCrFLw62l-xQLDXxUrNJvqOwMEODgDX8seJ31tG6iMjnnDxzq-81YzloclfBqNCkUdz2raQvqtuqlZ
x-host
tde-deliveryengine-production-7c97bc8457-bn8lx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame C8EE
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHzsS3q7gHxeNcNo8Q0yEcA&google_cver=1&google_push=AaAOQGGvWcBytqUqZhhWuXz6utZph16ycBguz63y21fG2-yP89C8EYz-N8ZfLnkLhYF-5qfXQemlMfb4HNFTf_VxPkIoG83...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHzsS3q7gHxeNcNo8Q0yEcA&google_cver=1&google_push=AaAOQGGvWcBytqUqZhhWuXz6utZph16ycBguz63y21fG2-yP89C8EYz-N8ZfLnkLhYF-5qfXQemlMfb4HNFTf_VxPkIoG...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGGvWcBytqUqZhhWuXz6utZph16ycBguz63y21fG2-yP89C8EYz-N8ZfLnkLhYF-5qfXQemlMfb4HNFTf_VxPkIoG83bD-_y
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGGvWcBytqUqZhhWuXz6utZph16ycBguz63y21fG2-yP89C8EYz-N8ZfLnkLhYF-5qfXQemlMfb4HNFTf_VxPkIoG83bD-_y
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGGvWcBytqUqZhhWuXz6utZph16ycBguz63y21fG2-yP89C8EYz-N8ZfLnkLhYF-5qfXQemlMfb4HNFTf_VxPkIoG83bD-_y
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame C8EE
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGHAyVHoWJTQ4VrUuo6vy9kXZ7XZggwIKcqG2vrKfUHDqdAd03TVI1FpCMOhZm88SIzyMlNx_E1fJDKlP_7z_P83yPEXOx1Y&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-d0ab2335-9e20-40ec-ab5a-e62b8d68857f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGHAyVHoWJTQ4VrUuo6vy...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHAyVHoWJTQ4VrUuo6vy9kXZ7XZggwIKcqG2vrKfUHDqdAd03TVI1FpCMOhZm88SIzyMlNx_E1fJDKlP_7z_P83yPEXOx1Y&google_hm=A9CrIzWeIEDsq1rmK41ohX8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHAyVHoWJTQ4VrUuo6vy9kXZ7XZggwIKcqG2vrKfUHDqdAd03TVI1FpCMOhZm88SIzyMlNx_E1fJDKlP_7z_P83yPEXOx1Y&google_hm=A9CrIzWeIEDsq1rmK41ohX8
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHAyVHoWJTQ4VrUuo6vy9kXZ7XZggwIKcqG2vrKfUHDqdAd03TVI1FpCMOhZm88SIzyMlNx_E1fJDKlP_7z_P83yPEXOx1Y&google_hm=A9CrIzWeIEDsq1rmK41ohX8
date
Mon, 03 Jul 2023 23:22:21 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd0ab23359e2040ecab5ae62b8d68857f003
content-type
text/html
sync
ups.analytics.yahoo.com/ups/58281/ Frame C8EE 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAdWMZFKdXz5FYXkb9UI_gc&google_cver=1&google_push=AaAOQGFzXXYqgMb_7Ux2WGIkx5WQe_o2Wn1cr9noe9NuzT-hDoTOtRxBp7H-VlptB-PFGqcIxRy8AfQ-LxvsGL4SmqC-LnqtQYP5tw
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame C8EE
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEPTokyL3NCtTdoIRoJoIXa4&google_cver=1&google_push=AaAOQGG9qx9OYWuEf...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTM2ODc3ODk2NzUxMjI4Mzk5OA%3D%3D&google_gid=CAESEPTokyL3NCtTdoIRoJoIXa4&google_cver=1&google_push=AaAOQGG9qx9OYWuEf-HNE_XoJ09jPv3Nyj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTM2ODc3ODk2NzUxMjI4Mzk5OA%3D%3D&google_gid=CAESEPTokyL3NCtTdoIRoJoIXa4&google_cver=1&google_push=AaAOQGG9qx9OYWuEf-HNE_XoJ09jPv3NyjNYj5jX8JthH0yytf3uAoCLMHXd27rkQDlGW9sumCEY0LyPvkctTCZbB8CAItvx9Gx8gA
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 03 Jul 2023 23:22:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fa074ab5-c9f4-44c2-b780-b6974af0e26e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTM2ODc3ODk2NzUxMjI4Mzk5OA%3D%3D&google_gid=CAESEPTokyL3NCtTdoIRoJoIXa4&google_cver=1&google_push=AaAOQGG9qx9OYWuEf-HNE_XoJ09jPv3NyjNYj5jX8JthH0yytf3uAoCLMHXd27rkQDlGW9sumCEY0LyPvkctTCZbB8CAItvx9Gx8gA
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C8EE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IXOMiAARtNE1QeLHdluDI8-JTohxI1MM3npCL982KZe_NmmGUIpky_A-IZaB9v9ZiI5kqwrxc
Requested by
Host: 2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
URL: https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
728x090.html
s0.2mdn.net/sadbundle/17952959967271059456/ Frame 545D 		47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pFym5rkm9m&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:20 GMT
expires
Tue, 02 Jul 2024 23:22:20 GMT
last-modified
Wed, 15 Feb 2023 15:44:22 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4F5C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5Xg7GrbQdTDc2i5CD8xv_eu6mr95Kyy2aIXjtxHpT7DeXfFdfPd-tHgMBVhHUIUMrEXwpXukEFE7r5qVWZXbQ3VOWoQes9rEsWSKk7kfRXhLurcLArK6dw-XPogDXPcdQ-2RRXB3Gv46kn_GUwZpoc0c6kv10DuU3w824JdkHWVYYThWVeQtm-vU3ugabGOOf-d9pBOmgrBgC6Mw3P3USOwMFqu4Bv1V1UKpmlKE7toUIa_pb3ggdqETiMmy2Q7zv1xPL4-Ul_ekg-IyvQyPZIJHa2hOaBmQ6gUgBAKjiQ5sHFkpm5_ThvP9hCHL83k9u4_ZbV1KADHdpA_9qzxJnd0w5NbjjfKqU1UVABwsFAACY8n5m-N5qcQTkBbd5TfBp6c2o2wkGEbrfuI6DItCTNvsWH-r73nmISMSuTd-arpLWBd5Je4K7V2PEgF8xaYmCj6l_5m2RleSYm9nKJhG6y6S6nA-HRTYi4H0Qx4vq9hzaLhocRW1KWp-YB0dPHaKkw7m7gG6gvvglpp6B1-2ijjw8HVnEyC6otiVLnM56hn1Pj8fzCWAjhQoG3gzZ_EssX7xmo9_xbaAvkY2Klsc1MoPmC0T2S1I0-jK8_ewVvP2_9O4pVUuTNuSoomeQowTQlR55KYiFdtfyOSPgc0EH4S-LQulGZC1BUEJ4OdhPT8S4hWlzeaE_iB7Jmf3UZiaACkWWlMZdnBOjn1-aA1i7AnRsO7MeLz9dRvdIpj3svt6BTVSXeWtnOMEla2FkaZy9gyrIfU4_5qkWsGt9wQb1u5is371Xyq7oBbeICNCYZ-meeMC_HoZ_WNsplxyRrHEUpWxh8QB3HgboCznS-dpnVrB-3cBDQie7Z2qNoYvrMqbpP6IECrbF-HMcLfaBHm8UO7ZyNIZySWzIM0gnkV-kq2W6zunu2hpSPB9uUni7F9yHvKeUYEhuUyImD64_az5geS1KE4CHpiNF-tPTcl4cNOl2Kyt6XxffE_8ulv5gyO8JTYuolG6o22C3qULsD6l8NcuiMgjH6BM-4C4kJNNhtgXc3DRZ-_F4hKnhHBSltzliWO59WNqU0QslMBIGFVFPUbsJ9DzCO5i009-Kvy7xdAzs9zaq7btrw3E1AJjC4YN4Cg1HeIrnOGss6VeguzAj32qcI40gf1Jo8CDbKk5hAv0gt-XJKrYg9O3rrVxb6bRpxKrps-j9oRxX-UBNYwCVaIki-ISASzg0k7OzZ18ZXKMOgufppJXEu16uDkGpsMXxeMj4e871-FxyTJ-60LDrGcub4sMDYOuj-fRcddPXvk3T5dWGaG8E4slpg9zcR4XC41B-D8NQuxQVOlF8qDE&sai=AMfl-YQLDMOvULDelpV9Zzqre-a9sAlx6-ZmOXbxkBPdmgEqry37fCCaKJ_VbPd2gyWDAhUPkZxAfuEax0AC2R3bemP6bb8asvCOaDNQfqC1MuNY0ZnZzmBoHBXbQwpmsEJ21L7rIBOGPwJBWJLgXE_0QfGKE_aHx1CeKtNCSF6GhqMMTawFd3dAT3qYS5DrtEPlKsEd9ZUW6dmmWZ1LjNK28tI0wifVkCV-IvTDEjdlM9AHX2j2MpRQWaJBuYGGFVvP2NVirhUxqaGm80F-24MZmDhBCB-5&sig=Cg0ArKJSzC-hS2PTqPOeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=276&cbvp=1&cstd=270&cisv=r20230627.29863&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:20 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A139 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
490307
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 07:10:33 GMT
expires
Thu, 27 Jun 2024 07:10:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.3/ Frame 6BA3 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.3/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b4e40ffeea4f88fa78707ac8a7aa1beefb4f707d7bba71eb8b0e40ce20fbc94
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1824894
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
23286
last-modified
Tue, 12 Apr 2022 12:35:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6255722d-5af6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bd5MWbapMVVh5pAgx3pZREdcBMFqo2%2BhC6eearNBD6z9CBxNY%2BTBtoRPg8LqfLy%2BH%2FTzs3t%2F3DWTTIv%2FPcBS6GJ17qMK84h%2Bl32A6RI%2Bv4zedv4gP7vMczPpRq9ldUJcniQ7RKTEULQ860izWSWG%2Bch1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e12deb91d813678-FRA
expires
Sat, 22 Jun 2024 23:22:20 GMT
creative-1.0.9-alpha.js
s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/scripts/ Frame 6BA3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/scripts/creative-1.0.9-alpha.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de22b749dfb9461f4308fddfbc79f0b636f78f4add1e26a481fdd23be02cb3c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 01:33:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251338
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1012
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 14:03:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Jun 2024 01:33:22 GMT
keyvisual-x2.jpg
s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/ Frame 6BA3 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/keyvisual-x2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3afa48222c517ff2a5fff0923c48df3e779f50ad58dc6ffee371ffed491cc002
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 23:45:24 GMT
x-content-type-options
nosniff
age
517016
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140052
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 14:03:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Jun 2024 23:45:24 GMT
donut-1-x2.png
s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/ Frame 6BA3 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/donut-1-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01060adb62f52587a5420ec9ec23589c8b1618cf9ae5e56a40bf909c5066ec18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 02:39:30 GMT
x-content-type-options
nosniff
age
506570
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 14:03:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jun 2024 02:39:30 GMT
donut-2-x2.png
s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/ Frame 6BA3 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/donut-2-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a50a9f6026761814dfa96cae32807b687f1b116d4d6e3ae4a1334d9673a24c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 18:56:49 GMT
x-content-type-options
nosniff
age
534331
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5062
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 14:03:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Jun 2024 18:56:49 GMT
partner.svg
s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/ Frame 6BA3 		414 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/partner.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23f1437cd33df500ccadb5cacf49ba212539c95a7a25567c45b99caa9f26ed5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 06:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
580504
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
276
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 14:03:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Jun 2024 06:07:17 GMT
text-1-x2.png
s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/ Frame 6BA3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/text-1-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba4abb531a6e87e459906df9fc6e20fbffb73371536d971a82fd27356d09d7a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 21:31:44 GMT
x-content-type-options
nosniff
age
265837
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1896
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 14:03:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Jun 2024 21:31:44 GMT
text-2-x2.png
s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/ Frame 6BA3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/text-2-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88318ac0b00e13dfbd59368fe4f3d07444b7e24c1ddae686fa953d3617c2e861
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 05:44:38 GMT
x-content-type-options
nosniff
age
322663
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1738
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 14:03:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Jun 2024 05:44:38 GMT
text-3-x2.png
s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/ Frame 6BA3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/text-3-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
682293682ff2a9a2335e59db4a0fe50a10eebb8778466cf9f78c9f287374ee8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 18:15:00 GMT
x-content-type-options
nosniff
age
450441
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6454
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 14:03:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Jun 2024 18:15:00 GMT
cta-x2.png
s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/ Frame 6BA3 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/cta-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d7e96e04dde24cda2e961f63b7b9a7cc92133c393a232d474d4dbca3af4264
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 00:58:03 GMT
x-content-type-options
nosniff
age
253458
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13337
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 14:03:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Jun 2024 00:58:03 GMT
overlay-donut-1-x2.png
s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/ Frame 6BA3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/overlay-donut-1-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c87098c66c253d0835932e906b8bffe99a09391774326c23f59c8180d40e9075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:37:54 GMT
x-content-type-options
nosniff
age
369867
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7993
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 14:03:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 28 Jun 2024 16:37:54 GMT
overlay-donut-2-x2.png
s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/ Frame 6BA3 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/overlay-donut-2-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d0f0fcf213790f7121de3bd631fad0c41ad2a63f9f0d6296ce1e39c92ad549d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 18:38:02 GMT
x-content-type-options
nosniff
age
189859
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5513
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 14:03:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Jun 2024 18:38:02 GMT
overlay-cta-hover-x2.png
s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/ Frame 6BA3 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/overlay-cta-hover-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eec437738062b03997a9f91aa8cb2587d0ca369db6e48ae2008c6b84ab651300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 01 Jul 2023 01:01:44 GMT
x-content-type-options
nosniff
age
253237
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12637
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 14:03:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Jun 2024 01:01:44 GMT
overlay-cta-x2.png
s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/ Frame 6BA3 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/images/overlay-cta-x2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e694a05618db8a6ab4b632dbcc2ca7f8d53d0caa0592b8d0f8af79e317106b95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3421253869763221650/SIGGI-KANN_160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 07:14:46 GMT
x-content-type-options
nosniff
age
317255
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12754
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 14:03:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Jun 2024 07:14:46 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D8E2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
490307
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 07:10:33 GMT
expires
Thu, 27 Jun 2024 07:10:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 87E2 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=3xgDCnQV4x&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=3xgDCnQV4x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:22:20 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 87E2 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=3xgDCnQV4x&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=3xgDCnQV4x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 13:52:36 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 1F23 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=FsfqMD376i&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=FsfqMD376i&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 13:52:36 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 1F23 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=FsfqMD376i&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=FsfqMD376i&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:22:20 GMT
728x090.html
s0.2mdn.net/sadbundle/17952959967271059456/ Frame 3D99 		47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:20 GMT
expires
Tue, 02 Jul 2024 23:22:20 GMT
last-modified
Wed, 15 Feb 2023 15:44:22 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 48DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssE9expMB_hxO55hAkFXfacYv7lL38CkwqibmcJ0WTkiRo9rEKeZ6ggO5XTzvTa2fAd98AWze0dJQ0t6jWizA8aajfCF4wxF7FpwsL0wT4l_yvKRH9IOPW-26F1q-TuduOrFvnfd0GCs6v93T_WMkp0L7H8jlrQFcmbCqT-ohHNqT_QLYi-nJwGqHiboz6JgabfHq5WEYtZi-_e2SvereboGememsq4VgPo8n5MyDCnq9Fg4wp-49F0WL1SNe9EOGNAPGPycs4rBpAW4w6JlGMWaqSUuMp2OjFfxKSDCTTlCDnSVUapBp-v0BdD7MEkq1_hs02qpTd8RvIoEkYHNIFQk-FqH3VEXzZc9sl__nLEzp5gzGE29HswKbd5gSr7Mh0Kx0wC5o1dineDttYUON4IOgfbA9v7qiyb3ywyNdI6_MT_h5-kQkEtwTZ2k5o014wT0btVHTRjxuwkzk-Q__xa3KccMwEDLnpCN17HkavaC3DzjA-yR4PxVKHicR6rY4xLkMoL7pMWaaIo2rmYCXdPFFMCLPC9nJ8NX8PPVau7Zljmbd2hZTFZ4JL1cT3yUsYCLZNZuCMGSWdtq7Rqyv3x4mQFWX4925YdOdPDHusx7SHatLG5UWq_tEpNZqYLHq_63arQGFET_rwl4UfMZokf9piJQp8g1y5QxbY5xRVMuMfRBWjrRNEDr5I5Pau1QLpqgTsBloVKQpMSWMcrvG4sVfHdlfw4i8POPBL3_0T_LxfBLFd7KREE357Vcx6eZIMvLxYHkB794_LHWAZwZ6LbR9PMkWRNG-sOFgKBk89GtkIU6wbc2NAzFmFvTm-EUBF75NDWdBnLp1Ybi2iU8dXf_Tc4QsCKZ0C_YVhMo5PPMDtGoq1Av6YXg7tTWnV6f2Ui1XsVOUKgQvn7ayFGR19bd5zyCO1Ak1z2Pob2Lo4xD4-zLTpayw3PmBwI9kRm2-KfWBtpn178GJK0Z8Hi1WLABKtDoqY3Be-7_sTqleiTojZhD8P6TFeB6_BL49FevyvKMFrzhhWobKwxtXCHgYpDdGj9vy1a1wWo3H0A5uKghcEyEu5EceHXQyGMgkHPh8czdc8xEnivoyQohx3gRcrqZxkavQiWkryE_oF3xmsH3wjBm7EJPvcGNGYflNFtYg3Ll3CrsRWAlMGmItE7agB2kBi6Q76oDI6NeiSqc6vmHJYg4DwHICVKwgb9E23tWfsO-HgxzfQa5PlN6B0iPj1qWcvq6VfUtfbplvISndKq6iuNBFRohzRoCzBXFxIo7PJ0xNQi_gcRq88ViuWyz0UfvRYyEnX44D48jXwvrt9mLcCff16hei1cL52SYpUfynNIZ352zQ&sai=AMfl-YRdBWZC_n1iD8oOlWTnOsnGF6kYtz2QJzbZSo8z060Dl5ZRh0-mdOIDXUE9prUUY4TPNrkQDMaRUc0Xs6TlQikksu1A3lmvzhWfvmarks5nMT5hhh-YVr6T7edIRTZjCmjsQ7wmfixKidYQf2OD327qUm1XpVsQMgO9A_0XXuiHgp-2J2DD3KmxoVvAHvpXFskGxWQEH_9gPVuJ6gI_QWw-T0s9FhWW3fPt&sig=Cg0ArKJSzEjPuNI1g3TYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=197&cbvp=1&cstd=190&cisv=r20230627.77239&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 03 Jul 2023 23:22:20 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 545D 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pFym5rkm9m&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pFym5rkm9m&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 13:52:36 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 545D 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pFym5rkm9m&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pFym5rkm9m&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:22:20 GMT
pixel
cm.g.doubleclick.net/ Frame D173
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEI_ANnJBHy3gkyq4UnwhYqQ&google_cver=1&google_push=AaAOQGFAvcp2MPfdRrw_2ntiu5nqioPl9H-mH79hes9fs1HJQbZpeHIrZ5YfTBBRnHaDTJ1idO7EEvQ_aPpPa13h...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFAvcp2MPfdRrw_2ntiu5nqioPl9H-mH79hes9fs1HJQbZpeHIrZ5YfTBBRnHaDTJ1idO7EEvQ_aPpPa13hoJ3OIAUOlPfmfA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFAvcp2MPfdRrw_2ntiu5nqioPl9H-mH79hes9fs1HJQbZpeHIrZ5YfTBBRnHaDTJ1idO7EEvQ_aPpPa13hoJ3OIAUOlPfmfA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 03 Jul 2023 23:22:20 GMT
Server
MT3 1031 59fd23a master cdg cdg-pixel-x25 config_version:"1438"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFAvcp2MPfdRrw_2ntiu5nqioPl9H-mH79hes9fs1HJQbZpeHIrZ5YfTBBRnHaDTJ1idO7EEvQ_aPpPa13hoJ3OIAUOlPfmfA
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 03 Jul 2023 23:22:19 GMT
pixel
cm.g.doubleclick.net/ Frame D173
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMde4oRknNRD-86G6CeTmJU&google_cver=1&google_push=AaAOQGFFZgAqml6A22Yx5Xb5A9XrZblRo5Z1C1eAhNTOGoMbn-71ocH3QvXgkWJkaCoCbp-cqsUFZjqYapaPuxmtshEoXpA4zIIemw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2F819472275C45F09D77A7EC9BC83F1C&google_push=AaAOQGFFZgAqml6A22Yx5Xb5A9XrZblRo5Z1C1eAhNTOGoMbn-71ocH3QvXgkWJkaCoCbp-cqsUFZjqYapaPuxm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2F819472275C45F09D77A7EC9BC83F1C&google_push=AaAOQGFFZgAqml6A22Yx5Xb5A9XrZblRo5Z1C1eAhNTOGoMbn-71ocH3QvXgkWJkaCoCbp-cqsUFZjqYapaPuxmtshEoXpA4zIIemw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 03 Jul 2023 23:22:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2F819472275C45F09D77A7EC9BC83F1C&google_push=AaAOQGFFZgAqml6A22Yx5Xb5A9XrZblRo5Z1C1eAhNTOGoMbn-71ocH3QvXgkWJkaCoCbp-cqsUFZjqYapaPuxmtshEoXpA4zIIemw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 02 Jul 2023 23:22:20 GMT
pixel
cm.g.doubleclick.net/ Frame D173
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELSmOeLln7EUAqCiVAlPsb8&google_cver=1&google_push=AaAOQGEt9vzA3djQf-3CyzsewLGm_cUUBju5pFSOoopvMHyRceFNQfoAYa0UXcnC5e4c4DeNdj47i6d4sUd...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEt9vzA3djQf-3CyzsewLGm_cUUBju5pFSOoopvMHyRceFNQfoAYa0UXcnC5e4c4DeNdj47i6d4sUdUAM7BuvmNUrmoWWvAqw&google_hm=XtO9OExkTW-imgt69W...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEt9vzA3djQf-3CyzsewLGm_cUUBju5pFSOoopvMHyRceFNQfoAYa0UXcnC5e4c4DeNdj47i6d4sUdUAM7BuvmNUrmoWWvAqw&google_hm=XtO9OExkTW-imgt69WrKRoU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGEt9vzA3djQf-3CyzsewLGm_cUUBju5pFSOoopvMHyRceFNQfoAYa0UXcnC5e4c4DeNdj47i6d4sUdUAM7BuvmNUrmoWWvAqw&google_hm=XtO9OExkTW-imgt69WrKRoU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D173
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEVBGehm5gIhD62d_b7HPCE&google_cver=1&google_push=AaAOQGGUYVZ4L8wEgDtacta5O0dMnQIKyN9mbgNTXSJHWyMxYIbbt5aIWV2Zq5yUBZ4W3d_cH8RGnBUEhuEdbY...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTczNjc3MTAxNDE2MjU3MQ%3D%3D&google_push=AaAOQGGUYVZ4L8wEgDtacta5O0dMnQIKyN9mbgNTXSJHWyMxYIbbt5aIWV2Zq5yUBZ4W3d_cH8RGnBUEhuEdbYehan...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTczNjc3MTAxNDE2MjU3MQ%3D%3D&google_push=AaAOQGGUYVZ4L8wEgDtacta5O0dMnQIKyN9mbgNTXSJHWyMxYIbbt5aIWV2Zq5yUBZ4W3d_cH8RGnBUEhuEdbYehanyMU3qGndS6fA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTczNjc3MTAxNDE2MjU3MQ%3D%3D&google_push=AaAOQGGUYVZ4L8wEgDtacta5O0dMnQIKyN9mbgNTXSJHWyMxYIbbt5aIWV2Zq5yUBZ4W3d_cH8RGnBUEhuEdbYehanyMU3qGndS6fA
Date
Mon, 03 Jul 2023 23:22:20 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame D173
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEELN7OJMO9iiOdCFs1kD9RY&google_cver=1&google_push=AaAOQGF143a5fo004cbBzlMEQFd_NH4mJZz9y5RZMfq_YmBtihaAaF8FRwqt3q-s_Jfb4Hh2nfqRfdjJ4ec8pIeA...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QAoNdRiVTM22NahFO7UP5w2&google_push=AaAOQGF143a5fo004cbBzlMEQFd_NH4mJZz9y5RZMfq_YmBtihaAaF8FRwqt3q-s_Jfb4Hh2nfqRfdjJ4ec8pIeAcZr-qeEgwEOTXA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QAoNdRiVTM22NahFO7UP5w2&google_push=AaAOQGF143a5fo004cbBzlMEQFd_NH4mJZz9y5RZMfq_YmBtihaAaF8FRwqt3q-s_Jfb4Hh2nfqRfdjJ4ec8pIeAcZr-qeEgwEOTXA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 03 Jul 2023 23:22:20 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QAoNdRiVTM22NahFO7UP5w2&google_push=AaAOQGF143a5fo004cbBzlMEQFd_NH4mJZz9y5RZMfq_YmBtihaAaF8FRwqt3q-s_Jfb4Hh2nfqRfdjJ4ec8pIeAcZr-qeEgwEOTXA
x-host
tde-deliveryengine-production-7c97bc8457-bn8lx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame D173
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPBHdek5TOt-v4ymaoektCA&google_cver=1&google_push=AaAOQGEJ1oxFaG-BbVxyP4AcT9EihqKQhmUAKGyx6GhIF3sKGNMExKu43i6JqeV6wr6EEH-W13CPmajb...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc3MDA5ODE4NjM3MTAyODM2MA&google_push=AaAOQGEJ1oxFaG-BbVxyP4AcT9EihqKQhmUAKGyx6GhIF3sKGNMExKu43i6JqeV6wr6EEH-W13CPma...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc3MDA5ODE4NjM3MTAyODM2MA&google_push=AaAOQGEJ1oxFaG-BbVxyP4AcT9EihqKQhmUAKGyx6GhIF3sKGNMExKu43i6JqeV6wr6EEH-W13CPmajb1UjXgNhXC34PtKKWomIXFQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc3MDA5ODE4NjM3MTAyODM2MA&google_push=AaAOQGEJ1oxFaG-BbVxyP4AcT9EihqKQhmUAKGyx6GhIF3sKGNMExKu43i6JqeV6wr6EEH-W13CPmajb1UjXgNhXC34PtKKWomIXFQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame D173
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJG8jtecGmKS7T9lT9mFqY4&google_cver=1&google_push=AaAOQGEoL2-0u78mypMxDnmxvKFjFH5BAZldXPaeLKLrdAi5Qc_sTetFbAUQbXpoY_lzscVLoNtFvX3uxTB5...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEoL2-0u78mypMxDnmxvKFjFH5BAZldXPaeLKLrdAi5Qc_sTetFbAUQbXpoY_lzscVLoNtFvX3uxTB5IX6P4hRXa5ZIKrOjhA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEoL2-0u78mypMxDnmxvKFjFH5BAZldXPaeLKLrdAi5Qc_sTetFbAUQbXpoY_lzscVLoNtFvX3uxTB5IX6P4hRXa5ZIKrOjhA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEoL2-0u78mypMxDnmxvKFjFH5BAZldXPaeLKLrdAi5Qc_sTetFbAUQbXpoY_lzscVLoNtFvX3uxTB5IX6P4hRXa5ZIKrOjhA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame D173 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IENeiE4QmfWfB4fbznA2dWPYHD6AFW0kAjkGfuy7mz0H5lRYQMn1z_Ooy4LpYgBxd0QIac
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539836&bpp=2&bdt=118&idt=115&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4741162245852&frm=8&ife=1&pv=1&ga_vid=2009876620.1688426540&ga_sid=1688426540&ga_hid=926749968&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1946496577&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759927%2C44759876%2C31075631%2C44788442&oid=2&pvsid=2896560028346402&tmod=1937665132&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5rccfcav9fcx&fsb=1&dtd=120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 89D3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
490307
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 07:10:33 GMT
expires
Thu, 27 Jun 2024 07:10:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame 82EC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
35975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 Jul 2024 13:22:45 GMT
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame B9BE 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
35975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 Jul 2024 13:22:45 GMT
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame A139 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
35975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 Jul 2024 13:22:45 GMT
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame D8E2 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
35975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 Jul 2024 13:22:45 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BD0E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuW3h1y6KBjf6MVE-ZWKxX2Oqu_OTYPUyJYvBjNtCnuM3KkS7XNQTddJ5AS5cEUO7WIGNhnQXUBIOskSTdzd-u35Kxxcfv4-ITyWPv1xDhP17Rkrg-PV6_quWvCbS-QeuqulVpT9LeywuryE6Fe_o0TVKMSCOpV-Su8zF3nccVjktmE6_a2WfVlqF-jZ9yW1kvghiYYM4uVJNHnhj-pq-oJa2uzy1uv2MRjV43SmcEbWHx7tEi6xpUA1a8U-l-GiGArhPIisyFLdiIOzLrLXEmPLmW0CA4wSzwMPCkNeLKTMow6R7pwuL_fc9Co8jCgPss9dlYi_oxtpDRpvR6w7g0SaLffiqf0ANOen6EF8pkMzlBQ0L6IR_sfW0w43KL0a914VAuDsuEB1JPFJrbeJ_BMEQB5FwDhDgbzGlBY9P9v64v3ObT60Cpn1WS-UoMLBh9v4GH5t--ObKXfIQ7sQToHn4B67BpTA0tyL0JMH6kBPEFG_mfQW4DPtO2g2cyM7Y8W90PVaeUXs0KOaHa61LsEVrJh1aMgVblmLFQBpJtSJl4Fnc7PNYYxItXb3_uu6EdCB0cNsYm3fquo_Dq9HbRM_Zquxot9NDF--rWgqCRlMkFYgfflSF26idYSzOdZjgS9tAXj7ox8H_llv3Ug0sMERICDnjk5oarThXy5JCdWG14fWPnnm6M_MU-VU0PGsghPNgzNrmTnY7vMjyOmxIIqEyb0nESGHCa5wji9pSEhUZJDyV1WdrMcQWrQhssimA7IEjpjwXyJgftys2M7gWhE4ov_BF7ECIFiaXJojJWmGvZw2Zm1jo3ozR1VhjAoYbOBJ9j8xeeVw2uvZJmshtLozFNEojlmSjBLazEEtOUCDSO-1oHMzekOcjUzM-v38Lti5AuvXSxqyBtgz5SLAECq59rEDt3vnwgrrwQf1rQDot4jxmoJcvMeoSGQgMyqoxzqo9GrWKDziaveEi14DKv2sjUaO17_WGAbSdlZyjvwiW6TQ3Gm75W98DmngXnjdabGo4dTbR0lo1jq4CSMse9O4Rfx44o5usePA3R_BmKJMDIPpeczB66_78xh97-Nk-tQchxq3_R9Oq94XK-ku-ZOm_2Gg7oztY6K_ZU_wFtGRgDLNR4lMQPg65N_wTOFsdPBMxPvzTzSj78ObZBBM5Bi5f3gckE9M_Rtg2mhsQEy1T41clA9jEIYXmRPtsIksGvO2u2qeoPdPX2QeZ3UXWvn84mUJSOQtxTtPBfLwasp2Ydx3ljnm9Zb6NLdnBe5Kh_1cw8zucUcsQPk2hH24XjuVpFVD-vwnCkITCV164H9NxFL2YX_ZOB0IQtnMWen6g&sai=AMfl-YSSALDRpa-AgRaawLzED2rS0GWiCu8vqA9W8GTEqjcYNr_CHhxv5rFW58O_dfQwkgk4iYqbk1SXbGWNdKb8lMU8nF0l9pNGeMiZ7XDmh7i2unI71le3419FRceU1SJcWb6MqwUHtzJpqTPo9IPuUAIoWaca2NzkuzSyVSFv2_3J5nR13ltNnzimVctjzXsXgpNgiM8iK-3amfmCr2Uscpo2BSG0nMO6VZhbCOsIoa6TPpbZIpwIgEuGSuMiaCmIJv6w&sig=Cg0ArKJSzKk2S6GSAzW9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=517&vt=11&dtpt=222&dett=3&cstd=287&cisv=r20230627.35103&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 03 Jul 2023 23:22:20 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4E3E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKeozqlTlw9bUUWHS3JV8L19K-BIWYeUyLHQxuwmtilUkT_ebPwmrtFs9Ed4IviuHzULjwSTih2NXaYYXnmok63HS2u254nyRMbzFimVyHK8iZD78ip_7YQuHxbSVpcvMjpLzgR2RjYaS3ZRSJv_0waULWKDdUI3gqe1rvSl4h1HpHlAgAaB8mSGPbcmKHxUAVxGy9vi5XI2Vi2Rzty38hheVClmwC02disg_rWM428KVVpMP8-ZEGRCjSHInrQlMu5PQT5QDOaA-WCi0vuSoddsS3LovCUqwCb0ooZ3sbsDfuIUlJcY-Z7Bgh73UBrdCswjFtg9tnS9wS_wskWNwEVgqtVuGSjuglq3JhS9LiXN2ipdOGPwGvdYIBiBy4boB8zweafmkvLUCOFLDvKezMgh80cN-uli23OaSLAhBjUoAMR6mc7QqYJvIKdljkvfGsZ3tEmPP2i99Gu_UtMqE4EkLy1MoafFjRsFGE9YTL3zJ4NTm1Sm2_t1culQoidXhK22uBrwNJdZjFE_P_1MBq6HuRrPiTss8HkaWlpfH3ErwWNHImz8S8Qb9b0C99vSCadKNF13gElsY6GDj9ZAIYtzqzDrvsCYPe1rs_uSCyWj1z32aFcT6FBAm0VMSfvC4vABPPkRGKeDxbvbAX2FFX06m6sSON7hIy1kOCFdMbhVFsAJPzVKKuRVCOonmKi987SEw_Lq0yorq_mMktFXNonYGVd1C1WopBLWq_A3k2EaqJ9KHRK6_Bliu2A3SWWA_dDabDJ5q9NRKb6-MBM9P-vSK8GzJbi6baIGSD7Qk2U4SK9Jf99a_1fXJEEE-O2m9uO_2QzNkz85dM8VIKrumGLIqsWLx9B2AMpl2SSNkUldPdX9zfy9ITWL1VjzNHxVpQo8gmdmtPdxBCBhUsL8UQf8zg3LIcxUXdgfhKYjFDutlwdXIHSbnedn9Nq3ztPOYMWe3LqCzgPv2WWFmlaiwscelQ4iyoXRsl9nwFWUlBCAUAzezKhE7OmtFNRr_5JQfKx8mT_CB2_PNkF3_9tP28ZrFwHMb-76H0PadwZbSlM-1GiIkCT9GBDtjM7mgrzJDZPZqXo_YBC-PHBnd4DdI8xjbj8aL7LIRfA4X04oIOiMEJT9MFSG2wHjYmMsh7UjezvzGh8S5_YtlbAR1-YtfX-RCCzVVoxQqZZXrWMoxhlr-iGJ_Ev8XYiiTVIXp8fYIEk6Gxo_mymGycAbnFpaPzvlz77FWvcLp-W9g4thRX_DXA1Vhbs5EbTkhRLkasPPD5n-4LJoq6GEQfRjuRPvrys4pcIak5J9OQOXa_NsXPXIceQaySIU11UoVVS4KkoVUQgBeP&sai=AMfl-YQaLDkIL-VOv2sLuu7slg5Io9MuhP3GzxOJQsNAgosJ2XxPbI0SHfon-oq9Ory9gEdJIsbtOsoHOZGdWs0VBPX6c-wKvRzhqwZUy17nVD9ZaKjh17YYSnsHmFNZuax6Nzi-MfKOJuDUslz_Ri5rn7ygQDUfyiyg67lJGLVMCX8F4H2WiB_PHHD7qZvH9A9BXzGjA4cU2Yk6y3zQYQWa860RvGyqwRi2Bb7iXgmPb6OWu8cC2kbIi0Aq3q7k7bNDGc1zaxHaa5Iv7wYsIivkDQ-n7K-eYw&sig=Cg0ArKJSzFKJdbU0QHJbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=491&vt=11&dtpt=174&dett=3&cstd=310&cisv=r20230627.64935&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 03 Jul 2023 23:22:20 GMT
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame 87E2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=3xgDCnQV4x&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=3xgDCnQV4x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
496
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
x-xss-protection
0
last-modified
Fri, 05 May 2023 10:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:29:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 87E2 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b8d5c77579e596fe9e7d9870d0ab37622156e398013a4c5bbc2c8e0fe5065ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5647
x-xss-protection
0
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 3D99 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 13:52:36 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3D99 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:22:20 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 1F23 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=FsfqMD376i&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:21:00 GMT
x-content-type-options
nosniff
age
81
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:36:00 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 1F23 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=FsfqMD376i&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:15:54 GMT
x-content-type-options
nosniff
age
387
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:30:54 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1F23 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bea3c06c005c05171e18488ecd431e85ea27fbdb590af84e2e204be03e8912f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5765
x-xss-protection
0
60005582_20230517070143234_APP_iPhone_14_Pro_Max_iPad.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 1F23 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230517070143234_APP_iPhone_14_Pro_Max_iPad.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be0b42eaf9393a841a0a6721b822b92d4b8406b2272e37f9cabe9d7108de1b27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=FsfqMD376i&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 08:09:21 GMT
x-content-type-options
nosniff
age
54780
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21865
x-xss-protection
0
last-modified
Wed, 17 May 2023 14:01:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 08:09:21 GMT
60005582_20220825085202338_728x090_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 1F23 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085202338_728x090_BG.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=FsfqMD376i&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 19:13:01 GMT
x-content-type-options
nosniff
age
14960
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30980
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 15:52:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 19:13:01 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 1F23 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29118705_4307561_355027444_145341330_PO1603A20230606&ref=29118705_4307561_355027444_145341330_PO1603A20230606
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.98 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 03 Jul 2023 23:22:21 GMT
via
1.1 varnish-live-2-0
CF-Cache-Status
HIT
age
6417650
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
43
last-modified
Wed, 22 Mar 2023 08:05:14 GMT
Server
cloudflare
etag
"2b-5f7789eafa280"
Vary
Accept-Encoding
Content-Type
image/gif
x-varnish
40418697
cache-control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7e12deba1df69944-FRA
Expires
Tue, 02 Jul 2024 23:22:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 87E2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 03 Jul 2023 23:22:21 GMT
160x600_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame 87E2 		62 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf035fa0bfc989035b3a60bd3384033c03a80a1ba4103a81d20e0bd053301e9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=3xgDCnQV4x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:17:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17856
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 08:23:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:32:56 GMT
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 1F23 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=FsfqMD376i&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:08:09 GMT
x-content-type-options
nosniff
age
852
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:23:09 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1F23 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 03 Jul 2023 23:22:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4F5C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5Xg7GrbQdTDc2i5CD8xv_eu6mr95Kyy2aIXjtxHpT7DeXfFdfPd-tHgMBVhHUIUMrEXwpXukEFE7r5qVWZXbQ3VOWoQes9rEsWSKk7kfRXhLurcLArK6dw-XPogDXPcdQ-2RRXB3Gv46kn_GUwZpoc0c6kv10DuU3w824JdkHWVYYThWVeQtm-vU3ugabGOOf-d9pBOmgrBgC6Mw3P3USOwMFqu4Bv1V1UKpmlKE7toUIa_pb3ggdqETiMmy2Q7zv1xPL4-Ul_ekg-IyvQyPZIJHa2hOaBmQ6gUgBAKjiQ5sHFkpm5_ThvP9hCHL83k9u4_ZbV1KADHdpA_9qzxJnd0w5NbjjfKqU1UVABwsFAACY8n5m-N5qcQTkBbd5TfBp6c2o2wkGEbrfuI6DItCTNvsWH-r73nmISMSuTd-arpLWBd5Je4K7V2PEgF8xaYmCj6l_5m2RleSYm9nKJhG6y6S6nA-HRTYi4H0Qx4vq9hzaLhocRW1KWp-YB0dPHaKkw7m7gG6gvvglpp6B1-2ijjw8HVnEyC6otiVLnM56hn1Pj8fzCWAjhQoG3gzZ_EssX7xmo9_xbaAvkY2Klsc1MoPmC0T2S1I0-jK8_ewVvP2_9O4pVUuTNuSoomeQowTQlR55KYiFdtfyOSPgc0EH4S-LQulGZC1BUEJ4OdhPT8S4hWlzeaE_iB7Jmf3UZiaACkWWlMZdnBOjn1-aA1i7AnRsO7MeLz9dRvdIpj3svt6BTVSXeWtnOMEla2FkaZy9gyrIfU4_5qkWsGt9wQb1u5is371Xyq7oBbeICNCYZ-meeMC_HoZ_WNsplxyRrHEUpWxh8QB3HgboCznS-dpnVrB-3cBDQie7Z2qNoYvrMqbpP6IECrbF-HMcLfaBHm8UO7ZyNIZySWzIM0gnkV-kq2W6zunu2hpSPB9uUni7F9yHvKeUYEhuUyImD64_az5geS1KE4CHpiNF-tPTcl4cNOl2Kyt6XxffE_8ulv5gyO8JTYuolG6o22C3qULsD6l8NcuiMgjH6BM-4C4kJNNhtgXc3DRZ-_F4hKnhHBSltzliWO59WNqU0QslMBIGFVFPUbsJ9DzCO5i009-Kvy7xdAzs9zaq7btrw3E1AJjC4YN4Cg1HeIrnOGss6VeguzAj32qcI40gf1Jo8CDbKk5hAv0gt-XJKrYg9O3rrVxb6bRpxKrps-j9oRxX-UBNYwCVaIki-ISASzg0k7OzZ18ZXKMOgufppJXEu16uDkGpsMXxeMj4e871-FxyTJ-60LDrGcub4sMDYOuj-fRcddPXvk3T5dWGaG8E4slpg9zcR4XC41B-D8NQuxQVOlF8qDE&sai=AMfl-YQLDMOvULDelpV9Zzqre-a9sAlx6-ZmOXbxkBPdmgEqry37fCCaKJ_VbPd2gyWDAhUPkZxAfuEax0AC2R3bemP6bb8asvCOaDNQfqC1MuNY0ZnZzmBoHBXbQwpmsEJ21L7rIBOGPwJBWJLgXE_0QfGKE_aHx1CeKtNCSF6GhqMMTawFd3dAT3qYS5DrtEPlKsEd9ZUW6dmmWZ1LjNK28tI0wifVkCV-IvTDEjdlM9AHX2j2MpRQWaJBuYGGFVvP2NVirhUxqaGm80F-24MZmDhBCB-5&sig=Cg0ArKJSzC-hS2PTqPOeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=660&vt=11&dtpt=384&dett=3&cstd=270&cisv=r20230627.29863&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 03 Jul 2023 23:22:21 GMT
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame 89D3 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
35976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 Jul 2024 13:22:45 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 545D 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pFym5rkm9m&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:21:00 GMT
x-content-type-options
nosniff
age
81
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:36:00 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 545D 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pFym5rkm9m&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:15:54 GMT
x-content-type-options
nosniff
age
387
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:30:54 GMT
60005582_20220825085202338_728x090_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 545D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085202338_728x090_BG.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pFym5rkm9m&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pFym5rkm9m&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 19:13:01 GMT
x-content-type-options
nosniff
age
14960
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30980
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 15:52:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 19:13:01 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 545D 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
976f694b0092a5da0d96b868161ac04362c5bb895066629173bee8b56deb18ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5701
x-xss-protection
0
60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 545D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pFym5rkm9m&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 18:42:46 GMT
x-content-type-options
nosniff
age
16775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2040
x-xss-protection
0
last-modified
Fri, 07 May 2021 13:08:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 18:42:46 GMT
60005582_20230412024536330_o2_homespot_5G_ASSET.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 545D 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230412024536330_o2_homespot_5G_ASSET.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
549667bd2dc0f6f1bb069fbe4151ebf664f6167be869d8b83032c0019a6e00e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pFym5rkm9m&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 22:43:11 GMT
x-content-type-options
nosniff
age
2350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33586
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 09:45:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 22:43:11 GMT
60005582_20230413245535820_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 545D 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230413245535820_728x090_LOOK-01.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6340ab066c8cd3fc0ff1e47b254690638b7481954f793601c5602be5c7692f8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pFym5rkm9m&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 23:57:42 GMT
x-content-type-options
nosniff
age
84279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42135
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 07:55:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:57:42 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 545D 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29115794_4307561_354697130_145341330_HSP0203A20230413&ref=29115794_4307561_354697130_145341330_HSP0203A20230413
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.98 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 03 Jul 2023 23:22:21 GMT
via
1.1 varnish-live-2-0
CF-Cache-Status
HIT
age
6417650
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
43
last-modified
Wed, 22 Mar 2023 08:05:14 GMT
Server
cloudflare
etag
"2b-5f7789eafa280"
Vary
Accept-Encoding
Content-Type
image/gif
x-varnish
40418697
cache-control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7e12debabeb79944-FRA
Expires
Tue, 02 Jul 2024 23:22:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 48DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssE9expMB_hxO55hAkFXfacYv7lL38CkwqibmcJ0WTkiRo9rEKeZ6ggO5XTzvTa2fAd98AWze0dJQ0t6jWizA8aajfCF4wxF7FpwsL0wT4l_yvKRH9IOPW-26F1q-TuduOrFvnfd0GCs6v93T_WMkp0L7H8jlrQFcmbCqT-ohHNqT_QLYi-nJwGqHiboz6JgabfHq5WEYtZi-_e2SvereboGememsq4VgPo8n5MyDCnq9Fg4wp-49F0WL1SNe9EOGNAPGPycs4rBpAW4w6JlGMWaqSUuMp2OjFfxKSDCTTlCDnSVUapBp-v0BdD7MEkq1_hs02qpTd8RvIoEkYHNIFQk-FqH3VEXzZc9sl__nLEzp5gzGE29HswKbd5gSr7Mh0Kx0wC5o1dineDttYUON4IOgfbA9v7qiyb3ywyNdI6_MT_h5-kQkEtwTZ2k5o014wT0btVHTRjxuwkzk-Q__xa3KccMwEDLnpCN17HkavaC3DzjA-yR4PxVKHicR6rY4xLkMoL7pMWaaIo2rmYCXdPFFMCLPC9nJ8NX8PPVau7Zljmbd2hZTFZ4JL1cT3yUsYCLZNZuCMGSWdtq7Rqyv3x4mQFWX4925YdOdPDHusx7SHatLG5UWq_tEpNZqYLHq_63arQGFET_rwl4UfMZokf9piJQp8g1y5QxbY5xRVMuMfRBWjrRNEDr5I5Pau1QLpqgTsBloVKQpMSWMcrvG4sVfHdlfw4i8POPBL3_0T_LxfBLFd7KREE357Vcx6eZIMvLxYHkB794_LHWAZwZ6LbR9PMkWRNG-sOFgKBk89GtkIU6wbc2NAzFmFvTm-EUBF75NDWdBnLp1Ybi2iU8dXf_Tc4QsCKZ0C_YVhMo5PPMDtGoq1Av6YXg7tTWnV6f2Ui1XsVOUKgQvn7ayFGR19bd5zyCO1Ak1z2Pob2Lo4xD4-zLTpayw3PmBwI9kRm2-KfWBtpn178GJK0Z8Hi1WLABKtDoqY3Be-7_sTqleiTojZhD8P6TFeB6_BL49FevyvKMFrzhhWobKwxtXCHgYpDdGj9vy1a1wWo3H0A5uKghcEyEu5EceHXQyGMgkHPh8czdc8xEnivoyQohx3gRcrqZxkavQiWkryE_oF3xmsH3wjBm7EJPvcGNGYflNFtYg3Ll3CrsRWAlMGmItE7agB2kBi6Q76oDI6NeiSqc6vmHJYg4DwHICVKwgb9E23tWfsO-HgxzfQa5PlN6B0iPj1qWcvq6VfUtfbplvISndKq6iuNBFRohzRoCzBXFxIo7PJ0xNQi_gcRq88ViuWyz0UfvRYyEnX44D48jXwvrt9mLcCff16hei1cL52SYpUfynNIZ352zQ&sai=AMfl-YRdBWZC_n1iD8oOlWTnOsnGF6kYtz2QJzbZSo8z060Dl5ZRh0-mdOIDXUE9prUUY4TPNrkQDMaRUc0Xs6TlQikksu1A3lmvzhWfvmarks5nMT5hhh-YVr6T7edIRTZjCmjsQ7wmfixKidYQf2OD327qUm1XpVsQMgO9A_0XXuiHgp-2J2DD3KmxoVvAHvpXFskGxWQEH_9gPVuJ6gI_QWw-T0s9FhWW3fPt&sig=Cg0ArKJSzEjPuNI1g3TYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=613&vt=11&dtpt=416&dett=3&cstd=190&cisv=r20230627.77239&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 03 Jul 2023 23:22:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C62D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPo9AXJ6VEkPoqEspyn4LNkBnHJKN9alKqfx5gkplxjyznXQ_6tAdFnNjsLkH0iEYRV64h0gLs4WFA7-JX-p274gARI5Dn7ovdSDxfHgt3WyMnPGdQMZTYYvjCK7MqzVwIgwHV7UVGRE5QJhU7m1NsGJDW3oFBCy8MwRMWaJXGEFlIa_IaJp285ikVXtOSjJzZJEm5D9UUwAzuRgW1xPQtynbC1HrHkJ_fKJI7TXEJtS6N5bwh7gK7bgFQ3JWcQBJPxfZYP7vgjoRBM5l8qiYS5GrFZWbzo1cgU-1amXjXz6EVS3bGzNsgsxIInFcN0B7_sNRDIuuWmL6Gl6As9HokMEdeQC3LuumUGqNd4IUwxM6H108b9U05Y0M2&sai=AMfl-YSPaKfDBw1l3CMP1X_5U9zxIraCDUg9Bze7oL2qsUpSU1NLheZbaHynrfAGHn6q548Xg8mQfKb1naYTg_6brPXYRugbAzmskmYD52e8pXE&sig=Cg0ArKJSzKkzcjB-Vu2YEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 03 Jul 2023 23:22:21 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C62D 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230627&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5926dc86153ba45fbda848e74a4e24a64b5e605efc2701e27c13a2efe32f1d9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11413
x-xss-protection
0
5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame CD6E 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1688426539085&userId=vnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 03 Jul 2023 23:22:21 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame 9E04 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
35976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 Jul 2024 13:22:45 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 629F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstq7kgbEyz6cLqHDDC3yE-prwRzUbxbV0njeZk_a4z5TlZwsmXoTv8jPaX_jN6ebAoEhPv2_aXPCQVuSxklgKefdUhN_allcRaoPhz7LSkiIxAf5zGv6gysG7xyTsUTCU3af7uyIwRb8t3EmUyKlKI_16uY4VAsU4ol1l9UITqBx0PELJaGTcls310j3SC9igTsu1N3BDe7FOfR7xuWhKUR7yKysrzEe-NAKrEfq86DKA3CCNmEEgiG-MEcuj2Ub7pRJfTR0eI6vlrdc4Fe3kV4BBI5BfHk9mf_jGA_6giLqUyXpOI0pvPj6DtgRoMR5sf86O5FtAXbqZqJQ5T4ZjlZQqz0Pi282QTx6e3d3WgI5c6JfnIfqfilm8daLfaUxggYwJ3NkiOT_DX1RECw36Fy7C-wfuczZcYMjGOoMAGMwds5d_dmE2nTptjODpQ2BsCg_nEF5SGyfKjBU8pke_XNbo8tG-MrGS5PkiMTKJF5JzwBnT_7y0gYVAkNmK6579LSeQUH-PhZuZ29EVkuqDonMeW2q8tAWWLkIFnQVHIKWl4idB_am_S57d8InIcNi9oqpKN_IeuyYl9s69S3K587KkTTEI2R4Cy4Vqgimn_f_X-eHSMYOXQ588oVUVcm2FGlSx8Q9A1TXwBwEPDaPFKpaouf15YJl6yhz2KzrFSIEVK8mDSvwcGDI1gEo29GzBOBob5TS5xd0LQ1xcGkjKQVsdlC-VV-6ht7L3IVFDEjXN-ACCMxIyeJMxV8HaCx1dXq3_zajhNKkdndJEHTsFsxXyO3iXw_7fyHpruTIwG6HAfx5W3uBWV6zxMEDD3KXEPZfcFPQMd5JXAFLBraUYeqkC5ngtZS9iKWBLgJVekpVl-3in8Ldm45EBr77EQ286xPvBRuqK68LxCNfWMQfuc-w9Joxtc9VqwKhZzJCaVNgkkcDVq0LPZdNaYy8nUPx5oOLNwweSNEXnq2KmAwlxJ0vOlT2waWcG3HwPfnXpTKbWtyi_CgYI5UJFpRNILR8n4f5Qd5qLWjP3FtoXXBsO68axYkgVtbv6HN9682deyKM1S_x3mF689DZdmetrVvNnzDdJKfaFLAVDihaZfakYlz0xBEHG9VpTTg8rBc4wZDddq9cPff1WT3j1JWk2D1nff6R9Agw8DnYhsYHCT0IvAu4BW7oiL8BmuxEyJdbBlZiQg1lz-DZBl9cJhZtgsR51r1mOzSYkb_r3O2b9JUf-jqEyxuGemQpwGJRVQpyVSGCszGUo-qz80QabzkNwp0CyFrLyU5PKvw0SKUcfJZF2Z2eSX7KubrRA&sai=AMfl-YT055JMW3-Zwm3efuMvGwUc4rtK8UTxu32Ql1PTc2YrWxUJwvoSFRpaK557tqeN0KDRRprPhHxpfge6KfkhZwlnDfK6GchKrOR4Mm92dJZULq-wN9vSm7_iZxnyi1UY2pKLIZC08OLCmRCC2FWMNIokzZbuEoDthpaDPc29l0j_aZ10fk3SBfY1FT7_CR4nMiGSRh33mfWM49XnKcnuebYVBstIdLbVx59tq36TmEGHdpFZE0iweMSj8RXgxLNzDaHG&sig=Cg0ArKJSzJKtXjcgPDQ8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=864&vt=11&dtpt=622&dett=3&cstd=240&cisv=r20230627.05389&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 03 Jul 2023 23:22:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 545D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 03 Jul 2023 23:22:21 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 3D99 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:21:00 GMT
x-content-type-options
nosniff
age
81
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:36:00 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 3D99 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:15:54 GMT
x-content-type-options
nosniff
age
387
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:30:54 GMT
60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 3D99 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 18:42:46 GMT
x-content-type-options
nosniff
age
16775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2040
x-xss-protection
0
last-modified
Fri, 07 May 2021 13:08:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 18:42:46 GMT
60005582_20230412024536330_o2_homespot_5G_ASSET.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 3D99 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230412024536330_o2_homespot_5G_ASSET.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
549667bd2dc0f6f1bb069fbe4151ebf664f6167be869d8b83032c0019a6e00e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 22:43:11 GMT
x-content-type-options
nosniff
age
2350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33586
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 09:45:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 22:43:11 GMT
60005582_20230413245535820_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 3D99 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230413245535820_728x090_LOOK-01.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6340ab066c8cd3fc0ff1e47b254690638b7481954f793601c5602be5c7692f8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 02 Jul 2023 23:57:42 GMT
x-content-type-options
nosniff
age
84279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42135
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 07:55:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:57:42 GMT
60005582_20220825085202338_728x090_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 3D99 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085202338_728x090_BG.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 19:13:01 GMT
x-content-type-options
nosniff
age
14960
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30980
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 15:52:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 19:13:01 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 3D99 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29115794_4307561_354697130_145341330_HSP0203A20230413&ref=29115794_4307561_354697130_145341330_HSP0203A20230413
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.98 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 03 Jul 2023 23:22:21 GMT
via
1.1 varnish-live-2-0
CF-Cache-Status
HIT
age
6417650
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
43
last-modified
Wed, 22 Mar 2023 08:05:14 GMT
Server
cloudflare
etag
"2b-5f7789eafa280"
Vary
Accept-Encoding
Content-Type
image/gif
x-varnish
40418697
cache-control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7e12debb4f0f9944-FRA
Expires
Tue, 02 Jul 2024 23:22:21 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3D99 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5c962d14daab335f733da66b69e6ca1d69606d7ad64672c98f1dcb7ab3ad9d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5779
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C62D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 03 Jul 2023 23:22:21 GMT
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame F5BD 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
35976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 Jul 2024 13:22:45 GMT
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 545D 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pFym5rkm9m&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:08:09 GMT
x-content-type-options
nosniff
age
852
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:23:09 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 87E2 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=3xgDCnQV4x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2334
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:06:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:28:03 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 87E2 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=3xgDCnQV4x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
884
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:22:37 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 87E2 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=3xgDCnQV4x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:36:36 GMT
NH_G_WD_Airport-Network_160x600.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 87E2 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_G_WD_Airport-Network_160x600.jpg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28581a9c3e927973d978984f3d463644abae1650c1128105cc603629666e67e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=3xgDCnQV4x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:20:08 GMT
x-content-type-options
nosniff
age
133
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46462
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:48:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:35:08 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 87E2 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=3xgDCnQV4x&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:16:12 GMT
x-content-type-options
nosniff
age
369
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:31:12 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CD6E 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306280101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3982c9b0414c37e08aa60fd4a17fe44322e774c3ec42e680f5636739a00501b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11138
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3D99 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 03 Jul 2023 23:22:21 GMT
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 3D99 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17952959967271059456/728x090.html?e=69&leftOffset=0&topOffset=0&c=pkb3bN1ecC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:08:09 GMT
x-content-type-options
nosniff
age
852
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jul 2023 23:23:09 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CD6E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 03 Jul 2023 23:22:21 GMT
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame D35F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
35976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 Jul 2024 13:22:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9BA0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 21:02:32 GMT
expires
Tue, 02 Jul 2024 21:02:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 47D2 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e13a98bebcd6e2642385fa6b675c7a3faee984c6ee2c8581d5262462757cf9db
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lX65BSnR3-hyGxa7fPcIGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-lX65BSnR3-hyGxa7fPcIGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:21 GMT
expires
Mon, 03 Jul 2023 23:22:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame D8E2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQ3ZhLFijZIW1FJ7P7_UPi5a7iAwAAAAAOAHgBAI&bg=!zs2lzZnNAAb90kgr3dI7ADkAdvg8Wu11zlOpJvsbf1p4s7apDgtr5uMj2Vzvr3VzkjlYB5oMPGu9C014Y95C_x4zf-mwkVoZejkCAAABcFIAAAACaAEHmQMOoJF6uWVm3IUDYT5sgbanJrsDvRCUJ2xcM9H6A-2pIkpMToXL13mOU9pf73DY7Dxlk0CmhLFkZ6_Oi0lh-A6OMqz-XPlqkdwXiMdqdmObYTRlAsxLw4ffRB0ZQnNruZ4ZM_Vpx57cN4vJEP5-8763VoPwvzisYGKergMQrCoiRjq9sXnfb-VWR51_OrKlrG8NCEpZkwAiBWcNg3BH3LdN7sI6MzkJe6mSjKZvHU7wQSo3ilIVTlEsTFGCb0YzfQU28s0dqPoAsNy9w5dZjxl8fsxiYnGVty4AWgAwHkVO8RcQy8ddHKXzaReIStIGK42QHR6_mUtjIZi8NXEnrgjCLKuzNkepFo_2F1SLSRDFUQUejPPpP-oaxA0NRD2Gz1S4xHLvbdiu0kv4E41SWB8wPPYdFwHX_0TC9BEFUUDM_0q0D2KES6bBs5E0om2jEieQ52uGoW23R866vMmYYoyTV5nxaMskmJGZ2bxiwkzrqhwRFMvbaY1vS13ZwFwaMDmf8IrOr9Jas0yywh9U5ny1Xr59eg7-yaOf3bucyj9s3S1rHJR2Ay-1u1db_IWRM4sdXsSdilPsuVUQsmep9vXtF3YhtmYNtv7nw933XYHqrUBZmOtLrjU_Fj9h_a4a2qS1cv9ffl6HRefnNS4OH0Jo0laB-cozdjZAoybR4zIdX8Sor5moHsxEm5TdnJRoVzTB5Sfb1NZLfxi1V4DcVKvacugRI_BeS796WODhf6KFxq8xDtxwTdxTQy8Eax_qMioEyc5DwYswYVhh6dcg_k-J1oTHJo0c4lmgFPOj9NT9ReKLjAHsRmZTtnKMgB27xzBJWgfh1JV2I5kvu2ZH398jf3G-y9YKZ9RSMrvroTBNvZ_66C7Z6CfuzUYcbwUS9Pd5YnZTG4BltxvWaZ5WpnYh8bvYs_1Wgh1GeX6K37BOZfG2kzb-uduDa_QgKZdGLwErp9yasIaJOESkVwRswV_nNB1lUtjfCULOT7rsKHvTfw-pWsKYqSzA9SH6h_rruO7EL5EJkRwidq2g9iWSWuE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4E3E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6i0Dx8CMT58jKK6N-PcoAy1UeXlvncL0vegtDtVwIc9VOCtxTBp2upyVa6VTVcTnfI3MV4zSE47HtjPGw2hLzfzXUnZVimhml2r5fu6L8UK-NcGxx538cEyCH88Hc3LAoALnD6ur-v6VU&sai=AMfl-YQJLV-jyar-Cxzolg7YTN_tus1nntT6tljzFfvOu1sH24XE_68Oc8LYjoFNLTcmUGf7C0PA5OIEL9xO9TksKhL1Tnpr9SJUF1hpllqID4dLk0ZUt9acJWEYACM&sig=Cg0ArKJSzLDlePn4-4YZEAE&cid=CAQSOwBygQiD4M317ZcIeH3uYgh3fMVU7UweichxXU6cyRsYhhDFckt3wmvx68JVogCGB9mrlfupjVQrfPgVGAE&id=lidar2&mcvt=1044&p=0,0,90,728&mtos=1044,1044,1044,1044,1044&tos=1044,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688426540009&rpt=502&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame E9F7 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
35976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 Jul 2024 13:22:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 82EC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJoozLFijZLjcD9qz9u8P366c2AYAAAAAOAHgBAI&bg=!6eql6r7NAAb90kgr3dI7ADkAdvg8WlQEiENWzROX24A2ZJDCPgJeCoNI-fUc0dwd8A8fFhZZqn5MZnaH0hQjlUIKNuoZVw-Jdy4CAAACK1IAAAADaAEHmQMRIrZdNJjeIeL3dBtVZSQjB8EWUV3tVelmxIWxPBzqIxztkU5U7rkV7aiC-nnfgvzpxe983XS2kLjAHosA0Y8kM9bQJIKHZ_gy9O6KLqInVAUDK3qDAWtT4Yw7FGdLmMx7y6EvGFoje3LbIa5QJy4-XSqY1Vy19Xr9eRAbbH49GfznOSTCk2pwtaGcNYyjl0yscBiUb5Jp-QgtVM8Kb5MpmwOi2peGpGXRktRnKuWUmpz9m6WG7wnDNWMgWfaGxw-b6ukSvkiEow3tXEkUuzmxxQb7_uvfcbcswbrLpFqn8fQTyL4jJhu8CsfkkFzO4Z36nx3juZdAzCT743KGYri0qyqAwjlD9TCfOz9QZNsdtj892evCTvckho_Ctjhw7-_Vh9UU9te5AE3TGKY21rJ6o63HLTO-9UMMsdFtX8mTXLVyGr7H1TOgVSi-5F_A3nwQus3o2Ev7zUc6KlQe5z6ZAuu8juSzJLraNV7LamoBkLqZYrPNfYFm1mUpRVicvuGYqFGfz9xTqqlMZAjAhjN7wIKhfS3bQDC3lY2bHdw__tL1TSqa3DySC4jzv5K4N87Uvx3jNSYtfzavKl6qy8AMEI_62vkMBYvFkrqRyVd_dIDzSgQGCgmzn0jVd0mpzLMoyTuKqt858BNOqs-qEbkC_47g5jV0NJze3K4k04ejgqTD66-CcSkTemvHfG-L0OWUdwuvZaHSkipnFxEHHlmsP_nATN11If6h8OVFMP90ic8IJ7kc_ovoYfOLBOfQtfJHnoJcAGB6JdaD2stsyIMj7kEhlYNo43Mywhdok5J3HChTesf5vZQZouby0czsHvuSPRvzkW3vC79f5JhPWUQWNGg1m0lSLzLus8Kyt2RyoCwiok-FTIK5AS9b1NuK82UoK7mlcgw_kmFBFuaqO062aFufFCaB3bigzoz38JKAvgvQV69MnRlBEkZmFjeK4vQftg4bLyUGs9u7skVzJ_fQgNABSCHf12S8cDO-eVLcbSEyXfRv5GATLDNCBS8wAfM3CLWd7-RBiksfD0ls9xcvfmY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B9BE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-txZLFijZL-1EKefjuwPjOSx2AcAAAAAOAHgBAI&bg=!ZGelZzPNAAb90kgr3dI7ADkAdvg8WiQi1v-VZ8c7m-dTiDyQi9NP7Ls_S9TFLvHrCwyNT-71y2dZEr-pvSmNKsLpooV50c9t5MYCAAACI1IAAAAFaAEHmQMRoSh9yEbd4OM6v926RieyzVsQFlwz7vMBhqMHBML1Oz1zENyCxsOAmbBkIuCdgrRJnik1YLFEkcKl8N8lH9maHyiA5tTaL-VpXisD1vxox7wHWvMsrX2pmmDa9YRTfIB7-9UuJ_xTM8Ewv_RD_yX-soVVACdSHJZGXuAuBkBqryTePVJSuaSJGcvlmv5plGnqb06E24kZ0qnTDg7O_IajdGRH9OM9LVXuOIjAk83uUbiHCk0DheaFfYHlvSEzfKFLCtq4C00RJhfMcbSarBjfpR_nmthEg9rGoBoxwvRzMHAO5_DdBsGkTz8amX2vTGSbZfogT8DjIJ6nswqF7Bd0CUSuykx3DNmnoz1x2heOD4o9LYnmQkicHxZJY0P1Ns6JId76xPOCiGI7TJm9PXpNii7YcjnkB8rLT9eBgGuZVrlmH5ARTzdUjCBbG7UfKhMYlMy2ZUtRDcEzyFWKujOWi0VTLHsFCYstedWEgZZauwYPevsTfQbH98e_1fF5uZtzfrejHNYCpsvdnCAQQsRZHhoTGGy1BEYgsSbr6nDXwNlwwg_AtrAGiScmo1rkA1Ae7TGg2PIFzSzn92CO8w3wCMf9s0MCCEDyEJMLuIACDJg4mNTuZr8LFhsmno2zg7eDjnOHCeIVi9jWErhChukXOzOwqayWF6w8E1PwxtXN2QaHS9Co4VE7P8a8GHwy-WvRVuNG9TSR6S8a44tmqwG8aZMzrjIgu8kR-EJkXt5WdjdvI2Yy-o1RISsgqJIKuz7FGqnJfALvAf9J3pxajjJ5e4UlRH_GPpkad9GGQeD6EaPy6diQseu5itghyzOXjawVo8pol9E6KIJtzIUeGmZqHdN-qMr3diWQX598oD_yBb9em7sY54SwWs0e6rk0gmfZyUnI2v_JJuTMvT-CJ7uJ8ue3tpZCLQ8BOqD3ubgVWA47VwrjI3qO9eZZDCjfFrrzm0OhMjfltpu9ygACG4GpQ4rp16QsVHgCrLcljBjjxN3SbsJuhVTzvhSVL7M25Xs6_xFv3xN6gAEzMe_4lFCRJYg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A139 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWI9lLFijZMqKE96TjuwPoZy36AYAAAAAOAHgBAI&bg=!0dKl0obNAAb90kgr3dI7ADkAdvg8Wv1K7wTU9LEMd-mTIqF1TvyhdK0kuyPMT80RkNvKa9ru-qp08OfyqEOLDmxl53-r-nMWR-4CAAACFlIAAAAEaAEHmQMVl0pznY5SoAf5WgrhnYgFpu0DgrX1ZT4gs6EsATJCFXbHqU63bq3b16GHAVYYs_UJWqYwsivTSBZqB_WWhBKH-x5ooe0jSnH-KqpZJwGUe2qw27q7RXWVPmAA16nH4LLn3kJQbqbntQA-s55vcNx1z0xoPpfhq3tTFhFK6u2k_Bee2qO2MSsbdEgfAxXS-n9KFIXS6Xxa0e81o7kvSKS76DeSXQhUXJhtn207iTsSpLx8qxKgpO61hgH_f6mId6u6xvxShJxmzm9KrDwgfd9bcsezdq_1GNE3e1Cqe1uRy3vtVpec7f284MkgtaV_sEzKDq4qm65xF5B8fFzu-158WjGhp5CXU4eCuSOUdlRAaYrcIn8EvMMjG6SAKKbASHzrs3FaseAiOtY1SPEj69f-UVzXbu-Ix50iRB_R82H7rVwHeu4r2K2C2CfZk4L4938GmA5JHGUFk0hEQOsyuyGfWVRfTKOIBjgjkISE90WvlnquyrcXwXt_pHE1z3dF5GeYHQKNjVKICGSzlLcDy0Y3af-sgCgeI4dsDRANp5sB4lYZ390VQum0kG-5Cj6J6W3G0bSs6_nZcZgmFsSCQCStChK94yfWpANml8AL-FRf7U8gXqHneegn6lTgu6lg-j11P775GqC00uHb4xTRkxQbrt3XcVoj0ngl54PkNqN5DuyuL32w7VmoVgsLEJ_3zip9eMLhP5okgXhQnkk5tg0XYRHVMFoCpVfX2Qb7J5IVX6Wd5rEp-52VAYAnx7Q5knQWmUIiMDz9YkftLHkF4UjTUWFMeZuxUh7FfT1_GgGUzeGQv5FjTAEbsjCjp4q9-5M8u_8o2L3OdxKTCrsYb1PPC9HHnu8BPhaj_dJCg3bhLhbUIqgsjBoHLN0Pb_TcNjAxrnprYeu9aiE7AoRiDuo0e-I3_jF65fWe5my0CkVIWVari6MeOezJElIFd002ySAvbeojDQF9Z3dJ6XH3QDfy1Ccm4DTJjlAuuDfRoYOJn515U87BbcwlvBgkQkUWr6QRMlgCKOjMrlLskLBp3kmb6_gT4u6k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E197 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 21:02:32 GMT
expires
Tue, 02 Jul 2024 21:02:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5773 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
24f120466436bfa586909995a4e4db5b7df562777be96c96a54191e486b6a601
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-B2lI2_u_Uk09WUy1QfYVCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-B2lI2_u_Uk09WUy1QfYVCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 03 Jul 2023 23:22:21 GMT
expires
Mon, 03 Jul 2023 23:22:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame A8CC 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOD9ik85crNXbidZILzbGlyHgAKMQIVAstikifbRdS2pryd8mnc9Fl5dtqoaAptr9bDvGOBTCIA8WFW--IBwqz4lW8LSivzOo6IFcnRvSDnF7KvOolayWscOlefD3Tsm1VgyFhVBcA7sh76eCmjTVkblu3hAJCJpB3t_hI9Ie7BfPvScq241PT3djWQIcXcix1lIV9jWUOuci3eRptjbLHSRcUxZaDlpvw5ohk87PpMHQMMIHyWxzyeSfkD4p4YlysAXWzgZpNoQb7Y-xnobWYkrxHUfb-FXXeWceW3b1SeFnomnOXLJvPR_OUM-8rREJN1z9RmRJfZfm5ZED-cgZUiDhErItyRNH6uq2JLvKa8N0D2kB4NhMesOTsjhEiKg2E6RdslrD3ND_Ha1wVdfex9Nj_HBsV9seDCPcQe2A9fgHJn6NdjotOhWmRmfNDVzlq69TqqK3QvbGGByQdJDtOHT_YERHj7q8jg7XpKbDqVMf0am9eHgNrLsnvzE4L977kHSh1uW8FgSGx_80lrv8sDr3vzmFx2IZn3rayHywl_HmFGmj8-lucR7uLUV9vDYD_LwOUdVa1rkY7w-6aJmtzSCeQXmarDUbAb98DeoNk_Hv2maFRUcHUA4zsHDSqR1KCV4Q0vz0kjW_9Zv5a-WoiO0ziPsQzQceZ0qgUdyajmDHjrOCV56Fz_dR-3wpxOqNE7Yt5Ay0dLqAI8meZ7VFePvGv_nXvFdbVRzF3tlsjZKuXkfFqXWDk7MIFhUvOt0vD3BLkQ6DA_Z8tYj4x3uUpCxjP3SS7mDwlal7KTXaKOsJcekz61ydNEQuly8d-f3SnwbrPWDaElx3XaRmGg6hXmKF6VnIpAQGJg3xr1nVwDIRJ3kKtibVllKOoxYvLeArJ0Z4dlBbG9jmRt7_lGBi3nEisduSlHvF6LGVI4xpEiGyoUqA7gqCn_M-7sNKfk_1dBfa2MfNgtZ9oLu0RqvmAHukm61P4CdaKvLmlpiGFnTx2z2Biv803_LGRCmi2abIMmYwWYMIfo2TxqVfwYzDcnI3i3teWTtu0TmIPPfRY0B0TdaftvXWl&sai=AMfl-YRgUOd6qh-xhe6jfM-pFurVLE4rjT-z2sLNtL0tzfqGQbwopXn0agFL7KVB5X5wMyhqoOTE9xcV0YSk1hl742lh6fXosSGxI_8UK93lsqvLg5NHd7Pf8RCw8WWZg_m0wNIuYQ5TR_5z&sig=Cg0ArKJSzIoRaOlQzf0AEAE&cid=CAQSOwBygQiDH-n2r6ZuR-FmDX8Ylbn2VjEAsI79p7burFPKh0aR002eMugQqu2DgsSwCAq6z5mfjcjVgVCpGAE&id=ampim&o=0,251&d=300,250&ss=1600,1200&bs=300,250&mcvt=1037&mtos=0,0,1037,1037,1037&tos=0,0,1037,0,0&tfs=580&tls=1617&g=100&h=100&tt=1617&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 47D2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230627&jk=2896560028346402&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame BD0E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYbym_VLH993YqjgcohRMh5UGNl2EXKDuKD77mRQAdsWrQbJd29v-QmTF7xnJceUtbVujVT8Q-T3wpe9cTPqNj3YX5mFfia3rzZkkwJ9YGcX1iu1qaI7VesKEO3oC1vXua8Sah0zbbK31P&sai=AMfl-YRWtDXLmuiq56sJYcu2gEqE8WHqaTnXLtIT6CzME7cpmowCm6QjG0a1MIjqcWX5ukWc3izY7lUuO600hA5vUS3f0T21DNN9K-Jjn0HDJT5KjPNUjhqj6FFdjZQ&sig=Cg0ArKJSzI-QwKE9wDTHEAE&cid=CAQSOwBygQiDDHZ6arnIXMVRTk6nZ-IzJiAh0cCT-PUyirqZb9-XBQe1VvWhRJtG257q8Xo-xd_9BxiAaXqUGAE&id=lidar2&mcvt=1025&p=0,119,40,160&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3203893797&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688426539988&rpt=480&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 629F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuT_BBWACob_5tmbEqXUghBgWp7ud726ij7cnlkppdX_rIXssolgwECvHUI2KZT9kZrwzjuHkamFREi3HRPSMlEpgKTBnKybeq2LUUeCTI-UpTRJ7mtqH-Q3sKCNVVHOM92be9ukyrMDWAZ&sai=AMfl-YQ4nXsrQFJRwGC26vurBJPNtivPZj7mz0EclmlcJbjcChadTC75rhwdZbNyMHzE3eBqlPWIdjNIfHDl2A5hpMP7DSxKtx5WnHFP8IUG3DrXJrw2DlYoLfVRlDM&sig=Cg0ArKJSzJMhl8_vC_iXEAE&cid=CAQSOwBygQiDt-NH8THXzpnvcFHfnsOPG0Qs-iJCzZfpIaFyQ98albDrOVxZxJh8QQQqTZqCygtYC5_YohPBGAE&id=lidar2&mcvt=1026&p=0,119,40,160&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3299242717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688426540031&rpt=502&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame 9BA0 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
35976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 Jul 2024 13:22:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 89D3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQPMALFijZPznHMyU9u8PxYOnyA8AAAAAOAHgBAI&bg=!MTKlMmbNAAb90kgr3dI7ADkAdvg8WttSaE1QKy9J4iUn0Nx4jlXG8K43vOUeUNqGs4f81CZJknTrpbU745Z9bZgdEl4RfWBODKMCAAABqlIAAAADaAEHmQMtEPp5G-RYM78Sro2MvxWVE92zfzn1icYIxGQr0kqql2nzk_bUDySrsb79R6xOpwVoraWORBNVL16EKYPJ9w_XnB49buCuNX8r-nf4cnBI9e3Uyhv2qJ0p8B-Y4gaoRXPs3Yc0P8-rKk9E80eayrkqLRAhE_e6iUscR0jGEQzYnrdjVs-cjga6aj9SYzxSNKGQua-PwFBFcyIEJ1b-lR4I414Z4bXpAiDv-twOAJW6py6UhFpO8l4n4jZrwmONBWHlDv8iFi9w33BL12jxgALE_P0HwOPHT1ezwKbZJ1Aw7LUROFydedk4hQU8cCFexhjwRHhuXMM8Ub2LoyqEcMa3WY0gtBBMVo-IFoYXtbQXZG6DaCVcwlQxGl3O2rpem0crPWxvXKqbzQKgoAjAY5z0zxI2AdgTgty41o-LpUaZqHaBCvL1OES8mTZWJO_pGak1fGONuKX9QdY7hQwXkzyNjbInwkQGz7pn5fKwxVHTEsi7s6cNqdM_vSf1aTRMSSsXKbccWa9uWP-d0HzkC34ecN4HNOUICQ8P2IlG6gMDEaTliQ2JVkmEvBKLpI5F62jk3nSJON0AdzKZVGjVkLASWYuIf9QxiQtM51SRbvK0GiEaYxkc60vX-Wv-jHmeJutpLBhC5MzttrtDNkirWTEMmZ3aGja1yFVuPc1tp8c-1YZYgw5xrQvSpx4OfRSPqy7Rls6ahamC-pJrxHUuYOD23_cS059119iVxTRoLSPtlEYdUzERzDlX7QsJ_Slzv_OWCLceYrJdIVWbwyejJRhfeMUJFg67dOLyL9I_1kCYqbFrUoRNWG6zA1Uvpt8xhe4fePmE9LbuKCeGiN0xHE2MsaxA_Axq_3-wqmhJdAw0VXAXp6w99dK4Ta7G7tYrSjKNjsYsm6vKLE9AXNqRPTwIa5t96ajmTb3_ximQtYdeOHT4QlWP7S1jNyHRzcYWTBVNXBlg0JlYKaC7U4jFPu-YtYi7DnZ-Vz9UEMOU-e_QESb5ra0FXvjPpX4LlI0Guvqtou50tHrlblWgy5CCAvHUFzreYDcJP8cxvuFB3jsHBrgTZ5sCXD8bxezHjvmE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD0E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9721164041720&version=m202301230201&ct=76&x=1&cor=2186336911989968100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E3E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5066984137592&version=m202301230201&ct=76&x=1&cor=9191009336661159000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5773 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306280101&jk=3042722088988478&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame E197 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 13:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
35977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 Jul 2024 13:22:45 GMT
generate_204
tpc.googlesyndication.com/ Frame 9BA0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pV0QBA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame CD6E 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1688426539085&userId=vnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 03 Jul 2023 23:22:22 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
generate_204
tpc.googlesyndication.com/ Frame E197 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5OV_Kw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 23:22:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F5C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3172506028357&version=m202301230201&ct=76&x=1&cor=10751858688525875000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 48DC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4493967863916&version=m202306200101&ct=76&x=1&cor=13506009272160895000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 629F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2376678986822&version=m202301230201&ct=76&x=1&cor=6531176856135113000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jul 2023 23:22:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5ed7638be4b07a92411bbffe
ng.virgul.com/tck/i_vb2/ Frame CD6E 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed7638be4b07a92411bbffe?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1688426542382&userId=vnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 03 Jul 2023 23:22:22 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame CD6E 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1688426542382&userId=vnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 03 Jul 2023 23:22:22 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame CD6E 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1688426542383&userId=vnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 03 Jul 2023 23:22:22 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame CD6E 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1688426542383&userId=vnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 03 Jul 2023 23:22:22 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
sodar
pagead2.googlesyndication.com/pagead/ Frame C62D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230627&jk=2896560028346402&bg=!KimlKX3NAAb90kgr3dI7ADkAdvg8Wr66egOTCGtx0p9R4bRam7citKgWAkLLcwlkrmgrzB-6M7IbMBW0Dq4zCgF4MDGdU28XpXACAAAAcVIAAAACaAEHmQMRROChCgZXwsmi_pJ1fcerlofVGymtWJFkLzzgFug7Z7rP8_KrACI1ZQXRlUrk2GJac-iXqy31VJS52SwVEukPUBJyUyTrst8nPoliJkPvGADB2G3kC3Vdg5rSvciJ7V2Je3rPkO3CKDvKF-VlAXkEUSQFsLbuHdnLewhJDq1nOXhizWhByfdfVeMpyAxK_wM0TaAy2_pgGAPRg2ooc4W8amEzujRtY-U0vVdHcXhSGwvi5CqR53NVhYKt0EwPBs-ovXkdlxMtXY2yfsNFy1BUorPishvOPHk7t9TbgwkN5H2JCOFnPCVgzPM2x7xeuQkL5z_jAlsqAkEUxf7C-rlPHY3QqCL3rRsIP2uxQNFsJjkeDlKnNvbzoP0t1j9FZMqMfjO_jupLPYNdFh-5pYhExAHxKUTO1cbggiNN_7X5d3SyZt_4n6M7-eE9C_QQnTenZqBogcZCgCyUcr-TY_pMZm86jRehbkg4canpF3f5KeM_3w5-JqfNI2tffVRUjeJYnmA41lc5TbnpNl--Z3_hhUEQgiy81eigGVXdmX40AA-5kWBh-7Rp6qyhlV-rRdExoea7xkHXzoCp-bIuXjkRNXyP6H_6ssHF-DL1B-wCvIG6ZTS_LEMtsRAEwuDWnO6oaQ2Kh1qkp8mIFG2ACCyVW7OBo0AHiJVvuM7LhPkjwoJRVYGZ79b27c7_FDPsoyXXmGROCxdU2IEVkdXyxHDMBsrAudC9zx3lIkSyomCUHiJHE0wouQnwFObDHYbLntcloZ6Z8jUxeGvL7vKCiHdo5p1X8hBFT75XsCC9QgQGiWCgLnMAmJo-hsT4R36qyvBrjMMbT6CO4B6BtYvHKkKmSLDcevOBwfxjecixdUoR1nXAreRsJ-ZUvINf6Hk8UJTSQ0QtPR2OLSf-2XdKa_dYscNO3RAXkcbvj1SdSRbeyGArUwyN4GdJRgmKYUsM-C6lHdCav9aCZiUDEqqmPQ93H9LH-L14-NX3dRxrKn5fa8RfdcWO9LXOXoYnmyhygyPuNFoKBus1a7iZQIZsI1DMrUs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame CD6E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306280101&jk=3042722088988478&bg=!e3ileCzNAAb90kgr3dI7ADkAdvg8WrGJqW4mIzMjptDCaeszcuayTQ-49w64DLj_pTUgv5uEV_NdlS-eTWHfQXyzVSenjgqqhD4CAAAAWlIAAAACaAEHCgCFzyPAmAwVjtt9MYOByccJT9HwNgQ6EpS6G9W-EVHl93sh2JEeH3tvCxBKwZi5ZWPJ1So5YqPSNMYHjGsLVHgTHaOUfSImz1fhj7MS9SJ_yRdBGk5FqqEhymhl4Rm-x1TBm1H4xTyw16Yy3UOBIrALSyNf6HvFOpaXgWWD-3-LVqcr1MzPHJkCvsy563UVLcDo-oygyRx16xniEluPBrMx10ADtTP28Wipen7RWocYNcoiX6moxXsZfQJHkLBAdRNmw68ZfR3Ew_qR1UKJBzf5Zy38lZJyBXU4RTFYGNW0Y4CWmLQhTfI7608GWpoeDBdWkaJhijw8tQ98sXQRCcq4FxBP2udpUdNHCJsw-K43m9UoxCGPzBzNIHYE1aw18I6zxnZ2mpYqUH1V8dSgnMLGRZ05VFG3ODX8KSDe5u9KUelN12byG1WVghYAp_xwO3DShBcA98Yy7nDdYZEKQXlQS9FjwllIkQgcOJ-hoJ6TKvDGOCmCZadY8NAIRNN6kmAZ7DPcKVgFh7h3r8MkGGQw3wmqqB0kcrjJNWAglk82cX3PNi5P1vW2uQqaAJwjTI0reWNeUjHjx1yvkR6aanVUa9oT0nOloTNVpWelm5VQILkSGdfbat55aPHieOuFXr8nobdOYDqWqnqc1KBZnLqxAyowLgjfd_wKETMgIVEXCQTgG_r6-OGVrAS-xr6JZsWy2Z4TN2PEk5cOiJoaRSiCaTltag1-HQi-OcWCoM-eHfirZ-ClgOi7Qjr_QtEsnO_7_SY2i43UwcYEWtAUQlbAPapEJzu-u-jUImmurB9HczkuCk3mjZom_rC1T_OlAxu2PF9w72TPJh2YOAaKbWcHXrMmy_AlrwSWIhFBtgGR30HH5Fwbvpj4UMW_YFBajEBZmzG9dOUpzNr0RYw2JVA0dHG6MBx2ExKeyh-vbRnvvHqjjwyewPQ9GUEWILarsiPpRo5Cy1p65Ha5BvZ5EddkSBm_kC-Vh21VcjOqI78PSKhTCctBIDbfncnOblO6ySzi0pe5dELb_lW2TwNXjCMp2iAHk9h9DPQk6JKKd1pNYVYMfJDbHjzOx9pYpcNbgA4VJCfmFFG8E1cQnmrdFK9rx2JboxykLw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame CD6E 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1688426539085&userId=vnet6c8dc43f-05f2-4af8-b887-1ac62d79bed6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 03 Jul 2023 23:22:23 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| cloakan string| data object| xmlHttp number| data2 string| hash object| ifrm

44 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUlYVfrqUeuwcTxkBUEAiwSMZvuKpxHzrsakbUaYSVlg9_J4ILY9hTILDzI6n0g
.w55c.net/ Name: wfivefivec
Value: BCXvDTd41QgsS85
.adnxs.com/ Name: uuid2
Value: 5368778967512283998
.hspvst.com/ Name: VI2677
Value: %7B%22time%22%3A1688426540%2C%22utid%22%3A%2262ca4c5c233c773e865d323f5843688c%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/ Name: VIP2677
Value: 1
.casalemedia.com/ Name: CMID
Value: ZKNYLN97C.qw.aIYLVJ3QAAA
.casalemedia.com/ Name: CMPS
Value: 3360
.casalemedia.com/ Name: CMPRO
Value: 3360
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?`d8uUy!]tbPl1M>e)ZlrFUfJ+tGXxo<PigcJ^z.^:U-`RaIKl--J*tw/[8.n5bmD%**bpRz*qF1`*b`:q*2Sz5
.spotxchange.com/ Name: audience
Value: 752cab7d-19f8-11ee-a520-1a3cf9d10506
.ctnsnet.com/ Name: gid_CAESEJhMZBL7PonRjVsCJr6dokA
Value: 1
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.turn.com/ Name: uid
Value: 7610902958449641828
.pubmatic.com/ Name: KADUSERCOOKIE
Value: FBEFEAF4-FF4D-4EC8-B053-5023805092BC
.bidswitch.net/ Name: tuuid
Value: 1c746da5-88ee-4eac-8a85-6a58fa6f46e5
.bidswitch.net/ Name: c
Value: 1688426540
.bidswitch.net/ Name: tuuid_lu
Value: 1688426540
.ctnsnet.com/ Name: cid
Value: 5ed3bd384c644d6fa29a0b7af56aca46
.ctnsnet.com/ Name: gid_CAESEM7QMNjqXDdS_AxZJfZVUYE
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZKNYLAAMWm1WYwBI
.mathtag.com/ Name: mt_mop
Value: 4:1688426540
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22400A0D75-1895-4CCD-B635-A8453BB50FE7%22%7D
.adform.net/ Name: C
Value: 1
.adfarm1.adition.com/ Name: UserID1
Value: 7251736771014162571
.simpli.fi/ Name: suid
Value: 2F819472275C45F09D77A7EC9BC83F1C
m.exactag.com/ Name: exactag_new_gk
Value: 2ca558f7633f4beeb6d130eff7234c1c%7c01.09.2023+23%3a22%3a19
m.exactag.com/ Name: exactag_new_uk
Value: 5857447e7b4b4258878e7361f24fef55%7c
m.exactag.com/ Name: session_session
Value: c0d2ce3a2d77402091a415b9
.w55c.net/ Name: matchgoogle
Value: 5
.ctnsnet.com/ Name: gid_CAESELSmOeLln7EUAqCiVAlPsb8
Value: 1
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22400A0D75-1895-4CCD-B635-A8453BB50FE7%22%7D
.adform.net/ Name: uid
Value: 6770098186371028360
.de17a.com/ Name: guid
Value: 1.6183876037083164132
.360yield.com/ Name: tuuid
Value: bd60590d-8340-4e7f-abf0-414813726db8
.360yield.com/ Name: tuuid_lu
Value: 1688426540
.yahoo.com/ Name: A3
Value: d=AQABBCxYo2QCEBgWFUBThudufDjH5trGy-AFEgEBAQGppGStZAAAAAAA_eMAAA&S=AQAAAh8LFzeTdwBpvW9TYkudAV0
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d0ab2335-9e20-40ec-ab5a-e62b8d68857f-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d0ab2335-9e20-40ec-ab5a-e62b8d68857f-003%22%7D
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:

3 Console Messages

Source Level URL
Text
network error URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript error URL: https://ye-mek.net/(Line 39)
Message:
Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x69807j0b5.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688426539213&bpp=3&bdt=819&idt=194&shv=r20230627&mjsv=m202306230101&ptt=9&saldr=aa&nras=1&correlator=8598079543048&frm=24&ife=1&pv=2&ga_vid=1992585356.1688426539&ga_sid=1688426539&ga_hid=328638593&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759842%2C44759927%2C31075664%2C44788441%2C44789815&oid=2&pvsid=3042722088988478&tmod=1036388161&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.pzefjkqbpz2v&fsb=1&dtd=207
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2a0c1ca77848f15e04df038fbfe17bc2.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ad.turn.com
ads.travelaudience.com
ads.w55c.net
adservice.google.com
ajax.googleapis.com
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cdn.ampproject.org
cdn.ye-mek.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
cti.w55c.net
d5p.de17a.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
feed.pghub.io
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.w55c.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
m.exactag.com
match.360yield.com
match.adsrvr.org
ng.virgul.com
ng2.virgul.com
onetag-sys.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pghub.io
pixel.rubiconproject.com
pm.w55c.net
portal.o2online.de
pr-bh.ybp.yahoo.com
r.turn.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s0.2mdn.net
s7.addthis.com
secure.adnxs.com
securepubads.g.doubleclick.net
static.virgul.com
sync-tm.everesttech.net
sync.1rx.io
sync.inmobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.hspvst.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.cloakan.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ye-mek.net
104.75.89.75
108.138.9.235
141.101.90.98
142.250.181.226
151.101.2.49
151.139.128.10
154.58.197.185
162.19.138.118
172.217.18.2
18.196.134.2
18.66.23.147
185.29.134.248
185.7.176.221
185.7.176.222
185.80.39.216
185.86.139.104
185.94.180.125
198.47.127.19
20.127.253.7
20.60.220.36
2001:678:cb4:bbbb::11
213.155.156.167
213.202.235.8
23.206.208.114
2600:9000:2057:5a00:1b:5138:8a40:93a1
2600:9000:2251:8e00:3:4706:a6c0:93a1
2600:9000:2491:6000:1b:f040:3600:93a1
2606:4700::6811:190e
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:827::2004
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::200a
2a02:6ea0:c700::19
2a03:2880:f083:100:face:b00c:0:3
2a05:d018:d29:3601:45e6:a1a0:b341:7958
3.122.44.22
3.75.62.37
34.102.243.38
35.186.193.173
35.190.0.66
35.204.74.118
35.241.45.217
35.244.159.8
35.71.131.137
37.157.4.25
37.252.171.53
37.252.172.123
46.228.174.117
51.89.9.251
52.17.64.122
69.173.144.165
77.245.159.14
85.114.159.93
94.138.206.83
0052f42a0eb025590c4a2c324f65ddac213225b383aed8a10687d4250138cc6c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00f3144b01e84e31eb08b2919a242a011735d97e954661e69536299b505af028
01060adb62f52587a5420ec9ec23589c8b1618cf9ae5e56a40bf909c5066ec18
011e3c5d05b1f8220f59241e57ac65c49b382e8ed8eff99149e2eda18e36a660
04919d53426e5299acd085555cdb0c6ed43c4c4dc050bf23181f09509d4cc2f4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1a50a9f6026761814dfa96cae32807b687f1b116d4d6e3ae4a1334d9673a24c6
1b03fd3fa3f31290953a4de0da547b6f833489691c8f447fa19019095a60c8a6
1bea3c06c005c05171e18488ecd431e85ea27fbdb590af84e2e204be03e8912f
1d9b9d4dd0f38289082e966a0a53f5d354c6664023ed97207fdb428f8822c8c3
1e5a28a902c7f1edfc9c082269da365300b36ceb1eed186bf26523d6867ed986
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
1e9f681bea9375dfa0df172cdef55bcb90ad3de558b96db3a2f1afc1ecedfa36
20f091e39a994eac247abb2db8c48d424cb5f3ea8280cea2194168c2bf5f437e
22c974ca84d1beebef37b4c95335f8ae6f597563bbb9246eed2f4f647a176128
23f1437cd33df500ccadb5cacf49ba212539c95a7a25567c45b99caa9f26ed5a
24c7796f3b3c9b051f952a478d7a5df944d83ff0ad7efb64130dd7af275c439c
24f120466436bfa586909995a4e4db5b7df562777be96c96a54191e486b6a601
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
279640665adc92d4244ed1cfbf8e8dc558eda38fc5bcf56cb9d8bad0c5c5de91
280de5c42a75c9865c1bc0cb75c22c790ab35d98c1d06256a0656d1fabdc3212
28581a9c3e927973d978984f3d463644abae1650c1128105cc603629666e67e4
296f1d7fdfd20eada2afea94621798ff10feabb9782f9ba00d13c8986ed01254
298e30cd4e01948d540e8aff796e294da1ae095578b2403f2b97280e3b969a6f
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2cbe00cc7557498845d55c1c32df378da128743b06bb6bc9b2af2af142beb5bd
2d0f0fcf213790f7121de3bd631fad0c41ad2a63f9f0d6296ce1e39c92ad549d
2eb176aaeeb413ad669d78865acf8fd6c1998dcfc6e571f727a79f730ba80fea
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e62e0b092bc9ff94b2b8e841ae9305955b398a7cd80116a4d79bc9fe3b6e39
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
326191eff8a94513a5b1e00816990e367b886533f3d180c4617b301d48553fcc
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
372e646203759b4bf2ddab1f01469d03dd8bc920f187a3a09bb316f4edf6d604
372ee4f606f66d460727f0502b688f2049ce405679f274e8fb1ed175417479a4
37696e118071c7484a8001f32a4e80edaab20322d5c8ae8e2b1f48a1c45baad9
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3982c9b0414c37e08aa60fd4a17fe44322e774c3ec42e680f5636739a00501b6
3a08cd1d2e151590d93491d41b26b5d5f2a28ed561ddd9b9860602a5d855489c
3afa48222c517ff2a5fff0923c48df3e779f50ad58dc6ffee371ffed491cc002
3cf33fd1cc895fe26505c0677f183cec819f5d55d54905a1adf8e95322d67c19
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
3fd79e4c8d7ffdd71d8790cb804978f011cac067718f363cdeda887e34947b39
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a791bddf64e032cc49941dc2eba79c1346ba37b32d4be9acc63abb2643cc422
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d64cbbee56a7ac4037731942f74e80bc6f7044c6c9e5667dc8ac15fd0c8ef08
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50fccd815c37c4f9e41b0edfd0d821c10b482723a0420526ac6415d593e7b8ad
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
549667bd2dc0f6f1bb069fbe4151ebf664f6167be869d8b83032c0019a6e00e7
552daca9a314234c9d54062363f358e66ae995a7d52efa0db8535408719d64fa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
5761dd23014a59a80c28aa2e2e8f917452b16ba8c51b7c4ec1c7e3727fcef06e
57d6270f8a2410ea0ae988122b1d818fcf9a73b139b68c281c344bd48431558a
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
5912818a6cbf7dd28046251c26630e960975ee5cf7f18865a8524e0d40e8a558
5926dc86153ba45fbda848e74a4e24a64b5e605efc2701e27c13a2efe32f1d9d
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
599bb6748f60ecce39049c7c6feed7bfd65e9ba09ef478ff0661381840117a9f
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
5f093fa1089ad25478bdddea481ff24f2d967755a2fb86e61ddd8826a1483d9c
5fd76ea1aecdb515ce204d1d197f7cca3373f2cf12c1d844a22ac4bc697d2a1e
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d02738bf43e95644b1e74f9bfa7bd2d51e394469bf9edf130d52a674d9991e
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
6340ab066c8cd3fc0ff1e47b254690638b7481954f793601c5602be5c7692f8c
6488eb318dbc3525193fc112e75c9ec708845abb5e83bedce2a4eee3fd5aca3a
650adc9dfd34c3f14598aef5d808373854959bb31c24f09b49b75db4b1c8af81
6510df06a5fc59708e70510ef5b649004ae66f6c497741d58dabb223b5aef9f9
66413d92e3b48b21f37de7968a4c6ee6dafb956f4963d0557959a3d10db2c492
66f57830eba3793b6d407a90dc0636b5e5e028f466bec6045ebc0813acaf7afa
682293682ff2a9a2335e59db4a0fe50a10eebb8778466cf9f78c9f287374ee8f
68b34a28617137221b76b93546359bf577aea1d6b3aadbd65b40e8bbdae7dd0f
6a5c3836f01af05b52f926264495b7bac8dcef94acc6cfdbb3fbfa5054e941d8
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6e517f1f2da440c36103d61ae698974db84ded6b3ac8635a8c24d8ac8652c10d
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
70702ae8b1042754803642728260678f471284d6ccfbc9dae2558c7a77c9dd54
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7b8d5c77579e596fe9e7d9870d0ab37622156e398013a4c5bbc2c8e0fe5065ae
8169070527736f2296d9d72e169101428b2f9821205614dc54cd16d3130c70f8
81e566e70ca8804ec2feea476a39833bf39fb650efffdf3530cb0e94072990dd
849ba610d536297df4d56f5aec64fce464d4166c11b1d2d30a6e00ad23570afe
8652e27002bee7a3bbf2bea8cd73cbd19b134f00bda6528640ddd5c98826bdd4
879254ae9fd0631033574177bb532d71a1c3fe654135fbf1ccafd7740884f451
88318ac0b00e13dfbd59368fe4f3d07444b7e24c1ddae686fa953d3617c2e861
892236541c7a8ad179743c2d9624d51cc08ecb3e205ca8b41dc4c412465665eb
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
8b4e40ffeea4f88fa78707ac8a7aa1beefb4f707d7bba71eb8b0e40ce20fbc94
8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8
8c5275956fa1bf68a0418dddb092a5881af6b6be10f6dca54dfacda6ba41992a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5520ba075994b3e2332e7fa5c711892423b375175cf94a314d7572fef0d1fa
8fd6a726662c515878453612def3bab16559fb6bb33b1ebaf50708a311952401
93877a4648f07d0a209913c6a05dcdc1810fe91fb41c96320aea06de80b708c5
969ec3de890b69420b346cf069cf0fdd08a58828a83ce3dbea20c866c8c52536
976f694b0092a5da0d96b868161ac04362c5bb895066629173bee8b56deb18ba
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a4cc3fe2d3f622420ca59c87382ef49c8810febf4eed0cf5f5b37b0df663fa
a1a1863860f40862a7df0b5316bc3805f213fa1c9fb01060bbd994d91dc140ee
a272f5ad880412d2337908257f33241b65a6d0bbff745bf3752b1d66e0781514
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7617d23b8c119da6844e2361e3cac16804206bfffd298c3898c4c518074ba04
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
aa9b2a4319e267d5156f271c64c57d5b9981ee0300dceda53dccd1bc34916edb
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
ad552005288cd4eaba1573df6d50052aa8b70c500430d5ce040feeb511e76353
afc10e1ac098f95e336e080366c3ab7391534d94a0d33e44574cdf8e14324b43
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b203eb6091b782e83f70a512b57200183965e591ed8fc29a3adbe790f0a4cfc1
b4f389ffdd25abe4499194c06d7d562fc7db3560694624f7101471c65fd5bfbc
b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad
b62303207f083306afe16a9b3634280a39bf8ab0c1f873f9ba4bc114e10dc59e
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6f592ba4dc1ddfac8ff32673d97d7aa580f6ea2ac20e5415d7ad6207d6f99f9
ba4abb531a6e87e459906df9fc6e20fbffb73371536d971a82fd27356d09d7a3
bb7675b559b6b715e1583e5b7267a368f56cb8961a364f5204695d500614bb67
bdaeb6e5969dada1b47f782f0b127a95c6b27e8844e72891f198d9592a4f8538
be0b42eaf9393a841a0a6721b822b92d4b8406b2272e37f9cabe9d7108de1b27
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c
bea79c8339103eb65c3c78986da954cef36ed141b02034e10314f572628fb729
c0d70af7949196c08c5fe3a641acaf77ccd1dc4860e3ff457edc137cc39f6ce7
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c274d3c8508b96ddeb7a0f570316486d5fa96da90cdf758e33e55e2e6ef09102
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c355c8ac90cadd84baca4b13543ef28df03fdce52fcc14583da36e875cafab37
c3c8f737c2c30356f2b788246c529049e20b42a6454539265981b00d318536ae
c43a592c09224db2985a3e074e7b50afe274ddce2b680b73e8f3a9c5cda4d35b
c4bc923d5eba3e5804d9362ed9994e8f0b612ad8186fff426afa91860319c4b7
c7068eeade96f50e60559ce657a5f220dbb11de37f1db2f449c5417fe679d885
c716deaefb4157036499c74547753506455d05368e5a156b9742f8f1c4f4590d
c87098c66c253d0835932e906b8bffe99a09391774326c23f59c8180d40e9075
c95864adde9fe8a23911034d261ca90d154b87611afb584416b2b317c1357813
cf035fa0bfc989035b3a60bd3384033c03a80a1ba4103a81d20e0bd053301e9a
cf56ddd9b52c12d839f441fe93423362142a3f5193e2506a488f25cb03649919
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d02205d1075cf66ef0543d8db3852b017a4883d969215df91bd3896eb1335b4e
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f
d64c6d0f3aee8e256b9cfc4c1bb44e4daf20b50e8103038c5ab9aed27a5b5185
d660119d70fde473f7720a43fb960d95c8ff46768e67d762f9557179709b8942
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d8aee84085a9a8b44d7f57134e501990acfc64e88e0dd8023e0fa7062723a6df
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
da18af6d3c8b59f86a4bd9b6bce1588f3dae025248713f9eb0fe5d1fb60bc993
db6c8330efd6e6bfd20dbed90de2e76fe0bac473c76abe90aaa91fac7bb067c6
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dd7419ac2c04d1920350f6b486f662f299717fb2b16b14a824f61cc4a362ad0d
de22b749dfb9461f4308fddfbc79f0b636f78f4add1e26a481fdd23be02cb3c7
e13a98bebcd6e2642385fa6b675c7a3faee984c6ee2c8581d5262462757cf9db
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4239a0a1a01ef485176b82ccd5ceb4fc7088552af56b4b6ff6be1fc5b17981c
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59cb86b6c40e4790e944329cca2be7dbf0902764924226249869a8001ca54b3
e5c962d14daab335f733da66b69e6ca1d69606d7ad64672c98f1dcb7ab3ad9d2
e694a05618db8a6ab4b632dbcc2ca7f8d53d0caa0592b8d0f8af79e317106b95
e76432c7710cb02ca0d891c67a2faa7d68040e1e1885ba68906233577d65a68c
e7d8342248029f1df308d3f2cb02a6a7a87714307aca80532eb853c198cc92f3
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
e969078ac82e4b5fd490d6c0a0231118b718512f6a4a1b35ee0efbc5234e8ef5
eca0c235db29e023bc1a60ff08fda97284e6b01b5f58700e0a4bf50f3b0ea29b
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
eec437738062b03997a9f91aa8cb2587d0ca369db6e48ae2008c6b84ab651300
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5c9b08df28e3d904c503fabbeea3bae433e3b1e44d31edb4526aab745dba5d
ef79057056a1772b710a81e939167af5ff1d2160411220ac0a8ebffa719ebac7
f0a083e23a0124242c65bc2d8f2859938fcd725354845e2221fb1748aa365223
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f4d7e96e04dde24cda2e961f63b7b9a7cc92133c393a232d474d4dbca3af4264
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
fcc8d02d1890db4b4310e06955eb7c309069e9672717fe97e043d6114cd105ae
fed9f97a3b5d0987521c06f189cb3688ac17b011fe51ecf6440a060b709debe3