urlscan.io logo urlscan.io
SecurityTrails logo

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36  Public Scan

Go To Rescan Add Verdict Report
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Submission: On June 18 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 60 IPs in 10 countries across 56 domains to perform 434 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.
This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 20.60.220.36 8075 (MICROSOFT...)
2 77.245.159.14 42868 (NIOBEBILI...)
3 94.138.206.83 49126 (AS49126)
1 2a00:1450:400... 15169 (GOOGLE)
40 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.139.128.10 20446 (STACKPATH...)
1 104.75.88.126 16625 (AKAMAI-AS)
21 185.7.176.221 42910 (PREMIERDC...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
68 2a00:1450:400... 15169 (GOOGLE)
3 18.66.181.233 16509 (AMAZON-02)
1 35.241.45.217 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
1 34.102.243.38 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
1 52.222.253.136 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
39 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
46 2a00:1450:400... 15169 (GOOGLE)
3 11 2a00:1450:400... 15169 (GOOGLE)
6 216.239.32.3 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
11 40 142.250.186.130 15169 (GOOGLE)
6 10 185.80.39.216 27381 (CASALE-MEDIA)
3 5 185.89.210.101 29990 (ASN-APPNEX)
2 4 99.81.110.57 16509 (AMAZON-02)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
4 35.244.159.8 15169 (GOOGLE)
4 104.102.35.84 16625 (AKAMAI-AS)
1 2600:1901:0:7... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
1 64.233.184.155 15169 (GOOGLE)
4 2600:9000:225... 16509 (AMAZON-02)
8 2600:1f13:800... ()
2 178.250.1.6 44788 (ASN-CRITE...)
1 2a02:2638:3::1a 44788 (ASN-CRITE...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
8 172.217.16.194 15169 (GOOGLE)
2 3 2620:116:800d... 16509 (AMAZON-02)
2 2 185.29.132.245 30419 (MEDIAMATH...)
2 2 213.155.156.183 1299 (TWELVE99 ...)
4 4 37.157.6.233 198622 (ADFORM)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
5 5 46.228.174.117 56396 (AMOBEE)
2 2 20.127.253.7 8075 (MICROSOFT...)
2 141.95.98.64 ()
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 76.223.111.18 16509 (AMAZON-02)
2 185.86.138.151 201081 (SMARTADSE...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 151.101.194.49 54113 (FASTLY)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 3.71.149.231 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 85.14.248.72 ()
1 130.211.44.5 ()
1 2 2001:678:cb4:... ()
2 2 216.52.2.91 ()
1 1 2600:9000:205... ()
2 2 3.64.137.20 ()
2 2606:4700:20:... ()
2 23.212.218.19 ()
1 3.11.176.98 ()
1 108.138.36.8 ()
1 99.86.4.94 ()
434 60
4    20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pcloak.blob.core.windows.net
2    77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com
www.cloakan.co
3    94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)
ye-mek.net
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
40    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.ye-mek.net
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
images.dmca.com
1    104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com
s7.addthis.com
21    185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
static.virgul.com
ng.virgul.com
c1.imgiz.com
ng2.virgul.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
18    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
68    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    18.66.181.233 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-181-233.muc50.r.cloudfront.net
c.amazon-adsystem.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
19    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
feed.pghub.io
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
22    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
cdn.ampproject.org
1    52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net
aax.amazon-adsystem.com
3    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
39    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
46    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
11    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    216.239.32.3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
40    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
10    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
5    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    99.81.110.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-110-57.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
4    104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
12    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
1    64.233.184.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f155.1e100.net
bid.g.doubleclick.net
4    2600:9000:225b:1000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    2600:1f13:800:7780:f77:9d61:9942:8164 (None, )

ASN- ()
dt.adsafeprotected.com
2    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
8    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    213.155.156.183 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
4    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    141.95.98.64 (None, )

ASN- ()
id5-sync.com
1    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    2a05:d018:d29:3601:77de:ca3a:987:60cd (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
1    85.14.248.72 (None, )

ASN- ()
m.exactag.com
1    130.211.44.5 (None, )

ASN- ()
tps.doubleverify.com
2    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
r.turn.com
2    216.52.2.91 (None, )

ASN- ()
ap.lijit.com
1    2600:9000:2057:800:1b:5138:8a40:93a1 (None, )

ASN- ()
s.ad.smaato.net
2    3.64.137.20 (None, )

ASN- ()
x.bidswitch.net
2    2606:4700:20::ac43:4a81 (None, )

ASN- ()
ad4m.at
2    23.212.218.19 (None, )

ASN- ()
www.awin1.com
1    3.11.176.98 (None, )

ASN- ()
track.webgains.com
1    108.138.36.8 (None, )

ASN- ()
analytics.webgains.io
1    99.86.4.94 (None, )

ASN- ()
cdn.track.production.webgains.team
Apex Domain
Subdomains		 Transfer
114 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 133
598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
931 KB
86 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
cm.g.doubleclick.net — Cisco Umbrella Rank: 244
bid.g.doubleclick.net — Cisco Umbrella Rank: 807
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359
438 KB
46 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 338
1 MB
43 ye-mek.net
ye-mek.net — Cisco Umbrella Rank: 858491
cdn.ye-mek.net
645 KB
19 virgul.com
static.virgul.com — Cisco Umbrella Rank: 63446
ng.virgul.com — Cisco Umbrella Rank: 55403
ng2.virgul.com
233 KB
16 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 957
static.adsafeprotected.com — Cisco Umbrella Rank: 628
dt.adsafeprotected.com
204 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 387
327 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 29450
ad4m.at — Cisco Umbrella Rank: 9747
assets.ad4m.at
463 KB
14 google.com
adservice.google.com — Cisco Umbrella Rank: 107
www.google.com — Cisco Umbrella Rank: 3
2 KB
10 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
8 KB
10 gstatic.com
csi.gstatic.com
fonts.gstatic.com
99 KB
7 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 422
fonts.googleapis.com — Cisco Umbrella Rank: 80
imasdk.googleapis.com — Cisco Umbrella Rank: 495
288 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 207
335 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 249
5 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 635
3 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1404
660 B
4 openx.net
us-u.openx.net — Cisco Umbrella Rank: 492
648 B
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 357
aax.amazon-adsystem.com — Cisco Umbrella Rank: 444
62 KB
4 windows.net
pcloak.blob.core.windows.net
3 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
ups.analytics.yahoo.com — Cisco Umbrella Rank: 340
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 618
2 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 846
1 KB
3 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 490
tps.doubleverify.com
106 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 583
csm.eu.criteo.net — Cisco Umbrella Rank: 8989
1 KB
3 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 8915
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9898
8 KB
2 awin1.com
www.awin1.com
1 KB
2 bidswitch.net
x.bidswitch.net
1 KB
2 lijit.com
ap.lijit.com
1 KB
2 turn.com
ad.turn.com
r.turn.com
869 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 778
843 B
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 867
150 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 421
955 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 920
s.tribalfusion.com
1 KB
2 id5-sync.com
id5-sync.com
2 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1487
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1281
1 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 822
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4988
643 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 566
1 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 130926
static-de.ad4mat.net — Cisco Umbrella Rank: 177631
4 KB
2 imgiz.com
c1.imgiz.com — Cisco Umbrella Rank: 102765
131 KB
2 pghub.io
pghub.io — Cisco Umbrella Rank: 1964
feed.pghub.io — Cisco Umbrella Rank: 2174
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
89 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 13184
6 KB
2 cloakan.co
www.cloakan.co
1 KB
1 webgains.team
cdn.track.production.webgains.team
15 KB
1 webgains.io
analytics.webgains.io
31 KB
1 webgains.com
track.webgains.com
2 KB
1 smaato.net
s.ad.smaato.net
442 B
1 exactag.com
m.exactag.com
1 KB
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 44520
610 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3231
105 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1651
586 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
21 KB
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2353
363 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82
47 KB
434 56
Domain Requested by
68 pagead2.googlesyndication.com static.virgul.com
pagead2.googlesyndication.com
598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ye-mek.net
fw.adsafeprotected.com
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
securepubads.g.doubleclick.net
46 s0.2mdn.net ye-mek.net
pcloak.blob.core.windows.net
s0.2mdn.net
40 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
ye-mek.net
40 cdn.ye-mek.net ye-mek.net
cdn.ye-mek.net
39 tpc.googlesyndication.com 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
ye-mek.net
securepubads.g.doubleclick.net
cdn.ampproject.org
pcloak.blob.core.windows.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
s0.2mdn.net
19 googleads.g.doubleclick.net pagead2.googlesyndication.com
ye-mek.net
598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
18 securepubads.g.doubleclick.net static.virgul.com
securepubads.g.doubleclick.net
598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
ye-mek.net
www.googletagservices.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
11 www.google.com 3 redirects ye-mek.net
598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
9 ng.virgul.com static.virgul.com
ye-mek.net
8 googleads4.g.doubleclick.net pcloak.blob.core.windows.net
8 dt.adsafeprotected.com 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
7 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 static.virgul.com ye-mek.net
static.virgul.com
pcloak.blob.core.windows.net
6 assets.ad4m.at as.ad4m.at
6 csi.gstatic.com imasdk.googleapis.com
6 www.googletagservices.com 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 c1.adform.net 4 redirects
4 ad4m.at as.ad4m.at
ad4m.at
4 static.adsafeprotected.com 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
fw.adsafeprotected.com
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 sync.teads.tv googleads.g.doubleclick.net
4 us-u.openx.net googleads.g.doubleclick.net
4 fw.adsafeprotected.com 2 redirects 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
pcloak.blob.core.windows.net
4 fonts.gstatic.com fonts.googleapis.com
4 pcloak.blob.core.windows.net pcloak.blob.core.windows.net
3 ng2.virgul.com ye-mek.net
3 sync.1rx.io 3 redirects
3 cms.quantserve.com 2 redirects 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
3 imasdk.googleapis.com 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
c1.imgiz.com
3 fonts.googleapis.com 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
3 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 c.amazon-adsystem.com static.virgul.com
c.amazon-adsystem.com
3 ye-mek.net www.cloakan.co
ye-mek.net
2 www.awin1.com as.ad4m.at
2 x.bidswitch.net 2 redirects
2 ap.lijit.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 ssbsync.smartadserver.com 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
2 eb2.3lift.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 id5-sync.com 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
2 sync.inmobi.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.mathtag.com 2 redirects
2 cdn.doubleverify.com s0.2mdn.net
pcloak.blob.core.windows.net
2 cat.nl3.eu.criteo.com ye-mek.net
2 static.criteo.net 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
2 c1.imgiz.com static.virgul.com
c1.imgiz.com
2 connect.facebook.net ye-mek.net
connect.facebook.net
2 images.dmca.com ye-mek.net
2 www.cloakan.co pcloak.blob.core.windows.net
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 track.webgains.com as.ad4m.at
1 s.ad.smaato.net 1 redirects
1 r.turn.com 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 tps.doubleverify.com cdn.doubleverify.com
1 m.exactag.com 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
1 static-de.ad4mat.net as.ad4m.at
1 gcm.ctnsnet.com 1 redirects
1 dclk-match.dotomi.com 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
1 s.tribalfusion.com 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 csm.eu.criteo.net ye-mek.net
1 bid.g.doubleclick.net 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 ads.eu.criteo.com imasdk.googleapis.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 feed.pghub.io pghub.io
1 pghub.io static.virgul.com
1 www.google-analytics.com www.googletagmanager.com
1 s7.addthis.com ye-mek.net
1 www.googletagmanager.com ye-mek.net
1 ajax.googleapis.com ye-mek.net
434 83

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2023-03-22 -
2024-03-22		 a year crt.sh
cpanel.cloakan.co
R3		 2023-05-03 -
2023-08-01		 3 months crt.sh
www.ye-mek.net
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-29 -
2023-07-07		 7 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
1099124734.rsc.cdn77.org
R3		 2023-06-13 -
2023-09-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
images.dmca.com
R3		 2023-05-13 -
2023-08-11		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
*.virgul.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-24 -
2023-09-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-27 -
2023-06-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
*.imgiz.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-27 -
2023-09-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-13 -
2023-08-10		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-06-04 -
2023-09-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-18 -
2023-08-18		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-07 -
2023-08-30		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-19 -
2023-09-15		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh

This page contains 49 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Frame ID: 52DF62A734752CAE329B5A96BC686F3F
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: ECAD1BC7D1D07AF6FABCCCF13AFB9D11
Requests: 94 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 49F0D4EA1CDD85F6AC7839B398800C10
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/zrt_lookup.html
Frame ID: 7D16C1DFD0F0C181528FBEAECC6B95D0
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 5AE8BD27881DDF41F888488215F58792
Requests: 1 HTTP requests in this frame

Frame: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6DB46D8D08F3C0D739AFFA5BE674F9DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071363898&bpp=3&bdt=849&idt=268&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&nras=1&correlator=2698482455062&frm=24&ife=1&pv=2&ga_vid=1925791966.1687071364&ga_sid=1687071364&ga_hid=1954295779&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44792108%2C44759876%2C44759927%2C31071756%2C44788442&oid=2&pvsid=1888609161828692&tmod=400041023&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.mx6u2di5cjhw&fsb=1&dtd=279
Frame ID: 590A3E49E66080E50BB3B8A31F78467E
Requests: 1 HTTP requests in this frame

Frame: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4342A85F438048C233C8B28DE02F2C1F
Requests: 27 HTTP requests in this frame

Frame: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6AD4DDC5D7BEC1C81E20EFC69FDFAFD5
Requests: 12 HTTP requests in this frame

Frame: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E2F4AF931E12565BD49C85B5D71DA2E0
Requests: 26 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs
Frame ID: 9F5676BA157DE70A7DC99BB2C5F925F1
Requests: 15 HTTP requests in this frame

Frame: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 35D0718F836BBBB09A47F04632F04312
Requests: 20 HTTP requests in this frame

Frame: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D379E3EF5F2B1E46DF733256BA545053
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjihLbrATAB&v=APEucNW1ZKKco00A1rZ5GOPTQuyqe5h9g0Q_1ih68ATZ7b-j4Ge0RfAXX-bvphIpnt8prYxmar3eCsC8j-OVV1-cKPfUwg0H2Aj9HlQIW7uavi8H_7d8xL61xPrILskdalarsL6D_N8v9Xyr0vkzYayW9zYIWzAWbQxqvuQ6uI-hZDVQHGnMsm8
Frame ID: DD6D7EE3B417116200A4FD0863878733
Requests: 5 HTTP requests in this frame

Frame: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A1EBA2374AE286B64993C563AF2A5407
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNWBzAxKw3f1hX9h8graupKjyoyT_-9Q6ihR3eIr1kIuPbI6x1-o5epqm1dPawxVKaFeItgMVs32mcNgEBRCbKUtHYH-nFIt1vsrHkH7KOVngrBna5P_jfMsrakBwpszbmz7a44fLUUcefnKzzdsvXkOf1VK64fUunlTRKR3xYZuonmGFpw
Frame ID: A5DEB4D52D17B1CBBFA5576B50634528
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY8Yzo4gEwAQ&v=APEucNVzBNo0mISaPENZdHnvziJgdPtRfpDXKky68CHpCl9-aPUy0BUkzmuNvsf-DQyARvW3WkZ2XGRCI-WZH4SWcZgaoIvFwq6GDyOFh-7o76mnq6_pPB5y4hLD0wr82DNfmU03mtYbsiHN5TaQRBFCb7qJXqA8pIlLKpPt-qGXtNca7zcUFzM
Frame ID: D5493357D400BF04E7514D5FD8DDD5DA
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/042306121857000/amp4ads-v0.mjs
Frame ID: 5C9C16E33E026C80802F7A7FD1FC2E10
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARj8x7LlATAB&v=APEucNUTpCbSMZevkTfExWrbJ2zFE8l2BfJSEjC-_oboc6_pJLfVoPmoKR6N8mArXGpmOR_rDOMkc1LX03hr07vAl3WM0Bxsgxi0PE8GE-j9H9Y7e5udvfEqaZdSsyyopXJ2_jASoDNiPE-A3srtea1osYHRTN9j2w7N2KtROgwUb-N2p_OvOQ0
Frame ID: 01F6F8E5C352A29B9A98FAB83D2EC91D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407280060&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071364811&bpp=8&bdt=241&idt=307&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&nras=1&correlator=5539729860041&frm=8&ife=1&pv=2&ga_vid=1046408892.1687071365&ga_sid=1687071365&ga_hid=1995667233&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2597333745&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31075054%2C44759837%2C31071755%2C31075304%2C31075308%2C44788441%2C44794790&oid=2&pvsid=652952707877614&tmod=1814655992&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ert20takdjkd&fsb=1&dtd=320
Frame ID: E6F3D2478DB8D8D4330EEB5DD84366DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071364820&bpp=1&bdt=250&idt=356&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5539729860041&frm=8&ife=1&pv=1&ga_vid=1046408892.1687071365&ga_sid=1687071365&ga_hid=1995667233&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2597333745&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31075054%2C44759837%2C31071755%2C31075304%2C31075308%2C44788441%2C44794790&oid=2&pvsid=652952707877614&tmod=1814655992&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8dc4e6frbiyq&fsb=1&dtd=361
Frame ID: CB2036535A999F810702852A10DC78AE
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/042306121857000/amp4ads-v0.mjs
Frame ID: 79865258B32F34E84A724703F3BA6677
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 86C25A26C28670359ACB0D47F92733C8
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k5tcbar52gbcws2r9b2jzx9y6yje9q2a2asrxz69qtg37exq1c887hg8de2z9w8kct64e01c1ae6jss8eg1y60n2bh5kk7q3wpkpykb5sas3r8c6c10bhbkzw2m820vxgmgr7h3y3fe9favyangyst63r9zre5a1exr1z14fj0jzk8ttvkfndmth2dks09t0wzhby3btwygz9kzsg0k5kypw5p6nkb70phqnsvdfeahbtch2rep8x3egzwqs9g1v3v4gc2pbfsc5ry2d5j3wt36r3x0mamra18k0fg1811gc6xtp35v00r3t5wfyfmqx29yxmznfjwvy5ebc6etckmpqkxjr2b6c1ewprxk1bvfs41zp80d8r95bmqpw676jbe17rcjeaym35kkcc0rz4dsbgfkk4dd3dk122p6esnp93nzbf02bcjaehdkqzwte9zy625q8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: 67CE43F18A1B02E03CAF557022287497
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D8727E20BF83FE982D7402AD076A4CF9
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 170492531866BDC313112C840888032A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 072208B226E29D25FE56EB712314C0BC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5C658E8F97F169B1CD1636A4D2BA574D
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=u0LdbCMWet&t=1&renderingType=2&ev=01_250
Frame ID: 5580D3543C076465493BCCD74D99445F
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2105B72741EA776AD7A28A55AED502FE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D7E1A850A46192CB7F9A1085445A4BF0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=P34UEfdXpJ&t=1&renderingType=2&ev=01_250
Frame ID: 9538DD7AD5D4F87154C9CAEF626816B7
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=0RTqzJl6OX&t=1&renderingType=2&ev=01_250
Frame ID: 7B3B3E7126E21A3843F71D29039091C0
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3AB192F4D56A1A4DD16273D74B9F3229
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CC0059FB8FECB920C9AE0970B990A46D
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A9C0D5AE52CF33655674C278728C9B82
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3886.js
Frame ID: E9891CD1D491FC6EA8D23DAC70C755BA
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C048C28AC8F31803DB5A83A5CBE19B55
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BFE61D1F3781DEA4B972B1D71B515894
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=gDHo5EdhSo&t=1&renderingType=2&ev=01_250
Frame ID: 755FF3F54C60CD363A8FFD7BFDF56BE6
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F814E3996168A2D242A7A8507848E4B3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8515531CB313EEDCF7496114DC376511
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Frame ID: 1CA75B6DADC587E9D3961F2AA1004671
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Frame ID: 20F2351B99531DC665BB62F76964BD20
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=3a274e0e7bfba0a8fbb3b6b745060901%2F12932167818892883361&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687071366683&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Frame ID: 98FB92F976FB2D58474031FCA9BCF19A
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Frame ID: F097AD1313D9A5EA911B44177217EAC0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Frame ID: FB23D9CD0101863BEDD6B354BA307001
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E02C0A02BF069C87C58F05BD5F045C23
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9CAF0DA29BE852D8E5BC9C73C47710B7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

434
Requests

90 %
HTTPS

45 %
IPv6

56
Domains

83
Subdomains

60
IPs

10
Countries

6031 kB
Transfer

32243 kB
Size

32
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUXEsZuuQTtOvLuFt2SmQc&google_cver=1
Request Chain 147
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZI6qhWsrOhSQBRTpGvL7PAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUXEsZuuQTtOvLuFt2SmQc&google_cver=1
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEG_a9tTmW2NGtPwhpgLczGY&google_cver=1
Request Chain 149
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwMzg3Mjg3ODUyMTA4Mzg3MA%3D%3D
Request Chain 177
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUXEsZuuQTtOvLuFt2SmQc&google_cver=1
Request Chain 178
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZI6qhWsrOhSQBRTpGvL7PAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUXEsZuuQTtOvLuFt2SmQc&google_cver=1
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEG_a9tTmW2NGtPwhpgLczGY&google_cver=1
Request Chain 180
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwMzg3Mjg3ODUyMTA4Mzg3MA%3D%3D
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHW3zF_TdNpohlZFYiV27uo&google_cver=1
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEDG1aWLsCq5190DNdk9fUvo&google_cver=1
Request Chain 197
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHW3zF_TdNpohlZFYiV27uo&google_cver=1
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEDG1aWLsCq5190DNdk9fUvo&google_cver=1
Request Chain 214
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 252
  • https://fw.adsafeprotected.com/rfw/bgd/1352960/70224155/xbbe/creative/adj?p=APEucNV5R-1VLo0ulRLnGoAN6JJrQkFa8Lc1qpZm6lLqZv0TG194hjA&d=CokBAKAmf-AA0WJKlNtc-vwEh6Z8xlkR0f62MmlOGos5ZNJ28Bo4rAKF8vKSa8KKiy1NcDMYkF_L6DZLbWG7HLU4ZZoEGDXFrYTt4z6no8IwZFLJZ0IKk0jGKKCAM8JKe7HPBDbH5d4lff8BP984sGA0xq1E17sSaowOSjy81B_zbth-3bi54FqssXQS2RQAoCZ_4JXMTyQkXr9PYmlCS_-aqdxw97JEqFM3k6VKUNKErMYDaaQppRP8HpADTWxBeHKlKcw_vSWqrYotzB392T_iZ_YuGh0Ut76DxkvFaTOePW8Z84Mzwe3E9wxk3DnAfhD6Rx2yRhVAsifxCLEsZR_U3BpGnB7a84k2iG2Ub0JKE8CRgvTHTqrw0dN9GXWDBQvk0bSNbZWY-eGY4bc7NHYfmneqKGGJvUr9xk1yvcDTExjKTTD3EtOysUyu43rFwAwjgIt8wcnmbeG0wuWXmp17ogQ7O4OL0uBItwJit1CIHO01tWaEkWFOO8wnQGrzlWko4e7P-kn7UoQf3HPhvvggFxYjIxrcJTyk_RVUjlftUcX9OlecjtOFFnqKdMnunEgXTXaAk1RGOnNUD3q5IhUWotgx3o8aIhElRSCFnFwagCVAJbPS9UXTZvkF3ly3sh-4MmtwRs4ILXn5R8HE1uBUmvlB9LMUrLbabn8wEXAxolCc19DaAHC4ptxDpV0NZzkNyny6FGHdCTxOMiUjHmiCZLL0qo2AlqUJM0NJsCmpV4fCTU56sc-DngyZWIPwqSseT9Pu2eZvk6BxylTWMiXX-G5t6rbCG_LCElDjYrTZweOMSrC4reV4LqjLFC2skD66stF6jlG9fxA2yrd8rT0GrlP3O4qwWS6rfvhkAKBz9fTUFqEtEomTl16X53LGymWjFtWEfG439qej0O3Z8vvoVynDj6rOms1ayNtTa9CDlSHBYSNWkzgPwYuN7le9fVYS5WqimqPwlXxk9Kz-JRDMSgWcpLS07AyXmoFE4ck3cBt3jB4sBr06G55nbdPzkztms1FGlc3F0Q-JvRBOWqoIgVZRMnrFfvNDJD7Z6DRGDLaclB6zcvEeqM1eeU4c7qpKbc1Hw1VRKjCK_ocmYe5SZ2QcA3Ur9WSaHkCxeUT_4NVC966BU-X9Kf_D8O5oA9Tx0osG_IUuhXl5--56kPYkw1RQsgkdR_orP9SYSyVCoJgKwLM6C3eKkOw3PYFVauk3m6ECB3oV1-GkXhaZTJunUM8LGtAhVMok1Jbv5Y8SUu7vLmSugsJAhhGH-24slCfx5g9tBLIw71HR4bJlvqGT3ETIquDo0vAfpxdfjMVX2DvUB1lKT2qO6j5kdtxfcXWb974UCBIK0Xc6M0ckos9ZrAktaMqpMlXftb-ECKZPWUKHLPvWEUeqDza7bzzifHkSm2yADwV5GiItnDFfvAPvDirNhPUNJc6lARatjoka6kVuIOkbeseRm8u6K5OS6vg_BmseidXYijENyNgB4rybw2j-4WHC2IvZjdJcYjQOCr2Afj-rmZ6SS1LARRu1PwhHWWSwmGUWArsRfTZU4D5wEO--4G9zWoiF3bXoDK4im1Ews5qxPrIw2_Ik-WfT5OFJJB5ZdqL990njtotCC9dN_kIIbw3a_VxfzYu7slxnl0e7OZHQiJ_FxtNhcCzh1VS0nxIf1OatldeGySSLtqiLYLkKJqs0SB077DGDNa8z5ouvGskVNsYI52UYAsPfx7xLIvpY_dStJTuu7w0Z23A1CBuHq0GVAx7cqSGk6OGgQtncRQwhKo5YJE23NhXTSU0PiKL1TDK9UDe3DbiRdVDaEa0Wmt1BJ7YOKUmv3WBYEZ5oIVp9xI7EoPAd5VybTeKxBAALOZfk3QUIdK3vM3Z3W7tgCzP1n1u_DGPSeDzEvDeU6xWb303i7Kc-uN-yORnKOnHpYQxDIlGYWuAhHpgbWBi6bRiKunyNq4o5a-59duhgE0WnHu9gnj6DlXuD9jeLIPut-n3CWHRlsVldJffjHK-GiQ3mhilWnoK9cPw9Cdnf4t4Tk933uBmpPDtrWvWwfHN2Pd3FAzv5_RvYz34wDJNKkVv60Kpk8uRlgQePmQ2ygG3foH6bD8xl9yD9rI4tijXEDEITz7-ufXj-uwSm0uyqRMq5OIBbYpQ2Ig1_7Xteh1N3w69qcRGtgbseyaoPXpJ4bETu511h8UvLfQ44AdmLMi3un930IqqphDIWRobJEGU2q0THBRlhUIs_4jDG9aJS0IDo7V3o91WLLwaodjQ5atgH5H3TqQmdth6p6Z5nsrN2-cG6plmYVTDD9anxcLzNJ3aU7CnBFk_dGYbBgU4BpzrioIZgrPP2-3XlpLVEXIvk-y3il2oMwTTMEc5l_hS5SWQaHUh28yT1Re3f0s5mMJo239pVbXbAu6RorSBWpvuPQLJI9DSjGfjLE7c3Mcwd8CFDUgGB50rXsJ_v-4CPMG5vOWOGy6SByciLKtexRtm3cbK8tcRZOi3EVlgIoKGLh1eoFD3SZ6OBwbC4EGEKGDOS7hk9W7dSuiyA6NZVjjpRqnXc12JGBxS4yImaNZm53hgBTLErJFPF3HYUllbkvuA4qnWNe_cu12nnxUyFDHQalh5RkwgY91ajUAw9Lan6qtE7YXfXXBJsGDdLayMPQMRXFWMBMiVj67g5ved-NH6wAmeFSVY5RrA7GkbLp85gnEgTySPF5BQkBXkiHeVUeG_vjVVfVB1-XktlFA8rXC1FX69tYl-qHVArcPw_5Cb3R8hcbierlk2730RQ_kDoQd6JFLp1J_uoUoC5NLyuSyV48QxiVm-4RPGb7OaitLJ08SFUTLzxkdmzvuQh82l-CzwsgpVOoRtAeBT0MLe5mPDD_C2e8HvtaxcsUSHuk21VujiQmb1gTekBQEG7m7Z_ndoLBe8NKT62k8f670yIJ0g_-pg-7w6TQFHTy1pV_IYXx-E5ZIgExcNZVTUc2S4sAODu97UbzERD_Zg5gpGqmsf3-XE1ESO3wbW70uAHodx4KIRWkISN1CCHju_DfL3xRaGi6nC2HjfLXTQ95l7xvrR49d2RFldJIqptLXR1e4K-2BH2KpEhrHqsAmwJNbEADA_y08bl1D-KxONDQE3wEAJ5A53R5NRO2OydCHdUEnXSwUQL6-d93D9J5ULcxlk-7PVeLc4-B7RxA7RHIQbZQl2LuwFvEH-9bn3IgkqmioVm60TPBylh89dj_G_-spJlnlHwR2pHQnPVM0JHvUja3NNFqiUjDCnk3_XC5BSJ6fB0VZhZ5scbb1PozyWas8nLdvvc0BB2iU1D_f4sj67w9mKJkZgrU4VP92FvD5WBrxgC4jDuHzsjW-4Bu16TrUFTaTznk_bFPBooC_DmacqpqLPop3XJhAjvMUXHazPgwtZA_3BuwD0ZRTnWZKdqLHxCeyTig083V9D0bYunW0Vyi5Tk7f6ItNMQ4wPNv6Mv-UF7tAkolXVBc7uSdvZWmDyaL89u5c2IK0NvrfPav8KOedJuikDUlVyz3KAIka7Ivl3dH7CHwpfcF1zl9j2ZPRaKZs9BTqPtcX-lM2yVy8-sBx19gDaPtPV1h7ZI_qcBFw1-xs-S07tobG2sdDdmJrnUhbKEzvfCuqvRS_Eq6kBNYx-fFMWuYSnNNTA6jzA6CSSS9z1rub1WFcrRARB0mNr-6dzgqYmw6TmhqQ45FXI043Z4HvMABhs9cWJk4NDkqRYLxr4aQQgEEjsAcoEIgzkCSrefJFjOJmxELIBBdarK4F7ttdmXB7wq_we5rlqkg1EeFKN1X0Hf1hzZ7o4VeACKQhNmERgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782784300&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hZ42Vj_-1OS9iBr7PyWDkh&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:fad760d5-2e86-7595-3518-0899658ca0c6,c:fS13gy,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c5d9cf586-zwt4z,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tHvRwfr+111%7C112%7C113%7C114%7C115%7C1161%7C1171%7C11721%7C11722%7C1181%7C1182%7C119%7C11a1%7C11b*.1352960-70224155%7C11b1%7C11c1%7C11d%7C11e,idMap:11b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:34,oid:31bbccb7-0da5-11ee-a4d7-d2f695fd943d,v:19.8.417,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV5R-1VLo0ulRLnGoAN6JJrQkFa8Lc1qpZm6lLqZv0TG194hjA&d=CokBAKAmf-AA0WJKlNtc-vwEh6Z8xlkR0f62MmlOGos5ZNJ28Bo4rAKF8vKSa8KKiy1NcDMYkF_L6DZLbWG7HLU4ZZoEGDXFrYTt4z6no8IwZFLJZ0IKk0jGKKCAM8JKe7HPBDbH5d4lff8BP984sGA0xq1E17sSaowOSjy81B_zbth-3bi54FqssXQS2RQAoCZ_4JXMTyQkXr9PYmlCS_-aqdxw97JEqFM3k6VKUNKErMYDaaQppRP8HpADTWxBeHKlKcw_vSWqrYotzB392T_iZ_YuGh0Ut76DxkvFaTOePW8Z84Mzwe3E9wxk3DnAfhD6Rx2yRhVAsifxCLEsZR_U3BpGnB7a84k2iG2Ub0JKE8CRgvTHTqrw0dN9GXWDBQvk0bSNbZWY-eGY4bc7NHYfmneqKGGJvUr9xk1yvcDTExjKTTD3EtOysUyu43rFwAwjgIt8wcnmbeG0wuWXmp17ogQ7O4OL0uBItwJit1CIHO01tWaEkWFOO8wnQGrzlWko4e7P-kn7UoQf3HPhvvggFxYjIxrcJTyk_RVUjlftUcX9OlecjtOFFnqKdMnunEgXTXaAk1RGOnNUD3q5IhUWotgx3o8aIhElRSCFnFwagCVAJbPS9UXTZvkF3ly3sh-4MmtwRs4ILXn5R8HE1uBUmvlB9LMUrLbabn8wEXAxolCc19DaAHC4ptxDpV0NZzkNyny6FGHdCTxOMiUjHmiCZLL0qo2AlqUJM0NJsCmpV4fCTU56sc-DngyZWIPwqSseT9Pu2eZvk6BxylTWMiXX-G5t6rbCG_LCElDjYrTZweOMSrC4reV4LqjLFC2skD66stF6jlG9fxA2yrd8rT0GrlP3O4qwWS6rfvhkAKBz9fTUFqEtEomTl16X53LGymWjFtWEfG439qej0O3Z8vvoVynDj6rOms1ayNtTa9CDlSHBYSNWkzgPwYuN7le9fVYS5WqimqPwlXxk9Kz-JRDMSgWcpLS07AyXmoFE4ck3cBt3jB4sBr06G55nbdPzkztms1FGlc3F0Q-JvRBOWqoIgVZRMnrFfvNDJD7Z6DRGDLaclB6zcvEeqM1eeU4c7qpKbc1Hw1VRKjCK_ocmYe5SZ2QcA3Ur9WSaHkCxeUT_4NVC966BU-X9Kf_D8O5oA9Tx0osG_IUuhXl5--56kPYkw1RQsgkdR_orP9SYSyVCoJgKwLM6C3eKkOw3PYFVauk3m6ECB3oV1-GkXhaZTJunUM8LGtAhVMok1Jbv5Y8SUu7vLmSugsJAhhGH-24slCfx5g9tBLIw71HR4bJlvqGT3ETIquDo0vAfpxdfjMVX2DvUB1lKT2qO6j5kdtxfcXWb974UCBIK0Xc6M0ckos9ZrAktaMqpMlXftb-ECKZPWUKHLPvWEUeqDza7bzzifHkSm2yADwV5GiItnDFfvAPvDirNhPUNJc6lARatjoka6kVuIOkbeseRm8u6K5OS6vg_BmseidXYijENyNgB4rybw2j-4WHC2IvZjdJcYjQOCr2Afj-rmZ6SS1LARRu1PwhHWWSwmGUWArsRfTZU4D5wEO--4G9zWoiF3bXoDK4im1Ews5qxPrIw2_Ik-WfT5OFJJB5ZdqL990njtotCC9dN_kIIbw3a_VxfzYu7slxnl0e7OZHQiJ_FxtNhcCzh1VS0nxIf1OatldeGySSLtqiLYLkKJqs0SB077DGDNa8z5ouvGskVNsYI52UYAsPfx7xLIvpY_dStJTuu7w0Z23A1CBuHq0GVAx7cqSGk6OGgQtncRQwhKo5YJE23NhXTSU0PiKL1TDK9UDe3DbiRdVDaEa0Wmt1BJ7YOKUmv3WBYEZ5oIVp9xI7EoPAd5VybTeKxBAALOZfk3QUIdK3vM3Z3W7tgCzP1n1u_DGPSeDzEvDeU6xWb303i7Kc-uN-yORnKOnHpYQxDIlGYWuAhHpgbWBi6bRiKunyNq4o5a-59duhgE0WnHu9gnj6DlXuD9jeLIPut-n3CWHRlsVldJffjHK-GiQ3mhilWnoK9cPw9Cdnf4t4Tk933uBmpPDtrWvWwfHN2Pd3FAzv5_RvYz34wDJNKkVv60Kpk8uRlgQePmQ2ygG3foH6bD8xl9yD9rI4tijXEDEITz7-ufXj-uwSm0uyqRMq5OIBbYpQ2Ig1_7Xteh1N3w69qcRGtgbseyaoPXpJ4bETu511h8UvLfQ44AdmLMi3un930IqqphDIWRobJEGU2q0THBRlhUIs_4jDG9aJS0IDo7V3o91WLLwaodjQ5atgH5H3TqQmdth6p6Z5nsrN2-cG6plmYVTDD9anxcLzNJ3aU7CnBFk_dGYbBgU4BpzrioIZgrPP2-3XlpLVEXIvk-y3il2oMwTTMEc5l_hS5SWQaHUh28yT1Re3f0s5mMJo239pVbXbAu6RorSBWpvuPQLJI9DSjGfjLE7c3Mcwd8CFDUgGB50rXsJ_v-4CPMG5vOWOGy6SByciLKtexRtm3cbK8tcRZOi3EVlgIoKGLh1eoFD3SZ6OBwbC4EGEKGDOS7hk9W7dSuiyA6NZVjjpRqnXc12JGBxS4yImaNZm53hgBTLErJFPF3HYUllbkvuA4qnWNe_cu12nnxUyFDHQalh5RkwgY91ajUAw9Lan6qtE7YXfXXBJsGDdLayMPQMRXFWMBMiVj67g5ved-NH6wAmeFSVY5RrA7GkbLp85gnEgTySPF5BQkBXkiHeVUeG_vjVVfVB1-XktlFA8rXC1FX69tYl-qHVArcPw_5Cb3R8hcbierlk2730RQ_kDoQd6JFLp1J_uoUoC5NLyuSyV48QxiVm-4RPGb7OaitLJ08SFUTLzxkdmzvuQh82l-CzwsgpVOoRtAeBT0MLe5mPDD_C2e8HvtaxcsUSHuk21VujiQmb1gTekBQEG7m7Z_ndoLBe8NKT62k8f670yIJ0g_-pg-7w6TQFHTy1pV_IYXx-E5ZIgExcNZVTUc2S4sAODu97UbzERD_Zg5gpGqmsf3-XE1ESO3wbW70uAHodx4KIRWkISN1CCHju_DfL3xRaGi6nC2HjfLXTQ95l7xvrR49d2RFldJIqptLXR1e4K-2BH2KpEhrHqsAmwJNbEADA_y08bl1D-KxONDQE3wEAJ5A53R5NRO2OydCHdUEnXSwUQL6-d93D9J5ULcxlk-7PVeLc4-B7RxA7RHIQbZQl2LuwFvEH-9bn3IgkqmioVm60TPBylh89dj_G_-spJlnlHwR2pHQnPVM0JHvUja3NNFqiUjDCnk3_XC5BSJ6fB0VZhZ5scbb1PozyWas8nLdvvc0BB2iU1D_f4sj67w9mKJkZgrU4VP92FvD5WBrxgC4jDuHzsjW-4Bu16TrUFTaTznk_bFPBooC_DmacqpqLPop3XJhAjvMUXHazPgwtZA_3BuwD0ZRTnWZKdqLHxCeyTig083V9D0bYunW0Vyi5Tk7f6ItNMQ4wPNv6Mv-UF7tAkolXVBc7uSdvZWmDyaL89u5c2IK0NvrfPav8KOedJuikDUlVyz3KAIka7Ivl3dH7CHwpfcF1zl9j2ZPRaKZs9BTqPtcX-lM2yVy8-sBx19gDaPtPV1h7ZI_qcBFw1-xs-S07tobG2sdDdmJrnUhbKEzvfCuqvRS_Eq6kBNYx-fFMWuYSnNNTA6jzA6CSSS9z1rub1WFcrRARB0mNr-6dzgqYmw6TmhqQ45FXI043Z4HvMABhs9cWJk4NDkqRYLxr4aQQgEEjsAcoEIgzkCSrefJFjOJmxELIBBdarK4F7ttdmXB7wq_we5rlqkg1EeFKN1X0Hf1hzZ7o4VeACKQhNmERgBYAE&cry=1&bundleId=
Request Chain 275
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBSWNn7T8-Z51ZLNmLI1S0M&google_cver=1&google_push=ATf1kGPPulNbFGoUVgcP3_d6xK3IR0wupORX9QKLRzO8c8V7lp0eJ_7Tc8Snegf7sLLfSlalBJfE5ROzd_FCc03U0yIXFf3jhuo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPPulNbFGoUVgcP3_d6xK3IR0wupORX9QKLRzO8c8V7lp0eJ_7Tc8Snegf7sLLfSlalBJfE5ROzd_FCc03U0yIXFf3jhuo
Request Chain 276
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEImfVPObC3L5SStAqzJBIYE&google_cver=1&google_push=ATf1kGMhn0CA5C9u6qYXqv01mrY7zdkGS9_4aqt4bPKLGiP7HkjVEW9FIrvq4I8Lm5dN1poWHmIoS6KZXRAGhoFMbCdX6_lJnQ HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEImfVPObC3L5SStAqzJBIYE&google_cver=1&google_push=ATf1kGMhn0CA5C9u6qYXqv01mrY7zdkGS9_4aqt4bPKLGiP7HkjVEW9FIrvq4I8Lm5dN1poWHmIoS6KZXRAGhoFMbCdX6_lJnQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMhn0CA5C9u6qYXqv01mrY7zdkGS9_4aqt4bPKLGiP7HkjVEW9FIrvq4I8Lm5dN1poWHmIoS6KZXRAGhoFMbCdX6_lJnQ
Request Chain 277
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF47OK7VUN7QNXa3SFNlfV0&google_cver=1&google_push=ATf1kGN5HPBUQ-gtVt-0vWXurmJEsS27sgaBWyiG6HKAT-ZkVhNHxP1yYCBJXEz0rm1BWwblcHCW4zEWS8lV_GlJATg-EDuVDVA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF47OK7VUN7QNXa3SFNlfV0&google_cver=1&google_push=ATf1kGN5HPBUQ-gtVt-0vWXurmJEsS27sgaBWyiG6HKAT-ZkVhNHxP1yYCBJXEz0rm1BWwblcHCW4zEWS8lV_GlJATg-EDuVDVA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY4NDE2MDA5MjUyNzA1ODQwMA&google_push=ATf1kGN5HPBUQ-gtVt-0vWXurmJEsS27sgaBWyiG6HKAT-ZkVhNHxP1yYCBJXEz0rm1BWwblcHCW4zEWS8lV_GlJATg-EDuVDVA
Request Chain 278
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAkhKgPzYlCqJG69KgNurHw&google_cver=1&google_push=ATf1kGOco5bz2OflXdYgcbLyXl_C8SDfwLkfcf4lAMTGg4WVxA58MVR_A1fU-x-orEc9NaK1Ow5q95NwVLTI5KERxnbXMQ5s1a4 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAkhKgPzYlCqJG69KgNurHw&google_cver=1&google_push=ATf1kGOco5bz2OflXdYgcbLyXl_C8SDfwLkfcf4lAMTGg4WVxA58MVR_A1fU-x-orEc9NaK1Ow5q95NwVLTI5KERxnbXMQ5s1a4&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GCtVNXOsSXW1B0KD_R7--w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOco5bz2OflXdYgcbLyXl_C8SDfwLkfcf4lAMTGg4WVxA58MVR_A1fU-x-orEc9NaK1Ow5q95NwVLTI5KERxnbXMQ5s1a4
Request Chain 279
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ7CZ9c_P-Tgv5ZAXF2GTm0&google_cver=1&google_push=ATf1kGO6pqBBR1_RppuibV6w7eJHE1s3oIaWGETml941uBOm_iS2ZaJZk3KbumWGKWUhBJqM6kqyDvUVRdvl1Gsy-EEmDWCS_yQ HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGO6pqBBR1_RppuibV6w7eJHE1s3oIaWGETml941uBOm_iS2ZaJZk3KbumWGKWUhBJqM6kqyDvUVRdvl1Gsy-EEmDWCS_yQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1687071365697 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-bf138026-ce02-4e53-a4ae-e7fc7e34c707-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGO6pqBBR1_RppuibV6w7eJHE1s3oIaWGETml941uBOm_iS2ZaJZk3KbumWGKWUhBJqM6kqyDvUVRdvl1Gsy-EEmDWCS_yQ%26google_hm%3DA78TgCbOAk5TpK7n_H40xwc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGO6pqBBR1_RppuibV6w7eJHE1s3oIaWGETml941uBOm_iS2ZaJZk3KbumWGKWUhBJqM6kqyDvUVRdvl1Gsy-EEmDWCS_yQ&google_hm=A78TgCbOAk5TpK7n_H40xwc
Request Chain 280
  • https://sync.inmobi.com/gob?google_gid=CAESEEH84nxrHvYqBp-n9QIaA08&google_cver=1&google_push=ATf1kGMFBd-Lbinblqp2EoFw7Z0knXYnC1OPJPivTFwcTapyzV_KnPb2VP_Pz8pJl6KFDffr3XWfhgW5P9vivhIAWHbMJ_LFJQpp HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMFBd-Lbinblqp2EoFw7Z0knXYnC1OPJPivTFwcTapyzV_KnPb2VP_Pz8pJl6KFDffr3XWfhgW5P9vivhIAWHbMJ_LFJQpp
Request Chain 282
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 290
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEE2Z8DpWfIZzjGYTXSQ5xXY&google_cver=1&google_push=ATf1kGMpRPbv7ew6sCjJiaKY9-mIb9tGbP1778V1ExJoxM8UEEEw4H8AFUd5gVUELgcStzznhELokFtKYig4pO6TQ6XncbzVPhI5aw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NTkxNjMzODcxODg5ODMxNg%3D%3D&google_push=ATf1kGMpRPbv7ew6sCjJiaKY9-mIb9tGbP1778V1ExJoxM8UEEEw4H8AFUd5gVUELgcStzznhELokFtKYig4pO6TQ6XncbzVPhI5aw
Request Chain 291
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMC2PUZ-_-kO0VwLx787YPE&google_cver=1&google_push=ATf1kGMtHrnMI6bX7iBiQDnqWW3iDdXvFXycmNy9RBjC8ZMHTUFT-zzQGSSi5FoukIK45Z7IRe2CnCZKeRRUvfxe8dEWZjmxN8t3FgM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMtHrnMI6bX7iBiQDnqWW3iDdXvFXycmNy9RBjC8ZMHTUFT-zzQGSSi5FoukIK45Z7IRe2CnCZKeRRUvfxe8dEWZjmxN8t3FgM&google_hm=eS1ZbG8wSU1ORTJwRjlEWngxaHRpbUFreUpXVEJYay5Wa35B
Request Chain 293
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDZfqyuwoU_4PnewgvzqDHA&google_cver=1&google_push=ATf1kGOXBplV9aYq8t3rUl6Fk9HCEa138YyQ7tBaGHzZmxfm5NBFzSupZBOXufqILzxo7cT6tKT_UaoJw3zgTsqC_GAQ_38sL4E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOXBplV9aYq8t3rUl6Fk9HCEa138YyQ7tBaGHzZmxfm5NBFzSupZBOXufqILzxo7cT6tKT_UaoJw3zgTsqC_GAQ_38sL4E
Request Chain 294
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJfMZTrKTNjo9FL4k6gOG64&google_cver=1&google_push=ATf1kGP-L04sASClu63FsxP4wtXcpMUuXr5cxiJnGW-FhDYWoK1YyeYr0XVkFUkNDADwuM_ahI25kNWh1FymOvI8eWsIVBHYfqo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP-L04sASClu63FsxP4wtXcpMUuXr5cxiJnGW-FhDYWoK1YyeYr0XVkFUkNDADwuM_ahI25kNWh1FymOvI8eWsIVBHYfqo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJfMZTrKTNjo9FL4k6gOG64&google_cver=1&google_push=ATf1kGP-L04sASClu63FsxP4wtXcpMUuXr5cxiJnGW-FhDYWoK1YyeYr0XVkFUkNDADwuM_ahI25kNWh1FymOvI8eWsIVBHYfqo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP-L04sASClu63FsxP4wtXcpMUuXr5cxiJnGW-FhDYWoK1YyeYr0XVkFUkNDADwuM_ahI25kNWh1FymOvI8eWsIVBHYfqo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 295
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAugksbeAbw3-zTIHoLEw58&google_cver=1&google_push=ATf1kGMVyrM5sBoZJpYWZi5imC0M3Gcl6Q8xmUwZV9U5JJYSdv_CpU4mhw0u1BKSHu7tOvDaWszr-757DZG-2slFBhPOh7nEKA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAugksbeAbw3-zTIHoLEw58&google_cver=1&google_push=ATf1kGMVyrM5sBoZJpYWZi5imC0M3Gcl6Q8xmUwZV9U5JJYSdv_CpU4mhw0u1BKSHu7tOvDaWszr-757DZG-2slFBhPOh7nEKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjk3NDU4MDE2OTE4NTQ3NDc0Nw&google_push=ATf1kGMVyrM5sBoZJpYWZi5imC0M3Gcl6Q8xmUwZV9U5JJYSdv_CpU4mhw0u1BKSHu7tOvDaWszr-757DZG-2slFBhPOh7nEKA
Request Chain 296
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDDnPK1sZNJvwAbCSJ5xudU&google_cver=1&google_push=ATf1kGPokivEfVRHbD9hF9_wJgXCpoldl_ZmBia0U6Kj7oTht5UMFFfkd_o3q248z9diP9NohOG9BIvBBKPtYVd-KMAKhZE2DQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDDnPK1sZNJvwAbCSJ5xudU&google_hm=ZI6qhWsrOhSQBRTpGvL7PAAAFJIAAAIB&google_nid=index&google_push=ATf1kGPokivEfVRHbD9hF9_wJgXCpoldl_ZmBia0U6Kj7oTht5UMFFfkd_o3q248z9diP9NohOG9BIvBBKPtYVd-KMAKhZE2DQ
Request Chain 297
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDaYKWmhhORsIj0o2HvqfHQ&google_cver=1&google_push=ATf1kGMvBFsLneLyyOyGLBkm4fvVAyUJ9x30_P2V6SKzsBCausopBZohgd20285iRHiE-GE-znBI29mgDkujWTMzudNveU_7VLg HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-bf138026-ce02-4e53-a4ae-e7fc7e34c707-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGMvBFsLneLyyOyGLBkm4fvVAyUJ9x30_P2V6SKzsBCausopBZohgd20285iRHiE-GE-znBI29mgDkujWTMzudNveU_7VLg%26google_hm%3DA78TgCbOAk5TpK7n_H40xwc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMvBFsLneLyyOyGLBkm4fvVAyUJ9x30_P2V6SKzsBCausopBZohgd20285iRHiE-GE-znBI29mgDkujWTMzudNveU_7VLg&google_hm=A78TgCbOAk5TpK7n_H40xwc
Request Chain 298
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEnNLBMEIKGLJF-NCWbmy8s&google_cver=1&google_push=ATf1kGMGdhMRWSlOIctZ2h6RAhe1_TN1SfoXXnnA78OpWwHKTGOa6b5XKVilhK8_s23P0GSC0NxVIsdPyAPQGB3nf0GWmp1tX2E HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGMGdhMRWSlOIctZ2h6RAhe1_TN1SfoXXnnA78OpWwHKTGOa6b5XKVilhK8_s23P0GSC0NxVIsdPyAPQGB3nf0GWmp1tX2E&google_gid=CAESEEnNLBMEIKGLJF-NCWbmy8s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM2MzEyNzgwMTkxNTM5ODIyNzMzMg%3D%3D&google_push=ATf1kGMGdhMRWSlOIctZ2h6RAhe1_TN1SfoXXnnA78OpWwHKTGOa6b5XKVilhK8_s23P0GSC0NxVIsdPyAPQGB3nf0GWmp1tX2E
Request Chain 308
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAX5YypGgXFUoB6ErNrBMxY&google_cver=1&google_push=ATf1kGNN_RbhgDQh3iESnojKVQ3AxWhH5jQwCU_o41wV08mEqbf9Vx98dZ0raNNTvqjlmHeLGZINzxXR2B28zYNCBkL3mBLgeEzi HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNN_RbhgDQh3iESnojKVQ3AxWhH5jQwCU_o41wV08mEqbf9Vx98dZ0raNNTvqjlmHeLGZINzxXR2B28zYNCBkL3mBLgeEzi&google_hm=rW9ZxbGCbHkMoGH1XXLZXg
Request Chain 310
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAuOO25-swTw6z_WyAP-xo8&google_cver=1&google_push=ATf1kGNe-a8B9uGtROOMOr15GUG2G5f4DT3B7f1QEwk5hAouTpyJaXzBQLW6yBr8QzPK8mluYyLUxgVmSGMaAzHa_5NM7FdvzU9d HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAuOO25-swTw6z_WyAP-xo8&google_push=ATf1kGNe-a8B9uGtROOMOr15GUG2G5f4DT3B7f1QEwk5hAouTpyJaXzBQLW6yBr8QzPK8mluYyLUxgVmSGMaAzHa_5NM7FdvzU9d
Request Chain 311
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEI0V4cvf-SndHxILSmjrftw&google_cver=1&google_push=ATf1kGMQZDr1SfV80Hfh-eHWs75yvdiuxWHgJxbhr90e_Sk8ZiD_xAkq06D2hPNn1t19b_t5QIWAYqRqUdqxYO8VvdyHlfJIbGQi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMQZDr1SfV80Hfh-eHWs75yvdiuxWHgJxbhr90e_Sk8ZiD_xAkq06D2hPNn1t19b_t5QIWAYqRqUdqxYO8VvdyHlfJIbGQi&google_hm=N-4om8WqSVWdAJ7eY_pUCLU
Request Chain 313
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOjj9OwUfPgVSXVhzqVixpY&google_cver=1&google_push=ATf1kGNf87VkZv0KEstMYYqKbIqGidQQzOKKJOkLC0FBtRKqeGZgm0TWsNDmyyPKAhwnwsBsBZ5FmpIpbFDbGvEFahF0vCr02I7wig HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOjj9OwUfPgVSXVhzqVixpY&google_cver=1&google_push=ATf1kGNf87VkZv0KEstMYYqKbIqGidQQzOKKJOkLC0FBtRKqeGZgm0TWsNDmyyPKAhwnwsBsBZ5FmpIpbFDbGvEFahF0vCr02I7wig&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ZTnFZN2xSRTJ1RzB4MXI1NkVhdFlKUFZBSnh1WU9oc35B&google_push=ATf1kGNf87VkZv0KEstMYYqKbIqGidQQzOKKJOkLC0FBtRKqeGZgm0TWsNDmyyPKAhwnwsBsBZ5FmpIpbFDbGvEFahF0vCr02I7wig
Request Chain 314
  • https://sync.inmobi.com/gob?google_gid=CAESEON7oMQ51VKB5qLK6SC06IU&google_cver=1&google_push=ATf1kGNqrllzXv7uBYDFPPj4gLKWPgyj47nRiG6AlbKI7pLcQuJqIuiFztyy99HffEEmLvDeZOc9fYp7sX8GJurbSNp4zGk7ONrsig HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNqrllzXv7uBYDFPPj4gLKWPgyj47nRiG6AlbKI7pLcQuJqIuiFztyy99HffEEmLvDeZOc9fYp7sX8GJurbSNp4zGk7ONrsig
Request Chain 333
  • https://fw.adsafeprotected.com/rfw/st/1484055/72040524/skeleton.js?ias_dspID=64&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:a1216a5e-dc28-6f4e-f299-f0ff97eff4c4,c:fS13mB,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c5d9cf586-tbw5w,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:322,mot:0,app:0,maw:0,fm:tHvRwgn+111%7C112%7C113%7C114%7C115%7C1161%7C1171%7C11721%7C11722%7C118*.1484055-72040524%7C1181%7C1182%7C1183%7C1184%7C119%7C11a1%7C11a2%7C11a3%7C11a4%7C11b1%7C11b2%7C11b3%7C11c1%7C11c2%7C11c3%7C11c4%7C11d%7C11e,idMap:118*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:350,oid:31e63787-0da5-11ee-a784-7211772b0e0d,v:19.8.417,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 361
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKsuqy11k_9v3cqIkI79PoA&google_cver=1&google_push=ATf1kGNz5MGsBj0ErMABxMdO6KTlhcPzFLoucJgaXulF8G3T_VjUFBe5TTFqMveKAywy4cvwUo_A0nPeHRT8wnF6YNKImfGM0MfC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI3ODEyMzgxNjM4Nzg0MzA3OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF_jQCCRU41uH4uTC8P3kw4&google_cver=1
Request Chain 362
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMGECoFzGhhskLiymB6BX-k&google_cver=1&google_push=ATf1kGNwe9M6kexoZzFBKAZcMqsaWj4M3gQBgZoLBm416w8D4FIR8Iotu84nKGTrjfbH1bwPaqwxNpqMUUTlhiJYZ4a6X01Oq9x4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNwe9M6kexoZzFBKAZcMqsaWj4M3gQBgZoLBm416w8D4FIR8Iotu84nKGTrjfbH1bwPaqwxNpqMUUTlhiJYZ4a6X01Oq9x4&google_hm=rW9ZxbGCbHkMoGH1XXLZXg
Request Chain 363
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAM6GX6k5uDEDFPD64tMjFE&google_cver=1&google_push=ATf1kGMcPB66yGn7TVuHvPc0RI2xAotAdj_UuRgPmNCAgVtusy9NnrAfXUxXubM6yijuaUcbZ_P16N-UKVHeSZ_c8Sg2cFsfyd1S HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wkk2cWhRQUZkc1JXRVFCUg==&google_gid=CAESEAM6GX6k5uDEDFPD64tMjFE&google_cver=1&google_push=ATf1kGMcPB66yGn7TVuHvPc0RI2xAotAdj_UuRgPmNCAgVtusy9NnrAfXUxXubM6yijuaUcbZ_P16N-UKVHeSZ_c8Sg2cFsfyd1S
Request Chain 364
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED6cxCsvqVLOiXIvElwJHJ8&google_cver=1&google_push=ATf1kGMW8vDMOUXR0EZZrJMbzLQ49YPCua88qCGtrO30zQP4lqAe8cTCINQAkU2ieo7uH5O01HcokYxouo_dimB4SpZCa5PiJxAJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED6cxCsvqVLOiXIvElwJHJ8&google_hm=ZI6qhWsrOhSQBRTpGvL7PAAAFJIAAAIB&google_nid=index&google_push=ATf1kGMW8vDMOUXR0EZZrJMbzLQ49YPCua88qCGtrO30zQP4lqAe8cTCINQAkU2ieo7uH5O01HcokYxouo_dimB4SpZCa5PiJxAJ
Request Chain 365
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAB0E3hTR8Pmh-c_bY1CxTo&google_cver=1&google_push=ATf1kGOD06HyI2pbOkLT_9-oL6PBX_55KCqaWOnK4rXa3kKqvLFZ_FTXLoEIurThlRQ-_ceD3Qs_5n4Q3rsft1645l4A4Ujf3C7S HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAB0E3hTR8Pmh-c_bY1CxTo&google_cver=1&google_push=ATf1kGOD06HyI2pbOkLT_9-oL6PBX_55KCqaWOnK4rXa3kKqvLFZ_FTXLoEIurThlRQ-_ceD3Qs_5n4Q3rsft1645l4A4Ujf3C7S&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOD06HyI2pbOkLT_9-oL6PBX_55KCqaWOnK4rXa3kKqvLFZ_FTXLoEIurThlRQ-_ceD3Qs_5n4Q3rsft1645l4A4Ujf3C7S&google_hm=G1cgpGZHvIVzxUjdRi-vEsF8
Request Chain 366
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEGEhBRJ3pcUZE6Sx-dxzGs&google_cver=1&google_push=ATf1kGNZN1vNnBBq74DwZaIPkKPATc6r4M7VORwURyoubrCrnNTe0RsL9263DX7BVdPu2JYbdwmzdSt_f7HJigV3A9Ttiv0ysNU- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNZN1vNnBBq74DwZaIPkKPATc6r4M7VORwURyoubrCrnNTe0RsL9263DX7BVdPu2JYbdwmzdSt_f7HJigV3A9Ttiv0ysNU-
Request Chain 367
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEe79gBexvNEdUOOWJ5BD0M&google_cver=1&google_push=ATf1kGN3-qm0CScO1Qn3MuaysWBTqpU-buvXw5Q54iOBg2Lo5VjDxBOAybdOnf0BcvTYp9b_HzLaDRL21AYYV1k7hHaAemPjtqOwdQ HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEe79gBexvNEdUOOWJ5BD0M&google_cver=1&google_push=ATf1kGN3-qm0CScO1Qn3MuaysWBTqpU-buvXw5Q54iOBg2Lo5VjDxBOAybdOnf0BcvTYp9b_HzLaDRL21AYYV1k7hHaAemPjtqOwdQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=004b644e-d426-4291-9e5c-fb683ff28737&%%GOOGLE_PUSH_PAIR%%

434 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6x69807j0b5.html
pcloak.blob.core.windows.net/web/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
1318
Content-MD5
+Dz/d7Mp2GQfilgWrAkqiw==
Content-Type
text/html
Date
Sun, 18 Jun 2023 06:56:01 GMT
ETag
0x8DB5ED0599CC10C
Last-Modified
Sat, 27 May 2023 16:35:15 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
9f06a1a0-f01e-0048-06b1-a15f3a000000
x-ms-version
2009-09-19
jquery.min.js
pcloak.blob.core.windows.net/web/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-request-id
9f06a215-f01e-0048-70b1-a15f3a000000
Date
Sun, 18 Jun 2023 06:56:01 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
cloakan.js
pcloak.blob.core.windows.net/web/ 		308 B
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 18 Jun 2023 06:56:01 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zPiKctHo6j8i1UGOFPpInw==
ETag
0x8DA4D4A263C11C2
Content-Type
text/javascript
x-ms-request-id
9f06a335-f01e-0048-7db1-a15f3a000000
x-ms-version
2009-09-19
Content-Length
308
style.css
pcloak.blob.core.windows.net/web/ 		166 B
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/style.css
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sun, 18 Jun 2023 06:56:01 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
9ruAIrm4XHnQO3/sM8J0AQ==
ETag
0x8DA4D4A26527CA0
Content-Type
text/css
x-ms-request-id
9f06a28f-f01e-0048-64b1-a15f3a000000
x-ms-version
2009-09-19
Content-Length
166
px.php
www.cloakan.co/ 		743 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/px.php?id=6x69807j0b5
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:01 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
404
nv.php
www.cloakan.co/ 		232 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:01 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
112
/
ye-mek.net/ Frame ECAD 		77 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/
Requested by
Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1fd48174b5d52189f68d8e4750ec5653340ad221d1491bd0d2a5c84ca5e0f8df

Request headers

Referer
https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
78693
content-type
text/html; charset=utf-8
date
Sun, 18 Jun 2023 06:56:03 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame ECAD 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jun 2024 17:18:53 GMT
yemeknet.js
ye-mek.net/js/ Frame ECAD 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/js/yemeknet.js?v=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 18 Jun 2023 06:56:03 GMT
content-encoding
br
last-modified
Tue, 20 Aug 2019 13:15:54 GMT
server
Microsoft-IIS/10.0
etag
"0a144655957d51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=691200
accept-ranges
bytes
content-length
2179
maincss.css
cdn.ye-mek.net/ Frame ECAD 		40 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ye-mek.net/maincss.css?v=434
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
5261921
x-accel-date
1681809442
x-77-nzt
AcO1rydhC07/YUpQAA
x-accel-expires
@1713345442
last-modified
Tue, 24 Nov 2020 00:00:32 GMT
server
CDN77-Turbo
etag
W/"5fbc4d20-9e5b"
x-77-nzt-ray
25b02131cd917e6d83aa8e64a023a50c
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ Frame ECAD 		120 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-38733763-1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d63bdd4e02d52f5d85a7853ee58684729ce320a2ed6936734d004c2a0e93e273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47630
x-xss-protection
0
last-modified
Sun, 18 Jun 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 18 Jun 2023 06:56:03 GMT
WebResource.axd
ye-mek.net/ Frame ECAD 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/WebResource.axd?d=YeedoL8dFzo5gymDuarFXngFaaXpLN8jYlixY-HzMyr_r8lEwXsCQefYQgi2kFzYfrVacpu_9us1eVTBWQamZuI0ynrH9LDfafZF-A5wZF41&t=637811837229275428
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 18 Jun 2023 06:56:03 GMT
last-modified
Wed, 23 Feb 2022 00:28:42 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/x-javascript
cache-control
public
content-length
23063
expires
Sat, 04 May 2024 23:14:43 GMT
searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame ECAD 		542 B
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261963
x-accel-date
1681809400
content-length
542
x-77-nzt
AcO1ryfisKn/i0pQAA
x-accel-expires
@1713345400
last-modified
Sat, 22 Oct 2022 20:00:57 GMT
server
CDN77-Turbo
etag
"63544bf9-21e"
x-77-nzt-ray
25b02131cd917e6d83aa8e64955a8c0d
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ara.png
cdn.ye-mek.net/App_UI/Img/ Frame ECAD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261922
x-accel-date
1681809441
content-length
1651
x-77-nzt
AcO1rye08xv/YkpQAA
x-accel-expires
@1713345441
last-modified
Mon, 14 May 2018 22:41:08 GMT
server
CDN77-Turbo
etag
"5afa1084-673"
x-77-nzt-ray
25b02131cd917e6d83aa8e64bc9ce00e
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
semizotlu-kasik-salatasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame ECAD 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/semizotlu-kasik-salatasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e83e8632256c5072bcc9d126fd31fc4e8bfa323231f1d212e745dab97d90895c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
31722
x-accel-date
1687039641
content-length
16634
x-77-nzt
AcO1rydoyLv/6nsAAA
x-accel-expires
@1718575641
last-modified
Sat, 17 Jun 2023 21:43:42 GMT
server
CDN77-Turbo
etag
"648e290e-40fa"
x-77-nzt-ray
25b02131cd917e6d83aa8e642373590f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-citir-tavuk-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame ECAD 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/firinda-citir-tavuk-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6e517f1f2da440c36103d61ae698974db84ded6b3ac8635a8c24d8ac8652c10d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
116911
x-accel-date
1686954452
content-length
14117
x-77-nzt
AcO1ryfmUJT/r8gBAA
x-accel-expires
@1718490452
last-modified
Fri, 16 Jun 2023 22:14:46 GMT
server
CDN77-Turbo
etag
"648cded6-3725"
x-77-nzt-ray
25b02131cd917e6d83aa8e6408f0790f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
peynirli-kabak-mezesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame ECAD 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/peynirli-kabak-mezesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
bead47bb08af73c61c4d920ed428af54cc8582bf2c69e9b8f7ffcc01bac902fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
203449
x-accel-date
1686867914
content-length
14723
x-77-nzt
AcO1ryfc5vv/uRoDAA
x-accel-expires
@1718403914
last-modified
Thu, 15 Jun 2023 22:08:32 GMT
server
CDN77-Turbo
etag
"648b8be0-3983"
x-77-nzt-ray
25b02131cd917e6d83aa8e644fb77e0f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
karadut-peltesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame ECAD 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/karadut-peltesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
75a654ce513996dc8f544619cc1c99b2361261bb6f38d51c619833d68d0a6a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
289527
x-accel-date
1686781836
content-length
14137
x-77-nzt
AcO1ryeQFcH/92oEAA
x-accel-expires
@1718317836
last-modified
Wed, 14 Jun 2023 21:56:43 GMT
server
CDN77-Turbo
etag
"648a379b-3739"
x-77-nzt-ray
25b02131cd917e6d83aa8e64843a820f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cokertme-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/07/ Frame ECAD 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2013/07/cokertme-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
de828c1de3b057a2132f7e790523411695d4c0189b0eaeb5f0f4f3d92462a540

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261555
x-accel-date
1681809808
content-length
15954
x-77-nzt
AcO1ryd+UOD/80hQAA
x-accel-expires
@1713345808
last-modified
Wed, 01 May 2019 22:16:47 GMT
server
CDN77-Turbo
etag
"5cca1acf-3e52"
x-77-nzt-ray
25b02131cd917e6d83aa8e64af06850f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sebzeli-tencere-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame ECAD 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/sebzeli-tencere-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e5e28786e68ee9365dbc5f4b39fa49358367e4371322c7bfc70f7b016e7cfed3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261853
x-accel-date
1681809510
content-length
16006
x-77-nzt
AcO1ryeFSZf/HUpQAA
x-accel-expires
@1713345510
last-modified
Wed, 13 Apr 2022 23:53:28 GMT
server
CDN77-Turbo
etag
"62576278-3e86"
x-77-nzt-ray
25b02131cd917e6d83aa8e64b250880f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sebzeli-soslu-tavuk-yemegi-resimli-yemek-tarifi(24).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/03/ Frame ECAD 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/03/sebzeli-soslu-tavuk-yemegi-resimli-yemek-tarifi(24).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
680026f318b1fd16bc8e7b24ba4e32073bc98978f5bd67f19c1b30019a6decf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261855
x-accel-date
1681809508
content-length
16450
x-77-nzt
AcO1ryeRPgv/H0pQAA
x-accel-expires
@1713345508
last-modified
Mon, 22 Mar 2021 22:09:22 GMT
server
CDN77-Turbo
etag
"60591592-4042"
x-77-nzt-ray
25b02131cd917e6d83aa8e6466de890f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-pirasa-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/12/ Frame ECAD 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/12/firinda-pirasa-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
46f0e1ce5f1bc9e08e3dc864c6d65fb7bde761cdde2e8ca86780c539991badf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5260977
x-accel-date
1681810386
content-length
11396
x-77-nzt
AcO1ryfBAz7/sUZQAA
x-accel-expires
@1713346386
last-modified
Wed, 01 May 2019 23:10:04 GMT
server
CDN77-Turbo
etag
"5cca274c-2c84"
x-77-nzt-ray
25b02131cd917e6d83aa8e643e2e8b0f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sivas-katmeri-resimli-yemek-tarifi(24).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/04/ Frame ECAD 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/04/sivas-katmeri-resimli-yemek-tarifi(24).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
505c82241812470854d47dbfda8144e5326b3264363a233e75efced811a1a3e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
507820
x-accel-date
1686563543
content-length
10624
x-77-nzt
AcO1rydeKJD/rL8HAA
x-accel-expires
@1718099543
last-modified
Thu, 09 Apr 2020 00:02:49 GMT
server
CDN77-Turbo
etag
"5e8e6629-2980"
x-77-nzt-ray
25b02131cd917e6d83aa8e6488748c0f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kabak-cintmesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/10/ Frame ECAD 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/10/kabak-cintmesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
063f8f4e188f3fa9e65377bc04b667d77880ee000d6704882a8cfd0a61503421

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261470
x-accel-date
1681809893
content-length
15542
x-77-nzt
AcO1ryfvqon/nkhQAA
x-accel-expires
@1713345893
last-modified
Sat, 16 Oct 2021 22:36:04 GMT
server
CDN77-Turbo
etag
"616b53d4-3cb6"
x-77-nzt-ray
25b02131cd917e6d83aa8e64da758e0f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
hatay-kagit-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame ECAD 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/hatay-kagit-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
cc768907a13ed8d1731eea6ea6d8feeab05c62f17dbd7bcd97b8bc6b03994fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261928
x-accel-date
1681809435
content-length
15699
x-77-nzt
AcO1ryeYFTj/aEpQAA
x-accel-expires
@1713345435
last-modified
Fri, 01 Apr 2022 09:29:32 GMT
server
CDN77-Turbo
etag
"6246c5fc-3d53"
x-77-nzt-ray
25b02131cd917e6d83aa8e642a0dbb0f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
fasulye-diblesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/06/ Frame ECAD 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/06/fasulye-diblesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3d1be7afb3606c1dbff0d3410acf5f2d6423c7732967e605668d4ec1f30db333

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261751
x-accel-date
1681809612
content-length
15144
x-77-nzt
AcO1ryfWyUX/t0lQAA
x-accel-expires
@1713345612
last-modified
Thu, 25 Jun 2020 22:28:52 GMT
server
CDN77-Turbo
etag
"5ef52524-3b28"
x-77-nzt-ray
25b02131cd917e6d83aa8e64e56abd0f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavada-domates-soslu-kofte-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame ECAD 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/tavada-domates-soslu-kofte-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6ce801c9b5a18d6e9a2b6914f7fcbb927cacf7199e21c2318ac42e594102e2a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261050
x-accel-date
1681810313
content-length
14222
x-77-nzt
AcO1ryc5uCb/+kZQAA
x-accel-expires
@1713346313
last-modified
Thu, 07 Apr 2022 21:23:55 GMT
server
CDN77-Turbo
etag
"624f566b-378e"
x-77-nzt-ray
25b02131cd917e6d83aa8e647413bf0f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
et-kofte-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/07/ Frame ECAD 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/07/et-kofte-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d2910edc03b089aad72e3858373f35c82784d56372c6c3b0cf2abead2697862c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261853
x-accel-date
1681809510
content-length
12939
x-77-nzt
AcO1rydUGgP/HUpQAA
x-accel-expires
@1713345510
last-modified
Wed, 01 May 2019 23:21:10 GMT
server
CDN77-Turbo
etag
"5cca29e6-328b"
x-77-nzt-ray
25b02131cd917e6d83aa8e64af93c00f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
belen-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame ECAD 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/belen-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5a890b96bb00fd6a96f4b5e43fa646fb4b331d9c55b88bf6ca5dafd2bf1bf184

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261398
x-accel-date
1681809965
content-length
17356
x-77-nzt
AcO1ryd4zLz/VkhQAA
x-accel-expires
@1713345965
last-modified
Wed, 13 May 2020 21:44:39 GMT
server
CDN77-Turbo
etag
"5ebc6a47-43cc"
x-77-nzt-ray
25b02131cd917e6d83aa8e6471d3c10f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
eli-bogrunde-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame ECAD 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/eli-bogrunde-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2eac5014c6a4d3caaf4a4ad525637c9033c42a9263bdf85df1649f768f84f0b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261808
x-accel-date
1681809555
content-length
16989
x-77-nzt
AcO1ryeZ6hP/8ElQAA
x-accel-expires
@1713345555
last-modified
Sun, 10 Apr 2022 23:03:17 GMT
server
CDN77-Turbo
etag
"62536235-425d"
x-77-nzt-ray
25b02131cd917e6d83aa8e645a28c30f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tencerede-sebzeli-tavuk-but-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/11/ Frame ECAD 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2015/11/tencerede-sebzeli-tavuk-but-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
bd5dbcd6157119b8381ccd9d4af3aed1bae1c2afa1f114c980113ba05b0b191f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5259768
x-accel-date
1681811595
content-length
15955
x-77-nzt
AcO1rydPZVf/+EFQAA
x-accel-expires
@1713347595
last-modified
Wed, 01 May 2019 22:49:39 GMT
server
CDN77-Turbo
etag
"5cca2283-3e53"
x-77-nzt-ray
25b02131cd917e6d83aa8e642064c40f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
trakya-kapama-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/11/ Frame ECAD 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/11/trakya-kapama-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4d58ffd6c1a138ba5a0ac17c16e0c3825fc0ff03cebeca70dd8cae5351faf16a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261780
x-accel-date
1681809583
content-length
16176
x-77-nzt
AcO1ryeGr3P/1ElQAA
x-accel-expires
@1713345583
last-modified
Thu, 10 Nov 2022 21:57:05 GMT
server
CDN77-Turbo
etag
"636d73b1-3f30"
x-77-nzt-ray
25b02131cd917e6d83aa8e64141bc60f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuk-midye-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/07/ Frame ECAD 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/07/tavuk-midye-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
30bf458f10efd6425384a778db3797a4a3e045d9062684d32dd854e55af146b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261270
x-accel-date
1681810093
content-length
11515
x-77-nzt
AcO1rycg68v/1kdQAA
x-accel-expires
@1713346093
last-modified
Wed, 01 May 2019 23:01:48 GMT
server
CDN77-Turbo
etag
"5cca255c-2cfb"
x-77-nzt-ray
25b02131cd917e6d83aa8e64f6d8c70f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuklu-sehzade-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/04/ Frame ECAD 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/04/tavuklu-sehzade-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7d7862e6fbf2d69229da6a29919581daccb5fda185e6d92171147b42184eb460

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261314
x-accel-date
1681810049
content-length
16490
x-77-nzt
AcO1rydQJN7/AkhQAA
x-accel-expires
@1713346049
last-modified
Thu, 29 Apr 2021 23:52:25 GMT
server
CDN77-Turbo
etag
"608b46b9-406a"
x-77-nzt-ray
25b02131cd917e6d83aa8e641465ca0f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ayvali-kereviz-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/12/ Frame ECAD 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/12/ayvali-kereviz-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
58ad2fcae9a30475cee93b2f3eff7a4030a9c92b854d0c5d1e565fcd27d6b91a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261508
x-accel-date
1681809855
content-length
10348
x-77-nzt
AcO1ryf641b/xEhQAA
x-accel-expires
@1713345855
last-modified
Wed, 01 May 2019 23:28:26 GMT
server
CDN77-Turbo
etag
"5cca2b9a-286c"
x-77-nzt-ray
25b02131cd917e6d83aa8e64fae4cc0f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
unsuz-pirasa-boregi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/03/ Frame ECAD 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/03/unsuz-pirasa-boregi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e9fa3835f791662d1582515fbdcc5fdcfd09154c65b6522c65bdf7faf97c0124

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261386
x-accel-date
1681809977
content-length
15407
x-77-nzt
AcO1ryfRQhT/SkhQAA
x-accel-expires
@1713345977
last-modified
Mon, 14 Mar 2022 21:26:16 GMT
server
CDN77-Turbo
etag
"622fb2f8-3c2f"
x-77-nzt-ray
25b02131cd917e6d83aa8e640253cf0f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-kasarli-karnabahar-ezmesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/11/ Frame ECAD 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2015/11/firinda-kasarli-karnabahar-ezmesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
822511e83f8f0a91a794447e76b86cbe86ec23663f925f814dfbe9d3d859e85a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
326108
x-accel-date
1686745255
content-length
12088
x-77-nzt
AcO1ryfSw7T/3PkEAA
x-accel-expires
@1718281255
last-modified
Wed, 01 May 2019 22:50:37 GMT
server
CDN77-Turbo
etag
"5cca22bd-2f38"
x-77-nzt-ray
25b02131cd917e6d83aa8e64955ad10f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
taze-bakla-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame ECAD 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/taze-bakla-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d3c70a5ecb1b5c16ddff716d6a83d189efa57a07c4210acf01c978093e3a80eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
3230141
x-accel-date
1683841222
content-length
15403
x-77-nzt
AcO1ryc6oc7/vUkxAA
x-accel-expires
@1715377222
last-modified
Thu, 11 May 2023 20:25:52 GMT
server
CDN77-Turbo
etag
"645d4f50-3c2b"
x-77-nzt-ray
25b02131cd917e6d83aa8e64f811d30f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
nohutlu-tarhana-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/06/ Frame ECAD 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/06/nohutlu-tarhana-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
222cd4caabf2a0613dc6189df5fcf351899d8e1e891cbf6223b7d31ec701f55d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5259557
x-accel-date
1681811806
content-length
12667
x-77-nzt
AcO1rye13Kf/JUFQAA
x-accel-expires
@1713347806
last-modified
Sat, 18 Jun 2022 21:49:06 GMT
server
CDN77-Turbo
etag
"62ae4852-317b"
x-77-nzt-ray
25b02131cd917e6d83aa8e64016fd40f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
anadolu-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame ECAD 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/anadolu-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1c67a7d5bd4eeea4dac61fdb402693f5ecce11630369d396bd6ec60516bda492

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5260848
x-accel-date
1681810515
content-length
14404
x-77-nzt
AcO1rydAblb/MEZQAA
x-accel-expires
@1713346515
last-modified
Tue, 01 Dec 2020 00:12:50 GMT
server
CDN77-Turbo
etag
"5fc58a82-3844"
x-77-nzt-ray
25b02131cd917e6d83aa8e644bedd50f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
pirincli-yogurt-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/06/ Frame ECAD 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/06/pirincli-yogurt-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7e10c75356ec658e2f2fb4a409b04977fca9251f009aa4518d20c96ee4cf3440

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261873
x-accel-date
1681809490
content-length
12704
x-77-nzt
AcO1ryfcjRb/MUpQAA
x-accel-expires
@1713345490
last-modified
Tue, 21 Jun 2022 22:02:57 GMT
server
CDN77-Turbo
etag
"62b24011-31a0"
x-77-nzt-ray
25b02131cd917e6d83aa8e64155dd70f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
bruksel-lahanasi-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/02/ Frame ECAD 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/02/bruksel-lahanasi-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
22fb5b0df795b4084882ef226c87823477476927bd5e3462db1db36f30bdcaf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
532871
x-accel-date
1686538492
content-length
9690
x-77-nzt
AcO1rye+gWr/hyEIAA
x-accel-expires
@1718074492
last-modified
Thu, 09 Feb 2023 22:21:57 GMT
server
CDN77-Turbo
etag
"63e57205-25da"
x-77-nzt-ray
25b02131cd917e6d83aa8e64c412d90f
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
susamli-tepsi-keki-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/12/ Frame ECAD 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/12/susamli-tepsi-keki-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6a5c3836f01af05b52f926264495b7bac8dcef94acc6cfdbb3fbfa5054e941d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5256373
x-accel-date
1681814990
content-length
13737
x-77-nzt
AcO1ryck6kT/tTRQAA
x-accel-expires
@1713350990
last-modified
Wed, 01 May 2019 23:09:05 GMT
server
CDN77-Turbo
etag
"5cca2711-35a9"
x-77-nzt-ray
25b02131cd917e6d83aa8e64b5f24010
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sade-kek-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/11/ Frame ECAD 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/11/sade-kek-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a498ff757038abe0601ed0855c1b760ee237e42f5c40b97e936dc057e1970762

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5256499
x-accel-date
1681814864
content-length
10222
x-77-nzt
AcO1ryeAJPL/MzVQAA
x-accel-expires
@1713350864
last-modified
Wed, 01 May 2019 23:26:29 GMT
server
CDN77-Turbo
etag
"5cca2b25-27ee"
x-77-nzt-ray
25b02131cd917e6d83aa8e642f494310
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sekerpare-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/05/ Frame ECAD 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/05/sekerpare-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fd5bb4d2d15db4d9dd6a46041aedba1055b3b9a64d08aa66003fd35d42da4f8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261666
x-accel-date
1681809697
content-length
14513
x-77-nzt
AcO1rycaARD/YklQAA
x-accel-expires
@1713345697
last-modified
Wed, 01 May 2019 22:58:29 GMT
server
CDN77-Turbo
etag
"5cca2495-38b1"
x-77-nzt-ray
25b02131cd917e6d83aa8e64d4604510
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cikolata-soslu-un-helvasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/09/ Frame ECAD 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/09/cikolata-soslu-un-helvasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f24746296af7af2e912a763c913494be293d41c5528df7b39561e5887407c84d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5259516
x-accel-date
1681811847
content-length
18792
x-77-nzt
AcO1ryfq5uH//EBQAA
x-accel-expires
@1713347847
last-modified
Fri, 10 Sep 2021 22:10:31 GMT
server
CDN77-Turbo
etag
"613bd7d7-4968"
x-77-nzt-ray
25b02131cd917e6d83aa8e6457684710
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tava-boregi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/10/ Frame ECAD 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/10/tava-boregi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
00f3144b01e84e31eb08b2919a242a011735d97e954661e69536299b505af028

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2311426
x-accel-date
1684759937
content-length
12484
x-77-nzt
AcO1ryeIMPL/AkUjAA
x-accel-expires
@1716295937
last-modified
Mon, 17 Oct 2022 22:54:27 GMT
server
CDN77-Turbo
etag
"634ddd23-30c4"
x-77-nzt-ray
25b02131cd917e6d83aa8e64b3154910
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
velibah-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/02/ Frame ECAD 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/02/velibah-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
caa3c8e065ebed1584f4d19268711f4253dac01f4d46a503a80d4fe64eaf6bf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5253293
x-accel-date
1681818070
content-length
10242
x-77-nzt
AcO1ryc8HrL/rShQAA
x-accel-expires
@1713354070
last-modified
Tue, 31 Jan 2023 21:06:43 GMT
server
CDN77-Turbo
etag
"63d982e3-2802"
x-77-nzt-ray
25b02131cd917e6d83aa8e64da0e5b10
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
glutensiz-kek-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/08/ Frame ECAD 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/08/glutensiz-kek-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
57a835c5d836b1cf5fa67347fc236c0f29253d86d07a7169204e7be865979f09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4806117
x-accel-date
1682265246
content-length
13215
x-77-nzt
AcO1ryfwtkj/5VVJAA
x-accel-expires
@1713801246
last-modified
Sun, 28 Aug 2022 22:14:07 GMT
server
CDN77-Turbo
etag
"630be8af-339f"
x-77-nzt-ray
25b02131cd917e6d83aa8e6404225d10
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
eriste-boregi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/02/ Frame ECAD 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/02/eriste-boregi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8abb9a7c59de697a9a80bc1d7c9d66d498f3373d9446130ea659c880dad364c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5256158
x-accel-date
1681815205
content-length
12103
x-77-nzt
AcO1rycxO/v/3jNQAA
x-accel-expires
@1713351205
last-modified
Sun, 31 Jan 2021 21:17:32 GMT
server
CDN77-Turbo
etag
"60171e6c-2f47"
x-77-nzt-ray
25b02131cd917e6d83aa8e64fb105f10
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
_dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame ECAD 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:03 GMT
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
Microsoft-IIS/10.0
etag
"8ae3cdbd420cc1:0"
x-powered-by
ASP.NET
x-hw
1687071363.cds015.am5.hn,1687071363.cds292.am5.c
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length
5605
addthis_widget.js
s7.addthis.com/js/300/ Frame ECAD 		56 B
363 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 18 Jun 2023 06:56:03 GMT
server
Oracle API Gateway
opc-request-id
/ACEB66EA56FCBE78375AB59076535B0C/88DFAA0611F3AC68B81C82E87CDB29CA
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block
DMCABadgeHelper.min.js
images.dmca.com/Badges/ Frame ECAD 		465 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:03 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
Microsoft-IIS/10.0
etag
"26b181f16d28d51:0"
x-powered-by
ASP.NET
x-hw
1687071363.cds015.am5.hn,1687071363.cds214.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
395
outside.js
static.virgul.com/theme/mockups/adcode/ Frame ECAD 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19526
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
6bc3d03f9d36b00c7c9e9480dc420908aaba03af664e60c3e09a12cc530a7436

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:03 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 19:30:56 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
sdk.js
connect.facebook.net/tr_TR/ Frame ECAD 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3b9b5991359e2cdfa8e276e9bf55663197a66994517e9bb9b1f7919f99fa066d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 18 Jun 2023 06:56:03 GMT
content-md5
gRlhA7Vi3DXwjYjQVDDrKg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
kM4LCCdgpZzjWmblUdKqDrC/ltovUg3gPqda4Khq7c9/Pg1zkgGMqm8z+zHySJdUh9j1rj95N2Ll6Q4v/UVufw==
x-fb-trip-id
1679558926
x-fb-content-md5
ece96b5f5d82c3e0dc22a9b7998178b1
cross-origin-opener-policy
same-origin-allow-popups
etag
"b92061435b0a6975ac74fc9e45c781ea"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 18 Jun 2023 07:06:05 GMT
sprite_3.png
cdn.ye-mek.net/grafik/ Frame ECAD 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by
Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ye-mek.net/maincss.css?v=434
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 18 Jun 2023 06:56:03 GMT
x-cache
HIT
x-77-cache
HIT
x-age
5261921
x-accel-date
1681809442
content-length
21525
x-77-nzt
AcO1ryf9Cvz/YUpQAA
x-accel-expires
@1713345442
last-modified
Mon, 14 May 2018 20:55:05 GMT
server
CDN77-Turbo
etag
"5af9f7a9-5415"
x-77-nzt-ray
25b02131cd917e6d83aa8e6408e66010
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sdk.js
connect.facebook.net/tr_TR/ Frame ECAD 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js?hash=f53f9b7d2a5a24370f38ac547310d05f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3af38e80486b9e7fca4521ee5c9ab0a05f346e10d5739bf2e2f026a3d3c07170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 18 Jun 2023 06:56:03 GMT
content-md5
tcHHCTU7FcfDqKO7HmThdA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88818
x-fb-debug
oEI9g2C2P5Emy2RzpDRj+Uh+iANRVvTzxE16S46ggPQZiBgKh1WP7zxvvjhrwcaGXtLgnqUQBSnl99GCPCa7ZA==
x-fb-content-md5
ec30a6750b4c9c4a43977adeb609e746
cross-origin-opener-policy
same-origin-allow-popups
etag
"ecd76d5e403d2e7e6360cb6b3a6cbe74"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Mon, 17 Jun 2024 05:10:33 GMT
analytics.js
www.google-analytics.com/ Frame ECAD 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 18 Jun 2023 05:04:42 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
6681
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 18 Jun 2023 07:04:42 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame ECAD 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19526
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78fd4a354423c85d1642848f4b080b013d5665cd01de872eda7230be0bb90357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26460
x-xss-protection
0
server
cafe
etag
87 / 19526 / m202306130101 / config-hash: 4553594699066521459
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:03 GMT
ads.js
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame ECAD 		120 B
307 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:03 GMT
last-modified
Wed, 21 Dec 2022 18:47:42 GMT
server
openresty/1.15.8.3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
120
str.html
static.virgul.com/theme/mockups/outside/ Frame 49F0 		891 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=5184000
content-length
891
content-type
text/html
date
Sun, 18 Jun 2023 06:56:03 GMT
last-modified
Wed, 28 Sep 2022 10:07:57 GMT
server
openresty/1.15.8.3
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame ECAD 		137 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19526
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
356c56bea84a734eb3d9ba35c635c23835a65d1c3d9334d542cc49ad6f8c9275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47435
x-xss-protection
0
server
cafe
etag
6403839114791412124
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:03 GMT
prebid7.38.0.js
static.virgul.com/theme/mockups/outside/ Frame ECAD 		489 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:03 GMT
content-encoding
gzip
last-modified
Mon, 27 Mar 2023 14:56:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
apstag.js
c.amazon-adsystem.com/aax2/ Frame ECAD 		236 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19526
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.181.233 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-181-233.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:18:14 GMT
content-encoding
gzip
via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
last-modified
Thu, 15 Jun 2023 18:14:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-P1
age
2270
x-amz-server-side-encryption
AES256
etag
W/"9352f20e556bff9fea6fd0461aac850d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
HhCrNeumTf-wm5cALNZW3KiXT1DKMUfiUSxioylHuVU2gUThbzvOGw==
pageview
ng.virgul.com/ Frame ECAD 		38 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/pageview?c=site_geneli&mt=1687071363658&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.7186043708730108
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
ff8d5f7ef5edd0eabaff1c87e64a56682d3d2f8c952dc42f3ad4e5cb1d3c9f8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:03 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
yemek_net.js
static.virgul.com/theme/mockups/fallback/ Frame ECAD 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19526
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:03 GMT
content-encoding
gzip
last-modified
Wed, 31 May 2023 14:14:23 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
hb
ng.virgul.com/ Frame ECAD 		50 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=468630
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
aa39d2bba826f80fa31ea3957638a7ecefca1d5c40b14edcd098e0a3fdafdcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:03 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
cache-control
max-age=3600
access-control-allow-credentials
true
empowerwebplayer3.js
static.virgul.com/theme/mockups/outside/ Frame ECAD 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:03 GMT
content-encoding
gzip
last-modified
Tue, 13 Jun 2023 13:36:40 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
yemek_net.js
static.virgul.com/theme/mockups/sites/ Frame ECAD 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=468630
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:03 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 09:08:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
pandg-sdk.js
pghub.io/js/ Frame ECAD 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19526
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:00:57 GMT
content-encoding
gzip
age
3306
x-guploader-uploadid
ADPycds-6FZ945XcfiNmO3vXtQsT_g6KfHp5Ce_c7U845UlxsY6HjtTF8JZgmBvETMGpT6PlOQxpFyaNeVxy3dUt5ndeBA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5009
last-modified
Mon, 05 Jun 2023 16:36:50 GMT
server
UploadServer
etag
"47a886353056caf33a998c6041e20896"
vary
Accept-Encoding
x-goog-generation
1685983010517890
x-goog-hash
crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
5009
accept-ranges
bytes
content-type
application/javascript
zoneview
ng.virgul.com/ Frame ECAD 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1687071363884&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnetdb434659-d2e9-4998-bd13-077019ab973e&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.35874586749796245
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 18 Jun 2023 06:56:03 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ Frame ECAD 		352 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
458fdd5f817b3ea37577635c1756da747f9329f5dde55faa47289c3e2b613e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120775
x-xss-protection
0
server
cafe
etag
3766425772531710658
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:04 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/ Frame 7D16 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46274
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 18:04:50 GMT
etag
15057649708203361565
expires
Sat, 01 Jul 2023 18:04:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
NoktaNpmPlayerApi.js
c1.imgiz.com/player_others/html5/ Frame ECAD 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19526
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 11:58:21 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sun, 25 Jun 2023 06:56:04 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/ Frame ECAD 		408 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e190fdf47cb7389e127605fc34bfb1bfc74281d5264501b79f2779008a2ae73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 19:53:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
39742
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128933
x-xss-protection
0
server
cafe
etag
1396361306703029922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 16 Jun 2024 19:53:41 GMT
zoneview
ng.virgul.com/ Frame ECAD 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1687071363938&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnetdb434659-d2e9-4998-bd13-077019ab973e&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.8184724639075269
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 18 Jun 2023 06:56:03 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
tag
feed.pghub.io/ Frame 5AE8 		13 B
258 B 		Document
General
Check archive.org
Download Go to
Full URL
https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Sun, 18 Jun 2023 06:56:03 GMT
strict-transport-security
max-age=31536000
via
1.1 google
integrator.js
adservice.google.com/adsid/ Frame ECAD 		107 B
457 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame ECAD 		27 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1888609161828692&correlator=3551163162293631&eid=31074948%2C31075066%2C31075354%2C31075028&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687071363658%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb434659-d2e9-4998-bd13-077019ab973e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetdb434659d2e94998bd13077019ab973e&sc=1&cdm=ye-mek.net&abxe=1&dt=1687071364063&lmt=1687071364&dlt=1687071363049&idt=983&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=5v81p2tpen5a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1925791966.1687071364&ga_sid=1687071364&ga_hid=1954295779&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a5ab66434c4322d7b245f98e4a19100ad4c93bb8a9ecb5e261eaa7335a4a041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11614
x-xss-protection
0
google-lineitem-id
6241543851
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425583933
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6DB4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:04 GMT
expires
Mon, 17 Jun 2024 06:56:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame ECAD 		57 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1888609161828692&correlator=65266906421533&eid=31074948%2C31075066%2C31075354%2C31075028&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=3&adks=4131678395&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687071363658%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb434659-d2e9-4998-bd13-077019ab973e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetdb434659d2e94998bd13077019ab973e&sc=1&cdm=ye-mek.net&abxe=1&dt=1687071364084&lmt=1687071364&dlt=1687071363049&idt=983&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=xrr881dw0lyw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=1925791966.1687071364&ga_sid=1687071364&ga_hid=1954295779&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43eac73630e0626c59c7a0687cc40e4348a75296f87c479a2f1797aba1cf4461
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13584
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame ECAD 		57 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1888609161828692&correlator=65266906421533&eid=31074948%2C31075066%2C31075354%2C31075028&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=4&adks=1121744507&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687071363658%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb434659-d2e9-4998-bd13-077019ab973e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetdb434659d2e94998bd13077019ab973e&sc=1&cdm=ye-mek.net&abxe=1&dt=1687071364087&lmt=1687071364&dlt=1687071363049&idt=983&adxs=349&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=1npptlmc2jew&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=1925791966.1687071364&ga_sid=1687071364&ga_hid=1954295779&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2aef5c7d8e9b4b3a34eef7c9c6f7e166ae691735c8057abdd57f67ddd4e69a20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13587
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame ECAD 		64 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1888609161828692&correlator=65266906421533&eid=31074948%2C31075066%2C31075354%2C31075028&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead_multibanner_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200%7C300x100%7C300x150%7C320x100&fluid=height&ifi=5&adks=3051452641&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687071363658%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb434659-d2e9-4998-bd13-077019ab973e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetdb434659d2e94998bd13077019ab973e&sc=1&cdm=ye-mek.net&abxe=1&dt=1687071364089&lmt=1687071364&dlt=1687071363049&idt=983&adxs=985&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=mjyoh8vf69d2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=970x-1&msz=300x-1&fws=388&ohw=300&ga_vid=1925791966.1687071364&ga_sid=1687071364&ga_hid=1954295779&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de67caa68089fe4c0bd2b58459817273318bb5090db4d8f590b601072dba7be9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15503
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame ECAD 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.181.233 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-181-233.muc50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 03:31:44 GMT
via
1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P1
age
12260
x-cache
Hit from cloudfront
access-control-allow-origin
https://ye-mek.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
PjBJeilu2ywLrlBk8_5Pz9ofTs2YqNP3rubLMOdpzmZxlw9phAIx3w==
bid
aax.amazon-adsystem.com/e/dtb/ Frame ECAD 		23 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=P8EJIzfdv4jUX&cb=0&ws=1600x1200&v=23.612.1758&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
8E88GBD7Y2ZSKN9VVFDK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
v07rDKF4psvPB_wa2impEej25kF0TG5AzoMFbVx8HBhQNArA6npCDQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame ECAD 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.181.233 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-181-233.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
date
Sun, 18 Jun 2023 06:56:04 GMT
x-amz-cf-pop
MUC50-P1
age
12338
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 26 May 2023 01:35:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
vPbOAm0Vw4RSLXR4zEXxLcQ6zby_eL6jS-CFvAiGD1IoFObmE7IBYg==
ads
googleads.g.doubleclick.net/pagead/ Frame 590A 		603 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071363898&bpp=3&bdt=849&idt=268&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&nras=1&correlator=2698482455062&frm=24&ife=1&pv=2&ga_vid=1925791966.1687071364&ga_sid=1687071364&ga_hid=1954295779&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44792108%2C44759876%2C44759927%2C31071756%2C44788442&oid=2&pvsid=1888609161828692&tmod=400041023&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.mx6u2di5cjhw&fsb=1&dtd=279
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame ECAD 		107 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame ECAD 		23 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1888609161828692&correlator=1521343282433088&eid=31074948%2C31075066%2C31075354%2C31075028&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=6&adks=3299242717&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687071363658%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb434659-d2e9-4998-bd13-077019ab973e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetdb434659d2e94998bd13077019ab973e&sc=1&cdm=ye-mek.net&abxe=1&dt=1687071364338&lmt=1687071364&dlt=1687071363049&idt=983&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=kam2ka9kn8d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&ga_vid=1925791966.1687071364&ga_sid=1687071364&ga_hid=1954295779&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc265e13cdd917dcae8970394dcba2f0954530ac4b31bacf52191c45b9d46173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10981
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame ECAD 		34 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1888609161828692&correlator=1270597552728862&eid=31074948%2C31075066%2C31075354%2C31075028&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687071363658%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb434659-d2e9-4998-bd13-077019ab973e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetdb434659d2e94998bd13077019ab973e&sc=1&cdm=ye-mek.net&abxe=1&dt=1687071364342&lmt=1687071364&dlt=1687071363049&idt=983&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ct0m0kbu6zih&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1925791966.1687071364&ga_sid=1687071364&ga_hid=1954295779&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfada1f1e29812e88fab5265168ccf013f402811c42a1dd9c868c39b8679694a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14049
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame ECAD 		67 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1888609161828692&correlator=964898847940432&eid=31074948%2C31075066%2C31075354%2C31075028&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=8&adks=3203893797&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687071363658%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb434659-d2e9-4998-bd13-077019ab973e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetdb434659d2e94998bd13077019ab973e&sc=1&cdm=ye-mek.net&abxe=1&dt=1687071364346&lmt=1687071364&dlt=1687071363049&idt=983&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=nzgts0q2xxz5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&ga_vid=1925791966.1687071364&ga_sid=1687071364&ga_hid=1954295779&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d77eea56e7599c32b64635a7499fceffb58445fdeda265bf0eb2e9d02869e927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14861
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame ECAD 		23 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1888609161828692&correlator=2307779875947597&eid=31074948%2C31075066%2C31075354%2C31075028&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=9&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687071363658%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb434659-d2e9-4998-bd13-077019ab973e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetdb434659d2e94998bd13077019ab973e&sc=1&cdm=ye-mek.net&abxe=1&dt=1687071364348&lmt=1687071364&dlt=1687071363049&idt=983&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=dlff9w45gloj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1925791966.1687071364&ga_sid=1687071364&ga_hid=1954295779&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a21e2791ae5aa966afa16caf7621a56f950251668170cac0fadefbc0f402124c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11141
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame ECAD 		23 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1888609161828692&correlator=2621935869475558&eid=31074948%2C31075066%2C31075354%2C31075028&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=10&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1687071363658%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetdb434659-d2e9-4998-bd13-077019ab973e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetdb434659d2e94998bd13077019ab973e&sc=1&cdm=ye-mek.net&abxe=1&dt=1687071364352&lmt=1687071364&dlt=1687071363049&idt=983&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=79fsq5f6zf0c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1925791966.1687071364&ga_sid=1687071364&ga_hid=1954295779&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a9fd7ff0df2190e0549badffbecc3cf1e3abf802b3e8906fd8eb34cde4c0898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11073
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4342 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:04 GMT
expires
Mon, 17 Jun 2024 06:56:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6AD4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:04 GMT
expires
Mon, 17 Jun 2024 06:56:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 4342 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 18 Jun 2023 05:12:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Jun 2023 06:56:04 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 4342 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 05:06:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438598
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2883
x-xss-protection
0
last-modified
Wed, 17 May 2023 00:43:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jun 2024 05:06:06 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 4342 		371 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 16:50:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
396362
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130330
x-xss-protection
0
last-modified
Wed, 17 May 2023 00:43:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jun 2024 16:50:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 4342 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 17:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
47959
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 17:36:45 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4342 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 13:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
235828
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 14 Jun 2024 13:25:36 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6AD4 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 13:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
235828
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 14 Jun 2024 13:25:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 6AD4 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
444d13abe4c68dd55ae700dde040602d788ddfa47daa706531fd7e54be7d712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Origin
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47249
x-xss-protection
0
server
cafe
etag
15878758283654284451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6AD4 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:04 GMT
container.html
598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E2F4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:04 GMT
expires
Mon, 17 Jun 2024 06:56:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6AD4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQ3PpRjpZezlrA0f50pfHtFRTpXWxBpOnT6Q2RdDj_gw2DLyYNFMbCZIFEU58MzzW83i4C1nzahqtgKqV8668h61_hWImixb55q2oeXxYbphUbuVbsR4yhGAtSLiVma-BJOG3VrzBrSxbma_5hAlevFRSWyeA73z1sbKSFpLUeLXXvJ2F0dzrCLrKswob5YhvufLcCEKraBmjCEZ2Q3t_yZwlBBXNT202E5c5AVNt6kD1eD5UoAeFqCDCmrLoEvkHEPG7tfEQva_ijTI2wTwuzbV7kOkDRocpPzP_BJHvKNvXSMSbJ1mY9duTjfg22F6Hg3JEtMoJ7uQJJ1QLJEXkBsYmYN_srDCQWHG9t1hIoAe7Km7q770ScVQ&sai=AMfl-YRe57nUfCiZPHByKLhoouuRdTyXg7NcbbBdwNT2M0jFrw_o4l5jZNUR2m_D_QoscDk_ifRAnLBYTorOBNrCROwiJAw_TlbwET26rE5UWtU&sig=Cg0ArKJSzBWW9GvX7pQ0EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305252018000/ Frame 9F56 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 21:11:23 GMT
age
294281
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61795
x-xss-protection
0
server
sffe
etag
"7347aa4c83612bf7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 21:11:23 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 9F56 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 21:11:23 GMT
age
294281
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5238
x-xss-protection
0
server
sffe
etag
"6efdfbd3c81d03c9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 21:11:23 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 9F56 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 15 Jun 2023 20:51:54 GMT
age
209050
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28864
x-xss-protection
0
server
sffe
etag
"51fe97ef57b83921"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 14 Jun 2024 20:51:54 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 9F56 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 16 Jun 2023 03:58:48 GMT
age
183436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1896
x-xss-protection
0
server
sffe
etag
"fbb7a7837efaff21"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 15 Jun 2024 03:58:48 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 9F56 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 21:11:23 GMT
age
294281
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12956
x-xss-protection
0
server
sffe
etag
"bd37dd4c3b7b688b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 21:11:23 GMT
truncated
/ Frame 9F56 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6dea53578e20163a028d16e7155dd9796ed8c98ac2a5c1a5b15f78d50c59969

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
5648818383791576392
s0.2mdn.net/simgad/ Frame 9F56 		532 KB
532 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5648818383791576392
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
187574c8a3cf0026b633b356842e03d60450be911027b697e9542a650d1049c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:03:04 GMT
x-content-type-options
nosniff
age
28380
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
544482
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 09:51:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jun 2024 23:03:04 GMT
14952963386359035714
s0.2mdn.net/simgad/ Frame 9F56 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/14952963386359035714
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d3ebc5963c3ba449fc6f11b2d5ac883abaf7dbc046ac7c1b267518e0ca5fa27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 23:03:08 GMT
x-content-type-options
nosniff
age
28376
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10020
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 09:51:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jun 2024 23:03:08 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9F56 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXU3e5Gf4be-B-gJ1Sb5LUYkWjKKdg7ORWInxBGOPnRV9_HjIOhNzmyMTecDb4Qv3zPsnvGJRs_6NwcRaRaySaJQHCG5XBf3s1i4gmPkZXX5s2gtyTSq7zK0V2mTa-41DJg1KipEgRdWM_9d-wSyLyqK0T_Q&dbm_d=AKAmf-A7j5zv74PZ2rV1zSXnyQd5awSHOMwax35C42y9eDLeElFaI7PLcwXD_To-vVJRK_PjAx_LcgEEFGYdHzNAegrLZPcnnHkjaLlngtRAFkE0xPYjhObwQ8a-RFGn6BLqg6lFbME6ZCmTrMmIgjni_5fRbEj6NiVNns3yoi3IOWVKyjwqLUwSzLE5lz0leEYosSj5ngaD0TMuMfiv9QSBR6Pq-lp08qdXRKUiiY3VC7yLMkthih1hwu0vlRND-6yUAWO3eZ1qUt1g2qsoE2DeU5ebYpBggHXWstMGddoAX5DcTMi0sh09huN3WfeiwWSaBBVxKhuJrffaipqVxU2KGP3enaxhpkitXqToCxZwDXNIn6jos8hlYDlMXrstleYzhKb0SYP2UM0P21DFYPkUy95eg2ODd4ETDs12k31ITCE-Momu6Uw3TjAOb43zo4QAWGODc8JHexSsncCoyVBIfeW4xbl6Wxg64K-yIG8owZI2fBVN8L-zlxKsvLXUojmpJOt4cEiOt942UygiIWOhD9jLq3Us7c8Ur598-28xnLVzg5dPDFOiHsHlHRhcoe9Apdm-LDyQBRrv1pIrCfgGQEijDC-cm-Ky1UUtsW3UMgyy9tgfkMUQJiWNk43MxlSj3hlXHeY8deMz6MTIXhCqNH7v7sEWU13Pq3egAt_E5sJiJsT8CYmNx6brWQSEdJMfd-sksS3ruyDaPKNGjOXQ10PPm7EQ3x8MNVJS8wbcUcE8nM8rDMaUdlAeaHBAticv8JU9INcR9XJM6miK_9mVOeHvQ5gSZYfVvsssix5nL9RRa8HzloCI5nR63yVbmD96zhNms00nq-I53ja7DmoawzyErcV2pBoVLJ4zGlQ68DXgTjUP98qiTc9EmD8TFjBjvhgJJ6sgVNQnbkHXfUyXoexsmgFvjHC8WnQ-TS1PLvfVieLc9jFVyypyoWoGKle_JMXV-g0ahBYcZrgA3w_xzXs2FnyUd2ALDU2IlN4mDtXKDqakGw-p1VN3FTcQRYWPI5H91db_ub8IG5XjyYiieXXN9KsXlcD3_oDnJEGQlNZClGJyyUU5Dki003emI8INVYrtQ74WXQBCCVWtUq7VDVufHpt3_rJONMk37svMFXvwcjuIrU3iBXucd-OzUzSy-fhnss6V4aP6bFIqVN3fKiKuTaXglf_JrgVbGj4pD34mvJGqqLFvKSjU2FAVPRzxu8a5oE8D1clatU-WBWkNiUi2cCqfAAKEqA3IU7XQcdWCZDerl4OBV3613RG53FphIPEL8_aqI4cXLj1DCg3wls2V5r5kX9R7aMyZnF8OhwdsT-FUTchU1GcOq1ivEHDi0dELahynW-qmuvVG0j5SE4dxU6D2I2pDmhB_BtoVbLQztuwz761UKYRabYmp7dq6Od5jg49Kbv_EVU5b9n7a43iQ-PTp95Ry6_JtR4v_nI0uEOW56BqSUnSY-RAe5GGUC82McMU2RToCX4VJ01Ai5Qhcf2b0nJ9J4oPQYs6U-MJmMwJ-RgfI_1j2WJJu2ZydZshECT3Ljk35HD7x0LPJRm0GZ7YHGrIOiEfwkMdeqmeZosTmY0hB-wVIrCQBnzQC1aSiHdGP0cg2gFdngUjTwzfKWzt4d4xRFR4OZ52Dk1mFBWY0BKVdHFRM_hLC0fg7hMzO1uw_nYp1Umibz_M5QvVjxuRsGnwjm3YLMCCANfHqwPeFYy_dNg4y1w-XwDzG4TXZdjtGGtgzsJR5xH6oE2cnHEdFC-oSDqqQFT3MYAt09T28abJqF3zCqqojMWa0xBYr4ro34LrUKBtOaxCOMDH1auO8r_gMgrLuyOh6u6VCayEl50f3cDdCjJ_1RS-lTaqDgLvWHQrfEofLEYQ5l_w4mVYuRS5lIaSstcWW15QnPODc_JlzhEBix1_c_pSbxsloO9Zl9XnKrPGRUffKU-92Eobb3f6zl3eOGNQaVtfSbu6WWOBQRQk9Rr7hp6lswPXZr1G9z3hPrMVCiBkxx5jv7BoMSWho-1FcHIGXXZunwfmfHWaSlBLdVV-aJx3gik2O9yOnj5DJp5B8JARzzKF9Pkpjnv4ph1wQXyD-F4DqbyAs02uR7bWvVJtqgibDkTr6Qg1Yoem2VCMR53SOwhoa9hfKRqFny9RLUsIH3ua1eY_g-El-SsCKRba4a23huNJIytV9naGL-C4jPtb9bc00Nd23hcA9dHfZdkPjjHCjAXoEY4Pix-B28fWSqwlgZonEZNy_HuLxT1LIO5VcbEN5M6e9Og1LoP2EuipCeQcrgi4OzC48S0UqbG_knX7sHOZ7lqkPfazd2rr9p8RU-XB5lxGDhY0PXCYogHjKfke8YGC7CDdRaqcgTWTV_oKBlcpmk96GbBoi7Me5stnccAUKJaTdE63Ih2HxQoW6Eld9FPrKqAStscKQyum_uSVIVW3tO9LWisYS26BK4rQqDFupnbhWeciDhk55Jtu6vCXMfuRux7oXc8U-TgCdSg1L9xc-Sr1_ngdSxZbMqulJHEwT-a-kMe_NxgyyYqRdm4iHfHA6GJegW9-_aZLp1EiAUvXIj1EUamc4evDfUy5xX6z9eTtTMY59cSn0xDYYKoYDzf1ujXBewcAPA-551G8vqgx9kG8uqLLiDm2kZRaP0gMLAxpFqNAJiUvNb3S2KIMcNfrguy_f-jj9a0E4FxTceWy-7SlGPrEkBcHifiYuiJuCXbLbhzWN6XhVOQKRTnTaAktNFjYTcSc7dNZQr0BuSqjxLdZoEsru7sBVnNcri77PHmqOpRk6ZayIZDv-m6sfvEjJsxtVILab0jvTTOxvsVV6nlSJ31l122RWFEUoYJYUAkR4Hc9f2gIAUN3vaDOq-GmlBMMDr-bUHPiNBEl79c00WzZv-5wQCBbto9vbZorzJ47RCgI76P2rlyqY7AMXIn8rmEon3cC-iGgXJA3uzrLcgiu-mCBFlkAByYlaaNP0VxsyRJQF9ncyo1ZCc-0xzv11eH9OwoOumhVo0Gt4QxUmpNTbL3UBvDmjnyTqa_SH8DBwtLbTcAx-chaVaULnW2WOBBQC3iwUHXqn8hadRB9CiWaaQnktokP4R8lGrsN9tqftRArbG5OkMq21s9Yez3RfL0hKtG8rRAUrVwjDygaPIxaK7q6CRmtribr6SyQuHxaEByBeo9SzrilAs6FrG95i1u4wW2f_BS7L8b214EjaPf5H4ilnz8MjF8_EjfAK1JySqdiBMUic62zErzFzvpAXXVKaAAgUXJ91iNnxDSK91gaNYsR15lI5z8Blz1hqLgJ8ZxW8BdRMuRj5Gzc9i4RdU0ZylndrOGyxiDbcZG05fL5XnM8iuFsVNDquGq66pktUkovY1SROQ2XQi0pHiQkhDwHo29D3BiCGrH9SdoAcdnFBTammBYtxCd11PSR8MkNsOA&cid=CAQSOwBygQiDeavpZx5HH0PIoMRqvbP-l5F7g3VB5zT3vkqHfzNT2iathIy7O2qZxEcuw9YDwQrHHerHNimrGAE&dc_exteid=31120973698234972646135422016302856&dc_pubid=4
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9F56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjxCghKqOZNnbGYuM7gOtjJJol_bW5m-3m8itjRHv06K9wAEQASDAsoJrYJXikIKgB6AB06nd-QLIAQapAnH8qUpKWbI-qAMBqgTbAU_Q5OAIUIz808YNbXQ1WxAUXxC3NxRKl5KL6BepFB0MeHTXIU-j5ySEOAy0mEy3xOO7B-VnhNtPKpAmayVpQt9j0DMEOQ18OUSEN36lp4MXF5gxfOhIJMHmD3CGmAd5aOIR97-h-pD0dVWR5l4O5ZlzYMa43ibfZHSObuCp3yY_-GFZObAUFaLsYOTLXf9EzMNvIqWFbxf0LyM37Yl_1n5mkSmMHDXif8USbJjIjrcn9o7pv350bd2ruHvyQA20MZ_LTsAthsemBbkVWiKewKbDsPwAk3CdPGWaPsAE8Pe7nK8E4AQDiAXO-ZuVSpIFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHldaihgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChCH5xIYtJHA5QHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsBsBOA9b4TyBOb7Y7iA9ATANgTDYgUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=Vi3H30jp5_M&uach_m=[UACH]&cid=CAQSOwBygQiDeavpZx5HH0PIoMRqvbP-l5F7g3VB5zT3vkqHfzNT2iathIy7O2qZxEcuw9YDwQrHHerHNimrGAE&template_id=509&vt=10
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame 9F56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnW_tWtWDl0o3ymoocNAyxutGFNV390st97FywilOPJUN1mSOmXdzUVWQMYUZ27nm19KCgbSzh6xd8ixICefvPRLKbuw
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9F56 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 19:04:08 GMT
x-content-type-options
nosniff
server
cafe
age
42716
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Sun, 18 Jun 2023 19:04:08 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9F56 		344 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
62454
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 18 Jun 2023 13:35:10 GMT
container.html
598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 35D0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:04 GMT
expires
Mon, 17 Jun 2024 06:56:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ Frame 6AD4 		352 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8990457a21f00804abdc26242cb7578ea076b5335db917456905022b2100a921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120784
x-xss-protection
0
server
cafe
etag
3622469327840233349
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:04 GMT
6363a944e4b0125bde9e6739
ng.virgul.com/tck/imp/ Frame ECAD 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/imp/6363a944e4b0125bde9e6739?g=1&t=cpc_annotation&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1687071363658&userId=vnetdb434659-d2e9-4998-bd13-077019ab973e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 18 Jun 2023 06:56:04 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
container.html
598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D379 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:04 GMT
expires
Mon, 17 Jun 2024 06:56:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame DD6D 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjihLbrATAB&v=APEucNW1ZKKco00A1rZ5GOPTQuyqe5h9g0Q_1ih68ATZ7b-j4Ge0RfAXX-bvphIpnt8prYxmar3eCsC8j-OVV1-cKPfUwg0H2Aj9HlQIW7uavi8H_7d8xL61xPrILskdalarsL6D_N8v9Xyr0vkzYayW9zYIWzAWbQxqvuQ6uI-hZDVQHGnMsm8
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E2F4 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E2F4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ArP3KNoNxq0ae7TzKRTTw-nx3jC-2NcFz0PsjySGtNH-kQe0ZaTJCQGOGOmIKiTMMKOCDs9MC-hpdFnsQ8Rkw9jIt3_xFxK3vZOM0SvE0Oq8stePM
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E2F4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8813486732546522797&x=1&ct=76
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame E2F4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 20:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
37220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 20:35:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame E2F4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 17:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
47959
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 17:36:45 GMT
l
www.google.com/ads/measurement/ Frame E2F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTDEyo_G41RSd_SaS6rfCrGItBxYnxNVdNDCHBylfdLUA_aWulGI9LPxZMzuQLd2sWXU6oY7-MjZNuywTuAfafQobHlKg
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E2F4 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:04 GMT
csi
csi.gstatic.com/ Frame 4342 		0
235 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lj12qcam&c=6451387349332&slotId=3225693674666&qqid=CLjl-8qezP8CFUO4ewodVBUMAA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C44776384%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4342 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 16:10:14 GMT
x-content-type-options
nosniff
age
398750
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jun 2024 16:10:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4342 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 22:16:07 GMT
x-content-type-options
nosniff
age
203997
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jun 2024 22:16:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4342 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CDQlOhKqOZLiTCcPw7gPUqjDJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQWpAnH8qUpKWbI-4AIAqAMByAMCqgT3AU_QHgt0ohgoQa5ZQZaFkQTHxCgIcnV8ALiEjojNDUl_cAm55Dc4ETKzh3eG84uHn9Q7DOZ1xZO86VxfLVMRoZKPN-x4FVNFSZRjSoMTRX_cWruXKpJcXzQFSPv5VNobxGcm3qO64tNKTIjylchKinqUpdNaJecPJjhbU1I0n7A82yyplERSUtbEI72vmDxwcduzczGCk3pW8RfKLwEKP_wMkTQGpm_pPix2E7SrMynIWFp1UtFDz8iMgzunNA6loMCK3KPOWZTjtPObYusc8C0fu3iBJY7h2DGnxw0dPLF0PrF3QloSVKVUDeDrLPUBn5BSvUy47AbgBAGABuXQrvCavLuIUKAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ&eventType=clickstring&clientTime=1687071364842&ai=CDQlOhKqOZLiTCcPw7gPUqjDJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQWpAnH8qUpKWbI-4AIAqAMByAMCqgT3AU_QHgt0ohgoQa5ZQZaFkQTHxCgIcnV8ALiEjojNDUl_cAm55Dc4ETKzh3eG84uHn9Q7DOZ1xZO86VxfLVMRoZKPN-x4FVNFSZRjSoMTRX_cWruXKpJcXzQFSPv5VNobxGcm3qO64tNKTIjylchKinqUpdNaJecPJjhbU1I0n7A82yyplERSUtbEI72vmDxwcduzczGCk3pW8RfKLwEKP_wMkTQGpm_pPix2E7SrMynIWFp1UtFDz8iMgzunNA6loMCK3KPOWZTjtPObYusc8C0fu3iBJY7h2DGnxw0dPLF0PrF3QloSVKVUDeDrLPUBn5BSvUy47AbgBAGABuXQrvCavLuIUKAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 4342 		0
46 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lj12qcbv&c=6451387349332&slotId=3225693674666&qqid=CLjl-8qezP8CFUO4ewodVBUMAA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.l8&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast.php
ads.eu.criteo.com/delivery/r/0.1/ Frame 4342 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/0.1/vast.php?z=ZI6qhAACSbgKe7hDAAwVVJg6Sg5G4yZSEF4oBw&u=%7CYcvlOmL4qo0ZbL7hWoGuYeTFiYg3cq5x7vzSFk35xnA%3D%7C&c1=s9Ouqadr9PNjmdWEvnIhCeON5eq0Yfy817nyR0B5GwZXgYWXwbmDe9kpYSMilCDwZHTqTSHU28qPS699-x6-pdPmHC8ESfc6jWDFBEINRxVFWXLtQft7xikDu2-fx8kHGAYPfM87O1xHf-yHgQY1yio6ocCNASXTcbfyllG8AmJD6V2JYkREUoE_7lqrj2-ftrrJKy4bkoBEU2sId2ZsxhS7lmGhUYQyKLlbEG8ITnAggwWQnhW3uR1FvisiQVfWHKMwc3ZABnyOxD_DdIpFOQH8U6kBIee1bks9aZSeaNPwnxIUunLXJCtItLnzmAMkZMjMaA_PdGSdSAxnB7TP1tTk4lUa5QWy7i1lV8z0iPxsLvVWI6p271NG7ETcsxQtolwrFxS-2AdPJPUpHmAdzuXXl40Fh2PAWK5BwSPRsbLX_nekh3k9fTa2Z4g8sH_43D7eJP_CWXOTifs2COVAWaQJsJ2MXtYL07V1bCRxLsvAjhfGTUnGeiafpZo9tgXWFKwUD8mzS-rBELE0Cs_UggFGX3YZkFDsHuMPBBQW8yNjeOL18Age0uZ0rwxxwBwu3s-MYKwjeZFPMyKLsNWzfoV5BGVBPjTngLF6aR7cwt992khJIP44pzT5H2ENKecs&ct0=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDQlOhKqOZLiTCcPw7gPUqjDJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQWpAnH8qUpKWbI-4AIAqAMByAMCqgT3AU_QHgt0ohgoQa5ZQZaFkQTHxCgIcnV8ALiEjojNDUl_cAm55Dc4ETKzh3eG84uHn9Q7DOZ1xZO86VxfLVMRoZKPN-x4FVNFSZRjSoMTRX_cWruXKpJcXzQFSPv5VNobxGcm3qO64tNKTIjylchKinqUpdNaJecPJjhbU1I0n7A82yyplERSUtbEI72vmDxwcduzczGCk3pW8RfKLwEKP_wMkTQGpm_pPix2E7SrMynIWFp1UtFDz8iMgzunNA6loMCK3KPOWZTjtPObYusc8C0fu3iBJY7h2DGnxw0dPLF0PrF3QloSVKVUDeDrLPUBn5BSvUy47AbgBAGABuXQrvCavLuIUKAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2b84O8eRvMAgoMcXt-jTXdcNDN8Q%26client%3Dca-pub-7983651257838282%26adurl%3D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6af0e96e4358084cab3d271a7b82bbee2ffbfe90d3e97ed708dd69a4c5e52e80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2918286
pragma
no-cache
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/xml
access-control-allow-origin
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4342 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C8vWchKqOZLiTCcPw7gPUqjDJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQWpAnH8qUpKWbI-4AIAqAMBqgT0AU_QHgt0ohgoQa5ZQZaFkQTHxCgIcnV8ALiEjojNDUl_cAm55Dc4ETKzh3eG84uHn9Q7DOZ1xZO86VxfLVMRoZKPN-x4FVNFSZRjSoMTRX_cWruXKpJcXzQFSPv5VNobxGcm3qO64tNKTIjylchKinqUpdNaJecPJjhbU1I0n7A82yyplERSUtbEI72vmDxwcduzczGCk3pW8RfKLwEKP_wMkTQGpm_pPix2E7SrMynIWFp1UtFDz8iMgzunNA6loMCK3KPOWZTjtPObYuscsi8-Kf8OuZ1eRCUEFzC7xLhgNAd9bEKQ4G1pqxJUMtkZGjrWrvPgBAGABuXQrvCavLuIUKAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=wU0lA8BY7ME&uach_m=[UACH]&cid=CAQSLQBygQiDQ-nEGjxlcV8NjIt7y_Dh3wAftlbcUFM2ILM7QyhZdE5byauMoM45ChgB&vt=10
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
container.html
598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A1EB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:04 GMT
expires
Mon, 17 Jun 2024 06:56:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame A5DE 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNWBzAxKw3f1hX9h8graupKjyoyT_-9Q6ihR3eIr1kIuPbI6x1-o5epqm1dPawxVKaFeItgMVs32mcNgEBRCbKUtHYH-nFIt1vsrHkH7KOVngrBna5P_jfMsrakBwpszbmz7a44fLUUcefnKzzdsvXkOf1VK64fUunlTRKR3xYZuonmGFpw
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:04 GMT
expires
Sun, 18 Jun 2023 06:56:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 35D0 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 35D0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B3rfu-MWbz54eLmMzHogCQCj_8kZS3XAjTTjjy3WEe0re40tfO72iCfYUvQ4Zv7dinAsJq4FAgOSalYeoV19SGk-JKRxKXd1-Hk1VQtxR3YA7BxM4
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 35D0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9080684888668259366&x=1&ct=76
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 35D0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 20:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
37220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 20:35:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 35D0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 17:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
47959
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 17:36:45 GMT
l
www.google.com/ads/measurement/ Frame 35D0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQWWXL90IIGnasYwktX5sHqVHQZNknvLMCV0WJMXuujQQ-YtStRohoPOg3bo6bAXZs-POavFt0LD5RAtNOiFOvhKzABA
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 35D0 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:04 GMT
truncated
/ Frame 4342 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72dff61a3e511bd5f6a34f4339d6529e3aa3a1e638b6bdf657a50cd71c8491da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame DD6D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUXEsZuuQTtOvLuFt2SmQc&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUXEsZuuQTtOvLuFt2SmQc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjihLbrATAB&v=APEucNW1ZKKco00A1rZ5GOPTQuyqe5h9g0Q_1ih68ATZ7b-j4Ge0RfAXX-bvphIpnt8prYxmar3eCsC8j-OVV1-cKPfUwg0H2Aj9HlQIW7uavi8H_7d8xL61xPrILskdalarsL6D_N8v9Xyr0vkzYayW9zYIWzAWbQxqvuQ6uI-hZDVQHGnMsm8
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Jun 2023 06:56:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUXEsZuuQTtOvLuFt2SmQc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DD6D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZI6qhWsrOhSQBRTpGvL7PAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUXEsZuuQTtOvLuFt2SmQc&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUXEsZuuQTtOvLuFt2SmQc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjihLbrATAB&v=APEucNW1ZKKco00A1rZ5GOPTQuyqe5h9g0Q_1ih68ATZ7b-j4Ge0RfAXX-bvphIpnt8prYxmar3eCsC8j-OVV1-cKPfUwg0H2Aj9HlQIW7uavi8H_7d8xL61xPrILskdalarsL6D_N8v9Xyr0vkzYayW9zYIWzAWbQxqvuQ6uI-hZDVQHGnMsm8
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Jun 2023 06:56:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUXEsZuuQTtOvLuFt2SmQc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DD6D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEG_a9tTmW2NGtPwhpgLczGY&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEG_a9tTmW2NGtPwhpgLczGY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjihLbrATAB&v=APEucNW1ZKKco00A1rZ5GOPTQuyqe5h9g0Q_1ih68ATZ7b-j4Ge0RfAXX-bvphIpnt8prYxmar3eCsC8j-OVV1-cKPfUwg0H2Aj9HlQIW7uavi8H_7d8xL61xPrILskdalarsL6D_N8v9Xyr0vkzYayW9zYIWzAWbQxqvuQ6uI-hZDVQHGnMsm8
Protocol
HTTP/1.1
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Jun 2023 06:56:05 GMT
AN-X-Request-Uuid
bb0c2c8e-251f-442a-9749-85778c547c0d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.181; 185.213.155.181; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEG_a9tTmW2NGtPwhpgLczGY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DD6D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwMzg3Mjg3ODUyMTA4Mzg3MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwMzg3Mjg3ODUyMTA4Mzg3MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjihLbrATAB&v=APEucNW1ZKKco00A1rZ5GOPTQuyqe5h9g0Q_1ih68ATZ7b-j4Ge0RfAXX-bvphIpnt8prYxmar3eCsC8j-OVV1-cKPfUwg0H2Aj9HlQIW7uavi8H_7d8xL61xPrILskdalarsL6D_N8v9Xyr0vkzYayW9zYIWzAWbQxqvuQ6uI-hZDVQHGnMsm8
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 18 Jun 2023 06:56:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.181; 185.213.155.181; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d277f47e-1740-4652-8e8c-26ffe4885ef2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwMzg3Mjg3ODUyMTA4Mzg3MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D549 		640 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY8Yzo4gEwAQ&v=APEucNVzBNo0mISaPENZdHnvziJgdPtRfpDXKky68CHpCl9-aPUy0BUkzmuNvsf-DQyARvW3WkZ2XGRCI-WZH4SWcZgaoIvFwq6GDyOFh-7o76mnq6_pPB5y4hLD0wr82DNfmU03mtYbsiHN5TaQRBFCb7qJXqA8pIlLKpPt-qGXtNca7zcUFzM
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:04 GMT
expires
Sun, 18 Jun 2023 06:56:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame D379 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D379 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C5IATTKoiWwSyYE6LE_itMA13jqg90pfLyS2WLxJy5MEkvv_7iSZlDu95wYYqrE6ZwBnjLha7lHOY5KiqskYNhnziovQaCsO_iy5PkagTpM5rYV6g
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D379 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14093905988457042669&x=1&ct=76
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1352960/70224155/xbbe/creative/ Frame D379 		253 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1352960/70224155/xbbe/creative/adj?p=APEucNV5R-1VLo0ulRLnGoAN6JJrQkFa8Lc1qpZm6lLqZv0TG194hjA&d=CokBAKAmf-AA0WJKlNtc-vwEh6Z8xlkR0f62MmlOGos5ZNJ28Bo4rAKF8vKSa8KKiy1NcDMYkF_L6DZLbWG7HLU4ZZoEGDXFrYTt4z6no8IwZFLJZ0IKk0jGKKCAM8JKe7HPBDbH5d4lff8BP984sGA0xq1E17sSaowOSjy81B_zbth-3bi54FqssXQS2RQAoCZ_4JXMTyQkXr9PYmlCS_-aqdxw97JEqFM3k6VKUNKErMYDaaQppRP8HpADTWxBeHKlKcw_vSWqrYotzB392T_iZ_YuGh0Ut76DxkvFaTOePW8Z84Mzwe3E9wxk3DnAfhD6Rx2yRhVAsifxCLEsZR_U3BpGnB7a84k2iG2Ub0JKE8CRgvTHTqrw0dN9GXWDBQvk0bSNbZWY-eGY4bc7NHYfmneqKGGJvUr9xk1yvcDTExjKTTD3EtOysUyu43rFwAwjgIt8wcnmbeG0wuWXmp17ogQ7O4OL0uBItwJit1CIHO01tWaEkWFOO8wnQGrzlWko4e7P-kn7UoQf3HPhvvggFxYjIxrcJTyk_RVUjlftUcX9OlecjtOFFnqKdMnunEgXTXaAk1RGOnNUD3q5IhUWotgx3o8aIhElRSCFnFwagCVAJbPS9UXTZvkF3ly3sh-4MmtwRs4ILXn5R8HE1uBUmvlB9LMUrLbabn8wEXAxolCc19DaAHC4ptxDpV0NZzkNyny6FGHdCTxOMiUjHmiCZLL0qo2AlqUJM0NJsCmpV4fCTU56sc-DngyZWIPwqSseT9Pu2eZvk6BxylTWMiXX-G5t6rbCG_LCElDjYrTZweOMSrC4reV4LqjLFC2skD66stF6jlG9fxA2yrd8rT0GrlP3O4qwWS6rfvhkAKBz9fTUFqEtEomTl16X53LGymWjFtWEfG439qej0O3Z8vvoVynDj6rOms1ayNtTa9CDlSHBYSNWkzgPwYuN7le9fVYS5WqimqPwlXxk9Kz-JRDMSgWcpLS07AyXmoFE4ck3cBt3jB4sBr06G55nbdPzkztms1FGlc3F0Q-JvRBOWqoIgVZRMnrFfvNDJD7Z6DRGDLaclB6zcvEeqM1eeU4c7qpKbc1Hw1VRKjCK_ocmYe5SZ2QcA3Ur9WSaHkCxeUT_4NVC966BU-X9Kf_D8O5oA9Tx0osG_IUuhXl5--56kPYkw1RQsgkdR_orP9SYSyVCoJgKwLM6C3eKkOw3PYFVauk3m6ECB3oV1-GkXhaZTJunUM8LGtAhVMok1Jbv5Y8SUu7vLmSugsJAhhGH-24slCfx5g9tBLIw71HR4bJlvqGT3ETIquDo0vAfpxdfjMVX2DvUB1lKT2qO6j5kdtxfcXWb974UCBIK0Xc6M0ckos9ZrAktaMqpMlXftb-ECKZPWUKHLPvWEUeqDza7bzzifHkSm2yADwV5GiItnDFfvAPvDirNhPUNJc6lARatjoka6kVuIOkbeseRm8u6K5OS6vg_BmseidXYijENyNgB4rybw2j-4WHC2IvZjdJcYjQOCr2Afj-rmZ6SS1LARRu1PwhHWWSwmGUWArsRfTZU4D5wEO--4G9zWoiF3bXoDK4im1Ews5qxPrIw2_Ik-WfT5OFJJB5ZdqL990njtotCC9dN_kIIbw3a_VxfzYu7slxnl0e7OZHQiJ_FxtNhcCzh1VS0nxIf1OatldeGySSLtqiLYLkKJqs0SB077DGDNa8z5ouvGskVNsYI52UYAsPfx7xLIvpY_dStJTuu7w0Z23A1CBuHq0GVAx7cqSGk6OGgQtncRQwhKo5YJE23NhXTSU0PiKL1TDK9UDe3DbiRdVDaEa0Wmt1BJ7YOKUmv3WBYEZ5oIVp9xI7EoPAd5VybTeKxBAALOZfk3QUIdK3vM3Z3W7tgCzP1n1u_DGPSeDzEvDeU6xWb303i7Kc-uN-yORnKOnHpYQxDIlGYWuAhHpgbWBi6bRiKunyNq4o5a-59duhgE0WnHu9gnj6DlXuD9jeLIPut-n3CWHRlsVldJffjHK-GiQ3mhilWnoK9cPw9Cdnf4t4Tk933uBmpPDtrWvWwfHN2Pd3FAzv5_RvYz34wDJNKkVv60Kpk8uRlgQePmQ2ygG3foH6bD8xl9yD9rI4tijXEDEITz7-ufXj-uwSm0uyqRMq5OIBbYpQ2Ig1_7Xteh1N3w69qcRGtgbseyaoPXpJ4bETu511h8UvLfQ44AdmLMi3un930IqqphDIWRobJEGU2q0THBRlhUIs_4jDG9aJS0IDo7V3o91WLLwaodjQ5atgH5H3TqQmdth6p6Z5nsrN2-cG6plmYVTDD9anxcLzNJ3aU7CnBFk_dGYbBgU4BpzrioIZgrPP2-3XlpLVEXIvk-y3il2oMwTTMEc5l_hS5SWQaHUh28yT1Re3f0s5mMJo239pVbXbAu6RorSBWpvuPQLJI9DSjGfjLE7c3Mcwd8CFDUgGB50rXsJ_v-4CPMG5vOWOGy6SByciLKtexRtm3cbK8tcRZOi3EVlgIoKGLh1eoFD3SZ6OBwbC4EGEKGDOS7hk9W7dSuiyA6NZVjjpRqnXc12JGBxS4yImaNZm53hgBTLErJFPF3HYUllbkvuA4qnWNe_cu12nnxUyFDHQalh5RkwgY91ajUAw9Lan6qtE7YXfXXBJsGDdLayMPQMRXFWMBMiVj67g5ved-NH6wAmeFSVY5RrA7GkbLp85gnEgTySPF5BQkBXkiHeVUeG_vjVVfVB1-XktlFA8rXC1FX69tYl-qHVArcPw_5Cb3R8hcbierlk2730RQ_kDoQd6JFLp1J_uoUoC5NLyuSyV48QxiVm-4RPGb7OaitLJ08SFUTLzxkdmzvuQh82l-CzwsgpVOoRtAeBT0MLe5mPDD_C2e8HvtaxcsUSHuk21VujiQmb1gTekBQEG7m7Z_ndoLBe8NKT62k8f670yIJ0g_-pg-7w6TQFHTy1pV_IYXx-E5ZIgExcNZVTUc2S4sAODu97UbzERD_Zg5gpGqmsf3-XE1ESO3wbW70uAHodx4KIRWkISN1CCHju_DfL3xRaGi6nC2HjfLXTQ95l7xvrR49d2RFldJIqptLXR1e4K-2BH2KpEhrHqsAmwJNbEADA_y08bl1D-KxONDQE3wEAJ5A53R5NRO2OydCHdUEnXSwUQL6-d93D9J5ULcxlk-7PVeLc4-B7RxA7RHIQbZQl2LuwFvEH-9bn3IgkqmioVm60TPBylh89dj_G_-spJlnlHwR2pHQnPVM0JHvUja3NNFqiUjDCnk3_XC5BSJ6fB0VZhZ5scbb1PozyWas8nLdvvc0BB2iU1D_f4sj67w9mKJkZgrU4VP92FvD5WBrxgC4jDuHzsjW-4Bu16TrUFTaTznk_bFPBooC_DmacqpqLPop3XJhAjvMUXHazPgwtZA_3BuwD0ZRTnWZKdqLHxCeyTig083V9D0bYunW0Vyi5Tk7f6ItNMQ4wPNv6Mv-UF7tAkolXVBc7uSdvZWmDyaL89u5c2IK0NvrfPav8KOedJuikDUlVyz3KAIka7Ivl3dH7CHwpfcF1zl9j2ZPRaKZs9BTqPtcX-lM2yVy8-sBx19gDaPtPV1h7ZI_qcBFw1-xs-S07tobG2sdDdmJrnUhbKEzvfCuqvRS_Eq6kBNYx-fFMWuYSnNNTA6jzA6CSSS9z1rub1WFcrRARB0mNr-6dzgqYmw6TmhqQ45FXI043Z4HvMABhs9cWJk4NDkqRYLxr4aQQgEEjsAcoEIgzkCSrefJFjOJmxELIBBdarK4F7ttdmXB7wq_we5rlqkg1EeFKN1X0Hf1hzZ7o4VeACKQhNmERgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782784300&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hZ42Vj_-1OS9iBr7PyWDkh
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.110.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-110-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
999c7f8b19c0a79c9fd14d0352ddc2d8341c0f385421c511edac6257e1566690

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame D379 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 20:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
37220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 20:35:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame D379 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 17:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
47959
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 17:36:45 GMT
l
www.google.com/ads/measurement/ Frame D379 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxL5nLRUblpablvrw2A6AOmsNTFjYDnw7pij4YMVjYbxRkYyAAmwGqDLc-TZXGoSkVEZNUymnwO2xEHvTlrVVWPxqyag
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D379 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:04 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/042306121857000/ Frame 5C9C 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042306121857000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eb13e0b19e9402cfa8b657698f30b802713a6ee217db3a7c90303092e6a74dc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 19:08:26 GMT
age
301658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61839
x-xss-protection
0
server
sffe
etag
"be692da3878c51b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 19:08:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/042306121857000/v0/ Frame 5C9C 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042306121857000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ecf549285abace95d82b3cb5ce900eb913f0933adecfb219323cfeb5cab342f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 18:27:49 GMT
age
304095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5232
x-xss-protection
0
server
sffe
etag
"b9d7325e6d00a0d4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 18:27:49 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/042306121857000/v0/ Frame 5C9C 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042306121857000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fd291cd721a9eb1d02b69bbd49d6af1278f75be772d7f9955707f28fa603792
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 18:26:48 GMT
age
304156
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28883
x-xss-protection
0
server
sffe
etag
"13a7487448b7e49b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 18:26:48 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/042306121857000/v0/ Frame 5C9C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042306121857000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c05fb2c2bc701654f036a32a831405bb166f0d6dcdeb1d02d965abb580d93c75
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 18:27:49 GMT
age
304095
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1903
x-xss-protection
0
server
sffe
etag
"525607831b953e06"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 18:27:49 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/042306121857000/v0/ Frame 5C9C 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042306121857000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63993f897df6ee5a2dd577c13bf70998f1b15da58fc0965713fdad54826fdbba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 18:27:26 GMT
age
304118
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12940
x-xss-protection
0
server
sffe
etag
"deedc00399de28ed"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 18:27:26 GMT
css
fonts.googleapis.com/ Frame 5C9C 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 18 Jun 2023 06:41:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Jun 2023 06:56:04 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5C9C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 19:04:08 GMT
x-content-type-options
nosniff
server
cafe
age
42716
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Sun, 18 Jun 2023 19:04:08 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5C9C 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
62454
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 18 Jun 2023 13:35:10 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5C9C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cp1eohKqOZLz1FpeJgAfN3aeYAZr7vpBxneTvkLER2tkeEAEgwLKCa2CV4pCCoAegAdv8uvEDyAEG4AIAqAMBqgTjAU_Qmouu-WV6nileikvCMlWWRc8Cq8eMDv7oeK3ia6pITCydStuEJe6z4g-PRBREjxFzjLM0jtiL3omaiu2_2i3dUWbLeXAyR0TnsdPLlkzhCAVIAU6D0W-rYEnPnRWoSZlBIq0Ven6UDn6Fhe5hWwW9xkJuK8NuQiJr0GMxtpb8NyvoPXEaB-iYWbZ36IFJwcaP1x5XK-nUk7nO6HqeJMJ9F1eLUbKbKJ5PDZE9i3p8kS52QcMEQAdinDqCcn0oxMAqEGSRE5pV5hFRi8fLvfU4KBoCFzJSDbzVKzWjUYJjqIhVwASo6YWvyQTgBAGSBQQIBBgBkgUECAUYBIAHreKo0AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC14wTSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=Gzej-IeRq1w&uach_m=[UACH]&cid=CAQSbQBygQiD5FPb6ANcUzDu0vrBTt_NA4KR3Tzyp1Ppl2nJFqHo7GXt1E1bno_WE0KCu2q-3UK97Gxc_1drw_coOSJ8UIY029Yv0gcRqWoJa-r8tzt6Y6mrGLw2Yo5ZIRT0bw2b5RGGaHQkQUofl14YAQ&template_id=492
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
truncated
/ Frame 6AD4 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f5363951377eaa801941089dd9c8f0945f06e4cef15332178bc688c0b3ecf5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame ECAD 		361 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19526
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123120
x-xss-protection
0
expires
Sun, 18 Jun 2023 06:56:04 GMT
NoktaPlayer.js
c1.imgiz.com/player_others/html5/ Frame ECAD 		398 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=6/18/2023
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
gzip
last-modified
Mon, 29 May 2023 18:51:56 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sun, 25 Jun 2023 06:56:04 GMT
csi
csi.gstatic.com/ Frame 4342 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lj12qcc9&c=6451387349332&slotId=3225693674666&qqid=CLjl-8qezP8CFUO4ewodVBUMAA&fb=outstream-lima&vast_v=3.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x19&vmfc=1&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4342 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 12 Jun 2024 06:56:05 GMT
csi
csi.gstatic.com/ Frame 4342 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lj12qcfg&c=6451387349332&slotId=3225693674666&qqid=CLjl-8qezP8CFUO4ewodVBUMAA&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&mt=video%2Fmp4&vs=1080x1080&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4&hvmf=false&vms=1&bit=0&hcn=0&met.4=arp_a_e.ok~videopreviewvisible.ov&umsem=0&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 5C9C 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
773efc86ce2fb9e38f71088338e92843749f32e64c0531a3096a295e66547141

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
ed2ce3f30f62411a8d88b33f6114edaa_k6_1080x1080_15sec_cta_social_paid_de.mp4
static.criteo.net/design/dt/10758/4758893/ Frame 4342 		18 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/10758/4758893/ed2ce3f30f62411a8d88b33f6114edaa_k6_1080x1080_15sec_cta_social_paid_de.mp4
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 01 Jun 2023 13:46:50 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6478a14a-11c7062"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-18640993/18640994
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
18640994
expires
Wed, 12 Jun 2024 06:56:05 GMT
csi
csi.gstatic.com/ Frame 4342 		0
46 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lj12qcft&c=6451387349332&slotId=3225693674666&qqid=CLjl-8qezP8CFUO4ewodVBUMAA&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&mt=video%2Fmp4&vs=1080x1080&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fads.eu.criteo.com%252Fdelivery%252Fr%252F0.1%252Fvast.php%253Fz%253DZI6qhAACSbgKe7hDAAwVVJg6Sg5G4yZSEF4oBw%2526u%253D%25257CYcvlOmL4qo0ZbL7hWoGuYeTFiYg3cq5x7vzSFk35xnA%25253D%25257C%2526c1%253Ds9Ouqadr9PNjmdWEvnIhCeON5eq0Yfy817nyR0B5GwZXgYWXwbmDe9kpYSMilCDwZHTqTSHU28qPS699-x6-pdPmHC8ESfc6jWDFBEINRxVFWXLtQft7xikDu2-fx8kHGAYPfM87O1xHf-yHgQY1yio6ocCNASXTcbfyllG8AmJD6V2JYkREUoE_7lqrj2-ftrrJKy4bkoBEU2sId2ZsxhS7lmGhUYQyKLlbEG8ITnAggwWQnhW3uR1FvisiQVfWHKMwc3ZABnyOxD_DdIpFOQH8U6kBIee1bks9aZSeaNPwnxIUunLXJCtItLnzmAMkZMjMaA_PdGSdSAxnB7TP1tTk4lUa5QWy7i1lV8z0iPxsLvVWI6p271NG7ETcsxQtolwrFxS-2AdPJPUpHmAdzuXXl40Fh2PAWK5BwSPRsbLX_nekh3k9fTa2Z4g8sH_43D7eJP_CWXOTifs2COVAWaQJsJ2MXtYL07V1bCRxLsvAjhfGTUnGeiafpZo9tgXWFKwUD8mzS-rBELE0Cs_UggFGX3YZkFDsHuMPBBQW8yNjeOL18Age0uZ0rwxxwBwu3s-MYKwjeZFPMyKLsNWzfoV5BGVBPjTngLF6aR7cwt992khJIP44pzT5H2ENKecs%2526ct0%253Dhttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Faclk%25253Fsa%25253DL%252526ai%25253DCDQlOhKqOZLiTCcPw7gPUqjDJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQWpAnH8qUpKWbI-4AIAqAMByAMCqgT3AU_QHgt0ohgoQa5ZQZaFkQTHxCgIcnV8ALiEjojNDUl_cAm55Dc4ETKzh3eG84uHn9Q7DOZ1xZO86VxfLVMRoZKPN-x4FVNFSZRjSoMTRX_cWruXKpJcXzQFSPv5VNobxGcm3qO64tNKTIjylchKinqUpdNaJecPJjhbU1I0n7A82yyplERSUtbEI72vmDxwcduzczGCk3pW8RfKLwEKP_wMkTQGpm_pPix2E7SrMynIWFp1UtFDz8iMgzunNA6loMCK3KPOWZTjtPObYusc8C0fu3iBJY7h2DGnxw0dPLF0PrF3QloSVKVUDeDrLPUBn5BSvUy47AbgBAGABuXQrvCavLuIUKAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2b84O8eRvMAgoMcXt-jTXdcNDN8Q%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A5DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUXEsZuuQTtOvLuFt2SmQc&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUXEsZuuQTtOvLuFt2SmQc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNWBzAxKw3f1hX9h8graupKjyoyT_-9Q6ihR3eIr1kIuPbI6x1-o5epqm1dPawxVKaFeItgMVs32mcNgEBRCbKUtHYH-nFIt1vsrHkH7KOVngrBna5P_jfMsrakBwpszbmz7a44fLUUcefnKzzdsvXkOf1VK64fUunlTRKR3xYZuonmGFpw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Jun 2023 06:56:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUXEsZuuQTtOvLuFt2SmQc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A5DE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZI6qhWsrOhSQBRTpGvL7PAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUXEsZuuQTtOvLuFt2SmQc&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUXEsZuuQTtOvLuFt2SmQc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNWBzAxKw3f1hX9h8graupKjyoyT_-9Q6ihR3eIr1kIuPbI6x1-o5epqm1dPawxVKaFeItgMVs32mcNgEBRCbKUtHYH-nFIt1vsrHkH7KOVngrBna5P_jfMsrakBwpszbmz7a44fLUUcefnKzzdsvXkOf1VK64fUunlTRKR3xYZuonmGFpw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Jun 2023 06:56:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAUXEsZuuQTtOvLuFt2SmQc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A5DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEG_a9tTmW2NGtPwhpgLczGY&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEG_a9tTmW2NGtPwhpgLczGY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNWBzAxKw3f1hX9h8graupKjyoyT_-9Q6ihR3eIr1kIuPbI6x1-o5epqm1dPawxVKaFeItgMVs32mcNgEBRCbKUtHYH-nFIt1vsrHkH7KOVngrBna5P_jfMsrakBwpszbmz7a44fLUUcefnKzzdsvXkOf1VK64fUunlTRKR3xYZuonmGFpw
Protocol
HTTP/1.1
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Jun 2023 06:56:05 GMT
AN-X-Request-Uuid
47cc3fde-98f7-4560-a0c6-2728283fbff7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.181; 185.213.155.181; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEG_a9tTmW2NGtPwhpgLczGY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A5DE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwMzg3Mjg3ODUyMTA4Mzg3MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwMzg3Mjg3ODUyMTA4Mzg3MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjW2LLlATAB&v=APEucNWBzAxKw3f1hX9h8graupKjyoyT_-9Q6ihR3eIr1kIuPbI6x1-o5epqm1dPawxVKaFeItgMVs32mcNgEBRCbKUtHYH-nFIt1vsrHkH7KOVngrBna5P_jfMsrakBwpszbmz7a44fLUUcefnKzzdsvXkOf1VK64fUunlTRKR3xYZuonmGFpw
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 18 Jun 2023 06:56:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.181; 185.213.155.181; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f327f274-3073-42d7-a2d3-3bf0c3f6e5cd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYwMzg3Mjg3ODUyMTA4Mzg3MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 01F6 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARj8x7LlATAB&v=APEucNUTpCbSMZevkTfExWrbJ2zFE8l2BfJSEjC-_oboc6_pJLfVoPmoKR6N8mArXGpmOR_rDOMkc1LX03hr07vAl3WM0Bxsgxi0PE8GE-j9H9Y7e5udvfEqaZdSsyyopXJ2_jASoDNiPE-A3srtea1osYHRTN9j2w7N2KtROgwUb-N2p_OvOQ0
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A1EB 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A1EB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AKLPOQWPSzEMzp1sybkIydUJKBe26BWL7ZYj2DOEXVzFQBxkd2vT_nY86ttHC33l5h9d860ffUDnss2lFNU9fK0J9jJG8Q6kon6qPQY-3VDd9ps8Y
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A1EB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2354334845996096385&x=1&ct=76
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame A1EB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 20:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
37221
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 20:35:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame A1EB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 17:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
47960
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 17:36:45 GMT
l
www.google.com/ads/measurement/ Frame A1EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnMj4mu-t8JXK7jexFWdYP3VGsA2RR3TFkf0NR1R6aQsMXvRb0ObBJdsLoSlBxsRSGuneIa58YgkN0BuAxt-ga-wRwgg
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A1EB 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E2F4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4508724897982&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E2F4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4508724897982&version=m202301230201&ct=76&x=1&cor=8813486732546523000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E2F4 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgqZw6o8eL3_N2GaRB3LUnKMOUSxYavScApol_3QyuM_Kpkdn2LhzHpJE1rZIReEdynUEQUJR2qUSWMxOFXAYK3zJjQvHEByPTCdEfRD544Mfa8YWih-h_CyvPVyXUAoYUMOFywqOHYjEVsQ9ENVuXBfQnbkU2CLpTHFkpf4Xgp0Kk__k&dbm_d=AKAmf-DhBFTafXvRf7MC131aV8kPfE86cHuAN9dm_u2uGxiOowUQQ4NtaeoTc6Tb3VbNN6mek5m81Tf1MBPoJ77rSl3wboGfNIV6iQXi8ahfLO_Hhtmx4d8xWIVlcVPXVA4JBZO7Epx8Tk4VvYgDc28eJYXM-GUz8zKFp_3cGRY2KCYh6IL1S_d5SATybyh0gqsw42Gbpqiqsv-UoUpBXNN7EE1EyyN8cwZgFw97KvcjIZoPsiaNhdIUYdSOGZDHSPkeuGGWZEpmnCi_gT-I_xhkorzkuubETqof5S8GX8Hti86CTz1bbiVSZw-_yX1IdhsU7sfm5CMvQgWu4BNpiz6kAim4tHNnU0SGGgAJv7vtihjaVpmnm9eTxyD0g_3ZB4OeeOC2ItD6CVxfbIwyqpTVP8BjRiA3RnPyHxqa0dDkEyKOvHm_8Edu54kTPxP2DVDSLvh5xWqvoLY70M1ltP6BJVdLEEEK54IMcil6ix689vWwdDhcn-2KCKxwAlOfxkxEmw6o2Gutc3MQOyLR8cC1h2meT15kXG6yeGQ3rliHm6NngsBLsB9UjBsZznO-SPwErzgpDepBWvltQO3xO5o6vN15sirQQLPs8rw1txanX8sqkotbIAafgCqiQCWmxM1Aqg6w37scafVpcjS0lPlCeHg-GB1rnQIxFnmfbRIf6krZTWDRA9VFQQBCNH3MboaLUsh0-f9Tpr_zyGqE8n_E30FsGgSvJHAc8qKCcDIZoYzesi6-KyfS3sqDV33QsoY_uFlO_VlEwSVX6p5Bm5fDQVU01cLdUaCFD_4ua2YGGzjZEJn9G7eydIf_VcxynVIjCgpSVawZ0qCJ-hEgVrfLdRBsKGIf6LQ2XtYXVSergFfpF2uF3RfU--LaEGmH8FKtWAjyrWjNcAGYU52mHHYYPM5aoZGW7j5lICEaxa3G-Qv-sbM8Zj6rc6VPz9o6Oz4GR3NSX7momkNLYdeFWZbOqD94l-vrs01Kj-JUfL24VrSDz4_Tgg38LeHJYGDE4JFOiOYm-cvgmQra5c6Jl51ZG4WQTCT_xfVWx1rA2F2eDI_kXVzA1m_sgt8dHwOOjwcT5Eg9shhgG3oT7uJM3EDbBHfB1kOWITZsBzTZrWcv4NkxHiw4hanrbAZUi1-pdCH56XWz8zgWA5CGNUPEmmADwXAG6qBjezn0BMBFnqqptnkEnutE0IijMlXQv0vbJ-4j8pMchbu0jYnWCi7NjN4Y9ugDzeNdDN6fbDlq93XOGY6UVMRCDHUkzBrH3KvT5-SlBKEl9ptfZIuEFoU1OKVOazETjXB_7wOgPSn0o3lFaAyqz9_JyL_CC6eekZ6wzB6LWrxD25uWgIUYbLNfPUUvsrGWcENOGLr2_SoSPZcT_EP9_81TN6l3jADyC74HYc5uVb3Q72GxliaplcgN940BDkZ3Vo_RqX7_npCU9nt6f1siaVMD3IE2wwVkRPmENa0SmHDfZrOb_-o-YU1wp6MNIcknFTqr7UnraudctjjDP1raKNgkS9eeHJ77XGoOhSTDEgccK2i6PvWngvCeCdPOnYgumNGVVgNIlzT8DrsnQBbPCPcF6ytUPzozKwF_L59bwrP4xxvDU3WcaTt4PTKt2LeZeqA03tK5uaIu38HJobOoP5jNPwr23XvceARCgNC3SzXDgnqHBsHe3Tb3bfLsHPF7H7aJOFA6ljRdlnTECVbULqYMSyILj3Wj1Ud7Ddk27jJtyrZd29SppGd1_hkLzLlJ31RAgTbmAJQLwe2CWpLxlMKBXvFtzQPC0JCjnd4o6jUSmVwxtUTdwv0aS95Qvn5UodX408QgMJlO0eGSHMGj9TP7fU7ga2mIDVUt9LAi4_bTtTeBAWUZ2U2_6BdVRsFJ1HWqYUioEhudcfQO_RZWsLuftW2It1M9Rfsnlmj_lcCf7KT8EZSK4gNao5jPL-kbvxBQNpRQri8LL5ZAt2t02vHWph6HWaLnmUE6o7Yy9BzmhoUL84-enMahqrsdK9QbReNXINzycejN4MWCNOe1k6_Wdd4Xb_OGEzbzxfaRwB5yJJxOhcdAyyBN0RmuWD4SzWw2E7RKecFlAkAZLYt6zYaWKegw54Xv3dbMgyX6Zc8gFCc3x0Xe22tsruUZvDjE3MRVaTtx069OX9azfJYN7lKceM6Y9DLLys1dYaO5QcQL7FcH97FIoKUTx93gnnHEQqig74dSmUyKZGcDRMcwO3wqd-21UKv-oKqvwC7YBQ6iB4Ru_CtVAZ4MPGZXCNRo_vMBNL9z4IbVJ_K5SmMESXXWxREfsuPdzV39AoZmVm6MTgF_KzXdstGrZSBPJzsH69Q26hgmQPotapnm0TEnpK5rH3xTDKfBX3kBTw2OMPe0kxb7W7dksJpq5hORbtcPSUPtTaxfceIqUAQnIV5w-3DEaUksvdeYPnO6431tsNylRO262YwEsISEq0-4gghSmpFVV40YxOBaZ17p650RZmQfxUBANE_t6ITjvh383sjc9Jb5L8R0pmzxUj4a0mwVdDCSsVK4AoTPLLw4J8ksTeqoOSnMpU7nzwgkr0tY-hegyPr2rejTQKA-embHU7yLMBL9g1oSPKykrMgK59eGrkRLkKqM9qAW6UMlENk1x6oeeKkJHWgYsPk6h-ggQVY-bw1wV2aFvbLfhmps2Tc31-i4hvLNzo787Skgfptw3A2a77aJv4p9p1JL-7jE21A16uyg3XpMcLsqxMUfE5IOhgr8_zdJ-utybM1vZecOfc6dmTkAFIMci_D2mlbPyzZPMB5vVCpdszO6zdtINiL7PxtfWhRAm_Y6_TKjGFRoUg4BUvarnbDsiwDJvc6JAkViPL0Z01hxKwJD_FXLtd0rsTfgk4R6tvsryiIHaqEgge2sjMbe_sJEIGE1Zkm_eYOlPR_raaLZI3_qRxdzfRo0ErB9s-kSuR9LNgJGfDLwDSj7kXbvURLBkH2rXQtHYzhoZeCHhQwPVRbPY8LxGVzw-xrANfzJyflVheeVzpLGdp7B209bG7REtH87D99CvF7MbS7Ws7bmZyjHohHcUcSfNkH3ipH4hhoPORltKCS1rqQrrYbxURbjNWODR0iXF_OpW-Sjdr64DgkzApSGfyxurOYjcg3_ucDLzlsQMd1_V-10Ph4fw_R5-7KJm87RGwngY4ty-Tcjx2pY_O8-nGuk0qE7YTBou2RLHu3uHs98C_FA1eAaYh4Sy3AFC0X4hwqtmY_912W14K7uLZuzQs5YjVtaAMNEmFNcIMDCjvUWegZtyR3bNmbda_JPlYHfgUsrMYfi7bXmqOTtwFk17xZxTrP2nvwJH4msSnKkPIkrz6XlDQ05fb4MLidedB22AEhFHyjat9bDZm3sGpcET0P8SYBKlCy2d41v6sytCrW_xo2tP_Ao&cid=CAQSOwBygQiDC7iOjpyWGCY3uoFaD8PfTK-zyUQkR-EKXGKvuBZ_Q6Xdor_AF2oGjW6-iJzvE0UusX-gRYjJGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=8813486732546523000&adk=1599433117&idt=152&cac=0&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd4fb6b6eb861abafa9e49a562d9e2621962d56c2d9698745abba5a6383ba755
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39531
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5C9C 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 16:34:22 GMT
x-content-type-options
nosniff
age
224503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jun 2024 16:34:22 GMT
sd
us-u.openx.net/w/1.0/ Frame D549
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHW3zF_TdNpohlZFYiV27uo&google_cver=1
43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHW3zF_TdNpohlZFYiV27uo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY8Yzo4gEwAQ&v=APEucNVzBNo0mISaPENZdHnvziJgdPtRfpDXKky68CHpCl9-aPUy0BUkzmuNvsf-DQyARvW3WkZ2XGRCI-WZH4SWcZgaoIvFwq6GDyOFh-7o76mnq6_pPB5y4hLD0wr82DNfmU03mtYbsiHN5TaQRBFCb7qJXqA8pIlLKpPt-qGXtNca7zcUFzM
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHW3zF_TdNpohlZFYiV27uo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame D549 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY8Yzo4gEwAQ&v=APEucNVzBNo0mISaPENZdHnvziJgdPtRfpDXKky68CHpCl9-aPUy0BUkzmuNvsf-DQyARvW3WkZ2XGRCI-WZH4SWcZgaoIvFwq6GDyOFh-7o76mnq6_pPB5y4hLD0wr82DNfmU03mtYbsiHN5TaQRBFCb7qJXqA8pIlLKpPt-qGXtNca7zcUFzM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame D549
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEDG1aWLsCq5190DNdk9fUvo&google_cver=1
23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEDG1aWLsCq5190DNdk9fUvo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY8Yzo4gEwAQ&v=APEucNVzBNo0mISaPENZdHnvziJgdPtRfpDXKky68CHpCl9-aPUy0BUkzmuNvsf-DQyARvW3WkZ2XGRCI-WZH4SWcZgaoIvFwq6GDyOFh-7o76mnq6_pPB5y4hLD0wr82DNfmU03mtYbsiHN5TaQRBFCb7qJXqA8pIlLKpPt-qGXtNca7zcUFzM
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Sun, 18 Jun 2023 06:56:05 GMT
pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEDG1aWLsCq5190DNdk9fUvo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame D549 		23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY8Yzo4gEwAQ&v=APEucNVzBNo0mISaPENZdHnvziJgdPtRfpDXKky68CHpCl9-aPUy0BUkzmuNvsf-DQyARvW3WkZ2XGRCI-WZH4SWcZgaoIvFwq6GDyOFh-7o76mnq6_pPB5y4hLD0wr82DNfmU03mtYbsiHN5TaQRBFCb7qJXqA8pIlLKpPt-qGXtNca7zcUFzM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Sun, 18 Jun 2023 06:56:05 GMT
pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9F56
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6AD4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E6F3 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407280060&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071364811&bpp=8&bdt=241&idt=307&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&nras=1&correlator=5539729860041&frm=8&ife=1&pv=2&ga_vid=1046408892.1687071365&ga_sid=1687071365&ga_hid=1995667233&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2597333745&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31075054%2C44759837%2C31071755%2C31075304%2C31075308%2C44788441%2C44794790&oid=2&pvsid=652952707877614&tmod=1814655992&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ert20takdjkd&fsb=1&dtd=320
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sd
us-u.openx.net/w/1.0/ Frame 01F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHW3zF_TdNpohlZFYiV27uo&google_cver=1
43 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHW3zF_TdNpohlZFYiV27uo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARj8x7LlATAB&v=APEucNUTpCbSMZevkTfExWrbJ2zFE8l2BfJSEjC-_oboc6_pJLfVoPmoKR6N8mArXGpmOR_rDOMkc1LX03hr07vAl3WM0Bxsgxi0PE8GE-j9H9Y7e5udvfEqaZdSsyyopXJ2_jASoDNiPE-A3srtea1osYHRTN9j2w7N2KtROgwUb-N2p_OvOQ0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHW3zF_TdNpohlZFYiV27uo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 01F6 		43 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARj8x7LlATAB&v=APEucNUTpCbSMZevkTfExWrbJ2zFE8l2BfJSEjC-_oboc6_pJLfVoPmoKR6N8mArXGpmOR_rDOMkc1LX03hr07vAl3WM0Bxsgxi0PE8GE-j9H9Y7e5udvfEqaZdSsyyopXJ2_jASoDNiPE-A3srtea1osYHRTN9j2w7N2KtROgwUb-N2p_OvOQ0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 01F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEDG1aWLsCq5190DNdk9fUvo&google_cver=1
23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEDG1aWLsCq5190DNdk9fUvo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARj8x7LlATAB&v=APEucNUTpCbSMZevkTfExWrbJ2zFE8l2BfJSEjC-_oboc6_pJLfVoPmoKR6N8mArXGpmOR_rDOMkc1LX03hr07vAl3WM0Bxsgxi0PE8GE-j9H9Y7e5udvfEqaZdSsyyopXJ2_jASoDNiPE-A3srtea1osYHRTN9j2w7N2KtROgwUb-N2p_OvOQ0
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Sun, 18 Jun 2023 06:56:05 GMT
pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEDG1aWLsCq5190DNdk9fUvo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 01F6 		23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARj8x7LlATAB&v=APEucNUTpCbSMZevkTfExWrbJ2zFE8l2BfJSEjC-_oboc6_pJLfVoPmoKR6N8mArXGpmOR_rDOMkc1LX03hr07vAl3WM0Bxsgxi0PE8GE-j9H9Y7e5udvfEqaZdSsyyopXJ2_jASoDNiPE-A3srtea1osYHRTN9j2w7N2KtROgwUb-N2p_OvOQ0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Sun, 18 Jun 2023 06:56:05 GMT
pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
ads
googleads.g.doubleclick.net/pagead/ Frame CB20 		30 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071364820&bpp=1&bdt=250&idt=356&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5539729860041&frm=8&ife=1&pv=1&ga_vid=1046408892.1687071365&ga_sid=1687071365&ga_hid=1995667233&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2597333745&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31075054%2C44759837%2C31071755%2C31075304%2C31075308%2C44788441%2C44794790&oid=2&pvsid=652952707877614&tmod=1814655992&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8dc4e6frbiyq&fsb=1&dtd=361
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b75e7c7d47eb17dfdaaa5716ca7e5a0f784d50226c330e6249ea38cf097491f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12535
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D379 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1258818796452&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D379 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1258818796452&version=m202301230201&ct=76&x=1&cor=14093905988457042000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D379 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhKMNroU8h-bC9r5BWnhAYYCF71YzKVQUy85oB4eyMpVanTi8bbyiJYUgw_hpkNTbPSSJpFUwEnVyf2_Ol7QNpAVSGjMVznlBOpl-1igNpsAdn-QL1V-VvIWi2IbvXV-iJhB5kfeQ94hGvxFqurUTq2t7bb5T4ItKGUCB0cJ8MjpUJ71o&cry=1&dbm_d=AKAmf-BpAf2rB9EDrxZ1ZEuD0JfT_XrNwEgpcapQftQJbpBafHL2r1Wszcb6zjUB6_DBOMKwMgR1Zd9xrge9ZXJO7tyTNImkseUQ-HF5AJ0T7f6bGGFnKKL3sF82xC2VU5PQBuy5M67MAAtUVPHYVYAnlVV4gX5ikdfAhXUZ3SoyTlk1IwQBR5PzPr7APoZ00wVUpE2KYwd5Ksi0sc4nIsYLSC5rTjo6O95ZNNND--3xOYa6WKqfCOJ7qr0UqT7b1mUiy9xEz0lvBh1gqLuVLVB2uXUlleMCgsc-vimSi_9lJ3U3PjqZ9T9F2dnhKEeLRfdzzzslvjZGBmrMYroQ3kDx-dwC6PyW3vYkIdBvHz3UxaB8Zyv1LlBwMIB_V5vEjjmFGTk3swLcEbRKPky2vWs2M5xGXUjSPcoQY5L9EJz8_-6kjNFv3YPhTpht4GB5EPPKb8SAnFgHcjEhWWz1oTg3JhZWuYBUFGcJBJlbS57zajI-Yc2Hw76tPo1_YkJQyATptN59lrOCqx8n3SSITanExKN_vMhnbLI-zswmcTg5SOehHOH-Z66FVQO29v5ZtpGUT4pXk-vtYfbAjGapKDwUmNCbLyhhIipCLZtcqUWoDbQzVyv1X-f-Dr6uKyCPbVE1A7Xuws2nxCR62FuMlSof_Qk_n9PcXeI_-vn4dnAAFqJWafFDbxsvPxwMfZFZc_r2LerRL4BBsEPW8WidrFvZAAR1Cvw1spQknZzn_RBK9wTjgMwvBpMt1dJ8IQ5nbkADrqrz5HkQtZgb2ygsUvVlbHlt3l-zo8Sm93pOeusi4Fj76NRojjdv5-Kj9ZuxN4wFMH3LtvUxrj-OTmHRezRcVEllVRwMIbLScRj-JbVbNO8veZl1Mpr3Wd5k4o4kSQdEOiViju_gv25cz4tVnN_0y5b4Jh-o8cu8UKoLd6JsonvmoahhU6R-BbOZFzFnXijA9Fdw-BnaT2i6K8rY4XOIsGxo_38GJ9noex3QjWn5ouXVjjoq2nKyK6yTKxXUmY0j1MLiy-Pvp9XVtIghDH8BrZK_ABpa3tAg6CEgig-Tuf8ZZl3nh_9kk-nvGfumq_fzpzR0_seyGZDD72yKmWYLIZxyGhgIgN_qUjIsQ1zPockpEkN1fZatjdKWsmYMGnzFU85wEMohgum0trXjfbIftllXpuwxT_qABE4SmBiZ-4AHdyy4Kv7hkvQJkra0G9i4Z0B2-lkppciYx7ZlHYbRSor9lGBh3byO6v4ID9CjVXU2okQMf-8a248N4JEoMsDzqqqRkYNkzjV0t1XNGqPKnn5Da5Sxys-1fXsKNBr46WIXV0NAmWfdhoiJmxP4xGJGE31NRS2L0lkBZVvZ9qaO2r6gvMnE-re-bl8y4ynEPbjTOKn4nqGr6qP6C_ZLRFcyWkrh61jQ4EcdX-C8J4mELv6csN3Q16fLShQRAYYSS0SsOh3__yCvCbX4Q7WrP2C2ohrtUOF_JQOnm83agUV3hPQ3tfKhsAdUQICL11bGUOo89riOEiM3T1psL6Q9DjfonHzyASSg89aLM6V-0DGP4HB_oRXuUKMLWzxSTeuotPc1tiVO1kY9p-qR3rx_NY3oXWmln_hvjFyXpHFDIvzF9LV4AYI3-3Maqt5pAMJyyfCUKEj799fX0Hd24AswAovtwzRiyh3JabOTkdMGqjacdKHrldcPEt6XjItjSPeFRIGhQ00WkGtuYtLK4hfikwqqyv6_2DQa6x0UmfL-ArPxJ141jcByDM6-SJbSnCIvd5_VPsLvtd0Y7fe9n7K0_OYx2VnunFIOnKIP9Wlh0U3i-KZX5qRXLgg9EjlLQvIo12zxsZ6nw3Gu0mq_pJyZSfckUEJD6FPvpyBxH84r-QJWLNjKTjaD6SD6Agt0kFWT8la4qr9caUcOBS_Z9aqCKKPhp8GYjE9-UX0H-OwHtPPAfc0TfbcAotvyQYqRwyi6iPW4Zy7TfMbHZdenqn0quPniJHvnrTqVmXK6QvXEVqXHrGdlDU15m7m-DwbQdXDPkAel709dbIIKb1PLs8OqpNfz82-hmh1fU41BwVd_IpNSBK6IRnezo6lRInxAzqamu1xSMVbiRrsMNrp3Yg9NC6v1m8o1LZ7OlBiuR9R81s7yKrdr2L7sFYNYFRFkDh84tU137X-CQt60EZzkqy4H2ALU_xdI19m0y4OwnhoiCtBtI_z9Ztyx3bHtAw0n-9ns60RfyEBw0NscVQqaqaBwAmt2G8UkO3vkgNKsGCCf-Cdb6ehTB7B6Qpxdlm1xHV7m4-L8VEGcCo-eJezN_QMcVeha_MgvlDr1u0Z5Gksjlpppe8fX79K-w71KhSoBdIJU4P2RSUsWoy_xqe8n5wGLdlKom6ghNHKqK9v3mrXnZsKmHC00ISfpBi9VqojIMU7G6O46eCO1rygjdajX5Ce69mXOTRWIwyFFKOv6ws27Z0fchE0xTU3qD-gKmMiInEnITs-HH-zlOHB1em9Cno_cK5ovk0RlbsU3xIgVegGXSXMW_eykNbbMHl8KG-Th38sIyFQXKtBpeWvbHpqg3NrXweeRLUhDMzKEzh5V2sGZi9LjolAOpvFaJ-KZIockiqF0ePRuTIKJmFEc-9nP-xtHZxctd8RPd5aItk16BGysrGd9S2Mu3staurlsaScXvM8E9LWt-eCPC1PWSg1ZbgYal0IMQnE4GMZtXBrtGOuOXIdTPHLqAHWLlyLWD8-vGxQf-_sG_Yn_O-SNdwuHA1IkjPRE-25R9R3fmEfHGNqNDelosCEBjQ13hWot2O_NBWB0_ZRZQ95l_zMxfM_MNMHcap907Dm1GAUiy4gVSuiPIFarFAkfJq__xlGSapN7sxhXQgRFMU6IpnjTIRiyNUKFkNrMbQ_GNC34yilW55cFEbppfl7Q5zHZGqRPbHPxgGt_XEP1H-rBXY3uipXvwOb5TiISW6lGFktY9ejplpNNn0sdJoK8rYb6yBJNbHce6BaElUfDSlktX8c3L4sjQPjf773nM_R3uA0x&cid=CAQSOwBygQiDOQJKt58kWM4mbEQsgEF1qsrgXu212ZcHvCr_B7muWqSDUR4Uo3VfQd_WHNnujhV4AIpCE2YRGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=14093905988457042000&adk=3587751834&idt=171&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea8dafa4f284f554e2b11152a0dec1bf77ad06747bf600c734c427ecf7b631a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11512
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 35D0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=607040779891&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 35D0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=607040779891&version=m202301230201&ct=76&x=1&cor=9080684888668259000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 35D0 		86 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BT_qrJ7Y3aUaqyTylx-qrDcbsiYr0Anemb6DNi1CPBAXb-x9Lsm2J2HZI_mwN1jpWZYsaxh9VHalxw2_SnoCDEokkIlHF0UGEqiTiRYerdbYqt1_o-5nYOjZ7t4pVz6os4C9K8CltvRoYVEiChpA9YHSfNLv8jmMRzytCwS31vEmzsUog&dbm_d=AKAmf-DTG6zD4HAkhcWudtcNNp1tfq4dhkoiLH8_bXL2856ogLBswbvdt0zrhK6tu_vkwAGFFEIFuDT_2iwH8byYzqVDodm4Od0uR1_1R_qCl_lLUqUhnIVczcFJ4ao-orUcxK5y-b2UUYsrRPPPYKWQ5rMEVXEDKP26q33xSrR3jOwKMR3bjHVhUEVKL4uUDnAqOJyiFeao0lDVexGCDmOQkugISl-DWZ7GUUc9PVKNMPpYtNpaRRHIze0O6Ba_k6VpgYh4KX53V-Mre8iCxiI0wZb0h-Cxe2ZKgfwTiCnSX6hXmckafNjhAoJupoYTraCfjtfpakagzagv_yglpMVsA5AmwqFtZMR-Ezu_JArL_gWRFw72GVPSaRE8Wsg6AjTn-5YyGhY9Ia81xZtjxLd8pRuwYeFVtlh_rmPmqlw_bzM4JrcQL_oBJosl79L5ClssTzt6vuT9ucU9pYxPa2veTgv1TrVBsoaK9ZluhZf5zyh9_h923TpW1oet0k9p0g4sCuw1bTRpm7zNEBHue7r56s2hsCHzeGK7LYPmOF18FBSYALggVWcYK3Eyy-GPopx4gXa-Y2rR0eoBBRdPLB6SCsZRVcojwzWEqkqBhHkmfopMdlQFZtsnOIm1tWq9_lMCnYFAhCWyTpB1mGHvJ16E-GWlSieFiUujr93slTAuqoCh2ig-ee7l2IuPcAaDCrRn54DGHDXLsozaaFfdQ_TDiE2dD05i3o-OfsIMs64NN0LVQyAKdm00KtQQahiyyqvdLADc5-7NXPSagxN1Og7Yx5D_C4crCa72tuXpwb1tXUiowcehFZRZspNRcFiadpAEF43YbqZVOZtNLCSnthXvgmMqPFQJqFx5XwYasdhsw2IgcV2xg-CiZgn-INZ3ivlUeifpEEd2iCsxzzKZshYgA9kwFnjWhr3e-BtLYmg8nInWKhWlEGJM06HbTDDw5Yful804wf7INkx399vBzRpfnOYOT_3tMojSC_Q9zqUliju6_nP59CcmQExqwdjYltDPSL2BpIi3EfmAwws6lPW7EWTHf6lW1UTqOZLCK_oRh5Qk6LpR-nlgS6e4P9HZ7YM-thWzOEbGNJhUo74YotNOstehv4fMzBXalVa0Yqq32ramDy3TBgg2GocyCKsFR--dRndCBGk0G-KbXPVv6TrmCfAX3qGDJU_bPklgOET87s32SCCc14h4T3kzH8IvLxMcbF4XihzYvBVxZArve_cXRgJOu1C-ybhx9fboN3M65KSiknZJF7ByBoK1YThdkelpCjBJm4zYVTAuYdZQ5w0ui9o1mAKZc3ise2zRuwtyG_rqMXm77de7ZEW3G_a22RRV2nrkz-kZS0txQyIu6ZKEohP9eIIy0vEsso4QReZvkJ_EvGcRdwRmply9zGgzs020yoqEyFdTXbKm4_PuK2VKDWgo5gBwmpOV1qrD3U4DdTKmkmSBMWJsfxALkdo4GAG0a46_L2XHLJgdcmtSKxKAJppjMDFnfMe534KK3bhrErYj-2s9CFeL7uEMCGSdOS008dyJPo_eup1F5TXCzgLShhzQl_x8GasXqIzTw_7JXU2Bznu9eqqX1CMyQ2Na8lBKAmxo3mL813VSVpAmmGJ28sy59Mb8aG5RdFOK9pDnzRuYUlyfHC4FgVtsqfCxLxwJeSKZL71UCu5auJQrJTkVFek3MKQpgVzDl44I4W7uOr0fPbFG8PNImOkZckBZ_jzMAWH4GZpPA6dSfjVJYxjvnFJgLv2L5Fch1Rf-bSd7WAUBEJs1nDR4VUzVHtJTcB0Zgiylx9eAzQl91RSpfnYSBl4RTSEzp_Ls0CHJnEGUdsRN-zIxL58h3b22RW9LwX_jQgWwEKOjgGeB1mj5hVAcGFNgUEAKOxDrQumWKnPHAqwCW5ZRad5PA1b-SbPYxUj4eQM-fb4SwElbuKJ1PNt0gOGH-Pso90nQaX06IZpO106rBBC6hZHa_Fpi0pLdRSofl_5U6osiyHmsEj-e0YVtJHnNg5wByewVP92uoexzLYcAMLQEBofMSCQ-6BS7QaRKCUF5VEVXMpNUEiA7SNfKJwnqI8yddmwdPjiiXRpHQyna8PNBQKqAZKkUtOsgaTmT7arDKOd-0oOnnqXsO-nQ-Jxr5P93QbT07nhhRrrY6SeBd9FjBFIMo4az3YlZvQc269A9ZoD2vX9ZlPEew5g_m5lX2VrAl1c_F9jZLjgdaV9_ARR3NcZaGp2jnze4yvT7Kp71JTjsaZh-fyX2-LVYGRkCB-12X5as0oWPlvmIfokxT70ek_CoP7l90ye31utLUS2mZ_Sg3OpxjfkwpfM6RYcehDHZxxc7963p1OhYcK-rx3dxHMrQPpGpuJ3xGu9tftY2LAml5WD3nkSObD-9IY2qlkiVc097d_zEh5bWVAOafidNkfazq2u39x6tTDiqUGrDR8zW4vIMZbyHf2x5P7STxSANsnI7OVjbI6SRG5MW3EQ7rXGW11mUH1NCLtvxvZeUF7_OueFWemqM0rUvadk_Y6ysjU1YK8XjZtgUKRhaxDVcKrRu4aqvWMACyr4TSqPp2criB8GCMsd-fXUNHdWQngv-tLqIJs1PutRNmSHvXMd3PcYZb_QluD_w9AN0RfMfwKrwKjbPZA9f-FmZtoLLj94FJpKXE4CIufLsfhxbMFmuaMSxsEabugnWSCnS7dGRo1pW3hb8nvPaXZJtT9P7a-Fslkg7YvQxqdYuYQPBzfULenC9SnbMMMBB1XwlO5A0Yg936S3sLUI5hruR7yr9bj4fyIOGS3HtfhizgYUzcqL1lbUgrXaSlHJH81_8mcuBrVRC_3v0RRTdyn94yJhlKyw2TzdnEJvBDMPrgowv8RR6tkaqbdtKzzlzh0iDk5QMExg20Fd2svffG2tUEQNFVeK1F49nyCE35Xd1DDrHsOefrbgx20HvdlMBdDADAt6hxt-w3A6MIXFOADekSeCXORwpIHETR0uYcHfYBHRagUISBbj8kR2bXVMSj94JoQADRjemUHs0yL2xa8TTafq6czeTZC13Jhrf2VH-7_8aAN7EEVuJWuc8AWr77-S6lQ4Om9tPIrN9isRjJWIxY9cHIFp-yFYgf844pmb1ibUatGJ2XcEh_jjsqGdBpEkrB_E0_frZ-gPOS9kkr4ZjMFo3T9yh5YewCW5IX5-w1VKTYCUlQ5e9xKonvvrYQMzwDTJ83eABKY-3R0JtwwqK0DtbvTc4iBS2M8n6rx59uwkZ3GNK6nZndzjtFuhhlgXY87_IQGNvvATKe5OaHIPZ9eZTl4pbmM-fFtE7KbCVVHXD2W7WGgvrNw4tjley37sWhxruedbu3jdO7PDDaIlpBEnEYae6eic9f48piWckjB-2hr6Hq6K75qkrghL6SmpE4BKxy-07&cid=CAQSOwBygQiDSIK0l7fK7hS_NnWw_HWAHBcfoioTmvMX9Yie9b31DaRXxrAh85a-9q4AaBhj7YxFtP-I7-BjGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=9080684888668259000&adk=212707235&idt=216&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04a746abda474a89f1628881bb939cd58f7152f2b0237adb82a0879cfbfa382
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36741
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A1EB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8828466252687&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A1EB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8828466252687&version=m202301230201&ct=76&x=1&cor=2354334845996096500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A1EB 		87 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWZnnQzxBmBnA2b69qfsJ0xOj584TsnzAcRdN0iZHSsa681g1laZc1VPOn44mOgKuetEmO9rUwjtxf4oTzYOq392gYAMst28tE3bXAOZIxygFi50YSHTM0uJxMFsSiKLBj0q9Cldp2JXe7EaXfQgLzZn2VK5-hIy1rcn8EPr5zIimCMgs&dbm_d=AKAmf-BAbUxOBvVk4ctl43VX8_Qp4dq7_nHi6mwI2-Bm7r33l1y7FJY8nNQ5vAPMKfquzL4Mq0P4pniafh9QANrX3vPKQOT7woOpU6yOYhmtx56HzMXrr2PxdE75GYXdvADoelnO_KEtft6MLB8g2619NKVJ_zZh1Jy--BzaiQ_3UeoUbWxKK8pooSbpg-D_cLqg0rxrdQHm0dBUZ9LtMlQr2e8HNhOq3saQmyYlD3Wg9rbczBD1z88gjnOG-534I9SePxFXmdqod4z8nI8ozeys63MPiqPY3U62-ohvIYNnwPEYJPUT826y2niG9oLgwxQvbGKl297a5VvTvfjaEV6VClxRkoMLvqMB2Ps9iUOoBHMoKECulh0CEQqcqQNJFzcrfFbXh1bDZjNu5r_woPnWYVXQI23vnEpfvb2M2z59crR9k-GVzoEwP6eStWJ-b2hNadPoWUWIeZ6g7yOwJdc18mjkTFH2faRw0znbGV_lPpevndm71WA52d4xoLvM1WRuAzdvjE_jxuLpzx47vm9meGVkKuz0l7FHfzCy0Ormrg1MesJLwoSXFoKHw8UmeFx_00HiVB4KCFSzwNU-tE2BLHUq6MCS8V5HDBFbNSzNlQnhFWj_zZxmHVWp4BoymVVs7gdwXr2yh9LC0ZLqZb4SFOQsouRlgnQStUSsQXCcxp6deMKYrduwUxrrxTH40HsJv-y7czOnIq2gUQUsD0nvKUuEjDyMM8tRTHQpML3xMemYgB-YNUBdp3Zs27nn42WeVAqemLiDsZWR2tGf-oRfdAmaZLl35KfxxnCk0ISpNYSCEH7dj5-1TvO0nbuTLZXUvLWs8FeOTthusFn77DMdAmsFcqTeZ5QRGm-Hxo_RNmN_aZJJq6v8HbZ_uxrq1BgSUbCipLU__GkJBpsRqIVzlWnZ3--Jo-D7UGxYq10rTy7A8FT1YaJqSARf0HTrnaHhmiSHm-uJaQourMcujwGqHWu00ovvmQd1_kpcOnxN8NJjJk50pt3Uit-rvKP4MjHk8q2treU48gOuJFHWPVdvHnJOIMyU6DlouauxJsHUPJIbwK_Za75leNLWrHAExYoJ_rt6q5HcJcthakxxxiwuBlEte0_alTiK33T5hXN8B6yHwXrLBkZLq-qyAkzWAFIT7ASYTvUN6cWcrpusS77yFQl1Jw0nBCzrTLkZBU4LMgRRDVhizqnYzzq-amhuJR5ZKuDAHg6UW2TP0VjnvCJ7y3580CCOh1u9U27smjvGweP-Y-ovUBMKtWiRLMbNXMI53jZtzx0Whrlg2z-J6XaAvOnHi0j7eaNLTR3cr_JwdGxm7ZK_pKpUl6eE_OUKBvcMz13IJtIIcOdOtYhOGX46kyUDioDVqRPXVMAh1U3l5ph9E7JQ-UVt4QEZ0Otxn2t1ssTm8llMGBNtnVESXY44wC-hC2vjNYV_8t1717l6Piab8oeqzEfKMOrPf68uDpR-Q1a_n5upRCIo_rh74nvmWNyrGSpQ95IDAYOtdq0Ud55O2zox7snv3L4N_UL0EIalBVYXZfL9tM_ltwajXMYc08SpoSsW0zgjMw1X4LDsptHDrZ-HFtw60GZN34uomscAxoUyOyNpOkMf5J4NUoK4nui9q107tg5v6xmeTdGzNtT3kfZMHKUKwow8r9AHR6ylDrAsrC0l1aPkbiP09zbnSDhwOVe5P7z-VKmaCvIWAukKsuhSQrVsh7Vs82p5ybRCGlMk7vPaWFs_1fyI3Q02Vg7kfYpm8QQc9PH-TGMP4evDvPFf73ENWVLU4zFMN4ZeB1I8iZeCE3IKA-gsBKfQgIqqHMk-uagvPd3V3hCHAPrgkj6XywoRcs5uuFm0v6460UhPYQ8uDOWlzTIBDKKmu-qn6wnQEvTr5GLx5WNyIZLktfkrsHzGgi8du4XJnpsMWYTI9UDUi4ZoZdnb31aDnhdUw6ENguQg4duAxWqz2QBJqz7H2NHyRdguh1PECyPbmqTarIb1QIWbbvmw7k4JzGgk5Jh0NiIOORhO0OITzxsX5dYxfnuixxcLFuGXwUbXeLMVwcVqgQSk_u3YyZT-pkGCSpkG2Pl-9qLmw0nCpMxRxI9YBBWJUaGWMtKy6ECIP2iMdwWGqmi0DRNJM6gBTvHHYCvmY3CfZwnoewLv7F6zKR8uZ51o4Yb6EPm03ahJF-Hg8jt2IBXe7JosvljBz0ChyMGfKhnQ1f8CMwxVlJ0XdIWSWLa-l2wDmfGrodoSRyYptS0oBtCz4Y4lcTq0q7lk7tkobbNCDQB_jRmBRizZcOMUwrcnQOs6X3zSScnTOu7u-EYs8kkYu9oDhG9k1o5XlsKo9BYgZD01X8jUtVyepBt7uTWS2CK_H2nslXH9ugX3ZYSdZtcyi8Ym4ruqpoM3GLvn3zfBQFGvdPM0UU-qmn2nk65ut1xI8e1M9HxzNCGDvDcXddpEc8c6tcrEdZVgXs6ftCTvFJO7MXvP3gX-JKEarYcD9B0XnWqMwD8ffbM2R9nG6pi5VGbBTHSs1pX0OHuEMG8CkxBYoy-LJq5rNYGDor-GVwn_oQW49PcmeDJJ7otYjdTRdaDKdoGk_-wSkkmmN1a9IRa7AtW-SU2z8hsTzcZnm6km25EbwVNft0fOc782Ued0eePWSkPhDApIATjd_q0dnya1jATE3WWFwiBBNlaRNQa6TBr2E5odlX620hrpbU97GRzuVuYMz3pVtnJD_SlJk6hOb_X3i0mAfZUz0XPXpddFeloalT9iBEolKnnO7rDAcSogU7vUbkKDxwWQFlhhH4JyCNPNTZwsTmg8ACpZnhAjHcyDbcEwdOPD4pgXsu9hUNZlTuALhC0N4DQ57veD5SDpju92mWlkmqwJMo4Bm7clUWBpeq7Si1ANqOB-DQwRF5wuotfHFkxJqEwniqPIsvKDLJTdptKoTcEqTxzEbl1c-jKAj-WgD3mXnpxz1VlHvTbW27acNwnN_DVPXzoVk9yAQQa54N5yKBtge3UObzf-n1BwOrgrV11i4Qr9JTYEw-0xtDtTLNB22PCZN_x7H5rbJsNwS6apStHLBZVUS3u_zWg0dAEcqStZTJc7ibChrPS-lRIQtIMs38ekVtIW3MofJrx-O_AbtkjRCluxwHuDNXC3Mj_s27Me-URtdpr5XKLmGdV801J4UabzGBw3DZGt2ALq0B--PASeJh9h1OqXb623xj4yrJJEtpCVSFBd_mLvRt6NNHmvFQ2LEnb2tXRhnsYnuCFSADs_WKIJLAFwToXKsg8IHdjiORrmtx2vN9I0I7Ma7mCbiadLI3MV_ZJeiBjh6kjnkqkVYLsRjazcW0mN_aaYlxdhiT8Nk-Uj6G2KwZ1b47cdx6jA2xyD6qWbByyLWZ_JkVxGbjc&cid=CAQSOwBygQiDlZ4EcC7DXn7Kf3RZdPm6yjAXJvNO7-OrhgEi-1LtaOk3SCHhszK7UoLzao9CR2LAJGjgKZw3GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2354334845996096500&adk=578009112&idt=93&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3935d62c8753d9a1c063a77f799850f139b8f9b2899b3005e7169e2fb65b9c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37020
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5C9C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5C9C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/042306121857000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 19:04:08 GMT
x-content-type-options
nosniff
server
cafe
age
42717
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Sun, 18 Jun 2023 19:04:08 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5C9C 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/042306121857000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
62455
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 18 Jun 2023 13:35:10 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1484055/72040524/ Frame E2F4 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1484055/72040524/skeleton.js?ias_dspID=64
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.110.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-110-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
143df4df7ef6db075122f1ff92dac0f5312486876a6201951477930c1d9883ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame E2F4 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Origin
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 10:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 10:17:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame E2F4 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgqZw6o8eL3_N2GaRB3LUnKMOUSxYavScApol_3QyuM_Kpkdn2LhzHpJE1rZIReEdynUEQUJR2qUSWMxOFXAYK3zJjQvHEByPTCdEfRD544Mfa8YWih-h_CyvPVyXUAoYUMOFywqOHYjEVsQ9ENVuXBfQnbkU2CLpTHFkpf4Xgp0Kk__k&dbm_d=AKAmf-DhBFTafXvRf7MC131aV8kPfE86cHuAN9dm_u2uGxiOowUQQ4NtaeoTc6Tb3VbNN6mek5m81Tf1MBPoJ77rSl3wboGfNIV6iQXi8ahfLO_Hhtmx4d8xWIVlcVPXVA4JBZO7Epx8Tk4VvYgDc28eJYXM-GUz8zKFp_3cGRY2KCYh6IL1S_d5SATybyh0gqsw42Gbpqiqsv-UoUpBXNN7EE1EyyN8cwZgFw97KvcjIZoPsiaNhdIUYdSOGZDHSPkeuGGWZEpmnCi_gT-I_xhkorzkuubETqof5S8GX8Hti86CTz1bbiVSZw-_yX1IdhsU7sfm5CMvQgWu4BNpiz6kAim4tHNnU0SGGgAJv7vtihjaVpmnm9eTxyD0g_3ZB4OeeOC2ItD6CVxfbIwyqpTVP8BjRiA3RnPyHxqa0dDkEyKOvHm_8Edu54kTPxP2DVDSLvh5xWqvoLY70M1ltP6BJVdLEEEK54IMcil6ix689vWwdDhcn-2KCKxwAlOfxkxEmw6o2Gutc3MQOyLR8cC1h2meT15kXG6yeGQ3rliHm6NngsBLsB9UjBsZznO-SPwErzgpDepBWvltQO3xO5o6vN15sirQQLPs8rw1txanX8sqkotbIAafgCqiQCWmxM1Aqg6w37scafVpcjS0lPlCeHg-GB1rnQIxFnmfbRIf6krZTWDRA9VFQQBCNH3MboaLUsh0-f9Tpr_zyGqE8n_E30FsGgSvJHAc8qKCcDIZoYzesi6-KyfS3sqDV33QsoY_uFlO_VlEwSVX6p5Bm5fDQVU01cLdUaCFD_4ua2YGGzjZEJn9G7eydIf_VcxynVIjCgpSVawZ0qCJ-hEgVrfLdRBsKGIf6LQ2XtYXVSergFfpF2uF3RfU--LaEGmH8FKtWAjyrWjNcAGYU52mHHYYPM5aoZGW7j5lICEaxa3G-Qv-sbM8Zj6rc6VPz9o6Oz4GR3NSX7momkNLYdeFWZbOqD94l-vrs01Kj-JUfL24VrSDz4_Tgg38LeHJYGDE4JFOiOYm-cvgmQra5c6Jl51ZG4WQTCT_xfVWx1rA2F2eDI_kXVzA1m_sgt8dHwOOjwcT5Eg9shhgG3oT7uJM3EDbBHfB1kOWITZsBzTZrWcv4NkxHiw4hanrbAZUi1-pdCH56XWz8zgWA5CGNUPEmmADwXAG6qBjezn0BMBFnqqptnkEnutE0IijMlXQv0vbJ-4j8pMchbu0jYnWCi7NjN4Y9ugDzeNdDN6fbDlq93XOGY6UVMRCDHUkzBrH3KvT5-SlBKEl9ptfZIuEFoU1OKVOazETjXB_7wOgPSn0o3lFaAyqz9_JyL_CC6eekZ6wzB6LWrxD25uWgIUYbLNfPUUvsrGWcENOGLr2_SoSPZcT_EP9_81TN6l3jADyC74HYc5uVb3Q72GxliaplcgN940BDkZ3Vo_RqX7_npCU9nt6f1siaVMD3IE2wwVkRPmENa0SmHDfZrOb_-o-YU1wp6MNIcknFTqr7UnraudctjjDP1raKNgkS9eeHJ77XGoOhSTDEgccK2i6PvWngvCeCdPOnYgumNGVVgNIlzT8DrsnQBbPCPcF6ytUPzozKwF_L59bwrP4xxvDU3WcaTt4PTKt2LeZeqA03tK5uaIu38HJobOoP5jNPwr23XvceARCgNC3SzXDgnqHBsHe3Tb3bfLsHPF7H7aJOFA6ljRdlnTECVbULqYMSyILj3Wj1Ud7Ddk27jJtyrZd29SppGd1_hkLzLlJ31RAgTbmAJQLwe2CWpLxlMKBXvFtzQPC0JCjnd4o6jUSmVwxtUTdwv0aS95Qvn5UodX408QgMJlO0eGSHMGj9TP7fU7ga2mIDVUt9LAi4_bTtTeBAWUZ2U2_6BdVRsFJ1HWqYUioEhudcfQO_RZWsLuftW2It1M9Rfsnlmj_lcCf7KT8EZSK4gNao5jPL-kbvxBQNpRQri8LL5ZAt2t02vHWph6HWaLnmUE6o7Yy9BzmhoUL84-enMahqrsdK9QbReNXINzycejN4MWCNOe1k6_Wdd4Xb_OGEzbzxfaRwB5yJJxOhcdAyyBN0RmuWD4SzWw2E7RKecFlAkAZLYt6zYaWKegw54Xv3dbMgyX6Zc8gFCc3x0Xe22tsruUZvDjE3MRVaTtx069OX9azfJYN7lKceM6Y9DLLys1dYaO5QcQL7FcH97FIoKUTx93gnnHEQqig74dSmUyKZGcDRMcwO3wqd-21UKv-oKqvwC7YBQ6iB4Ru_CtVAZ4MPGZXCNRo_vMBNL9z4IbVJ_K5SmMESXXWxREfsuPdzV39AoZmVm6MTgF_KzXdstGrZSBPJzsH69Q26hgmQPotapnm0TEnpK5rH3xTDKfBX3kBTw2OMPe0kxb7W7dksJpq5hORbtcPSUPtTaxfceIqUAQnIV5w-3DEaUksvdeYPnO6431tsNylRO262YwEsISEq0-4gghSmpFVV40YxOBaZ17p650RZmQfxUBANE_t6ITjvh383sjc9Jb5L8R0pmzxUj4a0mwVdDCSsVK4AoTPLLw4J8ksTeqoOSnMpU7nzwgkr0tY-hegyPr2rejTQKA-embHU7yLMBL9g1oSPKykrMgK59eGrkRLkKqM9qAW6UMlENk1x6oeeKkJHWgYsPk6h-ggQVY-bw1wV2aFvbLfhmps2Tc31-i4hvLNzo787Skgfptw3A2a77aJv4p9p1JL-7jE21A16uyg3XpMcLsqxMUfE5IOhgr8_zdJ-utybM1vZecOfc6dmTkAFIMci_D2mlbPyzZPMB5vVCpdszO6zdtINiL7PxtfWhRAm_Y6_TKjGFRoUg4BUvarnbDsiwDJvc6JAkViPL0Z01hxKwJD_FXLtd0rsTfgk4R6tvsryiIHaqEgge2sjMbe_sJEIGE1Zkm_eYOlPR_raaLZI3_qRxdzfRo0ErB9s-kSuR9LNgJGfDLwDSj7kXbvURLBkH2rXQtHYzhoZeCHhQwPVRbPY8LxGVzw-xrANfzJyflVheeVzpLGdp7B209bG7REtH87D99CvF7MbS7Ws7bmZyjHohHcUcSfNkH3ipH4hhoPORltKCS1rqQrrYbxURbjNWODR0iXF_OpW-Sjdr64DgkzApSGfyxurOYjcg3_ucDLzlsQMd1_V-10Ph4fw_R5-7KJm87RGwngY4ty-Tcjx2pY_O8-nGuk0qE7YTBou2RLHu3uHs98C_FA1eAaYh4Sy3AFC0X4hwqtmY_912W14K7uLZuzQs5YjVtaAMNEmFNcIMDCjvUWegZtyR3bNmbda_JPlYHfgUsrMYfi7bXmqOTtwFk17xZxTrP2nvwJH4msSnKkPIkrz6XlDQ05fb4MLidedB22AEhFHyjat9bDZm3sGpcET0P8SYBKlCy2d41v6sytCrW_xo2tP_Ao&cid=CAQSOwBygQiDC7iOjpyWGCY3uoFaD8PfTK-zyUQkR-EKXGKvuBZ_Q6Xdor_AF2oGjW6-iJzvE0UusX-gRYjJGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=8813486732546523000&adk=1599433117&idt=152&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 17:40:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
47740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
5499578052516643378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 17:40:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame E2F4 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgqZw6o8eL3_N2GaRB3LUnKMOUSxYavScApol_3QyuM_Kpkdn2LhzHpJE1rZIReEdynUEQUJR2qUSWMxOFXAYK3zJjQvHEByPTCdEfRD544Mfa8YWih-h_CyvPVyXUAoYUMOFywqOHYjEVsQ9ENVuXBfQnbkU2CLpTHFkpf4Xgp0Kk__k&dbm_d=AKAmf-DhBFTafXvRf7MC131aV8kPfE86cHuAN9dm_u2uGxiOowUQQ4NtaeoTc6Tb3VbNN6mek5m81Tf1MBPoJ77rSl3wboGfNIV6iQXi8ahfLO_Hhtmx4d8xWIVlcVPXVA4JBZO7Epx8Tk4VvYgDc28eJYXM-GUz8zKFp_3cGRY2KCYh6IL1S_d5SATybyh0gqsw42Gbpqiqsv-UoUpBXNN7EE1EyyN8cwZgFw97KvcjIZoPsiaNhdIUYdSOGZDHSPkeuGGWZEpmnCi_gT-I_xhkorzkuubETqof5S8GX8Hti86CTz1bbiVSZw-_yX1IdhsU7sfm5CMvQgWu4BNpiz6kAim4tHNnU0SGGgAJv7vtihjaVpmnm9eTxyD0g_3ZB4OeeOC2ItD6CVxfbIwyqpTVP8BjRiA3RnPyHxqa0dDkEyKOvHm_8Edu54kTPxP2DVDSLvh5xWqvoLY70M1ltP6BJVdLEEEK54IMcil6ix689vWwdDhcn-2KCKxwAlOfxkxEmw6o2Gutc3MQOyLR8cC1h2meT15kXG6yeGQ3rliHm6NngsBLsB9UjBsZznO-SPwErzgpDepBWvltQO3xO5o6vN15sirQQLPs8rw1txanX8sqkotbIAafgCqiQCWmxM1Aqg6w37scafVpcjS0lPlCeHg-GB1rnQIxFnmfbRIf6krZTWDRA9VFQQBCNH3MboaLUsh0-f9Tpr_zyGqE8n_E30FsGgSvJHAc8qKCcDIZoYzesi6-KyfS3sqDV33QsoY_uFlO_VlEwSVX6p5Bm5fDQVU01cLdUaCFD_4ua2YGGzjZEJn9G7eydIf_VcxynVIjCgpSVawZ0qCJ-hEgVrfLdRBsKGIf6LQ2XtYXVSergFfpF2uF3RfU--LaEGmH8FKtWAjyrWjNcAGYU52mHHYYPM5aoZGW7j5lICEaxa3G-Qv-sbM8Zj6rc6VPz9o6Oz4GR3NSX7momkNLYdeFWZbOqD94l-vrs01Kj-JUfL24VrSDz4_Tgg38LeHJYGDE4JFOiOYm-cvgmQra5c6Jl51ZG4WQTCT_xfVWx1rA2F2eDI_kXVzA1m_sgt8dHwOOjwcT5Eg9shhgG3oT7uJM3EDbBHfB1kOWITZsBzTZrWcv4NkxHiw4hanrbAZUi1-pdCH56XWz8zgWA5CGNUPEmmADwXAG6qBjezn0BMBFnqqptnkEnutE0IijMlXQv0vbJ-4j8pMchbu0jYnWCi7NjN4Y9ugDzeNdDN6fbDlq93XOGY6UVMRCDHUkzBrH3KvT5-SlBKEl9ptfZIuEFoU1OKVOazETjXB_7wOgPSn0o3lFaAyqz9_JyL_CC6eekZ6wzB6LWrxD25uWgIUYbLNfPUUvsrGWcENOGLr2_SoSPZcT_EP9_81TN6l3jADyC74HYc5uVb3Q72GxliaplcgN940BDkZ3Vo_RqX7_npCU9nt6f1siaVMD3IE2wwVkRPmENa0SmHDfZrOb_-o-YU1wp6MNIcknFTqr7UnraudctjjDP1raKNgkS9eeHJ77XGoOhSTDEgccK2i6PvWngvCeCdPOnYgumNGVVgNIlzT8DrsnQBbPCPcF6ytUPzozKwF_L59bwrP4xxvDU3WcaTt4PTKt2LeZeqA03tK5uaIu38HJobOoP5jNPwr23XvceARCgNC3SzXDgnqHBsHe3Tb3bfLsHPF7H7aJOFA6ljRdlnTECVbULqYMSyILj3Wj1Ud7Ddk27jJtyrZd29SppGd1_hkLzLlJ31RAgTbmAJQLwe2CWpLxlMKBXvFtzQPC0JCjnd4o6jUSmVwxtUTdwv0aS95Qvn5UodX408QgMJlO0eGSHMGj9TP7fU7ga2mIDVUt9LAi4_bTtTeBAWUZ2U2_6BdVRsFJ1HWqYUioEhudcfQO_RZWsLuftW2It1M9Rfsnlmj_lcCf7KT8EZSK4gNao5jPL-kbvxBQNpRQri8LL5ZAt2t02vHWph6HWaLnmUE6o7Yy9BzmhoUL84-enMahqrsdK9QbReNXINzycejN4MWCNOe1k6_Wdd4Xb_OGEzbzxfaRwB5yJJxOhcdAyyBN0RmuWD4SzWw2E7RKecFlAkAZLYt6zYaWKegw54Xv3dbMgyX6Zc8gFCc3x0Xe22tsruUZvDjE3MRVaTtx069OX9azfJYN7lKceM6Y9DLLys1dYaO5QcQL7FcH97FIoKUTx93gnnHEQqig74dSmUyKZGcDRMcwO3wqd-21UKv-oKqvwC7YBQ6iB4Ru_CtVAZ4MPGZXCNRo_vMBNL9z4IbVJ_K5SmMESXXWxREfsuPdzV39AoZmVm6MTgF_KzXdstGrZSBPJzsH69Q26hgmQPotapnm0TEnpK5rH3xTDKfBX3kBTw2OMPe0kxb7W7dksJpq5hORbtcPSUPtTaxfceIqUAQnIV5w-3DEaUksvdeYPnO6431tsNylRO262YwEsISEq0-4gghSmpFVV40YxOBaZ17p650RZmQfxUBANE_t6ITjvh383sjc9Jb5L8R0pmzxUj4a0mwVdDCSsVK4AoTPLLw4J8ksTeqoOSnMpU7nzwgkr0tY-hegyPr2rejTQKA-embHU7yLMBL9g1oSPKykrMgK59eGrkRLkKqM9qAW6UMlENk1x6oeeKkJHWgYsPk6h-ggQVY-bw1wV2aFvbLfhmps2Tc31-i4hvLNzo787Skgfptw3A2a77aJv4p9p1JL-7jE21A16uyg3XpMcLsqxMUfE5IOhgr8_zdJ-utybM1vZecOfc6dmTkAFIMci_D2mlbPyzZPMB5vVCpdszO6zdtINiL7PxtfWhRAm_Y6_TKjGFRoUg4BUvarnbDsiwDJvc6JAkViPL0Z01hxKwJD_FXLtd0rsTfgk4R6tvsryiIHaqEgge2sjMbe_sJEIGE1Zkm_eYOlPR_raaLZI3_qRxdzfRo0ErB9s-kSuR9LNgJGfDLwDSj7kXbvURLBkH2rXQtHYzhoZeCHhQwPVRbPY8LxGVzw-xrANfzJyflVheeVzpLGdp7B209bG7REtH87D99CvF7MbS7Ws7bmZyjHohHcUcSfNkH3ipH4hhoPORltKCS1rqQrrYbxURbjNWODR0iXF_OpW-Sjdr64DgkzApSGfyxurOYjcg3_ucDLzlsQMd1_V-10Ph4fw_R5-7KJm87RGwngY4ty-Tcjx2pY_O8-nGuk0qE7YTBou2RLHu3uHs98C_FA1eAaYh4Sy3AFC0X4hwqtmY_912W14K7uLZuzQs5YjVtaAMNEmFNcIMDCjvUWegZtyR3bNmbda_JPlYHfgUsrMYfi7bXmqOTtwFk17xZxTrP2nvwJH4msSnKkPIkrz6XlDQ05fb4MLidedB22AEhFHyjat9bDZm3sGpcET0P8SYBKlCy2d41v6sytCrW_xo2tP_Ao&cid=CAQSOwBygQiDC7iOjpyWGCY3uoFaD8PfTK-zyUQkR-EKXGKvuBZ_Q6Xdor_AF2oGjW6-iJzvE0UusX-gRYjJGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=8813486732546523000&adk=1599433117&idt=152&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 17:40:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
47740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11316
x-xss-protection
0
server
cafe
etag
309758756414748794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 17:40:25 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E2F4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 13:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236215
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jun 2024 13:19:10 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/042306121857000/ Frame 7986 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042306121857000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eb13e0b19e9402cfa8b657698f30b802713a6ee217db3a7c90303092e6a74dc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 19:08:26 GMT
age
301659
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61839
x-xss-protection
0
server
sffe
etag
"be692da3878c51b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 19:08:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/042306121857000/v0/ Frame 7986 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042306121857000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ecf549285abace95d82b3cb5ce900eb913f0933adecfb219323cfeb5cab342f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 18:27:49 GMT
age
304096
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5232
x-xss-protection
0
server
sffe
etag
"b9d7325e6d00a0d4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 18:27:49 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/042306121857000/v0/ Frame 7986 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042306121857000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fd291cd721a9eb1d02b69bbd49d6af1278f75be772d7f9955707f28fa603792
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 18:26:48 GMT
age
304157
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28883
x-xss-protection
0
server
sffe
etag
"13a7487448b7e49b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 18:26:48 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/042306121857000/v0/ Frame 7986 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042306121857000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c05fb2c2bc701654f036a32a831405bb166f0d6dcdeb1d02d965abb580d93c75
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 18:27:49 GMT
age
304096
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1903
x-xss-protection
0
server
sffe
etag
"525607831b953e06"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 18:27:49 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/042306121857000/v0/ Frame 7986 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042306121857000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63993f897df6ee5a2dd577c13bf70998f1b15da58fc0965713fdad54826fdbba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 18:27:26 GMT
age
304119
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12940
x-xss-protection
0
server
sffe
etag
"deedc00399de28ed"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 18:27:26 GMT
css
fonts.googleapis.com/ Frame 7986 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 18 Jun 2023 06:30:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Jun 2023 06:56:05 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7986 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 19:04:08 GMT
x-content-type-options
nosniff
server
cafe
age
42717
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Sun, 18 Jun 2023 19:04:08 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7986 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
62455
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 18 Jun 2023 13:35:10 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7986 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C037ahKqOZNL5MsPv7gO4nqL4Dpr7vpBxneTvkLER2tkeEAEgwLKCa2CV4pCCoAegAdv8uvEDyAEG4AIAqAMBqgTgAU_QhBcVFuSucVaEvKTvkNBVmekFyMNk_qUuL1w2kAk8SFniP2XkadCNrey5PQi5m_K1RXIIaeM02SlX6rxMD4QHm9mHlxQZNPAuBtAD5NuO85pz89-av9o3SRyx3OmKi_ieUMATcEB0Oezce0SsSCU9kdbb5l8qRPyYiHr-DmbjFV5DJf2GJFrLEj39eJek8kh-DiH42781HfzxDpxAGu7YbHpAL-hdD8NYzWd8GsXNYsHtBJBhBlydtNzNEmw5zUF3F2S6LqfNzHnr35IIEW4HHNoU8A5Nih-9NuBG_jqNwASo6YWvyQTgBAGSBQQIBBgBkgUECAUYBIAHreKo0AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDZmwbSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=3xg4Ij3d-FY&uach_m=[UACH]&cid=CAQSbQBygQiDhOyQeoIVgC4IzcuX5wZsy-6Suug03EehFPQTOkQH6vwpJzDu-PKQTPdW5ADkkKNipU18_nESF_3r0fBcvO-rBS4iSYniS_iVPg4JzqzFDyx6dz_E4X3eN5rdQNteYfEEGkyYDccESx0YAQ&template_id=492
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
truncated
/ Frame 7986 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
881213f5bf14adc34da1277be8dc17816579af33fb0ec4553a82b050e3ca216c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 86C2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63415
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 13:19:10 GMT
etag
48472445140208031
expires
Sun, 18 Jun 2023 13:19:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E2F4 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08ca9d4655083dfe571afe93a45f437954160d3790bfd7acdd118d3ca0bf6a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame CB20 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071364820&bpp=1&bdt=250&idt=356&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5539729860041&frm=8&ife=1&pv=1&ga_vid=1046408892.1687071365&ga_sid=1687071365&ga_hid=1995667233&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2597333745&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31075054%2C44759837%2C31071755%2C31075304%2C31075308%2C44788441%2C44794790&oid=2&pvsid=652952707877614&tmod=1814655992&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8dc4e6frbiyq&fsb=1&dtd=361
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 20:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
37221
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 20:35:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame CB20 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071364820&bpp=1&bdt=250&idt=356&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5539729860041&frm=8&ife=1&pv=1&ga_vid=1046408892.1687071365&ga_sid=1687071365&ga_hid=1995667233&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2597333745&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31075054%2C44759837%2C31071755%2C31075304%2C31075308%2C44788441%2C44794790&oid=2&pvsid=652952707877614&tmod=1814655992&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8dc4e6frbiyq&fsb=1&dtd=361
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 17:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
47960
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 17:36:45 GMT
l
www.google.com/ads/measurement/ Frame CB20 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxJZpacSruBHLBOPrHEq5Bp8uSdD7AfvAGUvQdxlxyPdOKBwwpR85CAliCx9kJ7_EfJgFl1VkX3Ra2NwbYAwb1Wx3VEA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071364820&bpp=1&bdt=250&idt=356&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5539729860041&frm=8&ife=1&pv=1&ga_vid=1046408892.1687071365&ga_sid=1687071365&ga_hid=1995667233&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2597333745&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31075054%2C44759837%2C31071755%2C31075304%2C31075308%2C44788441%2C44794790&oid=2&pvsid=652952707877614&tmod=1814655992&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8dc4e6frbiyq&fsb=1&dtd=361
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB20 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071364820&bpp=1&bdt=250&idt=356&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5539729860041&frm=8&ife=1&pv=1&ga_vid=1046408892.1687071365&ga_sid=1687071365&ga_hid=1995667233&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2597333745&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31075054%2C44759837%2C31071755%2C31075304%2C31075308%2C44788441%2C44794790&oid=2&pvsid=652952707877614&tmod=1814655992&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8dc4e6frbiyq&fsb=1&dtd=361
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D379 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhKMNroU8h-bC9r5BWnhAYYCF71YzKVQUy85oB4eyMpVanTi8bbyiJYUgw_hpkNTbPSSJpFUwEnVyf2_Ol7QNpAVSGjMVznlBOpl-1igNpsAdn-QL1V-VvIWi2IbvXV-iJhB5kfeQ94hGvxFqurUTq2t7bb5T4ItKGUCB0cJ8MjpUJ71o&cry=1&dbm_d=AKAmf-BpAf2rB9EDrxZ1ZEuD0JfT_XrNwEgpcapQftQJbpBafHL2r1Wszcb6zjUB6_DBOMKwMgR1Zd9xrge9ZXJO7tyTNImkseUQ-HF5AJ0T7f6bGGFnKKL3sF82xC2VU5PQBuy5M67MAAtUVPHYVYAnlVV4gX5ikdfAhXUZ3SoyTlk1IwQBR5PzPr7APoZ00wVUpE2KYwd5Ksi0sc4nIsYLSC5rTjo6O95ZNNND--3xOYa6WKqfCOJ7qr0UqT7b1mUiy9xEz0lvBh1gqLuVLVB2uXUlleMCgsc-vimSi_9lJ3U3PjqZ9T9F2dnhKEeLRfdzzzslvjZGBmrMYroQ3kDx-dwC6PyW3vYkIdBvHz3UxaB8Zyv1LlBwMIB_V5vEjjmFGTk3swLcEbRKPky2vWs2M5xGXUjSPcoQY5L9EJz8_-6kjNFv3YPhTpht4GB5EPPKb8SAnFgHcjEhWWz1oTg3JhZWuYBUFGcJBJlbS57zajI-Yc2Hw76tPo1_YkJQyATptN59lrOCqx8n3SSITanExKN_vMhnbLI-zswmcTg5SOehHOH-Z66FVQO29v5ZtpGUT4pXk-vtYfbAjGapKDwUmNCbLyhhIipCLZtcqUWoDbQzVyv1X-f-Dr6uKyCPbVE1A7Xuws2nxCR62FuMlSof_Qk_n9PcXeI_-vn4dnAAFqJWafFDbxsvPxwMfZFZc_r2LerRL4BBsEPW8WidrFvZAAR1Cvw1spQknZzn_RBK9wTjgMwvBpMt1dJ8IQ5nbkADrqrz5HkQtZgb2ygsUvVlbHlt3l-zo8Sm93pOeusi4Fj76NRojjdv5-Kj9ZuxN4wFMH3LtvUxrj-OTmHRezRcVEllVRwMIbLScRj-JbVbNO8veZl1Mpr3Wd5k4o4kSQdEOiViju_gv25cz4tVnN_0y5b4Jh-o8cu8UKoLd6JsonvmoahhU6R-BbOZFzFnXijA9Fdw-BnaT2i6K8rY4XOIsGxo_38GJ9noex3QjWn5ouXVjjoq2nKyK6yTKxXUmY0j1MLiy-Pvp9XVtIghDH8BrZK_ABpa3tAg6CEgig-Tuf8ZZl3nh_9kk-nvGfumq_fzpzR0_seyGZDD72yKmWYLIZxyGhgIgN_qUjIsQ1zPockpEkN1fZatjdKWsmYMGnzFU85wEMohgum0trXjfbIftllXpuwxT_qABE4SmBiZ-4AHdyy4Kv7hkvQJkra0G9i4Z0B2-lkppciYx7ZlHYbRSor9lGBh3byO6v4ID9CjVXU2okQMf-8a248N4JEoMsDzqqqRkYNkzjV0t1XNGqPKnn5Da5Sxys-1fXsKNBr46WIXV0NAmWfdhoiJmxP4xGJGE31NRS2L0lkBZVvZ9qaO2r6gvMnE-re-bl8y4ynEPbjTOKn4nqGr6qP6C_ZLRFcyWkrh61jQ4EcdX-C8J4mELv6csN3Q16fLShQRAYYSS0SsOh3__yCvCbX4Q7WrP2C2ohrtUOF_JQOnm83agUV3hPQ3tfKhsAdUQICL11bGUOo89riOEiM3T1psL6Q9DjfonHzyASSg89aLM6V-0DGP4HB_oRXuUKMLWzxSTeuotPc1tiVO1kY9p-qR3rx_NY3oXWmln_hvjFyXpHFDIvzF9LV4AYI3-3Maqt5pAMJyyfCUKEj799fX0Hd24AswAovtwzRiyh3JabOTkdMGqjacdKHrldcPEt6XjItjSPeFRIGhQ00WkGtuYtLK4hfikwqqyv6_2DQa6x0UmfL-ArPxJ141jcByDM6-SJbSnCIvd5_VPsLvtd0Y7fe9n7K0_OYx2VnunFIOnKIP9Wlh0U3i-KZX5qRXLgg9EjlLQvIo12zxsZ6nw3Gu0mq_pJyZSfckUEJD6FPvpyBxH84r-QJWLNjKTjaD6SD6Agt0kFWT8la4qr9caUcOBS_Z9aqCKKPhp8GYjE9-UX0H-OwHtPPAfc0TfbcAotvyQYqRwyi6iPW4Zy7TfMbHZdenqn0quPniJHvnrTqVmXK6QvXEVqXHrGdlDU15m7m-DwbQdXDPkAel709dbIIKb1PLs8OqpNfz82-hmh1fU41BwVd_IpNSBK6IRnezo6lRInxAzqamu1xSMVbiRrsMNrp3Yg9NC6v1m8o1LZ7OlBiuR9R81s7yKrdr2L7sFYNYFRFkDh84tU137X-CQt60EZzkqy4H2ALU_xdI19m0y4OwnhoiCtBtI_z9Ztyx3bHtAw0n-9ns60RfyEBw0NscVQqaqaBwAmt2G8UkO3vkgNKsGCCf-Cdb6ehTB7B6Qpxdlm1xHV7m4-L8VEGcCo-eJezN_QMcVeha_MgvlDr1u0Z5Gksjlpppe8fX79K-w71KhSoBdIJU4P2RSUsWoy_xqe8n5wGLdlKom6ghNHKqK9v3mrXnZsKmHC00ISfpBi9VqojIMU7G6O46eCO1rygjdajX5Ce69mXOTRWIwyFFKOv6ws27Z0fchE0xTU3qD-gKmMiInEnITs-HH-zlOHB1em9Cno_cK5ovk0RlbsU3xIgVegGXSXMW_eykNbbMHl8KG-Th38sIyFQXKtBpeWvbHpqg3NrXweeRLUhDMzKEzh5V2sGZi9LjolAOpvFaJ-KZIockiqF0ePRuTIKJmFEc-9nP-xtHZxctd8RPd5aItk16BGysrGd9S2Mu3staurlsaScXvM8E9LWt-eCPC1PWSg1ZbgYal0IMQnE4GMZtXBrtGOuOXIdTPHLqAHWLlyLWD8-vGxQf-_sG_Yn_O-SNdwuHA1IkjPRE-25R9R3fmEfHGNqNDelosCEBjQ13hWot2O_NBWB0_ZRZQ95l_zMxfM_MNMHcap907Dm1GAUiy4gVSuiPIFarFAkfJq__xlGSapN7sxhXQgRFMU6IpnjTIRiyNUKFkNrMbQ_GNC34yilW55cFEbppfl7Q5zHZGqRPbHPxgGt_XEP1H-rBXY3uipXvwOb5TiISW6lGFktY9ejplpNNn0sdJoK8rYb6yBJNbHce6BaElUfDSlktX8c3L4sjQPjf773nM_R3uA0x&cid=CAQSOwBygQiDOQJKt58kWM4mbEQsgEF1qsrgXu212ZcHvCr_B7muWqSDUR4Uo3VfQd_WHNnujhV4AIpCE2YRGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=14093905988457042000&adk=3587751834&idt=171&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 13:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236215
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jun 2024 13:19:10 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 35D0 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Origin
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 10:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 10:17:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 35D0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BT_qrJ7Y3aUaqyTylx-qrDcbsiYr0Anemb6DNi1CPBAXb-x9Lsm2J2HZI_mwN1jpWZYsaxh9VHalxw2_SnoCDEokkIlHF0UGEqiTiRYerdbYqt1_o-5nYOjZ7t4pVz6os4C9K8CltvRoYVEiChpA9YHSfNLv8jmMRzytCwS31vEmzsUog&dbm_d=AKAmf-DTG6zD4HAkhcWudtcNNp1tfq4dhkoiLH8_bXL2856ogLBswbvdt0zrhK6tu_vkwAGFFEIFuDT_2iwH8byYzqVDodm4Od0uR1_1R_qCl_lLUqUhnIVczcFJ4ao-orUcxK5y-b2UUYsrRPPPYKWQ5rMEVXEDKP26q33xSrR3jOwKMR3bjHVhUEVKL4uUDnAqOJyiFeao0lDVexGCDmOQkugISl-DWZ7GUUc9PVKNMPpYtNpaRRHIze0O6Ba_k6VpgYh4KX53V-Mre8iCxiI0wZb0h-Cxe2ZKgfwTiCnSX6hXmckafNjhAoJupoYTraCfjtfpakagzagv_yglpMVsA5AmwqFtZMR-Ezu_JArL_gWRFw72GVPSaRE8Wsg6AjTn-5YyGhY9Ia81xZtjxLd8pRuwYeFVtlh_rmPmqlw_bzM4JrcQL_oBJosl79L5ClssTzt6vuT9ucU9pYxPa2veTgv1TrVBsoaK9ZluhZf5zyh9_h923TpW1oet0k9p0g4sCuw1bTRpm7zNEBHue7r56s2hsCHzeGK7LYPmOF18FBSYALggVWcYK3Eyy-GPopx4gXa-Y2rR0eoBBRdPLB6SCsZRVcojwzWEqkqBhHkmfopMdlQFZtsnOIm1tWq9_lMCnYFAhCWyTpB1mGHvJ16E-GWlSieFiUujr93slTAuqoCh2ig-ee7l2IuPcAaDCrRn54DGHDXLsozaaFfdQ_TDiE2dD05i3o-OfsIMs64NN0LVQyAKdm00KtQQahiyyqvdLADc5-7NXPSagxN1Og7Yx5D_C4crCa72tuXpwb1tXUiowcehFZRZspNRcFiadpAEF43YbqZVOZtNLCSnthXvgmMqPFQJqFx5XwYasdhsw2IgcV2xg-CiZgn-INZ3ivlUeifpEEd2iCsxzzKZshYgA9kwFnjWhr3e-BtLYmg8nInWKhWlEGJM06HbTDDw5Yful804wf7INkx399vBzRpfnOYOT_3tMojSC_Q9zqUliju6_nP59CcmQExqwdjYltDPSL2BpIi3EfmAwws6lPW7EWTHf6lW1UTqOZLCK_oRh5Qk6LpR-nlgS6e4P9HZ7YM-thWzOEbGNJhUo74YotNOstehv4fMzBXalVa0Yqq32ramDy3TBgg2GocyCKsFR--dRndCBGk0G-KbXPVv6TrmCfAX3qGDJU_bPklgOET87s32SCCc14h4T3kzH8IvLxMcbF4XihzYvBVxZArve_cXRgJOu1C-ybhx9fboN3M65KSiknZJF7ByBoK1YThdkelpCjBJm4zYVTAuYdZQ5w0ui9o1mAKZc3ise2zRuwtyG_rqMXm77de7ZEW3G_a22RRV2nrkz-kZS0txQyIu6ZKEohP9eIIy0vEsso4QReZvkJ_EvGcRdwRmply9zGgzs020yoqEyFdTXbKm4_PuK2VKDWgo5gBwmpOV1qrD3U4DdTKmkmSBMWJsfxALkdo4GAG0a46_L2XHLJgdcmtSKxKAJppjMDFnfMe534KK3bhrErYj-2s9CFeL7uEMCGSdOS008dyJPo_eup1F5TXCzgLShhzQl_x8GasXqIzTw_7JXU2Bznu9eqqX1CMyQ2Na8lBKAmxo3mL813VSVpAmmGJ28sy59Mb8aG5RdFOK9pDnzRuYUlyfHC4FgVtsqfCxLxwJeSKZL71UCu5auJQrJTkVFek3MKQpgVzDl44I4W7uOr0fPbFG8PNImOkZckBZ_jzMAWH4GZpPA6dSfjVJYxjvnFJgLv2L5Fch1Rf-bSd7WAUBEJs1nDR4VUzVHtJTcB0Zgiylx9eAzQl91RSpfnYSBl4RTSEzp_Ls0CHJnEGUdsRN-zIxL58h3b22RW9LwX_jQgWwEKOjgGeB1mj5hVAcGFNgUEAKOxDrQumWKnPHAqwCW5ZRad5PA1b-SbPYxUj4eQM-fb4SwElbuKJ1PNt0gOGH-Pso90nQaX06IZpO106rBBC6hZHa_Fpi0pLdRSofl_5U6osiyHmsEj-e0YVtJHnNg5wByewVP92uoexzLYcAMLQEBofMSCQ-6BS7QaRKCUF5VEVXMpNUEiA7SNfKJwnqI8yddmwdPjiiXRpHQyna8PNBQKqAZKkUtOsgaTmT7arDKOd-0oOnnqXsO-nQ-Jxr5P93QbT07nhhRrrY6SeBd9FjBFIMo4az3YlZvQc269A9ZoD2vX9ZlPEew5g_m5lX2VrAl1c_F9jZLjgdaV9_ARR3NcZaGp2jnze4yvT7Kp71JTjsaZh-fyX2-LVYGRkCB-12X5as0oWPlvmIfokxT70ek_CoP7l90ye31utLUS2mZ_Sg3OpxjfkwpfM6RYcehDHZxxc7963p1OhYcK-rx3dxHMrQPpGpuJ3xGu9tftY2LAml5WD3nkSObD-9IY2qlkiVc097d_zEh5bWVAOafidNkfazq2u39x6tTDiqUGrDR8zW4vIMZbyHf2x5P7STxSANsnI7OVjbI6SRG5MW3EQ7rXGW11mUH1NCLtvxvZeUF7_OueFWemqM0rUvadk_Y6ysjU1YK8XjZtgUKRhaxDVcKrRu4aqvWMACyr4TSqPp2criB8GCMsd-fXUNHdWQngv-tLqIJs1PutRNmSHvXMd3PcYZb_QluD_w9AN0RfMfwKrwKjbPZA9f-FmZtoLLj94FJpKXE4CIufLsfhxbMFmuaMSxsEabugnWSCnS7dGRo1pW3hb8nvPaXZJtT9P7a-Fslkg7YvQxqdYuYQPBzfULenC9SnbMMMBB1XwlO5A0Yg936S3sLUI5hruR7yr9bj4fyIOGS3HtfhizgYUzcqL1lbUgrXaSlHJH81_8mcuBrVRC_3v0RRTdyn94yJhlKyw2TzdnEJvBDMPrgowv8RR6tkaqbdtKzzlzh0iDk5QMExg20Fd2svffG2tUEQNFVeK1F49nyCE35Xd1DDrHsOefrbgx20HvdlMBdDADAt6hxt-w3A6MIXFOADekSeCXORwpIHETR0uYcHfYBHRagUISBbj8kR2bXVMSj94JoQADRjemUHs0yL2xa8TTafq6czeTZC13Jhrf2VH-7_8aAN7EEVuJWuc8AWr77-S6lQ4Om9tPIrN9isRjJWIxY9cHIFp-yFYgf844pmb1ibUatGJ2XcEh_jjsqGdBpEkrB_E0_frZ-gPOS9kkr4ZjMFo3T9yh5YewCW5IX5-w1VKTYCUlQ5e9xKonvvrYQMzwDTJ83eABKY-3R0JtwwqK0DtbvTc4iBS2M8n6rx59uwkZ3GNK6nZndzjtFuhhlgXY87_IQGNvvATKe5OaHIPZ9eZTl4pbmM-fFtE7KbCVVHXD2W7WGgvrNw4tjley37sWhxruedbu3jdO7PDDaIlpBEnEYae6eic9f48piWckjB-2hr6Hq6K75qkrghL6SmpE4BKxy-07&cid=CAQSOwBygQiDSIK0l7fK7hS_NnWw_HWAHBcfoioTmvMX9Yie9b31DaRXxrAh85a-9q4AaBhj7YxFtP-I7-BjGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=9080684888668259000&adk=212707235&idt=216&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 17:40:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
47740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
5499578052516643378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 17:40:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 35D0 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BT_qrJ7Y3aUaqyTylx-qrDcbsiYr0Anemb6DNi1CPBAXb-x9Lsm2J2HZI_mwN1jpWZYsaxh9VHalxw2_SnoCDEokkIlHF0UGEqiTiRYerdbYqt1_o-5nYOjZ7t4pVz6os4C9K8CltvRoYVEiChpA9YHSfNLv8jmMRzytCwS31vEmzsUog&dbm_d=AKAmf-DTG6zD4HAkhcWudtcNNp1tfq4dhkoiLH8_bXL2856ogLBswbvdt0zrhK6tu_vkwAGFFEIFuDT_2iwH8byYzqVDodm4Od0uR1_1R_qCl_lLUqUhnIVczcFJ4ao-orUcxK5y-b2UUYsrRPPPYKWQ5rMEVXEDKP26q33xSrR3jOwKMR3bjHVhUEVKL4uUDnAqOJyiFeao0lDVexGCDmOQkugISl-DWZ7GUUc9PVKNMPpYtNpaRRHIze0O6Ba_k6VpgYh4KX53V-Mre8iCxiI0wZb0h-Cxe2ZKgfwTiCnSX6hXmckafNjhAoJupoYTraCfjtfpakagzagv_yglpMVsA5AmwqFtZMR-Ezu_JArL_gWRFw72GVPSaRE8Wsg6AjTn-5YyGhY9Ia81xZtjxLd8pRuwYeFVtlh_rmPmqlw_bzM4JrcQL_oBJosl79L5ClssTzt6vuT9ucU9pYxPa2veTgv1TrVBsoaK9ZluhZf5zyh9_h923TpW1oet0k9p0g4sCuw1bTRpm7zNEBHue7r56s2hsCHzeGK7LYPmOF18FBSYALggVWcYK3Eyy-GPopx4gXa-Y2rR0eoBBRdPLB6SCsZRVcojwzWEqkqBhHkmfopMdlQFZtsnOIm1tWq9_lMCnYFAhCWyTpB1mGHvJ16E-GWlSieFiUujr93slTAuqoCh2ig-ee7l2IuPcAaDCrRn54DGHDXLsozaaFfdQ_TDiE2dD05i3o-OfsIMs64NN0LVQyAKdm00KtQQahiyyqvdLADc5-7NXPSagxN1Og7Yx5D_C4crCa72tuXpwb1tXUiowcehFZRZspNRcFiadpAEF43YbqZVOZtNLCSnthXvgmMqPFQJqFx5XwYasdhsw2IgcV2xg-CiZgn-INZ3ivlUeifpEEd2iCsxzzKZshYgA9kwFnjWhr3e-BtLYmg8nInWKhWlEGJM06HbTDDw5Yful804wf7INkx399vBzRpfnOYOT_3tMojSC_Q9zqUliju6_nP59CcmQExqwdjYltDPSL2BpIi3EfmAwws6lPW7EWTHf6lW1UTqOZLCK_oRh5Qk6LpR-nlgS6e4P9HZ7YM-thWzOEbGNJhUo74YotNOstehv4fMzBXalVa0Yqq32ramDy3TBgg2GocyCKsFR--dRndCBGk0G-KbXPVv6TrmCfAX3qGDJU_bPklgOET87s32SCCc14h4T3kzH8IvLxMcbF4XihzYvBVxZArve_cXRgJOu1C-ybhx9fboN3M65KSiknZJF7ByBoK1YThdkelpCjBJm4zYVTAuYdZQ5w0ui9o1mAKZc3ise2zRuwtyG_rqMXm77de7ZEW3G_a22RRV2nrkz-kZS0txQyIu6ZKEohP9eIIy0vEsso4QReZvkJ_EvGcRdwRmply9zGgzs020yoqEyFdTXbKm4_PuK2VKDWgo5gBwmpOV1qrD3U4DdTKmkmSBMWJsfxALkdo4GAG0a46_L2XHLJgdcmtSKxKAJppjMDFnfMe534KK3bhrErYj-2s9CFeL7uEMCGSdOS008dyJPo_eup1F5TXCzgLShhzQl_x8GasXqIzTw_7JXU2Bznu9eqqX1CMyQ2Na8lBKAmxo3mL813VSVpAmmGJ28sy59Mb8aG5RdFOK9pDnzRuYUlyfHC4FgVtsqfCxLxwJeSKZL71UCu5auJQrJTkVFek3MKQpgVzDl44I4W7uOr0fPbFG8PNImOkZckBZ_jzMAWH4GZpPA6dSfjVJYxjvnFJgLv2L5Fch1Rf-bSd7WAUBEJs1nDR4VUzVHtJTcB0Zgiylx9eAzQl91RSpfnYSBl4RTSEzp_Ls0CHJnEGUdsRN-zIxL58h3b22RW9LwX_jQgWwEKOjgGeB1mj5hVAcGFNgUEAKOxDrQumWKnPHAqwCW5ZRad5PA1b-SbPYxUj4eQM-fb4SwElbuKJ1PNt0gOGH-Pso90nQaX06IZpO106rBBC6hZHa_Fpi0pLdRSofl_5U6osiyHmsEj-e0YVtJHnNg5wByewVP92uoexzLYcAMLQEBofMSCQ-6BS7QaRKCUF5VEVXMpNUEiA7SNfKJwnqI8yddmwdPjiiXRpHQyna8PNBQKqAZKkUtOsgaTmT7arDKOd-0oOnnqXsO-nQ-Jxr5P93QbT07nhhRrrY6SeBd9FjBFIMo4az3YlZvQc269A9ZoD2vX9ZlPEew5g_m5lX2VrAl1c_F9jZLjgdaV9_ARR3NcZaGp2jnze4yvT7Kp71JTjsaZh-fyX2-LVYGRkCB-12X5as0oWPlvmIfokxT70ek_CoP7l90ye31utLUS2mZ_Sg3OpxjfkwpfM6RYcehDHZxxc7963p1OhYcK-rx3dxHMrQPpGpuJ3xGu9tftY2LAml5WD3nkSObD-9IY2qlkiVc097d_zEh5bWVAOafidNkfazq2u39x6tTDiqUGrDR8zW4vIMZbyHf2x5P7STxSANsnI7OVjbI6SRG5MW3EQ7rXGW11mUH1NCLtvxvZeUF7_OueFWemqM0rUvadk_Y6ysjU1YK8XjZtgUKRhaxDVcKrRu4aqvWMACyr4TSqPp2criB8GCMsd-fXUNHdWQngv-tLqIJs1PutRNmSHvXMd3PcYZb_QluD_w9AN0RfMfwKrwKjbPZA9f-FmZtoLLj94FJpKXE4CIufLsfhxbMFmuaMSxsEabugnWSCnS7dGRo1pW3hb8nvPaXZJtT9P7a-Fslkg7YvQxqdYuYQPBzfULenC9SnbMMMBB1XwlO5A0Yg936S3sLUI5hruR7yr9bj4fyIOGS3HtfhizgYUzcqL1lbUgrXaSlHJH81_8mcuBrVRC_3v0RRTdyn94yJhlKyw2TzdnEJvBDMPrgowv8RR6tkaqbdtKzzlzh0iDk5QMExg20Fd2svffG2tUEQNFVeK1F49nyCE35Xd1DDrHsOefrbgx20HvdlMBdDADAt6hxt-w3A6MIXFOADekSeCXORwpIHETR0uYcHfYBHRagUISBbj8kR2bXVMSj94JoQADRjemUHs0yL2xa8TTafq6czeTZC13Jhrf2VH-7_8aAN7EEVuJWuc8AWr77-S6lQ4Om9tPIrN9isRjJWIxY9cHIFp-yFYgf844pmb1ibUatGJ2XcEh_jjsqGdBpEkrB_E0_frZ-gPOS9kkr4ZjMFo3T9yh5YewCW5IX5-w1VKTYCUlQ5e9xKonvvrYQMzwDTJ83eABKY-3R0JtwwqK0DtbvTc4iBS2M8n6rx59uwkZ3GNK6nZndzjtFuhhlgXY87_IQGNvvATKe5OaHIPZ9eZTl4pbmM-fFtE7KbCVVHXD2W7WGgvrNw4tjley37sWhxruedbu3jdO7PDDaIlpBEnEYae6eic9f48piWckjB-2hr6Hq6K75qkrghL6SmpE4BKxy-07&cid=CAQSOwBygQiDSIK0l7fK7hS_NnWw_HWAHBcfoioTmvMX9Yie9b31DaRXxrAh85a-9q4AaBhj7YxFtP-I7-BjGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=9080684888668259000&adk=212707235&idt=216&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 17:40:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
47740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11316
x-xss-protection
0
server
cafe
etag
309758756414748794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 17:40:25 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 35D0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 13:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236215
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jun 2024 13:19:10 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame A1EB 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Origin
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 10:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 10:17:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame A1EB 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWZnnQzxBmBnA2b69qfsJ0xOj584TsnzAcRdN0iZHSsa681g1laZc1VPOn44mOgKuetEmO9rUwjtxf4oTzYOq392gYAMst28tE3bXAOZIxygFi50YSHTM0uJxMFsSiKLBj0q9Cldp2JXe7EaXfQgLzZn2VK5-hIy1rcn8EPr5zIimCMgs&dbm_d=AKAmf-BAbUxOBvVk4ctl43VX8_Qp4dq7_nHi6mwI2-Bm7r33l1y7FJY8nNQ5vAPMKfquzL4Mq0P4pniafh9QANrX3vPKQOT7woOpU6yOYhmtx56HzMXrr2PxdE75GYXdvADoelnO_KEtft6MLB8g2619NKVJ_zZh1Jy--BzaiQ_3UeoUbWxKK8pooSbpg-D_cLqg0rxrdQHm0dBUZ9LtMlQr2e8HNhOq3saQmyYlD3Wg9rbczBD1z88gjnOG-534I9SePxFXmdqod4z8nI8ozeys63MPiqPY3U62-ohvIYNnwPEYJPUT826y2niG9oLgwxQvbGKl297a5VvTvfjaEV6VClxRkoMLvqMB2Ps9iUOoBHMoKECulh0CEQqcqQNJFzcrfFbXh1bDZjNu5r_woPnWYVXQI23vnEpfvb2M2z59crR9k-GVzoEwP6eStWJ-b2hNadPoWUWIeZ6g7yOwJdc18mjkTFH2faRw0znbGV_lPpevndm71WA52d4xoLvM1WRuAzdvjE_jxuLpzx47vm9meGVkKuz0l7FHfzCy0Ormrg1MesJLwoSXFoKHw8UmeFx_00HiVB4KCFSzwNU-tE2BLHUq6MCS8V5HDBFbNSzNlQnhFWj_zZxmHVWp4BoymVVs7gdwXr2yh9LC0ZLqZb4SFOQsouRlgnQStUSsQXCcxp6deMKYrduwUxrrxTH40HsJv-y7czOnIq2gUQUsD0nvKUuEjDyMM8tRTHQpML3xMemYgB-YNUBdp3Zs27nn42WeVAqemLiDsZWR2tGf-oRfdAmaZLl35KfxxnCk0ISpNYSCEH7dj5-1TvO0nbuTLZXUvLWs8FeOTthusFn77DMdAmsFcqTeZ5QRGm-Hxo_RNmN_aZJJq6v8HbZ_uxrq1BgSUbCipLU__GkJBpsRqIVzlWnZ3--Jo-D7UGxYq10rTy7A8FT1YaJqSARf0HTrnaHhmiSHm-uJaQourMcujwGqHWu00ovvmQd1_kpcOnxN8NJjJk50pt3Uit-rvKP4MjHk8q2treU48gOuJFHWPVdvHnJOIMyU6DlouauxJsHUPJIbwK_Za75leNLWrHAExYoJ_rt6q5HcJcthakxxxiwuBlEte0_alTiK33T5hXN8B6yHwXrLBkZLq-qyAkzWAFIT7ASYTvUN6cWcrpusS77yFQl1Jw0nBCzrTLkZBU4LMgRRDVhizqnYzzq-amhuJR5ZKuDAHg6UW2TP0VjnvCJ7y3580CCOh1u9U27smjvGweP-Y-ovUBMKtWiRLMbNXMI53jZtzx0Whrlg2z-J6XaAvOnHi0j7eaNLTR3cr_JwdGxm7ZK_pKpUl6eE_OUKBvcMz13IJtIIcOdOtYhOGX46kyUDioDVqRPXVMAh1U3l5ph9E7JQ-UVt4QEZ0Otxn2t1ssTm8llMGBNtnVESXY44wC-hC2vjNYV_8t1717l6Piab8oeqzEfKMOrPf68uDpR-Q1a_n5upRCIo_rh74nvmWNyrGSpQ95IDAYOtdq0Ud55O2zox7snv3L4N_UL0EIalBVYXZfL9tM_ltwajXMYc08SpoSsW0zgjMw1X4LDsptHDrZ-HFtw60GZN34uomscAxoUyOyNpOkMf5J4NUoK4nui9q107tg5v6xmeTdGzNtT3kfZMHKUKwow8r9AHR6ylDrAsrC0l1aPkbiP09zbnSDhwOVe5P7z-VKmaCvIWAukKsuhSQrVsh7Vs82p5ybRCGlMk7vPaWFs_1fyI3Q02Vg7kfYpm8QQc9PH-TGMP4evDvPFf73ENWVLU4zFMN4ZeB1I8iZeCE3IKA-gsBKfQgIqqHMk-uagvPd3V3hCHAPrgkj6XywoRcs5uuFm0v6460UhPYQ8uDOWlzTIBDKKmu-qn6wnQEvTr5GLx5WNyIZLktfkrsHzGgi8du4XJnpsMWYTI9UDUi4ZoZdnb31aDnhdUw6ENguQg4duAxWqz2QBJqz7H2NHyRdguh1PECyPbmqTarIb1QIWbbvmw7k4JzGgk5Jh0NiIOORhO0OITzxsX5dYxfnuixxcLFuGXwUbXeLMVwcVqgQSk_u3YyZT-pkGCSpkG2Pl-9qLmw0nCpMxRxI9YBBWJUaGWMtKy6ECIP2iMdwWGqmi0DRNJM6gBTvHHYCvmY3CfZwnoewLv7F6zKR8uZ51o4Yb6EPm03ahJF-Hg8jt2IBXe7JosvljBz0ChyMGfKhnQ1f8CMwxVlJ0XdIWSWLa-l2wDmfGrodoSRyYptS0oBtCz4Y4lcTq0q7lk7tkobbNCDQB_jRmBRizZcOMUwrcnQOs6X3zSScnTOu7u-EYs8kkYu9oDhG9k1o5XlsKo9BYgZD01X8jUtVyepBt7uTWS2CK_H2nslXH9ugX3ZYSdZtcyi8Ym4ruqpoM3GLvn3zfBQFGvdPM0UU-qmn2nk65ut1xI8e1M9HxzNCGDvDcXddpEc8c6tcrEdZVgXs6ftCTvFJO7MXvP3gX-JKEarYcD9B0XnWqMwD8ffbM2R9nG6pi5VGbBTHSs1pX0OHuEMG8CkxBYoy-LJq5rNYGDor-GVwn_oQW49PcmeDJJ7otYjdTRdaDKdoGk_-wSkkmmN1a9IRa7AtW-SU2z8hsTzcZnm6km25EbwVNft0fOc782Ued0eePWSkPhDApIATjd_q0dnya1jATE3WWFwiBBNlaRNQa6TBr2E5odlX620hrpbU97GRzuVuYMz3pVtnJD_SlJk6hOb_X3i0mAfZUz0XPXpddFeloalT9iBEolKnnO7rDAcSogU7vUbkKDxwWQFlhhH4JyCNPNTZwsTmg8ACpZnhAjHcyDbcEwdOPD4pgXsu9hUNZlTuALhC0N4DQ57veD5SDpju92mWlkmqwJMo4Bm7clUWBpeq7Si1ANqOB-DQwRF5wuotfHFkxJqEwniqPIsvKDLJTdptKoTcEqTxzEbl1c-jKAj-WgD3mXnpxz1VlHvTbW27acNwnN_DVPXzoVk9yAQQa54N5yKBtge3UObzf-n1BwOrgrV11i4Qr9JTYEw-0xtDtTLNB22PCZN_x7H5rbJsNwS6apStHLBZVUS3u_zWg0dAEcqStZTJc7ibChrPS-lRIQtIMs38ekVtIW3MofJrx-O_AbtkjRCluxwHuDNXC3Mj_s27Me-URtdpr5XKLmGdV801J4UabzGBw3DZGt2ALq0B--PASeJh9h1OqXb623xj4yrJJEtpCVSFBd_mLvRt6NNHmvFQ2LEnb2tXRhnsYnuCFSADs_WKIJLAFwToXKsg8IHdjiORrmtx2vN9I0I7Ma7mCbiadLI3MV_ZJeiBjh6kjnkqkVYLsRjazcW0mN_aaYlxdhiT8Nk-Uj6G2KwZ1b47cdx6jA2xyD6qWbByyLWZ_JkVxGbjc&cid=CAQSOwBygQiDlZ4EcC7DXn7Kf3RZdPm6yjAXJvNO7-OrhgEi-1LtaOk3SCHhszK7UoLzao9CR2LAJGjgKZw3GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2354334845996096500&adk=578009112&idt=93&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 17:40:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
47740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
5499578052516643378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 17:40:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame A1EB 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWZnnQzxBmBnA2b69qfsJ0xOj584TsnzAcRdN0iZHSsa681g1laZc1VPOn44mOgKuetEmO9rUwjtxf4oTzYOq392gYAMst28tE3bXAOZIxygFi50YSHTM0uJxMFsSiKLBj0q9Cldp2JXe7EaXfQgLzZn2VK5-hIy1rcn8EPr5zIimCMgs&dbm_d=AKAmf-BAbUxOBvVk4ctl43VX8_Qp4dq7_nHi6mwI2-Bm7r33l1y7FJY8nNQ5vAPMKfquzL4Mq0P4pniafh9QANrX3vPKQOT7woOpU6yOYhmtx56HzMXrr2PxdE75GYXdvADoelnO_KEtft6MLB8g2619NKVJ_zZh1Jy--BzaiQ_3UeoUbWxKK8pooSbpg-D_cLqg0rxrdQHm0dBUZ9LtMlQr2e8HNhOq3saQmyYlD3Wg9rbczBD1z88gjnOG-534I9SePxFXmdqod4z8nI8ozeys63MPiqPY3U62-ohvIYNnwPEYJPUT826y2niG9oLgwxQvbGKl297a5VvTvfjaEV6VClxRkoMLvqMB2Ps9iUOoBHMoKECulh0CEQqcqQNJFzcrfFbXh1bDZjNu5r_woPnWYVXQI23vnEpfvb2M2z59crR9k-GVzoEwP6eStWJ-b2hNadPoWUWIeZ6g7yOwJdc18mjkTFH2faRw0znbGV_lPpevndm71WA52d4xoLvM1WRuAzdvjE_jxuLpzx47vm9meGVkKuz0l7FHfzCy0Ormrg1MesJLwoSXFoKHw8UmeFx_00HiVB4KCFSzwNU-tE2BLHUq6MCS8V5HDBFbNSzNlQnhFWj_zZxmHVWp4BoymVVs7gdwXr2yh9LC0ZLqZb4SFOQsouRlgnQStUSsQXCcxp6deMKYrduwUxrrxTH40HsJv-y7czOnIq2gUQUsD0nvKUuEjDyMM8tRTHQpML3xMemYgB-YNUBdp3Zs27nn42WeVAqemLiDsZWR2tGf-oRfdAmaZLl35KfxxnCk0ISpNYSCEH7dj5-1TvO0nbuTLZXUvLWs8FeOTthusFn77DMdAmsFcqTeZ5QRGm-Hxo_RNmN_aZJJq6v8HbZ_uxrq1BgSUbCipLU__GkJBpsRqIVzlWnZ3--Jo-D7UGxYq10rTy7A8FT1YaJqSARf0HTrnaHhmiSHm-uJaQourMcujwGqHWu00ovvmQd1_kpcOnxN8NJjJk50pt3Uit-rvKP4MjHk8q2treU48gOuJFHWPVdvHnJOIMyU6DlouauxJsHUPJIbwK_Za75leNLWrHAExYoJ_rt6q5HcJcthakxxxiwuBlEte0_alTiK33T5hXN8B6yHwXrLBkZLq-qyAkzWAFIT7ASYTvUN6cWcrpusS77yFQl1Jw0nBCzrTLkZBU4LMgRRDVhizqnYzzq-amhuJR5ZKuDAHg6UW2TP0VjnvCJ7y3580CCOh1u9U27smjvGweP-Y-ovUBMKtWiRLMbNXMI53jZtzx0Whrlg2z-J6XaAvOnHi0j7eaNLTR3cr_JwdGxm7ZK_pKpUl6eE_OUKBvcMz13IJtIIcOdOtYhOGX46kyUDioDVqRPXVMAh1U3l5ph9E7JQ-UVt4QEZ0Otxn2t1ssTm8llMGBNtnVESXY44wC-hC2vjNYV_8t1717l6Piab8oeqzEfKMOrPf68uDpR-Q1a_n5upRCIo_rh74nvmWNyrGSpQ95IDAYOtdq0Ud55O2zox7snv3L4N_UL0EIalBVYXZfL9tM_ltwajXMYc08SpoSsW0zgjMw1X4LDsptHDrZ-HFtw60GZN34uomscAxoUyOyNpOkMf5J4NUoK4nui9q107tg5v6xmeTdGzNtT3kfZMHKUKwow8r9AHR6ylDrAsrC0l1aPkbiP09zbnSDhwOVe5P7z-VKmaCvIWAukKsuhSQrVsh7Vs82p5ybRCGlMk7vPaWFs_1fyI3Q02Vg7kfYpm8QQc9PH-TGMP4evDvPFf73ENWVLU4zFMN4ZeB1I8iZeCE3IKA-gsBKfQgIqqHMk-uagvPd3V3hCHAPrgkj6XywoRcs5uuFm0v6460UhPYQ8uDOWlzTIBDKKmu-qn6wnQEvTr5GLx5WNyIZLktfkrsHzGgi8du4XJnpsMWYTI9UDUi4ZoZdnb31aDnhdUw6ENguQg4duAxWqz2QBJqz7H2NHyRdguh1PECyPbmqTarIb1QIWbbvmw7k4JzGgk5Jh0NiIOORhO0OITzxsX5dYxfnuixxcLFuGXwUbXeLMVwcVqgQSk_u3YyZT-pkGCSpkG2Pl-9qLmw0nCpMxRxI9YBBWJUaGWMtKy6ECIP2iMdwWGqmi0DRNJM6gBTvHHYCvmY3CfZwnoewLv7F6zKR8uZ51o4Yb6EPm03ahJF-Hg8jt2IBXe7JosvljBz0ChyMGfKhnQ1f8CMwxVlJ0XdIWSWLa-l2wDmfGrodoSRyYptS0oBtCz4Y4lcTq0q7lk7tkobbNCDQB_jRmBRizZcOMUwrcnQOs6X3zSScnTOu7u-EYs8kkYu9oDhG9k1o5XlsKo9BYgZD01X8jUtVyepBt7uTWS2CK_H2nslXH9ugX3ZYSdZtcyi8Ym4ruqpoM3GLvn3zfBQFGvdPM0UU-qmn2nk65ut1xI8e1M9HxzNCGDvDcXddpEc8c6tcrEdZVgXs6ftCTvFJO7MXvP3gX-JKEarYcD9B0XnWqMwD8ffbM2R9nG6pi5VGbBTHSs1pX0OHuEMG8CkxBYoy-LJq5rNYGDor-GVwn_oQW49PcmeDJJ7otYjdTRdaDKdoGk_-wSkkmmN1a9IRa7AtW-SU2z8hsTzcZnm6km25EbwVNft0fOc782Ued0eePWSkPhDApIATjd_q0dnya1jATE3WWFwiBBNlaRNQa6TBr2E5odlX620hrpbU97GRzuVuYMz3pVtnJD_SlJk6hOb_X3i0mAfZUz0XPXpddFeloalT9iBEolKnnO7rDAcSogU7vUbkKDxwWQFlhhH4JyCNPNTZwsTmg8ACpZnhAjHcyDbcEwdOPD4pgXsu9hUNZlTuALhC0N4DQ57veD5SDpju92mWlkmqwJMo4Bm7clUWBpeq7Si1ANqOB-DQwRF5wuotfHFkxJqEwniqPIsvKDLJTdptKoTcEqTxzEbl1c-jKAj-WgD3mXnpxz1VlHvTbW27acNwnN_DVPXzoVk9yAQQa54N5yKBtge3UObzf-n1BwOrgrV11i4Qr9JTYEw-0xtDtTLNB22PCZN_x7H5rbJsNwS6apStHLBZVUS3u_zWg0dAEcqStZTJc7ibChrPS-lRIQtIMs38ekVtIW3MofJrx-O_AbtkjRCluxwHuDNXC3Mj_s27Me-URtdpr5XKLmGdV801J4UabzGBw3DZGt2ALq0B--PASeJh9h1OqXb623xj4yrJJEtpCVSFBd_mLvRt6NNHmvFQ2LEnb2tXRhnsYnuCFSADs_WKIJLAFwToXKsg8IHdjiORrmtx2vN9I0I7Ma7mCbiadLI3MV_ZJeiBjh6kjnkqkVYLsRjazcW0mN_aaYlxdhiT8Nk-Uj6G2KwZ1b47cdx6jA2xyD6qWbByyLWZ_JkVxGbjc&cid=CAQSOwBygQiDlZ4EcC7DXn7Kf3RZdPm6yjAXJvNO7-OrhgEi-1LtaOk3SCHhszK7UoLzao9CR2LAJGjgKZw3GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=2354334845996096500&adk=578009112&idt=93&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 17:40:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
47740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11316
x-xss-protection
0
server
cafe
etag
309758756414748794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 17:40:25 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A1EB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 13:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236215
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jun 2024 13:19:10 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7986 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 16:34:22 GMT
x-content-type-options
nosniff
age
224503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jun 2024 16:34:22 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame CB20 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C9_SrhaqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSuAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8mvj_3JkSZJwWERNiFLc9o7xuKraufnFGigDSYsPRF8Y0eeNy5g5k4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjU5MzUyMzIxMDAxMDE1NBgA&sigh=kAo399tcQZg&uach_m=[UACH]&cid=CAQSKQBygQiD_rQoh-gMnObyaXv1iu28FrBUurOibgQicBwy7ItR7yoEdlANGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071364820&bpp=1&bdt=250&idt=356&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5539729860041&frm=8&ife=1&pv=1&ga_vid=1046408892.1687071365&ga_sid=1687071365&ga_hid=1995667233&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2597333745&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31075054%2C44759837%2C31071755%2C31075304%2C31075308%2C44788441%2C44794790&oid=2&pvsid=652952707877614&tmod=1814655992&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8dc4e6frbiyq&fsb=1&dtd=361
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071364820&bpp=1&bdt=250&idt=356&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5539729860041&frm=8&ife=1&pv=1&ga_vid=1046408892.1687071365&ga_sid=1687071365&ga_hid=1995667233&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2597333745&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31075054%2C44759837%2C31071755%2C31075304%2C31075308%2C44788441%2C44794790&oid=2&pvsid=652952707877614&tmod=1814655992&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8dc4e6frbiyq&fsb=1&dtd=361
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame CB20 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kmkengy6f1mbm3dnrzrjnx03zhkty1zep8xdtdpe3fsdrtag7qc76ajexr8tdn9txega1e0w3f3qvpd4y34b1d044hfymc07trmsh8sst4y46qqcb0f7kbnban4f35a5twpcp2hgd01bxyefd474yq3ce79kkrp67522e11vvnsfs78qaa3yp3d8c38d1698w0vy6b8sq0sg8hjj47xqdmgnrjknw13e2jewegz1cefvhnm5pjmkwx177f6bd2xsgm0pb6y04jx0jpxngr2jtqqq794m41zrs88f87fhnzf1f7bs3acgv1y2d5fqqe6x0fekwebx6y7x78kaaredf5k3y2ek0fqj4yk6eejdzhq0nc9sbzyawxwjwrfb8ns7f0mv2cmjmf3b983&b=ZI6qhQADP0YKd-yJAAN-z2zI-LTYVn6EydkdwA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071364820&bpp=1&bdt=250&idt=356&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5539729860041&frm=8&ife=1&pv=1&ga_vid=1046408892.1687071365&ga_sid=1687071365&ga_hid=1995667233&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2597333745&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31075054%2C44759837%2C31071755%2C31075304%2C31075308%2C44788441%2C44794790&oid=2&pvsid=652952707877614&tmod=1814655992&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8dc4e6frbiyq&fsb=1&dtd=361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 18 Jun 2023 06:56:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 67CE 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1k5tcbar52gbcws2r9b2jzx9y6yje9q2a2asrxz69qtg37exq1c887hg8de2z9w8kct64e01c1ae6jss8eg1y60n2bh5kk7q3wpkpykb5sas3r8c6c10bhbkzw2m820vxgmgr7h3y3fe9favyangyst63r9zre5a1exr1z14fj0jzk8ttvkfndmth2dks09t0wzhby3btwygz9kzsg0k5kypw5p6nkb70phqnsvdfeahbtch2rep8x3egzwqs9g1v3v4gc2pbfsc5ry2d5j3wt36r3x0mamra18k0fg1811gc6xtp35v00r3t5wfyfmqx29yxmznfjwvy5ebc6etckmpqkxjr2b6c1ewprxk1bvfs41zp80d8r95bmqpw676jbe17rcjeaym35kkcc0rz4dsbgfkk4dd3dk122p6esnp93nzbf02bcjaehdkqzwte9zy625q8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%26client%3Dca-pub-6593523210010154%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071364820&bpp=1&bdt=250&idt=356&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5539729860041&frm=8&ife=1&pv=1&ga_vid=1046408892.1687071365&ga_sid=1687071365&ga_hid=1995667233&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2597333745&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31075054%2C44759837%2C31071755%2C31075304%2C31075308%2C44788441%2C44794790&oid=2&pvsid=652952707877614&tmod=1814655992&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8dc4e6frbiyq&fsb=1&dtd=361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bd86bfe685757ea2e9479089b69e21aae29a65856dbf161bccb48a18ae73d45
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7d91a1625f569bef-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:05 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D872 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071364820&bpp=1&bdt=250&idt=356&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5539729860041&frm=8&ife=1&pv=1&ga_vid=1046408892.1687071365&ga_sid=1687071365&ga_hid=1995667233&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2597333745&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31075054%2C44759837%2C31071755%2C31075304%2C31075308%2C44788441%2C44794790&oid=2&pvsid=652952707877614&tmod=1814655992&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8dc4e6frbiyq&fsb=1&dtd=361
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63415
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 13:19:10 GMT
etag
48472445140208031
expires
Sun, 18 Jun 2023 13:19:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adj
bid.g.doubleclick.net/xbbe/creative/ Frame D379
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1352960/70224155/xbbe/creative/adj?p=APEucNV5R-1VLo0ulRLnGoAN6JJrQkFa8Lc1qpZm6lLqZv0TG194hjA&d=CokBAKAmf-AA0WJKlNtc-vwEh6Z8xlkR0f62MmlOGos5ZNJ28Bo4rAKF8vKSa8K...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV5R-1VLo0ulRLnGoAN6JJrQkFa8Lc1qpZm6lLqZv0TG194hjA&d=CokBAKAmf-AA0WJKlNtc-vwEh6Z8xlkR0f62MmlOGos5ZNJ28Bo4rAKF8vKSa8KKiy1NcDMYkF_L6DZLbWG7HLU4Z...
76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV5R-1VLo0ulRLnGoAN6JJrQkFa8Lc1qpZm6lLqZv0TG194hjA&d=CokBAKAmf-AA0WJKlNtc-vwEh6Z8xlkR0f62MmlOGos5ZNJ28Bo4rAKF8vKSa8KKiy1NcDMYkF_L6DZLbWG7HLU4ZZoEGDXFrYTt4z6no8IwZFLJZ0IKk0jGKKCAM8JKe7HPBDbH5d4lff8BP984sGA0xq1E17sSaowOSjy81B_zbth-3bi54FqssXQS2RQAoCZ_4JXMTyQkXr9PYmlCS_-aqdxw97JEqFM3k6VKUNKErMYDaaQppRP8HpADTWxBeHKlKcw_vSWqrYotzB392T_iZ_YuGh0Ut76DxkvFaTOePW8Z84Mzwe3E9wxk3DnAfhD6Rx2yRhVAsifxCLEsZR_U3BpGnB7a84k2iG2Ub0JKE8CRgvTHTqrw0dN9GXWDBQvk0bSNbZWY-eGY4bc7NHYfmneqKGGJvUr9xk1yvcDTExjKTTD3EtOysUyu43rFwAwjgIt8wcnmbeG0wuWXmp17ogQ7O4OL0uBItwJit1CIHO01tWaEkWFOO8wnQGrzlWko4e7P-kn7UoQf3HPhvvggFxYjIxrcJTyk_RVUjlftUcX9OlecjtOFFnqKdMnunEgXTXaAk1RGOnNUD3q5IhUWotgx3o8aIhElRSCFnFwagCVAJbPS9UXTZvkF3ly3sh-4MmtwRs4ILXn5R8HE1uBUmvlB9LMUrLbabn8wEXAxolCc19DaAHC4ptxDpV0NZzkNyny6FGHdCTxOMiUjHmiCZLL0qo2AlqUJM0NJsCmpV4fCTU56sc-DngyZWIPwqSseT9Pu2eZvk6BxylTWMiXX-G5t6rbCG_LCElDjYrTZweOMSrC4reV4LqjLFC2skD66stF6jlG9fxA2yrd8rT0GrlP3O4qwWS6rfvhkAKBz9fTUFqEtEomTl16X53LGymWjFtWEfG439qej0O3Z8vvoVynDj6rOms1ayNtTa9CDlSHBYSNWkzgPwYuN7le9fVYS5WqimqPwlXxk9Kz-JRDMSgWcpLS07AyXmoFE4ck3cBt3jB4sBr06G55nbdPzkztms1FGlc3F0Q-JvRBOWqoIgVZRMnrFfvNDJD7Z6DRGDLaclB6zcvEeqM1eeU4c7qpKbc1Hw1VRKjCK_ocmYe5SZ2QcA3Ur9WSaHkCxeUT_4NVC966BU-X9Kf_D8O5oA9Tx0osG_IUuhXl5--56kPYkw1RQsgkdR_orP9SYSyVCoJgKwLM6C3eKkOw3PYFVauk3m6ECB3oV1-GkXhaZTJunUM8LGtAhVMok1Jbv5Y8SUu7vLmSugsJAhhGH-24slCfx5g9tBLIw71HR4bJlvqGT3ETIquDo0vAfpxdfjMVX2DvUB1lKT2qO6j5kdtxfcXWb974UCBIK0Xc6M0ckos9ZrAktaMqpMlXftb-ECKZPWUKHLPvWEUeqDza7bzzifHkSm2yADwV5GiItnDFfvAPvDirNhPUNJc6lARatjoka6kVuIOkbeseRm8u6K5OS6vg_BmseidXYijENyNgB4rybw2j-4WHC2IvZjdJcYjQOCr2Afj-rmZ6SS1LARRu1PwhHWWSwmGUWArsRfTZU4D5wEO--4G9zWoiF3bXoDK4im1Ews5qxPrIw2_Ik-WfT5OFJJB5ZdqL990njtotCC9dN_kIIbw3a_VxfzYu7slxnl0e7OZHQiJ_FxtNhcCzh1VS0nxIf1OatldeGySSLtqiLYLkKJqs0SB077DGDNa8z5ouvGskVNsYI52UYAsPfx7xLIvpY_dStJTuu7w0Z23A1CBuHq0GVAx7cqSGk6OGgQtncRQwhKo5YJE23NhXTSU0PiKL1TDK9UDe3DbiRdVDaEa0Wmt1BJ7YOKUmv3WBYEZ5oIVp9xI7EoPAd5VybTeKxBAALOZfk3QUIdK3vM3Z3W7tgCzP1n1u_DGPSeDzEvDeU6xWb303i7Kc-uN-yORnKOnHpYQxDIlGYWuAhHpgbWBi6bRiKunyNq4o5a-59duhgE0WnHu9gnj6DlXuD9jeLIPut-n3CWHRlsVldJffjHK-GiQ3mhilWnoK9cPw9Cdnf4t4Tk933uBmpPDtrWvWwfHN2Pd3FAzv5_RvYz34wDJNKkVv60Kpk8uRlgQePmQ2ygG3foH6bD8xl9yD9rI4tijXEDEITz7-ufXj-uwSm0uyqRMq5OIBbYpQ2Ig1_7Xteh1N3w69qcRGtgbseyaoPXpJ4bETu511h8UvLfQ44AdmLMi3un930IqqphDIWRobJEGU2q0THBRlhUIs_4jDG9aJS0IDo7V3o91WLLwaodjQ5atgH5H3TqQmdth6p6Z5nsrN2-cG6plmYVTDD9anxcLzNJ3aU7CnBFk_dGYbBgU4BpzrioIZgrPP2-3XlpLVEXIvk-y3il2oMwTTMEc5l_hS5SWQaHUh28yT1Re3f0s5mMJo239pVbXbAu6RorSBWpvuPQLJI9DSjGfjLE7c3Mcwd8CFDUgGB50rXsJ_v-4CPMG5vOWOGy6SByciLKtexRtm3cbK8tcRZOi3EVlgIoKGLh1eoFD3SZ6OBwbC4EGEKGDOS7hk9W7dSuiyA6NZVjjpRqnXc12JGBxS4yImaNZm53hgBTLErJFPF3HYUllbkvuA4qnWNe_cu12nnxUyFDHQalh5RkwgY91ajUAw9Lan6qtE7YXfXXBJsGDdLayMPQMRXFWMBMiVj67g5ved-NH6wAmeFSVY5RrA7GkbLp85gnEgTySPF5BQkBXkiHeVUeG_vjVVfVB1-XktlFA8rXC1FX69tYl-qHVArcPw_5Cb3R8hcbierlk2730RQ_kDoQd6JFLp1J_uoUoC5NLyuSyV48QxiVm-4RPGb7OaitLJ08SFUTLzxkdmzvuQh82l-CzwsgpVOoRtAeBT0MLe5mPDD_C2e8HvtaxcsUSHuk21VujiQmb1gTekBQEG7m7Z_ndoLBe8NKT62k8f670yIJ0g_-pg-7w6TQFHTy1pV_IYXx-E5ZIgExcNZVTUc2S4sAODu97UbzERD_Zg5gpGqmsf3-XE1ESO3wbW70uAHodx4KIRWkISN1CCHju_DfL3xRaGi6nC2HjfLXTQ95l7xvrR49d2RFldJIqptLXR1e4K-2BH2KpEhrHqsAmwJNbEADA_y08bl1D-KxONDQE3wEAJ5A53R5NRO2OydCHdUEnXSwUQL6-d93D9J5ULcxlk-7PVeLc4-B7RxA7RHIQbZQl2LuwFvEH-9bn3IgkqmioVm60TPBylh89dj_G_-spJlnlHwR2pHQnPVM0JHvUja3NNFqiUjDCnk3_XC5BSJ6fB0VZhZ5scbb1PozyWas8nLdvvc0BB2iU1D_f4sj67w9mKJkZgrU4VP92FvD5WBrxgC4jDuHzsjW-4Bu16TrUFTaTznk_bFPBooC_DmacqpqLPop3XJhAjvMUXHazPgwtZA_3BuwD0ZRTnWZKdqLHxCeyTig083V9D0bYunW0Vyi5Tk7f6ItNMQ4wPNv6Mv-UF7tAkolXVBc7uSdvZWmDyaL89u5c2IK0NvrfPav8KOedJuikDUlVyz3KAIka7Ivl3dH7CHwpfcF1zl9j2ZPRaKZs9BTqPtcX-lM2yVy8-sBx19gDaPtPV1h7ZI_qcBFw1-xs-S07tobG2sdDdmJrnUhbKEzvfCuqvRS_Eq6kBNYx-fFMWuYSnNNTA6jzA6CSSS9z1rub1WFcrRARB0mNr-6dzgqYmw6TmhqQ45FXI043Z4HvMABhs9cWJk4NDkqRYLxr4aQQgEEjsAcoEIgzkCSrefJFjOJmxELIBBdarK4F7ttdmXB7wq_we5rlqkg1EeFKN1X0Hf1hzZ7o4VeACKQhNmERgBYAE&cry=1&bundleId=
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
64.233.184.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f155.1e100.net
Software
cafe /
Resource Hash
373fdc72302b14cbf15f4fd5cc4378c62b0d444b480f02d7bc6d3370799b9bef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25359
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV5R-1VLo0ulRLnGoAN6JJrQkFa8Lc1qpZm6lLqZv0TG194hjA&d=CokBAKAmf-AA0WJKlNtc-vwEh6Z8xlkR0f62MmlOGos5ZNJ28Bo4rAKF8vKSa8KKiy1NcDMYkF_L6DZLbWG7HLU4ZZoEGDXFrYTt4z6no8IwZFLJZ0IKk0jGKKCAM8JKe7HPBDbH5d4lff8BP984sGA0xq1E17sSaowOSjy81B_zbth-3bi54FqssXQS2RQAoCZ_4JXMTyQkXr9PYmlCS_-aqdxw97JEqFM3k6VKUNKErMYDaaQppRP8HpADTWxBeHKlKcw_vSWqrYotzB392T_iZ_YuGh0Ut76DxkvFaTOePW8Z84Mzwe3E9wxk3DnAfhD6Rx2yRhVAsifxCLEsZR_U3BpGnB7a84k2iG2Ub0JKE8CRgvTHTqrw0dN9GXWDBQvk0bSNbZWY-eGY4bc7NHYfmneqKGGJvUr9xk1yvcDTExjKTTD3EtOysUyu43rFwAwjgIt8wcnmbeG0wuWXmp17ogQ7O4OL0uBItwJit1CIHO01tWaEkWFOO8wnQGrzlWko4e7P-kn7UoQf3HPhvvggFxYjIxrcJTyk_RVUjlftUcX9OlecjtOFFnqKdMnunEgXTXaAk1RGOnNUD3q5IhUWotgx3o8aIhElRSCFnFwagCVAJbPS9UXTZvkF3ly3sh-4MmtwRs4ILXn5R8HE1uBUmvlB9LMUrLbabn8wEXAxolCc19DaAHC4ptxDpV0NZzkNyny6FGHdCTxOMiUjHmiCZLL0qo2AlqUJM0NJsCmpV4fCTU56sc-DngyZWIPwqSseT9Pu2eZvk6BxylTWMiXX-G5t6rbCG_LCElDjYrTZweOMSrC4reV4LqjLFC2skD66stF6jlG9fxA2yrd8rT0GrlP3O4qwWS6rfvhkAKBz9fTUFqEtEomTl16X53LGymWjFtWEfG439qej0O3Z8vvoVynDj6rOms1ayNtTa9CDlSHBYSNWkzgPwYuN7le9fVYS5WqimqPwlXxk9Kz-JRDMSgWcpLS07AyXmoFE4ck3cBt3jB4sBr06G55nbdPzkztms1FGlc3F0Q-JvRBOWqoIgVZRMnrFfvNDJD7Z6DRGDLaclB6zcvEeqM1eeU4c7qpKbc1Hw1VRKjCK_ocmYe5SZ2QcA3Ur9WSaHkCxeUT_4NVC966BU-X9Kf_D8O5oA9Tx0osG_IUuhXl5--56kPYkw1RQsgkdR_orP9SYSyVCoJgKwLM6C3eKkOw3PYFVauk3m6ECB3oV1-GkXhaZTJunUM8LGtAhVMok1Jbv5Y8SUu7vLmSugsJAhhGH-24slCfx5g9tBLIw71HR4bJlvqGT3ETIquDo0vAfpxdfjMVX2DvUB1lKT2qO6j5kdtxfcXWb974UCBIK0Xc6M0ckos9ZrAktaMqpMlXftb-ECKZPWUKHLPvWEUeqDza7bzzifHkSm2yADwV5GiItnDFfvAPvDirNhPUNJc6lARatjoka6kVuIOkbeseRm8u6K5OS6vg_BmseidXYijENyNgB4rybw2j-4WHC2IvZjdJcYjQOCr2Afj-rmZ6SS1LARRu1PwhHWWSwmGUWArsRfTZU4D5wEO--4G9zWoiF3bXoDK4im1Ews5qxPrIw2_Ik-WfT5OFJJB5ZdqL990njtotCC9dN_kIIbw3a_VxfzYu7slxnl0e7OZHQiJ_FxtNhcCzh1VS0nxIf1OatldeGySSLtqiLYLkKJqs0SB077DGDNa8z5ouvGskVNsYI52UYAsPfx7xLIvpY_dStJTuu7w0Z23A1CBuHq0GVAx7cqSGk6OGgQtncRQwhKo5YJE23NhXTSU0PiKL1TDK9UDe3DbiRdVDaEa0Wmt1BJ7YOKUmv3WBYEZ5oIVp9xI7EoPAd5VybTeKxBAALOZfk3QUIdK3vM3Z3W7tgCzP1n1u_DGPSeDzEvDeU6xWb303i7Kc-uN-yORnKOnHpYQxDIlGYWuAhHpgbWBi6bRiKunyNq4o5a-59duhgE0WnHu9gnj6DlXuD9jeLIPut-n3CWHRlsVldJffjHK-GiQ3mhilWnoK9cPw9Cdnf4t4Tk933uBmpPDtrWvWwfHN2Pd3FAzv5_RvYz34wDJNKkVv60Kpk8uRlgQePmQ2ygG3foH6bD8xl9yD9rI4tijXEDEITz7-ufXj-uwSm0uyqRMq5OIBbYpQ2Ig1_7Xteh1N3w69qcRGtgbseyaoPXpJ4bETu511h8UvLfQ44AdmLMi3un930IqqphDIWRobJEGU2q0THBRlhUIs_4jDG9aJS0IDo7V3o91WLLwaodjQ5atgH5H3TqQmdth6p6Z5nsrN2-cG6plmYVTDD9anxcLzNJ3aU7CnBFk_dGYbBgU4BpzrioIZgrPP2-3XlpLVEXIvk-y3il2oMwTTMEc5l_hS5SWQaHUh28yT1Re3f0s5mMJo239pVbXbAu6RorSBWpvuPQLJI9DSjGfjLE7c3Mcwd8CFDUgGB50rXsJ_v-4CPMG5vOWOGy6SByciLKtexRtm3cbK8tcRZOi3EVlgIoKGLh1eoFD3SZ6OBwbC4EGEKGDOS7hk9W7dSuiyA6NZVjjpRqnXc12JGBxS4yImaNZm53hgBTLErJFPF3HYUllbkvuA4qnWNe_cu12nnxUyFDHQalh5RkwgY91ajUAw9Lan6qtE7YXfXXBJsGDdLayMPQMRXFWMBMiVj67g5ved-NH6wAmeFSVY5RrA7GkbLp85gnEgTySPF5BQkBXkiHeVUeG_vjVVfVB1-XktlFA8rXC1FX69tYl-qHVArcPw_5Cb3R8hcbierlk2730RQ_kDoQd6JFLp1J_uoUoC5NLyuSyV48QxiVm-4RPGb7OaitLJ08SFUTLzxkdmzvuQh82l-CzwsgpVOoRtAeBT0MLe5mPDD_C2e8HvtaxcsUSHuk21VujiQmb1gTekBQEG7m7Z_ndoLBe8NKT62k8f670yIJ0g_-pg-7w6TQFHTy1pV_IYXx-E5ZIgExcNZVTUc2S4sAODu97UbzERD_Zg5gpGqmsf3-XE1ESO3wbW70uAHodx4KIRWkISN1CCHju_DfL3xRaGi6nC2HjfLXTQ95l7xvrR49d2RFldJIqptLXR1e4K-2BH2KpEhrHqsAmwJNbEADA_y08bl1D-KxONDQE3wEAJ5A53R5NRO2OydCHdUEnXSwUQL6-d93D9J5ULcxlk-7PVeLc4-B7RxA7RHIQbZQl2LuwFvEH-9bn3IgkqmioVm60TPBylh89dj_G_-spJlnlHwR2pHQnPVM0JHvUja3NNFqiUjDCnk3_XC5BSJ6fB0VZhZ5scbb1PozyWas8nLdvvc0BB2iU1D_f4sj67w9mKJkZgrU4VP92FvD5WBrxgC4jDuHzsjW-4Bu16TrUFTaTznk_bFPBooC_DmacqpqLPop3XJhAjvMUXHazPgwtZA_3BuwD0ZRTnWZKdqLHxCeyTig083V9D0bYunW0Vyi5Tk7f6ItNMQ4wPNv6Mv-UF7tAkolXVBc7uSdvZWmDyaL89u5c2IK0NvrfPav8KOedJuikDUlVyz3KAIka7Ivl3dH7CHwpfcF1zl9j2ZPRaKZs9BTqPtcX-lM2yVy8-sBx19gDaPtPV1h7ZI_qcBFw1-xs-S07tobG2sdDdmJrnUhbKEzvfCuqvRS_Eq6kBNYx-fFMWuYSnNNTA6jzA6CSSS9z1rub1WFcrRARB0mNr-6dzgqYmw6TmhqQ45FXI043Z4HvMABhs9cWJk4NDkqRYLxr4aQQgEEjsAcoEIgzkCSrefJFjOJmxELIBBdarK4F7ttdmXB7wq_we5rlqkg1EeFKN1X0Hf1hzZ7o4VeACKQhNmERgBYAE&cry=1&bundleId=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 1704 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
23296789
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
xktATn773aJjT-8499nObfK4-P8_rVfeaVTKr4i0860mXCP8mlZ5_A==
main.19.8.417.js
static.adsafeprotected.com/ Frame E2F4 		202 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.417.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1484055/72040524/skeleton.js?ias_dspID=64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
751fb681f54d257d1e40ec453a64608224a9862491da12791310bdeb0c1d8a2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 15:17:27 GMT
x-amz-version-id
UVbFefY6UOYSsxlF6c.82fk2mbTK4IKy
content-encoding
gzip
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
833919
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Jun 2023 21:53:40 GMT
server
AmazonS3
etag
W/"bb95c129f80c46c33e169dde0694b792"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
eWRwi3ZdvUiHpUNtTHDXU-VQ2kYXVWmPc1VZYYkYNbfA5s_6N8H31g==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0722 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63415
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 13:19:10 GMT
etag
48472445140208031
expires
Sun, 18 Jun 2023 13:19:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 35D0 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db35ac8ee2c3638909664abccc24d8f21ed9ac2cc1e633ae7e677d0f147f5084

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5C65 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63415
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 13:19:10 GMT
etag
48472445140208031
expires
Sun, 18 Jun 2023 13:19:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A1EB 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dbe523940419cf1e82fbddd67e32fb86055a0cc5c1943e717d4e3f6500c3dd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame D379 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=fad760d5-2e86-7595-3518-0899658ca0c6&tv=%7Bc:fS13hW,pingTime:-3,time:119,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:33%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:120,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B111~0%5D,as:%5B111~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHvRwfr+111%7C112%7C113%7C114%7C115%7C1161%7C1171%7C11721%7C11722%7C1181%7C1182%7C119%7C11a1%7C11b*.1352960-70224155%7C11b1%7C11c1%7C11d%7C11e,idMap:11b*,rmeas:1,rend:0,renddet:IMG.us,siq:34%7D&br=c
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:f77:9d61:9942:8164 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame D379 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=fad760d5-2e86-7595-3518-0899658ca0c6&tv=%7Bc:fS13hY,pingTime:-6,time:121,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:121,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B112~0%5D,as:%5B112~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHvRwfr+111%7C112%7C113%7C114%7C115%7C1161%7C1171%7C11721%7C11722%7C1181%7C1182%7C119%7C11a1%7C11b*.1352960-70224155%7C11b1%7C11c1%7C11d%7C11e,idMap:11b*,rmeas:1,rend:0,renddet:IMG.us,siq:34%7D&tpiLookup=ao:pcloak.blob.core.windows.net*%2Cye-mek.net*&br=c
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:f77:9d61:9942:8164 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
default.css
as.ad4m.at/ad/style/0.1.42/one-ad/ Frame 67CE 		106 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k5tcbar52gbcws2r9b2jzx9y6yje9q2a2asrxz69qtg37exq1c887hg8de2z9w8kct64e01c1ae6jss8eg1y60n2bh5kk7q3wpkpykb5sas3r8c6c10bhbkzw2m820vxgmgr7h3y3fe9favyangyst63r9zre5a1exr1z14fj0jzk8ttvkfndmth2dks09t0wzhby3btwygz9kzsg0k5kypw5p6nkb70phqnsvdfeahbtch2rep8x3egzwqs9g1v3v4gc2pbfsc5ry2d5j3wt36r3x0mamra18k0fg1811gc6xtp35v00r3t5wfyfmqx29yxmznfjwvy5ebc6etckmpqkxjr2b6c1ewprxk1bvfs41zp80d8r95bmqpw676jbe17rcjeaym35kkcc0rz4dsbgfkk4dd3dk122p6esnp93nzbf02bcjaehdkqzwte9zy625q8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1k5tcbar52gbcws2r9b2jzx9y6yje9q2a2asrxz69qtg37exq1c887hg8de2z9w8kct64e01c1ae6jss8eg1y60n2bh5kk7q3wpkpykb5sas3r8c6c10bhbkzw2m820vxgmgr7h3y3fe9favyangyst63r9zre5a1exr1z14fj0jzk8ttvkfndmth2dks09t0wzhby3btwygz9kzsg0k5kypw5p6nkb70phqnsvdfeahbtch2rep8x3egzwqs9g1v3v4gc2pbfsc5ry2d5j3wt36r3x0mamra18k0fg1811gc6xtp35v00r3t5wfyfmqx29yxmznfjwvy5ebc6etckmpqkxjr2b6c1ewprxk1bvfs41zp80d8r95bmqpw676jbe17rcjeaym35kkcc0rz4dsbgfkk4dd3dk122p6esnp93nzbf02bcjaehdkqzwte9zy625q8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1686312358
age
758700
cf-polished
origSize=108907
x-guploader-uploadid
ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 09 Jun 2023 12:06:25 GMT
server
cloudflare
etag
W/"913a188acf4937267d989357edafdccf"
vary
Accept-Encoding
x-goog-generation
1686312385390155
content-type
text/css
x-goog-hash
crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MZLSoMKY3nqp8NctGe92zqvYHT9Mhrfac1bN2sfAwc%2BOqNUEfUtzExM4RPjkjG602Ix%2Bl9Na4RTqf1YMArkzR56IbXaaafDyL%2F6%2BIhiLLOFggvSqjWS9LiMg7Ph%2FhC9dUAzRu9A5t8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
108907
cf-ray
7d91a16318349bef-FRA
expires
Sun, 18 Jun 2023 07:56:05 GMT
r62eglto.js
ad4m.at/ Frame 67CE 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k5tcbar52gbcws2r9b2jzx9y6yje9q2a2asrxz69qtg37exq1c887hg8de2z9w8kct64e01c1ae6jss8eg1y60n2bh5kk7q3wpkpykb5sas3r8c6c10bhbkzw2m820vxgmgr7h3y3fe9favyangyst63r9zre5a1exr1z14fj0jzk8ttvkfndmth2dks09t0wzhby3btwygz9kzsg0k5kypw5p6nkb70phqnsvdfeahbtch2rep8x3egzwqs9g1v3v4gc2pbfsc5ry2d5j3wt36r3x0mamra18k0fg1811gc6xtp35v00r3t5wfyfmqx29yxmznfjwvy5ebc6etckmpqkxjr2b6c1ewprxk1bvfs41zp80d8r95bmqpw676jbe17rcjeaym35kkcc0rz4dsbgfkk4dd3dk122p6esnp93nzbf02bcjaehdkqzwte9zy625q8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
480748
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVVt91NheDPYr7KKnYVWBSFEoP1BJsIyNd7vyB7%2BJG%2FFb%2FBjNDzstumsQ040NPOq4Jqk71nYxVvSGfhKIBhC1bbtvweRsTbTXznIsQ%2BuMqnXIGyJ%2BaqpXKy1%2BMPCXujOFdRNXZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7d91a16328479bef-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 06 Jun 2023 13:46:12 GMT
vt.php
cat.nl3.eu.criteo.com/delivery/ Frame 4342 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/vt.php?cppv=3&cpp=uLzYcljDlil-pkS5T5FA4xRHOj0W452qUggBl10gyYUspxeQRGBhOmUzGElxYrXWDnUqg_htbAnYnQrhCsga8ykii6K5UD1GFpdZIWbrkWmw-ypIKpA1yRbL5V-JVSaYiLZO5RlYeK6nNoOhYE8kzbRFXiVQ70aCY9ld5df-v1DWlxlUWJugae4fhsGV-O9hjmfrdKzXQOvrM7FRjyiPFK_d_ysTHM8dALyE5NY7Sr38vV8uxmFFmcmMwgg&err=[ERRORCODE]
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
105399
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 4342 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDQlOhKqOZLiTCcPw7gPUqjDJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQWpAnH8qUpKWbI-4AIAqAMByAMCqgT3AU_QHgt0ohgoQa5ZQZaFkQTHxCgIcnV8ALiEjojNDUl_cAm55Dc4ETKzh3eG84uHn9Q7DOZ1xZO86VxfLVMRoZKPN-x4FVNFSZRjSoMTRX_cWruXKpJcXzQFSPv5VNobxGcm3qO64tNKTIjylchKinqUpdNaJecPJjhbU1I0n7A82yyplERSUtbEI72vmDxwcduzczGCk3pW8RfKLwEKP_wMkTQGpm_pPix2E7SrMynIWFp1UtFDz8iMgzunNA6loMCK3KPOWZTjtPObYusc8C0fu3iBJY7h2DGnxw0dPLF0PrF3QloSVKVUDeDrLPUBn5BSvUy47AbgBAGABuXQrvCavLuIUKAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ&sigh=ICORb2X1jBU&label=part2viewed&ad_mt=147&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15082%26vmtime%3D146%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D323361027%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A1,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1687071365614
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4342 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=iCnaQqNkAR5fibcLpTBtIthljDXG9HFx59iEnBRb_wPFzENyxSmyz_w6_Vcmzid0lgUKSNNpGCQMWhLi9TWBHbik0XESkZ7sqWl8Mdi6K1A4inzWd1muZkr_nTGZwhf63ko5sGGcDID3OMnmDd6RSfn3kBnMYi17WY_W0vRCbOVXyV1fzYfLzOuqJUWz6jP-RBQAFtihRCx6aD8Qe4tiPLDdOJ9KVBbjvQLK31Fbmqj5FcBn20-auJHCOc_PcDPHYZAY_2Wf93pJm_5LxkBFSLsSk2Ht-Rv44JJS7xn1RExaAv6zZrxjsIxYgN9qWRKqGfX0m13L0dXJNKYr_UkROhTCYNHFKmR8crGqHfjJzjMFH5zU1X7R2c-IVAiJn3KjSBEacg91JCwYMedTAfHLOfuBIVev03ru8x4tpL8zCv9vrQP45tmWzVMojkiCw0u0mijEXw
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1847510
expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4342 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-PanhKqOZLiTCcPw7gPUqjDJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQWpAnH8qUpKWbI-4AIAqAMByAMCqgT0AU_QHgt0ohgoQa5ZQZaFkQTHxCgIcnV8ALiEjojNDUl_cAm55Dc4ETKzh3eG84uHn9Q7DOZ1xZO86VxfLVMRoZKPN-x4FVNFSZRjSoMTRX_cWruXKpJcXzQFSPv5VNobxGcm3qO64tNKTIjylchKinqUpdNaJecPJjhbU1I0n7A82yyplERSUtbEI72vmDxwcduzczGCk3pW8RfKLwEKP_wMkTQGpm_pPix2E7SrMynIWFp1UtFDz8iMgzunNA6loMCK3KPOWZTjtPObYuscsi8-Kf8OuZ1eRCUEFzC7xLhgNAd9bEKQ4G1pqxJUMtkZGjrWrvPgBAGABuXQrvCavLuIUKAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=tPi62IdUSkw&uach_m=[UACH]&cid=CAQSLQBygQiDQ-nEGjxlcV8NjIt7y_Dh3wAftlbcUFM2ILM7QyhZdE5byauMoM45ChgB
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
google-vast-measurability
csm.eu.criteo.net/ Frame 4342 		43 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csm.eu.criteo.net/google-vast-measurability?cppv=3&cpp=jafJu0_P115_VYlTpAjMxBWdNFfRrysuMbRc5Sykwf2mMNVuKWpzEC2ZL6LRGNmmpCQ3hrkkeIrunrqrbQNg9VDwHVevutGH3eA3Ym0qbN9pCp89meQjPTh86ft4u4qFpy8RNp-19WRDl3CAuqik9umKQz0ocuxuhJDFAgT1h8cTkKbjA-ZY3EX12T5QJumJ2WoGXAKTJpTUv8hemdGPk70ddk5fybfAYC6Cz8tBTk0qkHNQqwx2vHUFWj9POD_fzmH86w
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4342 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyqHawZtHHddnwVKgYJ4U9AUbuOmPofWBQ_rXxAZkyxdTy-VHLMSi2aC2-tWeujTZf07IaEvQG9s-iAQexXnRGcmM&sig=Cg0ArKJSzO2deIrRUUghEAE&id=lidarv&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15082%26vmtime%3D146%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D323361027%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A1,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1687071365614&avm=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 4342 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDQlOhKqOZLiTCcPw7gPUqjDJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQWpAnH8qUpKWbI-4AIAqAMByAMCqgT3AU_QHgt0ohgoQa5ZQZaFkQTHxCgIcnV8ALiEjojNDUl_cAm55Dc4ETKzh3eG84uHn9Q7DOZ1xZO86VxfLVMRoZKPN-x4FVNFSZRjSoMTRX_cWruXKpJcXzQFSPv5VNobxGcm3qO64tNKTIjylchKinqUpdNaJecPJjhbU1I0n7A82yyplERSUtbEI72vmDxwcduzczGCk3pW8RfKLwEKP_wMkTQGpm_pPix2E7SrMynIWFp1UtFDz8iMgzunNA6loMCK3KPOWZTjtPObYusc8C0fu3iBJY7h2DGnxw0dPLF0PrF3QloSVKVUDeDrLPUBn5BSvUy47AbgBAGABuXQrvCavLuIUKAGKqgHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDn6CwIIAYAMAdAVAYAXAQ&sigh=ICORb2X1jBU&label=vast_creativeview&ad_mt=147&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15082%26vmtime%3D146%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D323361027%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A1,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1687071365614
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 4342 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lj12qcgh&c=6451387349332&slotId=3225693674666&qqid=CLjl-8qezP8CFUO4ewodVBUMAA&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&mt=video%2Fmp4&vs=1080x1080&dm=15000&event_name=first_play&asset_bytes=149957&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=6&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.16k~videopreviewstarted.16l
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame E2F4 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=20309721&cmp=29968277&sid=3288807&plc=367565023&num=&adid=&advid=4309118&adsrv=1&btreg=558488166&btadsrv=doubleclick&crt=192207036&gdpr=&gdpr_consent=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3161f812469fd0552b9863a8bf904c86342db3208368ef4460329fe5fc2f8863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sun, 18 Jun 2023 06:56:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 09:15:55 GMT
Server
UploadServer
ETag
"71b8beedfc8712992269775dfe385a4e"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3374
Expires
Tue, 06 Jun 2023 09:33:40 GMT
index.html
s0.2mdn.net/sadbundle/16829948873192997814/ Frame 5580 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=u0LdbCMWet&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8cd9f7f932e502b97e7ebd1194ba28e4b5a441b6100a07a09a6c02f102c8b55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3050
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:05 GMT
expires
Mon, 17 Jun 2024 06:56:05 GMT
last-modified
Fri, 12 May 2023 09:19:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E2F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssM97JNTmY66t2a5VfYOi7ZroJS8wP2rLEJLRX9TqLtBzqdMI_dRrE3-RJeWCBGUYut2hjanz7P0k9sodXovINa4RrD3TVU_Yr2o7SOdpH_8hrVwFGbGxd3QVZo0C4e9nsJenURr9cV2doYukKWOp4YrpzDnqwqOcDIhrAnu2_ON1vOpshYmE6IgOc7JPQ3dhERVWf5-o1d1a9a-3XeeVQiO54o2LNjzmdmBktMVpb7fMxPS8WHH4Nk0RAATfCtM125CbJ0wdiWu844X7bhXDwyFIbm_W3g2Qy9rI3spjsNv0gNTJibLJyn6izwKKTSWSI0n8VLBXRoSMAvmuN0mhuxZtNeUY7oO3dYP-BotcDhkfYiMDzM0OhSMRCKPW0M_a9VlTgxAN7v0AuloSJ6CkKm4215WotBKUHhGvQxLxeLuroGm98APdkQIuyJTQNyb0QhvloHVi9aQMcaDLp-Lrh4Ea0ZRuMqAZlVhy31YGHMgnsG5mbt7-En7j9CT0VM3I1dj1JxGQ38FgKDqkjoQXwgNsS-hNsA1Bt77fywCqJkoeK_Utyyi5wBB5bkChQe6AGTUYSrXw2Dw54V6uaiYyzo6KVM0qCfD5v5Ep0DsHZebwE9YtX6ZQP9KavcfchlgUK_EsfOjl0qMjocj4FWR0q1KFvPrx7oESnSpmTrzpu94MD3B7B5-hk4lLTPFAAiFEQ6_zM7Ll02GKIiNfCsLBG7_3VJQmDxv9kVoE01alAY1ONJGUyIoUGnGNOSc--7xntIGrCGPHTA7RHBCwa_HC3PX5o26XwAkIrFoaED3qfsccJ3U8VDQDXLHCoq4g0BgWq5IXfjrMkudPt1471fyU1LivRL8TreWsNVfWe1QBKX0Y20b6W1RT9Gk48CCAp8M4eP0AkCx-8duceQZW-6NI94WMzLhkbu2ivrsriuwGb_ejXauHVzX8zjkPYlR_VGltXgshvnsMMczhN9o7lAmwOXh2ak7uoxSlAGWPNa7zM_dpBnkLkyihxy5XuNBUTizofWOobhY7vwswZOpDQNIgcmpM56S1lkRgL12qAtGNZtwutrfsvmHWzqTFLcNuOHZn56h4E5EYEorJlsoOhiQ49ZQJNoC_Zp1ZdZZoHMd792GfO9fS42xm1aTFr_YaU14zWWWqG_k9hKl_qlN9dpblaAFQ07kQ9C3UYZ5FkMKT30mQ0rnUdVE69HCTZ_uuHtQDoW2rKFMFnOdKEP9uvz6moJrAg5pnRXlJnDJEe7YfbXtohPPZcUmZ7UbL6qo4R48rxk1LalDEYGqlsbi5CX-Nw3Lo5bDebuYPWGNdALD7NJdRcQ4l-B4t4&sai=AMfl-YQ12GL-H4sYnI5fohXqivc0sg5qi_uC1oEen7orj5Wu1uXAzYoAlbCqpWV-UtR7N_YRraWh4wtlK4MGtYtkxNIamN5jKQuciclUfg_fPiuSp7YqE_ejcCsBudk0SDyhG5qstojgZnTcbkMpwqQZ_-fbmITNfHyALJLl0ChWAoDk7nPSbXchsKGWHa0K6jScx2N5HAHeoDf4R-amM2nHkLoC9ahlghcwAegVeNPD2nq-t9gCr8g8VSniihlpHv9b6Zu3AQw2QzrMplE9fdNtKdkmTJkTbQ&sig=Cg0ArKJSzPbkQtWfDaFfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=362&cbvp=1&cstd=354&cisv=r20230614.34535&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:05 GMT
dpixel
cms.quantserve.com/ Frame 86C2 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA0pnn6eAxmgbSY2G4L48Tc&google_cver=1&google_push=ATf1kGMJrehYMApdSzrdxguRfoQDAGE20hdhTPXa5f_PIHXFAiilc0w38dWttC7rhQZ370kxtMx3rTQAjDrux-5GEM3mfFUkVQ
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 86C2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBSWNn7T8-Z51ZLNmLI1S0M&google_cver=1&google_push=ATf1kGPPulNbFGoUVgcP3_d6xK3IR0wupORX9QKLRzO8c8V7lp0eJ_7Tc8Snegf7sLLfSlalBJfE5ROzd_FCc03U...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPPulNbFGoUVgcP3_d6xK3IR0wupORX9QKLRzO8c8V7lp0eJ_7Tc8Snegf7sLLfSlalBJfE5ROzd_FCc03U0yIXFf3jhuo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPPulNbFGoUVgcP3_d6xK3IR0wupORX9QKLRzO8c8V7lp0eJ_7Tc8Snegf7sLLfSlalBJfE5ROzd_FCc03U0yIXFf3jhuo
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 18 Jun 2023 06:56:05 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x25 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPPulNbFGoUVgcP3_d6xK3IR0wupORX9QKLRzO8c8V7lp0eJ_7Tc8Snegf7sLLfSlalBJfE5ROzd_FCc03U0yIXFf3jhuo
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 18 Jun 2023 06:56:04 GMT
pixel
cm.g.doubleclick.net/ Frame 86C2
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEImfVPObC3L5SStAqzJBIYE&google_cver=1&google_push=ATf1kGMhn0CA5C9u6qYXqv01mrY7zdkGS9_4aqt4bPKLGiP7HkjVEW9FIrvq4I8Lm5dN1poWHmIoS6KZXRAGhoFMbCdX6_lJnQ
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEImfVPObC3L5SStAqzJBIYE&google_cver=1&google_push=ATf1kGMhn0CA5C9u6qYXqv01mrY7zdkGS9_4aqt4bPKLGiP7HkjVEW9FIrvq4I8Lm5dN1poWHmIoS6KZXRAGhoFMbCdX6...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMhn0CA5C9u6qYXqv01mrY7zdkGS9_4aqt4bPKLGiP7HkjVEW9FIrvq4I8Lm5dN1poWHmIoS6KZXRAGhoFMbCdX6_lJnQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMhn0CA5C9u6qYXqv01mrY7zdkGS9_4aqt4bPKLGiP7HkjVEW9FIrvq4I8Lm5dN1poWHmIoS6KZXRAGhoFMbCdX6_lJnQ
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMhn0CA5C9u6qYXqv01mrY7zdkGS9_4aqt4bPKLGiP7HkjVEW9FIrvq4I8Lm5dN1poWHmIoS6KZXRAGhoFMbCdX6_lJnQ
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 86C2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF47OK7VUN7QNXa3SFNlfV0&google_cver=1&google_push=ATf1kGN5HPBUQ-gtVt-0vWXurmJEsS27sgaBWyiG6HKAT-ZkVhNHxP1yYCBJXEz0rm1BWwblcHCW4zEW...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF47OK7VUN7QNXa3SFNlfV0&google_cver=1&google_push=ATf1kGN5HPBUQ-gtVt-0vWXurmJEsS27sgaBWyiG6HKAT-ZkVhNHxP1yYCBJXEz0rm1BWwblcHC...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY4NDE2MDA5MjUyNzA1ODQwMA&google_push=ATf1kGN5HPBUQ-gtVt-0vWXurmJEsS27sgaBWyiG6HKAT-ZkVhNHxP1yYCBJXEz0rm1BWwblcHCW4z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY4NDE2MDA5MjUyNzA1ODQwMA&google_push=ATf1kGN5HPBUQ-gtVt-0vWXurmJEsS27sgaBWyiG6HKAT-ZkVhNHxP1yYCBJXEz0rm1BWwblcHCW4zEWS8lV_GlJATg-EDuVDVA
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY4NDE2MDA5MjUyNzA1ODQwMA&google_push=ATf1kGN5HPBUQ-gtVt-0vWXurmJEsS27sgaBWyiG6HKAT-ZkVhNHxP1yYCBJXEz0rm1BWwblcHCW4zEWS8lV_GlJATg-EDuVDVA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 86C2
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GCtVNXOsSXW1B0KD_R7--w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GCtVNXOsSXW1B0KD_R7--w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOco5bz2OflXdYgcbLyXl_C8SDfwLkfcf4lAMTGg4WVxA58MVR_A1fU-x-orEc9NaK1Ow5q95NwVLTI5KERxnbXMQ5s1a4
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GCtVNXOsSXW1B0KD_R7--w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOco5bz2OflXdYgcbLyXl_C8SDfwLkfcf4lAMTGg4WVxA58MVR_A1fU-x-orEc9NaK1Ow5q95NwVLTI5KERxnbXMQ5s1a4
date
Sun, 18 Jun 2023 06:56:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 86C2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGO6pqBBR1_RppuibV6w7eJHE1s3oIaWGETml941uBOm_iS2ZaJZk3KbumWGKWUhBJqM6kqyDvUVRdvl1Gsy-EEmDWCS_yQ&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-bf138026-ce02-4e53-a4ae-e7fc7e34c707-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGO6pqBBR1_RppuibV6w7...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGO6pqBBR1_RppuibV6w7eJHE1s3oIaWGETml941uBOm_iS2ZaJZk3KbumWGKWUhBJqM6kqyDvUVRdvl1Gsy-EEmDWCS_yQ&google_hm=A78TgCbOAk5TpK7n_H40xwc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGO6pqBBR1_RppuibV6w7eJHE1s3oIaWGETml941uBOm_iS2ZaJZk3KbumWGKWUhBJqM6kqyDvUVRdvl1Gsy-EEmDWCS_yQ&google_hm=A78TgCbOAk5TpK7n_H40xwc
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGO6pqBBR1_RppuibV6w7eJHE1s3oIaWGETml941uBOm_iS2ZaJZk3KbumWGKWUhBJqM6kqyDvUVRdvl1Gsy-EEmDWCS_yQ&google_hm=A78TgCbOAk5TpK7n_H40xwc
date
Sun, 18 Jun 2023 06:56:05 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXbf138026ce024e53a4aee7fc7e34c707003
content-type
text/html
0.gif
id5-sync.com/i/495/ Frame 86C2
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEEH84nxrHvYqBp-n9QIaA08&google_cver=1&google_push=ATf1kGMFBd-Lbinblqp2EoFw7Z0knXYnC1OPJPivTFwcTapyzV_KnPb2VP_Pz8pJl6KFDffr3XWfhgW5P9vivhIAWHbMJ_LFJQpp
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMFBd-Lbinblqp2EoFw7Z0knXYnC1OPJPivTFwcTapy...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMFBd-Lbinblqp2EoFw7Z0knXYnC1OPJPivTFwcTapyzV_KnPb2VP_Pz8pJl6KFDffr3XWfhgW5P9vivhIAWHbMJ_LFJQpp
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
141.95.98.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sun, 18 Jun 2023 06:56:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMFBd-Lbinblqp2EoFw7Z0knXYnC1OPJPivTFwcTapyzV_KnPb2VP_Pz8pJl6KFDffr3XWfhgW5P9vivhIAWHbMJ_LFJQpp
x-download-options
noopen
vary
Accept
content-length
271
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 86C2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K6leWS8yKN7SmliRQzWM8mr7K9L01WxL_eI19ehjYgXY-gc_n-Wb4NTthCMWzW9-YuBvsSEw
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7986
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2105 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
234560
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 13:46:45 GMT
expires
Fri, 14 Jun 2024 13:46:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame D379 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=fad760d5-2e86-7595-3518-0899658ca0c6&tv=%7Bc:fS13jj,pingTime:-2,time:204,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:649,beZ:650,mfA:653,cmA:656,inA:656,inZ:659,prA:660,prZ:677,si:683,poA:684,poZ:706,cmZ:706,mfZ:706,loA:770,loZ:773,ltA:853,ltZ:853%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:33%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:204,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B195~0%5D,as:%5B195~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHvRwfr+111%7C112%7C113%7C114%7C115%7C1161%7C1171%7C11721%7C11722%7C1181%7C1182%7C119%7C11a1%7C11b*.1352960-70224155%7C11b1%7C11c1%7C11d%7C11e,idMap:11b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:34,sinceFw:168,readyFired:false%7D&br=c
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:f77:9d61:9942:8164 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D7E1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
234560
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 13:46:45 GMT
expires
Fri, 14 Jun 2024 13:46:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/9170381621892120779/ Frame 9538 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=P34UEfdXpJ&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691257cf7d510da3434f5eedca2b2e0137949c698e3750c7705526a1ee75684c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2744
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:05 GMT
expires
Mon, 17 Jun 2024 06:56:05 GMT
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 35D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvC6jOHqbKnQlaFvkWugCRN0xLgbb_yuXXLi9jGCMucvggyrp1fvK-QU80En9O7SGufoRabCypaXbrHCsEtdiMyj0bOO_1nUbHuJ-eJdOCJVHrICCEntjsuE9ZMRVP5mUIVHfryyAONdQ9dWgC4ruZjWa1wDG85NdUwsEudXUnvc6u8zANWMGaOYDTyqmIfQ1mWF-FRHSKTOM7JtF5ZpyJnNZk1RIJrXB2gfzE8W_R7z8cLyWG9uS4fpLuoL7nEWh55Xrzi7QfBcUiQ8vgtc1YPsZ0XV9hNU7xtNCGNtJkdloRzPGPh37FFDJwXALYMDNvV8ZoLlC1PKVEpkv_hxg95VPubtcp349hyxfjVawZUlbAeVp-8Fd-RH0So-lSKJ4T2b5QXvqWlBUeOK7yWbNebWrCclhKrCkKI-9b2rcc4tcgRfJKweXNo3zq5FvVsvAS17yoCVKZCP3o7ocQyPHgnm1qauVKIBa9VJ59ZYXXbnDq4MmbfLPOG21VfnXGLDcHh6dCTy-xGmzXxUM-inNqVtj4CsrhZRGBfrEN6d37bZNPQuOSqMFrBQmmeHXFa_Yg3XpKBWb0KGXLEQTFbPzmDqqpUNZ_btNY6fEMxWMsy8V8jygLeOyr8S0tBVltviKMbGB0NhqtXkB-4WhvHleLgmG7VxbdBOVFvAdn7zXjqFblMCGEpxYxdVEXT_XKy1TbcOKAh1AJbm6V2WE1tu6-2LPKq2dBLCwVL8GIgxT_P-bewz7B2fS1RBODwriqjXSe1HFnE37DNPXE8jVNWzICN_-H_sDO6rHje-5sqpHmkUab6L75scLO8P2nLJplOdVEwkCnMLBbsSx_UZq9Ve_7xLWljNhq6HvtEcD65_K4J7-eh3ST1Y61Tv-pnaIXFMQlpsaxv1RpRZh5OKpVTdU_yb-KppEEqje9fyAS3i_mcFcE0ZSLqJe7LOKaahhat_L1BnV3hw_YqRSdd2ArpXURzKTp1OQavydBieBw0KwCzX3dJEmK7hbWKG2HfF0Am1o9LW4hmnhCgas3gVSWjd3XVCGxfoAc3mgORJ3_rBWhDvm0ctO1GEqbdb6qYaj6X0sP4iAYII-mBXJwlMabv3njj_caORd8wNo2PB0rBVKmk_91p8OsbqdEHSP8bjKSa41E33AGONveLNiX3jJ_s38METi2IaU1d-EC1qjUz61juOEi-gDNMU4zsEzhEdEPwhAoPu83HYmPia1q5pezONSDk0NGd6tfTQ-aAPuG8zvZeT7ry31fjOTqddSOvgbrxsETihUCIgCygPGQO8P5MKmJxQvVA3y_LfZrrMIIkwNIbYOMGRbGmBiwRnQ&sai=AMfl-YSp4bnoi5mU8-fBYiNrelJOA2J07EPEoHW8DDCKtET6Unyj-5vWrQ1C2jBNslEoshfgFczCQJ56_7519jDh3wWSRf25NO1IWWSnKlbXypaUJP7CY-9OsxNmhzT5NspzhT4nu_QcSO3Z-CjpfgYq5uqB7R05FMtxpROAIO1_52GLBcm66iYtVStunEU32zzk9NsyheVk6TtuiN7iwqMt79Mz6nlTstECdcRhUpcrPO1hSmupTL3lyjUEx654Ia43Ah3e5wzR8H8MLbedoA0cVng3e_Blag&sig=Cg0ArKJSzIU1JAZF4md4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=275&cbvp=1&cstd=268&cisv=r20230614.30713&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:05 GMT
index.html
s0.2mdn.net/sadbundle/7493198391404092334/ Frame 7B3B 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=0RTqzJl6OX&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c6d900511c502a6d0b97a298ecab07040eb48a8756ec785beddb35006825f0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2701
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:05 GMT
expires
Mon, 17 Jun 2024 06:56:05 GMT
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A1EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6z6-LJDxgtyXjhy9qxO7JyxqXk0DB-LFByTDWuMUGbniUKlAHfBC9ifrjbsUOfKjO7NbGSMVrQKJZjfSuZyobUZHe-qk9rthSGdgliDq5gMlgD6uqIG8ZzrLsei8VSVPI2KUJC7pXhcgBgTg3e05Sxnq-vTi1nRd0-bnFxvjxhLUflrEAaslyQcTEDhYN5DPPmC7yb9hFxQNzu4Sh8JWGJSeit5gUArxClIwAr1LzRYb5knoYz1MLyT1xCDpketsE2m4yI495wzekQxwHBC4I6AjX3EiAduIZuicTpbjGXTzHT1_uiaEYdBO1xCgxJj_GhaRhRNfueswCLE5wOhQN3HAt2dP4A5PbsjzRqyfMiNNB8siDspqsYfGpEA-k7EJt9zOJtmuog-qI7-v7FIMZXors_9eQhlTMJ7vQV84tjFYh8WTlXE7i-gtpmKCRvGNRy5Q_OX-kOY06J4rTZk4zj_SFWIYpMpoQjbl2KGqVUftcC9x1fYyjYIY4SRjcBWJ79pYzwny7CaodTTOTX5nlHO4nmK2uK1G_CckZknQ8WpcY9g_xRHGxZtqJXrqCcbaibss-0HDOwS11qCBGmJW357mm4r7Na9IEvvK1kNxiviqTXJZHCh2QIAn2SupB8KIs8cqg5tq7YYYYgFxrj5fIxy3MG-hArXn9PiZLqAQAQ93Yq0wCWmARN1Wcs8DCQk6LpC2KhYU8jHilj5t_Zcxj0Fg0wUa58FFf7Li6RQKGf9tzLuSGdaIoGn5TsYdFtPE9yd7g7ztlXzC-GwrmdNPJ6YAW9BBHgAJfkhECxrJ0SrOkddtMU96UmsSU7FzKqPBb5Tp8Wai8auIzm7F4ZtaEnF5Ue-KTMREEFhSxwZFUEGG-GcU0xYF0iPM9JHAm2YuLBmjWFsRFYVnIeI45KsjkGQRQv8gAy42-w1nk1AFFxdNXwl0oqbq74J8qusjChSrsHdIxBQADp7VuCXhjcaK28HjBVxW7KVrbEMEtrqqS1koNdJQdxzFPcppxsvfYKMF5HvdcImqZEFpNCS1kYeW9Z_OC5cRF9BN63mtnCehIzNb24lm3Jk75YuGoCDFCu66o5to9NPG-ciLcohXG1GT3yZdgk0AxmA49ZpCw-ggztALCaq4PSevPapKnY7-5lf1dkAeg8Raewpj4TNViTTh_6rdd5P7f6ZP_Degf7bb0522CABpLXtucrDYdEtFOJHPg7d7BHHdSJoYpDe090VuSZWup2sRv8N6ge5iwbHiQgF2F_3zyyR8mKrj6RTB0_YgEVRFTwvjF0Psj1xiAicvKzRtoOPUdOrq6sQYBKGPyRiJMi-ZT&sai=AMfl-YTeVxrAolfT_IQ8nU3eP9u5hFnTe4fg-7K4zaKXyPJOMeIqFrFT8PgE-i5r6xM-WtHlrhBedgbLooBFnGixQxWb5FBHoK6GNeT9WwJ42JWqH1zrROUupei5bAb6zLCYkE24YLF41qlTKqtIUxVDHF3KFtS1_uH3Y6PY1cdBGCaX4pAf7PZyr83UN39bmjVLP0CMFXCfFmw0RO11Zd1ZPxawQJkOq0wP8tj2By1s7NIffiedXAdcUcLGg8jMwZ9EqRmkFqoM4GhwwHPxxtW0tbZN80jepg&sig=Cg0ArKJSzIJn_pvKfZRFEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=284&cbvp=1&cstd=276&cisv=r20230614.57236&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 18 Jun 2023 06:56:05 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 18 Jun 2023 06:56:05 GMT
pixel
cm.g.doubleclick.net/ Frame D872
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEE2Z8DpWfIZzjGYTXSQ5xXY&google_cver=1&google_push=ATf1kGMpRPbv7ew6sCjJiaKY9-mIb9tGbP1778V1ExJoxM8UEEEw4H8AFUd5gVUELgcStzznhELokFtKYig4pO...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NTkxNjMzODcxODg5ODMxNg%3D%3D&google_push=ATf1kGMpRPbv7ew6sCjJiaKY9-mIb9tGbP1778V1ExJoxM8UEEEw4H8AFUd5gVUELgcStzznhELokFtKYig4pO6TQ6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NTkxNjMzODcxODg5ODMxNg%3D%3D&google_push=ATf1kGMpRPbv7ew6sCjJiaKY9-mIb9tGbP1778V1ExJoxM8UEEEw4H8AFUd5gVUELgcStzznhELokFtKYig4pO6TQ6XncbzVPhI5aw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071364820&bpp=1&bdt=250&idt=356&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5539729860041&frm=8&ife=1&pv=1&ga_vid=1046408892.1687071365&ga_sid=1687071365&ga_hid=1995667233&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2597333745&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31075054%2C44759837%2C31071755%2C31075304%2C31075308%2C44788441%2C44794790&oid=2&pvsid=652952707877614&tmod=1814655992&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8dc4e6frbiyq&fsb=1&dtd=361
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NTkxNjMzODcxODg5ODMxNg%3D%3D&google_push=ATf1kGMpRPbv7ew6sCjJiaKY9-mIb9tGbP1778V1ExJoxM8UEEEw4H8AFUd5gVUELgcStzznhELokFtKYig4pO6TQ6XncbzVPhI5aw
Date
Sun, 18 Jun 2023 06:56:05 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame D872
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMC2PUZ-_-kO0VwLx787YPE&google_cver=1&google_push=ATf1kGMtHrnMI6bX7iBiQDnqWW3iDdXvFXycmNy9RBjC8ZMHTUFT-zzQGSSi5FoukIK45Z7IRe2CnCZKeRRUvfxe8dEWZjm...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMtHrnMI6bX7iBiQDnqWW3iDdXvFXycmNy9RBjC8ZMHTUFT-zzQGSSi5FoukIK45Z7IRe2CnCZKeRRUvfxe8dEWZjmxN8t3FgM&google_hm=eS1ZbG8wSU1ORTJwRjl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMtHrnMI6bX7iBiQDnqWW3iDdXvFXycmNy9RBjC8ZMHTUFT-zzQGSSi5FoukIK45Z7IRe2CnCZKeRRUvfxe8dEWZjmxN8t3FgM&google_hm=eS1ZbG8wSU1ORTJwRjlEWngxaHRpbUFreUpXVEJYay5Wa35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071364820&bpp=1&bdt=250&idt=356&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5539729860041&frm=8&ife=1&pv=1&ga_vid=1046408892.1687071365&ga_sid=1687071365&ga_hid=1995667233&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2597333745&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31075054%2C44759837%2C31071755%2C31075304%2C31075308%2C44788441%2C44794790&oid=2&pvsid=652952707877614&tmod=1814655992&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8dc4e6frbiyq&fsb=1&dtd=361
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 18 Jun 2023 06:56:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMtHrnMI6bX7iBiQDnqWW3iDdXvFXycmNy9RBjC8ZMHTUFT-zzQGSSi5FoukIK45Z7IRe2CnCZKeRRUvfxe8dEWZjmxN8t3FgM&google_hm=eS1ZbG8wSU1ORTJwRjlEWngxaHRpbUFreUpXVEJYay5Wa35B
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame D872 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JTGtyeUCqXtsHjN1LmtXjHsvPHq90MFHF4qis
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071364820&bpp=1&bdt=250&idt=356&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5539729860041&frm=8&ife=1&pv=1&ga_vid=1046408892.1687071365&ga_sid=1687071365&ga_hid=1995667233&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2597333745&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31075054%2C44759837%2C31071755%2C31075304%2C31075308%2C44788441%2C44794790&oid=2&pvsid=652952707877614&tmod=1814655992&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8dc4e6frbiyq&fsb=1&dtd=361
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 0722
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDZfqyuwoU_4PnewgvzqDHA&google_cver=1&google_push=ATf1kGOXBplV9aYq8t3rUl6Fk9HCEa138YyQ7tBaGHzZmxfm5NBFzSupZBOXufqILzxo7cT6tKT_UaoJw3zgTsqC...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOXBplV9aYq8t3rUl6Fk9HCEa138YyQ7tBaGHzZmxfm5NBFzSupZBOXufqILzxo7cT6tKT_UaoJw3zgTsqC_GAQ_38sL4E
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOXBplV9aYq8t3rUl6Fk9HCEa138YyQ7tBaGHzZmxfm5NBFzSupZBOXufqILzxo7cT6tKT_UaoJw3zgTsqC_GAQ_38sL4E
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 18 Jun 2023 06:56:05 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x24 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOXBplV9aYq8t3rUl6Fk9HCEa138YyQ7tBaGHzZmxfm5NBFzSupZBOXufqILzxo7cT6tKT_UaoJw3zgTsqC_GAQ_38sL4E
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 18 Jun 2023 06:56:04 GMT
i.match
s.tribalfusion.com/z/ Frame 0722
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJfMZTrKTNjo9FL4k6gOG64&google_cver=1&google_push=ATf1kGP-L04sASClu63FsxP4wtXcpMUuXr5cxiJnGW-FhDYWoK1YyeYr0XVkFUkNDADwuM_ahI25kNWh1FymOvI8eWsIVBHYfqo&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJfMZTrKTNjo9FL4k6gOG64&google_cver=1&google_push=ATf1kGP-L04sASClu63FsxP4wtXcpMUuXr5cxiJnGW-FhDYWoK1YyeYr0XVkFUkNDADwuM_ahI25kNWh1FymOvI8eWsIVBHYfqo...
43 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJfMZTrKTNjo9FL4k6gOG64&google_cver=1&google_push=ATf1kGP-L04sASClu63FsxP4wtXcpMUuXr5cxiJnGW-FhDYWoK1YyeYr0XVkFUkNDADwuM_ahI25kNWh1FymOvI8eWsIVBHYfqo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP-L04sASClu63FsxP4wtXcpMUuXr5cxiJnGW-FhDYWoK1YyeYr0XVkFUkNDADwuM_ahI25kNWh1FymOvI8eWsIVBHYfqo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d91a1659c643a70-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
28
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJfMZTrKTNjo9FL4k6gOG64&google_cver=1&google_push=ATf1kGP-L04sASClu63FsxP4wtXcpMUuXr5cxiJnGW-FhDYWoK1YyeYr0XVkFUkNDADwuM_ahI25kNWh1FymOvI8eWsIVBHYfqo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP-L04sASClu63FsxP4wtXcpMUuXr5cxiJnGW-FhDYWoK1YyeYr0XVkFUkNDADwuM_ahI25kNWh1FymOvI8eWsIVBHYfqo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d91a1640a893a70-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0722
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAugksbeAbw3-zTIHoLEw58&google_cver=1&google_push=ATf1kGMVyrM5sBoZJpYWZi5imC0M3Gcl6Q8xmUwZV9U5JJYSdv_CpU4mhw0u1BKSHu7tOvDaWszr-757...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAugksbeAbw3-zTIHoLEw58&google_cver=1&google_push=ATf1kGMVyrM5sBoZJpYWZi5imC0M3Gcl6Q8xmUwZV9U5JJYSdv_CpU4mhw0u1BKSHu7tOvDaWsz...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjk3NDU4MDE2OTE4NTQ3NDc0Nw&google_push=ATf1kGMVyrM5sBoZJpYWZi5imC0M3Gcl6Q8xmUwZV9U5JJYSdv_CpU4mhw0u1BKSHu7tOvDaWszr-7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjk3NDU4MDE2OTE4NTQ3NDc0Nw&google_push=ATf1kGMVyrM5sBoZJpYWZi5imC0M3Gcl6Q8xmUwZV9U5JJYSdv_CpU4mhw0u1BKSHu7tOvDaWszr-757DZG-2slFBhPOh7nEKA
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjk3NDU4MDE2OTE4NTQ3NDc0Nw&google_push=ATf1kGMVyrM5sBoZJpYWZi5imC0M3Gcl6Q8xmUwZV9U5JJYSdv_CpU4mhw0u1BKSHu7tOvDaWszr-757DZG-2slFBhPOh7nEKA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0722
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDDnPK1sZNJvwAbCSJ5xudU&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDDnPK1sZNJvwAbCSJ5xudU&google_hm=ZI6qhWsrOhSQBRTpGvL7PAAAFJIAAAIB&google_nid=index&google_push=ATf1kGPokivEfVRHbD9hF9_wJgXCpoldl_ZmB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDDnPK1sZNJvwAbCSJ5xudU&google_hm=ZI6qhWsrOhSQBRTpGvL7PAAAFJIAAAIB&google_nid=index&google_push=ATf1kGPokivEfVRHbD9hF9_wJgXCpoldl_ZmBia0U6Kj7oTht5UMFFfkd_o3q248z9diP9NohOG9BIvBBKPtYVd-KMAKhZE2DQ
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Jun 2023 06:56:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDDnPK1sZNJvwAbCSJ5xudU&google_hm=ZI6qhWsrOhSQBRTpGvL7PAAAFJIAAAIB&google_nid=index&google_push=ATf1kGPokivEfVRHbD9hF9_wJgXCpoldl_ZmBia0U6Kj7oTht5UMFFfkd_o3q248z9diP9NohOG9BIvBBKPtYVd-KMAKhZE2DQ
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 0722
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
  • https://sync.targeting.unrulymedia.com/csync/RX-bf138026-ce02-4e53-a4ae-e7fc7e34c707-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGMvBFsLneLyyOyGLBkm4...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMvBFsLneLyyOyGLBkm4fvVAyUJ9x30_P2V6SKzsBCausopBZohgd20285iRHiE-GE-znBI29mgDkujWTMzudNveU_7VLg&google_hm=A78TgCbOAk5TpK7n_H40xwc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMvBFsLneLyyOyGLBkm4fvVAyUJ9x30_P2V6SKzsBCausopBZohgd20285iRHiE-GE-znBI29mgDkujWTMzudNveU_7VLg&google_hm=A78TgCbOAk5TpK7n_H40xwc
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMvBFsLneLyyOyGLBkm4fvVAyUJ9x30_P2V6SKzsBCausopBZohgd20285iRHiE-GE-znBI29mgDkujWTMzudNveU_7VLg&google_hm=A78TgCbOAk5TpK7n_H40xwc
date
Sun, 18 Jun 2023 06:56:05 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXbf138026ce024e53a4aee7fc7e34c707003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 0722
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEnNLBMEIKGLJF-NCWbmy8s&google_cver=1&google_push=ATf1kGMGdhMRWSlOIctZ2h6RAhe1_TN1SfoXXnnA78OpWwHKTGOa6b5XKVilhK8_s23P0GSC0NxVIsdPyAPQGB3nf0GWmp1tX2E
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGMGdhMRWSlOIctZ2h6RAhe1_TN1SfoXXnnA78OpWwHKTGOa6b5XKVilhK8_s23P0GSC0NxVIsdPyAPQGB3nf0GWmp1tX2E...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM2MzEyNzgwMTkxNTM5ODIyNzMzMg%3D%3D&google_push=ATf1kGMGdhMRWSlOIctZ2h6RAhe1_TN1SfoXXnnA78OpWwHKTGOa6b5X...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM2MzEyNzgwMTkxNTM5ODIyNzMzMg%3D%3D&google_push=ATf1kGMGdhMRWSlOIctZ2h6RAhe1_TN1SfoXXnnA78OpWwHKTGOa6b5XKVilhK8_s23P0GSC0NxVIsdPyAPQGB3nf0GWmp1tX2E
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM2MzEyNzgwMTkxNTM5ODIyNzMzMg%3D%3D&google_push=ATf1kGMGdhMRWSlOIctZ2h6RAhe1_TN1SfoXXnnA78OpWwHKTGOa6b5XKVilhK8_s23P0GSC0NxVIsdPyAPQGB3nf0GWmp1tX2E
date
Sun, 18 Jun 2023 06:56:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 0722 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMdU0SUdsqaHnp0xcchU4t8&google_cver=1&google_push=ATf1kGOj_juvv-4qWAWyKyggkeSwonpOhlevszP9ZaiyKP2zbYucmNVqpT-fuOeg8krtWEsb1SEjrQ5DAemxJiZ5d20hlo9KqME
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 0722 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K6qIgwL1TqCSlXeE_ajnbDuTPwKRyNyg2aEjRS41xwQd4AV_Uozg10Hfy9D7vx0EEYkuN3
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame ECAD 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1687071363658&userId=vnetdb434659-d2e9-4998-bd13-077019ab973e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 18 Jun 2023 06:56:06 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
styles.css
s0.2mdn.net/sadbundle/16829948873192997814/css/ Frame 5580 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16829948873192997814/css/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=u0LdbCMWet&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce3cf09c371f16e84cd9db5935613c3c8eeb5b5cf14511fa484818c7282cf5fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=u0LdbCMWet&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 15:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1606
x-xss-protection
0
last-modified
Fri, 12 May 2023 09:19:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Jun 2024 15:09:29 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 5580 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=u0LdbCMWet&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=u0LdbCMWet&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 20:55:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 20:55:29 GMT
overlay.png
s0.2mdn.net/sadbundle/16829948873192997814/img/ Frame 5580 		95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16829948873192997814/img/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=u0LdbCMWet&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=u0LdbCMWet&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 19:24:52 GMT
x-content-type-options
nosniff
age
473473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
x-xss-protection
0
last-modified
Fri, 12 May 2023 09:19:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jun 2024 19:24:52 GMT
logo.svg
s0.2mdn.net/sadbundle/16829948873192997814/img/ Frame 5580 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16829948873192997814/img/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=u0LdbCMWet&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb8b1178b759a87b00aa44abf1019c82e9df19b6059f1761c4646b3d470a7f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=u0LdbCMWet&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 19:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473474
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2339
x-xss-protection
0
last-modified
Fri, 12 May 2023 09:19:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jun 2024 19:24:52 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5580 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=u0LdbCMWet&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=u0LdbCMWet&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 06:56:05 GMT
truncated
/ Frame CB20 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a22f1ee12d1ed2bc67689df2690860340fd42776502ada33084a412bd06cd819

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 5C65
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAX5YypGgXFUoB6ErNrBMxY&google_cver=1&google_push=ATf1kGNN_RbhgDQh3iESnojKVQ3AxWhH5jQwCU_o41wV08mEqbf9Vx98dZ...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNN_RbhgDQh3iESnojKVQ3AxWhH5jQwCU_o41wV08mEqbf9Vx98dZ0raNNTvqjlmHeLGZINzxXR2B28zYNCBkL3mBLgeEzi&google_hm=rW9ZxbGCbHkM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNN_RbhgDQh3iESnojKVQ3AxWhH5jQwCU_o41wV08mEqbf9Vx98dZ0raNNTvqjlmHeLGZINzxXR2B28zYNCBkL3mBLgeEzi&google_hm=rW9ZxbGCbHkMoGH1XXLZXg
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNN_RbhgDQh3iESnojKVQ3AxWhH5jQwCU_o41wV08mEqbf9Vx98dZ0raNNTvqjlmHeLGZINzxXR2B28zYNCBkL3mBLgeEzi&google_hm=rW9ZxbGCbHkMoGH1XXLZXg
pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 5C65 		0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEE36P5MTScbXZI5jCIhgHL4&google_cver=1&google_push=ATf1kGNAwJyC9W4CjOdfT39P1yYpDTrh87R_-IGyIY8tkUR1MdQGdzUWHu-coTCsY6fCtfgKqRywvC-_KmPS2odEMQDLElub2T-l
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 5C65
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAuOO25-swTw6z_WyAP-xo8&google_push=ATf1kGNe-a8B9uGtROOMOr15GUG2G5f4DT3B7f1QEwk5hAouTpyJaXzBQL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAuOO25-swTw6z_WyAP-xo8&google_push=ATf1kGNe-a8B9uGtROOMOr15GUG2G5f4DT3B7f1QEwk5hAouTpyJaXzBQLW6yBr8QzPK8mluYyLUxgVmSGMaAzHa_5NM7FdvzU9d
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230053-FRA
pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1687071366.838339,VS0,VE95
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAuOO25-swTw6z_WyAP-xo8&google_push=ATf1kGNe-a8B9uGtROOMOr15GUG2G5f4DT3B7f1QEwk5hAouTpyJaXzBQLW6yBr8QzPK8mluYyLUxgVmSGMaAzHa_5NM7FdvzU9d
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 5C65
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEI0V4cvf-SndHxILSmjrftw&google_cver=1&google_push=ATf1kGMQZDr1SfV80Hfh-eHWs75yvdiuxWHgJxbhr90e_Sk8ZiD_xAkq06D2hPNn1t19b_t5QIWAYqRqUdq...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMQZDr1SfV80Hfh-eHWs75yvdiuxWHgJxbhr90e_Sk8ZiD_xAkq06D2hPNn1t19b_t5QIWAYqRqUdqxYO8VvdyHlfJIbGQi&google_hm=N-4om8WqSVWdAJ7eY_pUCLU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMQZDr1SfV80Hfh-eHWs75yvdiuxWHgJxbhr90e_Sk8ZiD_xAkq06D2hPNn1t19b_t5QIWAYqRqUdqxYO8VvdyHlfJIbGQi&google_hm=N-4om8WqSVWdAJ7eY_pUCLU
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:04 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMQZDr1SfV80Hfh-eHWs75yvdiuxWHgJxbhr90e_Sk8ZiD_xAkq06D2hPNn1t19b_t5QIWAYqRqUdqxYO8VvdyHlfJIbGQi&google_hm=N-4om8WqSVWdAJ7eY_pUCLU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame 5C65 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBRyn-GRTVptTReFRCcRlis&google_cver=1&google_push=ATf1kGN5QNnDYADdQC123rdF7GGZ4ag1VeFXON4SUg-hsSUAg2dqdn33_5XyD-15D_Dzx7W4FkEbSWez7l9Vp1d6SS9hVAT6V7ap
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5C65
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOjj9OwUfPgVSXVhzqVixpY&google_cver=1&google_push=ATf1kGNf87VkZv0KEstMYYqKbIqGidQQzOKKJOkLC0FBtRKqeGZgm0TWsNDmyyPKAhwnwsBsBZ...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOjj9OwUfPgVSXVhzqVixpY&google_cver=1&google_push=ATf1kGNf87VkZv0KEstMYYqKbIqGidQQzOKKJOkLC0FBtRKqeGZgm0TWsNDmyyPKAhwnwsBsBZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ZTnFZN2xSRTJ1RzB4MXI1NkVhdFlKUFZBSnh1WU9oc35B&google_push=ATf1kGNf87VkZv0KEstMYYqKbIqGidQQzOKKJOkLC0FBtRKqeGZgm0TWs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ZTnFZN2xSRTJ1RzB4MXI1NkVhdFlKUFZBSnh1WU9oc35B&google_push=ATf1kGNf87VkZv0KEstMYYqKbIqGidQQzOKKJOkLC0FBtRKqeGZgm0TWsNDmyyPKAhwnwsBsBZ5FmpIpbFDbGvEFahF0vCr02I7wig
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ZTnFZN2xSRTJ1RzB4MXI1NkVhdFlKUFZBSnh1WU9oc35B&google_push=ATf1kGNf87VkZv0KEstMYYqKbIqGidQQzOKKJOkLC0FBtRKqeGZgm0TWsNDmyyPKAhwnwsBsBZ5FmpIpbFDbGvEFahF0vCr02I7wig
date
Sun, 18 Jun 2023 06:56:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0.gif
id5-sync.com/i/495/ Frame 5C65
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEON7oMQ51VKB5qLK6SC06IU&google_cver=1&google_push=ATf1kGNqrllzXv7uBYDFPPj4gLKWPgyj47nRiG6AlbKI7pLcQuJqIuiFztyy99HffEEmLvDeZOc9fYp7sX8GJurbSNp4zGk7ONrsig
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNqrllzXv7uBYDFPPj4gLKWPgyj47nRiG6AlbKI7pLc...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNqrllzXv7uBYDFPPj4gLKWPgyj47nRiG6AlbKI7pLcQuJqIuiFztyy99HffEEmLvDeZOc9fYp7sX8GJurbSNp4zGk7ONrsig
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
141.95.98.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sun, 18 Jun 2023 06:56:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNqrllzXv7uBYDFPPj4gLKWPgyj47nRiG6AlbKI7pLcQuJqIuiFztyy99HffEEmLvDeZOc9fYp7sX8GJurbSNp4zGk7ONrsig
x-download-options
noopen
vary
Accept
content-length
273
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 5C65 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDircI_x_1Ej0EZaGWIlXs12xM3k-HV10M6KEEtNtyPGccBctEhF8cL4bUfM1-WVoZVZQpsIM
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3AB1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
234560
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 13:46:45 GMT
expires
Fri, 14 Jun 2024 13:46:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CC00 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
234560
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 13:46:45 GMT
expires
Fri, 14 Jun 2024 13:46:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
styles.css
s0.2mdn.net/sadbundle/9170381621892120779/css/ Frame 9538 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=P34UEfdXpJ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
101470fcde40e5ad29c691a0cc4276b7e311972a8e02a684f19db29fd4698645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=P34UEfdXpJ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 10:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71832
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1483
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jun 2024 10:58:53 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 9538 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=P34UEfdXpJ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=P34UEfdXpJ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85039
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 07:18:46 GMT
overlay.png
s0.2mdn.net/sadbundle/9170381621892120779/img/ Frame 9538 		95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/img/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=P34UEfdXpJ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=P34UEfdXpJ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 08:27:52 GMT
x-content-type-options
nosniff
age
253694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Jun 2024 08:27:52 GMT
logo.svg
s0.2mdn.net/sadbundle/9170381621892120779/img/ Frame 9538 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/img/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=P34UEfdXpJ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=P34UEfdXpJ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 08:27:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2563
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Jun 2024 08:27:52 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9538 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=P34UEfdXpJ&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=P34UEfdXpJ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 06:56:05 GMT
styles.css
s0.2mdn.net/sadbundle/7493198391404092334/css/ Frame 7B3B 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=0RTqzJl6OX&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2429c9dd60bbe0eeab4fb4322667db2a3566125b4a1d772c488381de05b9e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=0RTqzJl6OX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 17:14:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49299
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1446
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jun 2024 17:14:26 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 7B3B 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=0RTqzJl6OX&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=0RTqzJl6OX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85039
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 07:18:46 GMT
overlay.png
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame 7B3B 		95 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/img/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=0RTqzJl6OX&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=0RTqzJl6OX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 07:44:55 GMT
x-content-type-options
nosniff
age
83471
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jun 2024 07:44:55 GMT
logo.svg
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame 7B3B 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/img/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=0RTqzJl6OX&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=0RTqzJl6OX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 00:15:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369656
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2563
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 00:15:10 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 7B3B 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=0RTqzJl6OX&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=0RTqzJl6OX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 06:56:05 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 67CE 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2850
x-guploader-uploadid
ADPycduTog6A2JPifmWwDYui9vUCCU5W1ZNEVFDzlBRMT9l9xNdgptaa0KpBuLLbjaWfVX7sXot7cGI-Oc2HEQNQ3r-JUA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FKbuZnApKFyDQgdQ6NyGp8UTGYuxypeSm%2FgtzpCX8Ie%2FCBLJpdYvnx5eXAnngULkYr5ikpXiKeELOV1IVCgFOBVyWgKTXDig%2BIN1Aa4q2cQyZ%2B25sHkK1oMZ26CCxrJfOeG69%2F%2BRb%2FiYmQURswdXGzr"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7d91a164ae699171-FRA
expires
Sun, 18 Jun 2023 06:18:39 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame D379 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Origin
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 10:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 10:17:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame D379 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1352960/70224155/xbbe/creative/adj?p=APEucNV5R-1VLo0ulRLnGoAN6JJrQkFa8Lc1qpZm6lLqZv0TG194hjA&d=CokBAKAmf-AA0WJKlNtc-vwEh6Z8xlkR0f62MmlOGos5ZNJ28Bo4rAKF8vKSa8KKiy1NcDMYkF_L6DZLbWG7HLU4ZZoEGDXFrYTt4z6no8IwZFLJZ0IKk0jGKKCAM8JKe7HPBDbH5d4lff8BP984sGA0xq1E17sSaowOSjy81B_zbth-3bi54FqssXQS2RQAoCZ_4JXMTyQkXr9PYmlCS_-aqdxw97JEqFM3k6VKUNKErMYDaaQppRP8HpADTWxBeHKlKcw_vSWqrYotzB392T_iZ_YuGh0Ut76DxkvFaTOePW8Z84Mzwe3E9wxk3DnAfhD6Rx2yRhVAsifxCLEsZR_U3BpGnB7a84k2iG2Ub0JKE8CRgvTHTqrw0dN9GXWDBQvk0bSNbZWY-eGY4bc7NHYfmneqKGGJvUr9xk1yvcDTExjKTTD3EtOysUyu43rFwAwjgIt8wcnmbeG0wuWXmp17ogQ7O4OL0uBItwJit1CIHO01tWaEkWFOO8wnQGrzlWko4e7P-kn7UoQf3HPhvvggFxYjIxrcJTyk_RVUjlftUcX9OlecjtOFFnqKdMnunEgXTXaAk1RGOnNUD3q5IhUWotgx3o8aIhElRSCFnFwagCVAJbPS9UXTZvkF3ly3sh-4MmtwRs4ILXn5R8HE1uBUmvlB9LMUrLbabn8wEXAxolCc19DaAHC4ptxDpV0NZzkNyny6FGHdCTxOMiUjHmiCZLL0qo2AlqUJM0NJsCmpV4fCTU56sc-DngyZWIPwqSseT9Pu2eZvk6BxylTWMiXX-G5t6rbCG_LCElDjYrTZweOMSrC4reV4LqjLFC2skD66stF6jlG9fxA2yrd8rT0GrlP3O4qwWS6rfvhkAKBz9fTUFqEtEomTl16X53LGymWjFtWEfG439qej0O3Z8vvoVynDj6rOms1ayNtTa9CDlSHBYSNWkzgPwYuN7le9fVYS5WqimqPwlXxk9Kz-JRDMSgWcpLS07AyXmoFE4ck3cBt3jB4sBr06G55nbdPzkztms1FGlc3F0Q-JvRBOWqoIgVZRMnrFfvNDJD7Z6DRGDLaclB6zcvEeqM1eeU4c7qpKbc1Hw1VRKjCK_ocmYe5SZ2QcA3Ur9WSaHkCxeUT_4NVC966BU-X9Kf_D8O5oA9Tx0osG_IUuhXl5--56kPYkw1RQsgkdR_orP9SYSyVCoJgKwLM6C3eKkOw3PYFVauk3m6ECB3oV1-GkXhaZTJunUM8LGtAhVMok1Jbv5Y8SUu7vLmSugsJAhhGH-24slCfx5g9tBLIw71HR4bJlvqGT3ETIquDo0vAfpxdfjMVX2DvUB1lKT2qO6j5kdtxfcXWb974UCBIK0Xc6M0ckos9ZrAktaMqpMlXftb-ECKZPWUKHLPvWEUeqDza7bzzifHkSm2yADwV5GiItnDFfvAPvDirNhPUNJc6lARatjoka6kVuIOkbeseRm8u6K5OS6vg_BmseidXYijENyNgB4rybw2j-4WHC2IvZjdJcYjQOCr2Afj-rmZ6SS1LARRu1PwhHWWSwmGUWArsRfTZU4D5wEO--4G9zWoiF3bXoDK4im1Ews5qxPrIw2_Ik-WfT5OFJJB5ZdqL990njtotCC9dN_kIIbw3a_VxfzYu7slxnl0e7OZHQiJ_FxtNhcCzh1VS0nxIf1OatldeGySSLtqiLYLkKJqs0SB077DGDNa8z5ouvGskVNsYI52UYAsPfx7xLIvpY_dStJTuu7w0Z23A1CBuHq0GVAx7cqSGk6OGgQtncRQwhKo5YJE23NhXTSU0PiKL1TDK9UDe3DbiRdVDaEa0Wmt1BJ7YOKUmv3WBYEZ5oIVp9xI7EoPAd5VybTeKxBAALOZfk3QUIdK3vM3Z3W7tgCzP1n1u_DGPSeDzEvDeU6xWb303i7Kc-uN-yORnKOnHpYQxDIlGYWuAhHpgbWBi6bRiKunyNq4o5a-59duhgE0WnHu9gnj6DlXuD9jeLIPut-n3CWHRlsVldJffjHK-GiQ3mhilWnoK9cPw9Cdnf4t4Tk933uBmpPDtrWvWwfHN2Pd3FAzv5_RvYz34wDJNKkVv60Kpk8uRlgQePmQ2ygG3foH6bD8xl9yD9rI4tijXEDEITz7-ufXj-uwSm0uyqRMq5OIBbYpQ2Ig1_7Xteh1N3w69qcRGtgbseyaoPXpJ4bETu511h8UvLfQ44AdmLMi3un930IqqphDIWRobJEGU2q0THBRlhUIs_4jDG9aJS0IDo7V3o91WLLwaodjQ5atgH5H3TqQmdth6p6Z5nsrN2-cG6plmYVTDD9anxcLzNJ3aU7CnBFk_dGYbBgU4BpzrioIZgrPP2-3XlpLVEXIvk-y3il2oMwTTMEc5l_hS5SWQaHUh28yT1Re3f0s5mMJo239pVbXbAu6RorSBWpvuPQLJI9DSjGfjLE7c3Mcwd8CFDUgGB50rXsJ_v-4CPMG5vOWOGy6SByciLKtexRtm3cbK8tcRZOi3EVlgIoKGLh1eoFD3SZ6OBwbC4EGEKGDOS7hk9W7dSuiyA6NZVjjpRqnXc12JGBxS4yImaNZm53hgBTLErJFPF3HYUllbkvuA4qnWNe_cu12nnxUyFDHQalh5RkwgY91ajUAw9Lan6qtE7YXfXXBJsGDdLayMPQMRXFWMBMiVj67g5ved-NH6wAmeFSVY5RrA7GkbLp85gnEgTySPF5BQkBXkiHeVUeG_vjVVfVB1-XktlFA8rXC1FX69tYl-qHVArcPw_5Cb3R8hcbierlk2730RQ_kDoQd6JFLp1J_uoUoC5NLyuSyV48QxiVm-4RPGb7OaitLJ08SFUTLzxkdmzvuQh82l-CzwsgpVOoRtAeBT0MLe5mPDD_C2e8HvtaxcsUSHuk21VujiQmb1gTekBQEG7m7Z_ndoLBe8NKT62k8f670yIJ0g_-pg-7w6TQFHTy1pV_IYXx-E5ZIgExcNZVTUc2S4sAODu97UbzERD_Zg5gpGqmsf3-XE1ESO3wbW70uAHodx4KIRWkISN1CCHju_DfL3xRaGi6nC2HjfLXTQ95l7xvrR49d2RFldJIqptLXR1e4K-2BH2KpEhrHqsAmwJNbEADA_y08bl1D-KxONDQE3wEAJ5A53R5NRO2OydCHdUEnXSwUQL6-d93D9J5ULcxlk-7PVeLc4-B7RxA7RHIQbZQl2LuwFvEH-9bn3IgkqmioVm60TPBylh89dj_G_-spJlnlHwR2pHQnPVM0JHvUja3NNFqiUjDCnk3_XC5BSJ6fB0VZhZ5scbb1PozyWas8nLdvvc0BB2iU1D_f4sj67w9mKJkZgrU4VP92FvD5WBrxgC4jDuHzsjW-4Bu16TrUFTaTznk_bFPBooC_DmacqpqLPop3XJhAjvMUXHazPgwtZA_3BuwD0ZRTnWZKdqLHxCeyTig083V9D0bYunW0Vyi5Tk7f6ItNMQ4wPNv6Mv-UF7tAkolXVBc7uSdvZWmDyaL89u5c2IK0NvrfPav8KOedJuikDUlVyz3KAIka7Ivl3dH7CHwpfcF1zl9j2ZPRaKZs9BTqPtcX-lM2yVy8-sBx19gDaPtPV1h7ZI_qcBFw1-xs-S07tobG2sdDdmJrnUhbKEzvfCuqvRS_Eq6kBNYx-fFMWuYSnNNTA6jzA6CSSS9z1rub1WFcrRARB0mNr-6dzgqYmw6TmhqQ45FXI043Z4HvMABhs9cWJk4NDkqRYLxr4aQQgEEjsAcoEIgzkCSrefJFjOJmxELIBBdarK4F7ttdmXB7wq_we5rlqkg1EeFKN1X0Hf1hzZ7o4VeACKQhNmERgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782784300&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hZ42Vj_-1OS9iBr7PyWDkh&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:fad760d5-2e86-7595-3518-0899658ca0c6,c:fS13gy,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c5d9cf586-zwt4z,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tHvRwfr+111%7C112%7C113%7C114%7C115%7C1161%7C1171%7C11721%7C11722%7C1181%7C1182%7C119%7C11a1%7C11b*.1352960-70224155%7C11b1%7C11c1%7C11d%7C11e,idMap:11b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:34,oid:31bbccb7-0da5-11ee-a4d7-d2f695fd943d,v:19.8.417,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 17:40:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
47740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
5499578052516643378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 17:40:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame D379 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1352960/70224155/xbbe/creative/adj?p=APEucNV5R-1VLo0ulRLnGoAN6JJrQkFa8Lc1qpZm6lLqZv0TG194hjA&d=CokBAKAmf-AA0WJKlNtc-vwEh6Z8xlkR0f62MmlOGos5ZNJ28Bo4rAKF8vKSa8KKiy1NcDMYkF_L6DZLbWG7HLU4ZZoEGDXFrYTt4z6no8IwZFLJZ0IKk0jGKKCAM8JKe7HPBDbH5d4lff8BP984sGA0xq1E17sSaowOSjy81B_zbth-3bi54FqssXQS2RQAoCZ_4JXMTyQkXr9PYmlCS_-aqdxw97JEqFM3k6VKUNKErMYDaaQppRP8HpADTWxBeHKlKcw_vSWqrYotzB392T_iZ_YuGh0Ut76DxkvFaTOePW8Z84Mzwe3E9wxk3DnAfhD6Rx2yRhVAsifxCLEsZR_U3BpGnB7a84k2iG2Ub0JKE8CRgvTHTqrw0dN9GXWDBQvk0bSNbZWY-eGY4bc7NHYfmneqKGGJvUr9xk1yvcDTExjKTTD3EtOysUyu43rFwAwjgIt8wcnmbeG0wuWXmp17ogQ7O4OL0uBItwJit1CIHO01tWaEkWFOO8wnQGrzlWko4e7P-kn7UoQf3HPhvvggFxYjIxrcJTyk_RVUjlftUcX9OlecjtOFFnqKdMnunEgXTXaAk1RGOnNUD3q5IhUWotgx3o8aIhElRSCFnFwagCVAJbPS9UXTZvkF3ly3sh-4MmtwRs4ILXn5R8HE1uBUmvlB9LMUrLbabn8wEXAxolCc19DaAHC4ptxDpV0NZzkNyny6FGHdCTxOMiUjHmiCZLL0qo2AlqUJM0NJsCmpV4fCTU56sc-DngyZWIPwqSseT9Pu2eZvk6BxylTWMiXX-G5t6rbCG_LCElDjYrTZweOMSrC4reV4LqjLFC2skD66stF6jlG9fxA2yrd8rT0GrlP3O4qwWS6rfvhkAKBz9fTUFqEtEomTl16X53LGymWjFtWEfG439qej0O3Z8vvoVynDj6rOms1ayNtTa9CDlSHBYSNWkzgPwYuN7le9fVYS5WqimqPwlXxk9Kz-JRDMSgWcpLS07AyXmoFE4ck3cBt3jB4sBr06G55nbdPzkztms1FGlc3F0Q-JvRBOWqoIgVZRMnrFfvNDJD7Z6DRGDLaclB6zcvEeqM1eeU4c7qpKbc1Hw1VRKjCK_ocmYe5SZ2QcA3Ur9WSaHkCxeUT_4NVC966BU-X9Kf_D8O5oA9Tx0osG_IUuhXl5--56kPYkw1RQsgkdR_orP9SYSyVCoJgKwLM6C3eKkOw3PYFVauk3m6ECB3oV1-GkXhaZTJunUM8LGtAhVMok1Jbv5Y8SUu7vLmSugsJAhhGH-24slCfx5g9tBLIw71HR4bJlvqGT3ETIquDo0vAfpxdfjMVX2DvUB1lKT2qO6j5kdtxfcXWb974UCBIK0Xc6M0ckos9ZrAktaMqpMlXftb-ECKZPWUKHLPvWEUeqDza7bzzifHkSm2yADwV5GiItnDFfvAPvDirNhPUNJc6lARatjoka6kVuIOkbeseRm8u6K5OS6vg_BmseidXYijENyNgB4rybw2j-4WHC2IvZjdJcYjQOCr2Afj-rmZ6SS1LARRu1PwhHWWSwmGUWArsRfTZU4D5wEO--4G9zWoiF3bXoDK4im1Ews5qxPrIw2_Ik-WfT5OFJJB5ZdqL990njtotCC9dN_kIIbw3a_VxfzYu7slxnl0e7OZHQiJ_FxtNhcCzh1VS0nxIf1OatldeGySSLtqiLYLkKJqs0SB077DGDNa8z5ouvGskVNsYI52UYAsPfx7xLIvpY_dStJTuu7w0Z23A1CBuHq0GVAx7cqSGk6OGgQtncRQwhKo5YJE23NhXTSU0PiKL1TDK9UDe3DbiRdVDaEa0Wmt1BJ7YOKUmv3WBYEZ5oIVp9xI7EoPAd5VybTeKxBAALOZfk3QUIdK3vM3Z3W7tgCzP1n1u_DGPSeDzEvDeU6xWb303i7Kc-uN-yORnKOnHpYQxDIlGYWuAhHpgbWBi6bRiKunyNq4o5a-59duhgE0WnHu9gnj6DlXuD9jeLIPut-n3CWHRlsVldJffjHK-GiQ3mhilWnoK9cPw9Cdnf4t4Tk933uBmpPDtrWvWwfHN2Pd3FAzv5_RvYz34wDJNKkVv60Kpk8uRlgQePmQ2ygG3foH6bD8xl9yD9rI4tijXEDEITz7-ufXj-uwSm0uyqRMq5OIBbYpQ2Ig1_7Xteh1N3w69qcRGtgbseyaoPXpJ4bETu511h8UvLfQ44AdmLMi3un930IqqphDIWRobJEGU2q0THBRlhUIs_4jDG9aJS0IDo7V3o91WLLwaodjQ5atgH5H3TqQmdth6p6Z5nsrN2-cG6plmYVTDD9anxcLzNJ3aU7CnBFk_dGYbBgU4BpzrioIZgrPP2-3XlpLVEXIvk-y3il2oMwTTMEc5l_hS5SWQaHUh28yT1Re3f0s5mMJo239pVbXbAu6RorSBWpvuPQLJI9DSjGfjLE7c3Mcwd8CFDUgGB50rXsJ_v-4CPMG5vOWOGy6SByciLKtexRtm3cbK8tcRZOi3EVlgIoKGLh1eoFD3SZ6OBwbC4EGEKGDOS7hk9W7dSuiyA6NZVjjpRqnXc12JGBxS4yImaNZm53hgBTLErJFPF3HYUllbkvuA4qnWNe_cu12nnxUyFDHQalh5RkwgY91ajUAw9Lan6qtE7YXfXXBJsGDdLayMPQMRXFWMBMiVj67g5ved-NH6wAmeFSVY5RrA7GkbLp85gnEgTySPF5BQkBXkiHeVUeG_vjVVfVB1-XktlFA8rXC1FX69tYl-qHVArcPw_5Cb3R8hcbierlk2730RQ_kDoQd6JFLp1J_uoUoC5NLyuSyV48QxiVm-4RPGb7OaitLJ08SFUTLzxkdmzvuQh82l-CzwsgpVOoRtAeBT0MLe5mPDD_C2e8HvtaxcsUSHuk21VujiQmb1gTekBQEG7m7Z_ndoLBe8NKT62k8f670yIJ0g_-pg-7w6TQFHTy1pV_IYXx-E5ZIgExcNZVTUc2S4sAODu97UbzERD_Zg5gpGqmsf3-XE1ESO3wbW70uAHodx4KIRWkISN1CCHju_DfL3xRaGi6nC2HjfLXTQ95l7xvrR49d2RFldJIqptLXR1e4K-2BH2KpEhrHqsAmwJNbEADA_y08bl1D-KxONDQE3wEAJ5A53R5NRO2OydCHdUEnXSwUQL6-d93D9J5ULcxlk-7PVeLc4-B7RxA7RHIQbZQl2LuwFvEH-9bn3IgkqmioVm60TPBylh89dj_G_-spJlnlHwR2pHQnPVM0JHvUja3NNFqiUjDCnk3_XC5BSJ6fB0VZhZ5scbb1PozyWas8nLdvvc0BB2iU1D_f4sj67w9mKJkZgrU4VP92FvD5WBrxgC4jDuHzsjW-4Bu16TrUFTaTznk_bFPBooC_DmacqpqLPop3XJhAjvMUXHazPgwtZA_3BuwD0ZRTnWZKdqLHxCeyTig083V9D0bYunW0Vyi5Tk7f6ItNMQ4wPNv6Mv-UF7tAkolXVBc7uSdvZWmDyaL89u5c2IK0NvrfPav8KOedJuikDUlVyz3KAIka7Ivl3dH7CHwpfcF1zl9j2ZPRaKZs9BTqPtcX-lM2yVy8-sBx19gDaPtPV1h7ZI_qcBFw1-xs-S07tobG2sdDdmJrnUhbKEzvfCuqvRS_Eq6kBNYx-fFMWuYSnNNTA6jzA6CSSS9z1rub1WFcrRARB0mNr-6dzgqYmw6TmhqQ45FXI043Z4HvMABhs9cWJk4NDkqRYLxr4aQQgEEjsAcoEIgzkCSrefJFjOJmxELIBBdarK4F7ttdmXB7wq_we5rlqkg1EeFKN1X0Hf1hzZ7o4VeACKQhNmERgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782784300&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hZ42Vj_-1OS9iBr7PyWDkh&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:fad760d5-2e86-7595-3518-0899658ca0c6,c:fS13gy,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c5d9cf586-zwt4z,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tHvRwfr+111%7C112%7C113%7C114%7C115%7C1161%7C1171%7C11721%7C11722%7C1181%7C1182%7C119%7C11a1%7C11b*.1352960-70224155%7C11b1%7C11c1%7C11d%7C11e,idMap:11b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:34,oid:31bbccb7-0da5-11ee-a4d7-d2f695fd943d,v:19.8.417,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 17:40:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
47740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11316
x-xss-protection
0
server
cafe
etag
309758756414748794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Jul 2023 17:40:25 GMT
ping
pagead2.googlesyndication.com/pagead/ Frame 6AD4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
skeleton.js
static.adsafeprotected.com/ Frame E2F4
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1484055/72040524/skeleton.js?ias_dspID=64&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_typ...
  • https://static.adsafeprotected.com/skeleton.js
17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2600:9000:225b:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
13230256
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
g_DufgsTAQUuUhGvdABfu3SjYq_AlUiHUt0vKDLN7WjdU0B-GmfI2g==

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
server
nginx
x-server-name
app12.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame A9C0 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
23296789
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
SQ9P2bdOROlu0TJO0eXFFgqpQhTr-HsX00jfyC84F-qHVHHRdameKA==
dv-measurements3886.js
cdn.doubleverify.com/ Frame E989 		534 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3886.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
f74a971771bbed56a13238f100e81152d4e14e3efb0a3da5772340955160f5d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sun, 18 Jun 2023 06:56:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 06:22:01 GMT
Server
UploadServer
ETag
"4bc7e362cab7f510577e8cd49ba8f796"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
103299
Expires
Wed, 05 Jun 2024 06:22:07 GMT
frame.html
ad4m.at/ Frame C048 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
115964
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7d91a1652ef718c5-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sun, 18 Jun 2023 06:56:05 GMT
expires
Thu, 08 Jun 2023 00:41:56 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFkLhEh8UOKtRhAmJftjJX%2Fg30GKZc7HW5rCcD%2BTGOaAwo6A2%2FrEXTgK3%2BNaL0dl2%2FbLiXEpLYtSy%2BmxB%2FuEWs7OPmzPQy%2BFfEmmhG5aznkHCN%2BMl6UXKVgd0CqNNYkcaCGH0NM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BFE6 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63415
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 13:19:10 GMT
etag
48472445140208031
expires
Sun, 18 Jun 2023 13:19:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D379 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9101720b593b89b811e53673543084fff4dff6e152241aaaeb167b185115f3cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame E2F4 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1484055&asId=a1216a5e-dc28-6f4e-f299-f0ff97eff4c4&tv=%7Bc:fS13oi,pingTime:-3,time:455,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:350%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:456,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:349,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B131~0%5D,as:%5B131~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHvRwgn+111%7C112%7C113%7C114%7C115%7C1161%7C1171%7C11721%7C11722%7C118*.1484055-72040524%7C1181%7C1182%7C1183%7C1184%7C119%7C11a1%7C11a2%7C11a3%7C11a4%7C11b1%7C11b2%7C11b3%7C11c1%7C11c2%7C11c3%7C11c4%7C11d%7C11e,idMap:118*,rmeas:1,rend:0,renddet:na,siq:351%7D&br=c
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:f77:9d61:9942:8164 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame E2F4 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1484055&asId=a1216a5e-dc28-6f4e-f299-f0ff97eff4c4&tv=%7Bc:fS13oj,pingTime:-6,time:456,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:457,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:349,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B132~0%5D,as:%5B132~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHvRwgn+111%7C112%7C113%7C114%7C115%7C1161%7C1171%7C11721%7C11722%7C118*.1484055-72040524%7C1181%7C1182%7C1183%7C1184%7C119%7C11a1%7C11a2%7C11a3%7C11a4%7C11b1%7C11b2%7C11b3%7C11c1%7C11c2%7C11c3%7C11c4%7C11d%7C11e,idMap:118*,rmeas:1,rend:0,renddet:na,siq:351%7D&tpiLookup=ao:pcloak.blob.core.windows.net*%2Cye-mek.net*&br=c
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:f77:9d61:9942:8164 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame 2105 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 10:41:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
159274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 10:41:32 GMT
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame D7E1 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 10:41:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
159274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 10:41:32 GMT
FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/16829948873192997814/fonts/ Frame 5580 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16829948873192997814/fonts/FordAntennaCondMedium.subline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16829948873192997814/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16829948873192997814/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 19:24:59 GMT
x-content-type-options
nosniff
age
473467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13336
x-xss-protection
0
last-modified
Fri, 12 May 2023 09:19:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jun 2024 19:24:59 GMT
FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/16829948873192997814/fonts/ Frame 5580 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16829948873192997814/fonts/FordAntennaBlack.headline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16829948873192997814/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16829948873192997814/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 07:39:51 GMT
x-content-type-options
nosniff
age
170175
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11876
x-xss-protection
0
last-modified
Fri, 12 May 2023 09:19:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Jun 2024 07:39:51 GMT
FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/16829948873192997814/fonts/ Frame 5580 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16829948873192997814/fonts/FordAntennaRegular.legal.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16829948873192997814/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16829948873192997814/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 19:24:59 GMT
x-content-type-options
nosniff
age
473467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14468
x-xss-protection
0
last-modified
Fri, 12 May 2023 09:19:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jun 2024 19:24:59 GMT
dt
dt.adsafeprotected.com/ Frame E2F4 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1484055&asId=a1216a5e-dc28-6f4e-f299-f0ff97eff4c4&tv=%7Bc:fS13oW,pingTime:-2,time:495,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:552,bdZ:585,beA:804,beZ:805,mfA:1126,cmA:1127,inA:1127,inZ:1131,prA:1131,prZ:1149,si:1154,poA:1155,poZ:1170,cmZ:1170,mfZ:1170,loA:1260,loZ:1262,ltA:1298,ltZ:1298,mdA:805,mdZ:876%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:350%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:495,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:349,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B170~0%5D,as:%5B170~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHvRwfr+111%7C112%7C113%7C114%7C115%7C1161%7C1171%7C11721%7C11722%7C118*.1484055-72040524%7C1181%7C1182%7C1183%7C1184%7C119%7C11a1%7C11a2%7C11a3%7C11a4%7C11b.1352960-70224155%7C11b1%7C11b2%7C11b3%7C11c1%7C11c2%7C11c3%7C11c4%7C11d%7C11e,idMap:118*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:351,sinceFw:144,readyFired:true%7D&br=c
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:f77:9d61:9942:8164 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
index.html
s0.2mdn.net/sadbundle/15415463092317913147/ Frame 755F 		1 KB
774 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=gDHo5EdhSo&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
739
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:06 GMT
expires
Mon, 17 Jun 2024 06:56:06 GMT
last-modified
Thu, 27 Apr 2023 13:50:29 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D379 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-4eKeiIa2L8b9ksKLtG7XM9EEmSA3cXbIiL_0Ff1RXGN7JdEPIqQ513El0Q_HbrK8QHZg8ystCnXHHL46bAYdG1YOBR5hIc2X35qDjon2HJynRAuMdl8_Idd5GzBUdCUj1W-GQyZkJXkwsLgmWioQyPMsDb5qt6EubQ&sai=AMfl-YRcTQjbs7GnbZl0eZU7ADJ1YcDIRuwEvdYWJncIUoRZcwfKLdZ098z4jYjowgI1vGG5RoQvJqxNMPfJHwMpasvVsgPhncefnEkjXlQWISt-glG052DNt8UJkuDvuw&sig=Cg0ArKJSzHskLMpqkMMCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=230&cbvp=1&cstd=224&cisv=r20230614.57184&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 18 Jun 2023 06:56:06 GMT
ai.aspx
m.exactag.com/ Frame D379 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180481255&extPm=361198358&gdpr_consent=&gdpr=
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.72 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Sun, 18 Jun 2023 06:56:05 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
So, 18 Jun 2023 06:56:06 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1119
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame 3AB1 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 10:41:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
159274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 10:41:32 GMT
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame CC00 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 10:41:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
159274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 10:41:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6AD4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst67YuwFCogYleZxVctJV4uo3LCtdcTcOFj87hb16KDjMeYwNYbKKIB6VTcir_qHCCk6kxLaroSnyqJxEUoYxgXSve1cfXeeI3y3KLz_L53WCSRpZd9kTYuTa87wBFOCtLqoc2fXQWoux8dwtKkcngdjSew-CeBH9QuTVUCW3lUOFGJ0XFLcbuL8j15Mek3MrdYY3FxhyEkSuDe6-ocnNDp67VmldyzULTLJvzaSV9CQ_Jjd4xVyTP9-gc4ZS0STiGK_gJi_IjGzBDe5F1m4IuC-chFX0GQAWRye6tmYgxEICCbKFE91TNCI4b2i8rYAC-JCYOPqNRxXRrgOqc5qaynXSpzZJ3QU-M9Wzk1HJvJPsLvf8CfhHcqPC21&sai=AMfl-YQlMV0RJScQ4FgKH29WZFKZbl7er6gaq21LwIUUkLyha6COy4vugCSIl7CZUHPWTDxl3i7pQ8E5COHHV4cuwcK-R8aaZgfR1-vlO1V7rwo&sig=Cg0ArKJSzIV3m6hQgfR2EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 18 Jun 2023 06:56:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6AD4 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230614&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84e28969b50a98f8b0bfd1611008743300caaf54456d58bdce4b4129d56f3bc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11168
x-xss-protection
0
visit.js
tps.doubleverify.com/ Frame E989 		1008 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=195&ttfrms=30&brid=3&brver=114.0.5735.133&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauJ6%5C%3E6%3C%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauA4%3D%402%3C%5D3%3D%403%5D4%40C6%5DH%3A%3F5%40HD%5D%3F6ETar9EEADTbpTauTauJ6%5C%3E6%3C%5D%3F6ETar9EEADTbpTauTaudhg7gcb36gc36c%60_4aa_4%60_72e4fach7%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=911&ddur=89&uid=1687071366126872&jsCallback=dvCallback_1687071366126668&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3886&tgjsver=3886&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2F598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&fcifrms=1&brh=2&sdf=2&dvp_epl=282&noc=4&nav_pltfrm=Win32&ctx=20309721&cmp=29968277&sid=3288807&plc=367565023&crt=192207036&btreg=558488166&btadsrv=doubleclick&adsrv=1&advid=4309118&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=40531534.20409332&dvp_tukv=883704365.4364135&dvp_strhd=0.3999977111816406&dvpx_strhd=0.3999977111816406&dvp_tuid=92468356130&jurtd=3022294567
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3886.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2207ae04d57fe0831896d5659843730d0234c7e7be605112a82ad42bc971d590

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Jun 2023 06:56:06 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
06/17/2023 06:56:06
FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/9170381621892120779/fonts/ Frame 9538 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/fonts/FordAntennaCondMedium.subline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 20:23:09 GMT
x-content-type-options
nosniff
age
383577
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13336
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Jun 2024 20:23:09 GMT
FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/9170381621892120779/fonts/ Frame 9538 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/fonts/FordAntennaBlack.headline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 10:58:49 GMT
x-content-type-options
nosniff
age
71837
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11876
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jun 2024 10:58:49 GMT
FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/9170381621892120779/fonts/ Frame 9538 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/fonts/FordAntennaRegular.legal.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 08:27:52 GMT
x-content-type-options
nosniff
age
253694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14468
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Jun 2024 08:27:52 GMT
FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame 7B3B 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaCondMedium.subline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 02:36:07 GMT
x-content-type-options
nosniff
age
101999
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13336
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jun 2024 02:36:07 GMT
FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame 7B3B 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaBlack.headline.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 11:23:10 GMT
x-content-type-options
nosniff
age
70376
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11876
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jun 2024 11:23:10 GMT
FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame 7B3B 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaRegular.legal.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 23:46:17 GMT
x-content-type-options
nosniff
age
112189
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14468
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Jun 2024 23:46:17 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame BFE6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKsuqy11k_9v3cqIkI79PoA&google_cver=1&google_push=ATf1kGNz5MGsBj0ErMABxMdO6KTlhcPzFLoucJgaXulF8G3T_VjUFBe5TTFqMveKAywy4cvwUo_A0nPeHRT8wnF6YNKImfGM0MfC
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI3ODEyMzgxNjM4Nzg0MzA3OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF_jQCCRU41uH4uTC8P3kw4&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF_jQCCRU41uH4uTC8P3kw4&google_cver=1
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 18 Jun 2023 06:56:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF_jQCCRU41uH4uTC8P3kw4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BFE6
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMGECoFzGhhskLiymB6BX-k&google_cver=1&google_push=ATf1kGNwe9M6kexoZzFBKAZcMqsaWj4M3gQBgZoLBm416w8D4FIR8Iotu8...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNwe9M6kexoZzFBKAZcMqsaWj4M3gQBgZoLBm416w8D4FIR8Iotu84nKGTrjfbH1bwPaqwxNpqMUUTlhiJYZ4a6X01Oq9x4&google_hm=rW9ZxbGCbHkM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNwe9M6kexoZzFBKAZcMqsaWj4M3gQBgZoLBm416w8D4FIR8Iotu84nKGTrjfbH1bwPaqwxNpqMUUTlhiJYZ4a6X01Oq9x4&google_hm=rW9ZxbGCbHkMoGH1XXLZXg
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNwe9M6kexoZzFBKAZcMqsaWj4M3gQBgZoLBm416w8D4FIR8Iotu84nKGTrjfbH1bwPaqwxNpqMUUTlhiJYZ4a6X01Oq9x4&google_hm=rW9ZxbGCbHkMoGH1XXLZXg
pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BFE6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wkk2cWhRQUZkc1JXRVFCUg==&google_gid=CAESEAM6GX6k5uDEDFPD64tMjFE&google_cver=1&google_push=ATf1kGMcPB66yGn7TVuHvPc0RI2xAotAdj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wkk2cWhRQUZkc1JXRVFCUg==&google_gid=CAESEAM6GX6k5uDEDFPD64tMjFE&google_cver=1&google_push=ATf1kGMcPB66yGn7TVuHvPc0RI2xAotAdj_UuRgPmNCAgVtusy9NnrAfXUxXubM6yijuaUcbZ_P16N-UKVHeSZ_c8Sg2cFsfyd1S
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230053-FRA
pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1687071366.254931,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wkk2cWhRQUZkc1JXRVFCUg==&google_gid=CAESEAM6GX6k5uDEDFPD64tMjFE&google_cver=1&google_push=ATf1kGMcPB66yGn7TVuHvPc0RI2xAotAdj_UuRgPmNCAgVtusy9NnrAfXUxXubM6yijuaUcbZ_P16N-UKVHeSZ_c8Sg2cFsfyd1S
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame BFE6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED6cxCsvqVLOiXIvElwJHJ8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED6cxCsvqVLOiXIvElwJHJ8&google_hm=ZI6qhWsrOhSQBRTpGvL7PAAAFJIAAAIB&google_nid=index&google_push=ATf1kGMW8vDMOUXR0EZZrJMbzLQ49YPCua88q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED6cxCsvqVLOiXIvElwJHJ8&google_hm=ZI6qhWsrOhSQBRTpGvL7PAAAFJIAAAIB&google_nid=index&google_push=ATf1kGMW8vDMOUXR0EZZrJMbzLQ49YPCua88qCGtrO30zQP4lqAe8cTCINQAkU2ieo7uH5O01HcokYxouo_dimB4SpZCa5PiJxAJ
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 18 Jun 2023 06:56:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED6cxCsvqVLOiXIvElwJHJ8&google_hm=ZI6qhWsrOhSQBRTpGvL7PAAAFJIAAAIB&google_nid=index&google_push=ATf1kGMW8vDMOUXR0EZZrJMbzLQ49YPCua88qCGtrO30zQP4lqAe8cTCINQAkU2ieo7uH5O01HcokYxouo_dimB4SpZCa5PiJxAJ
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame BFE6
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAB0E3hTR8Pmh-c_bY1CxTo&google_cver=1&google_push=ATf1kGOD06HyI2pbOkLT_9-oL6PBX_55KCqaWOnK4rXa3kKqvLFZ_FTXLoEIurThlRQ-_ceD3Qs_5n4Q3rsft1645...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAB0E3hTR8Pmh-c_bY1CxTo&google_cver=1&google_push=ATf1kGOD06HyI2pbOkLT_9-oL6PBX_55KCqaWOnK4rXa3kKqvLFZ_FTXLoEIurThlRQ-_ceD3Qs_5n4Q3rsft1645...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOD06HyI2pbOkLT_9-oL6PBX_55KCqaWOnK4rXa3kKqvLFZ_FTXLoEIurThlRQ-_ceD3Qs_5n4Q3rsft1645l4A4Ujf3C7S&google_hm=G1cgpGZHvIVzxUjdRi-vEsF8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOD06HyI2pbOkLT_9-oL6PBX_55KCqaWOnK4rXa3kKqvLFZ_FTXLoEIurThlRQ-_ceD3Qs_5n4Q3rsft1645l4A4Ujf3C7S&google_hm=G1cgpGZHvIVzxUjdRi-vEsF8
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 18 Jun 2023 06:56:06 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOD06HyI2pbOkLT_9-oL6PBX_55KCqaWOnK4rXa3kKqvLFZ_FTXLoEIurThlRQ-_ceD3Qs_5n4Q3rsft1645l4A4Ujf3C7S&google_hm=G1cgpGZHvIVzxUjdRi-vEsF8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame BFE6
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEGEhBRJ3pcUZE6Sx-dxzGs&google_cver=1&google_push=ATf1kGNZN1vNnBBq74DwZaIPkKPATc6r4M7VORwURyoubrCrnNTe0RsL9263DX7BVdPu2JYbdwmzdSt_f7HJigV3...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNZN1vNnBBq74DwZaIPkKPATc6r4M7VORwURyoubrCrnNTe0RsL9263DX7BVdPu2JYbdwmzdSt_f7HJigV3A9Ttiv0ysNU-
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNZN1vNnBBq74DwZaIPkKPATc6r4M7VORwURyoubrCrnNTe0RsL9263DX7BVdPu2JYbdwmzdSt_f7HJigV3A9Ttiv0ysNU-
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 18 Jun 2023 06:56:06 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNZN1vNnBBq74DwZaIPkKPATc6r4M7VORwURyoubrCrnNTe0RsL9263DX7BVdPu2JYbdwmzdSt_f7HJigV3A9Ttiv0ysNU-
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
A3BUhcmleAThhYvWxRkMn4tcOTi-pnZED3OqKQQPbveVVsIcHltfWg==
pixel
cm.g.doubleclick.net/ Frame BFE6
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEe79gBex...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEe...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=004b644e-d426-4291-9e5c-fb683ff28737&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=004b644e-d426-4291-9e5c-fb683ff28737&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=004b644e-d426-4291-9e5c-fb683ff28737&%%GOOGLE_PUSH_PAIR%%
date
Sun, 18 Jun 2023 06:56:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame BFE6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LFrLI_LH51wPAjkyDEkmwauFCsszLmTVlja-AhicouUJWSYPk56hUMIHffPmS65CEpC8hZOg
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5580 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
624c4aa3137a5db9699eab8eecb5b285928af2b8c27977903f5658ab62e911c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5703
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E2F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssM97JNTmY66t2a5VfYOi7ZroJS8wP2rLEJLRX9TqLtBzqdMI_dRrE3-RJeWCBGUYut2hjanz7P0k9sodXovINa4RrD3TVU_Yr2o7SOdpH_8hrVwFGbGxd3QVZo0C4e9nsJenURr9cV2doYukKWOp4YrpzDnqwqOcDIhrAnu2_ON1vOpshYmE6IgOc7JPQ3dhERVWf5-o1d1a9a-3XeeVQiO54o2LNjzmdmBktMVpb7fMxPS8WHH4Nk0RAATfCtM125CbJ0wdiWu844X7bhXDwyFIbm_W3g2Qy9rI3spjsNv0gNTJibLJyn6izwKKTSWSI0n8VLBXRoSMAvmuN0mhuxZtNeUY7oO3dYP-BotcDhkfYiMDzM0OhSMRCKPW0M_a9VlTgxAN7v0AuloSJ6CkKm4215WotBKUHhGvQxLxeLuroGm98APdkQIuyJTQNyb0QhvloHVi9aQMcaDLp-Lrh4Ea0ZRuMqAZlVhy31YGHMgnsG5mbt7-En7j9CT0VM3I1dj1JxGQ38FgKDqkjoQXwgNsS-hNsA1Bt77fywCqJkoeK_Utyyi5wBB5bkChQe6AGTUYSrXw2Dw54V6uaiYyzo6KVM0qCfD5v5Ep0DsHZebwE9YtX6ZQP9KavcfchlgUK_EsfOjl0qMjocj4FWR0q1KFvPrx7oESnSpmTrzpu94MD3B7B5-hk4lLTPFAAiFEQ6_zM7Ll02GKIiNfCsLBG7_3VJQmDxv9kVoE01alAY1ONJGUyIoUGnGNOSc--7xntIGrCGPHTA7RHBCwa_HC3PX5o26XwAkIrFoaED3qfsccJ3U8VDQDXLHCoq4g0BgWq5IXfjrMkudPt1471fyU1LivRL8TreWsNVfWe1QBKX0Y20b6W1RT9Gk48CCAp8M4eP0AkCx-8duceQZW-6NI94WMzLhkbu2ivrsriuwGb_ejXauHVzX8zjkPYlR_VGltXgshvnsMMczhN9o7lAmwOXh2ak7uoxSlAGWPNa7zM_dpBnkLkyihxy5XuNBUTizofWOobhY7vwswZOpDQNIgcmpM56S1lkRgL12qAtGNZtwutrfsvmHWzqTFLcNuOHZn56h4E5EYEorJlsoOhiQ49ZQJNoC_Zp1ZdZZoHMd792GfO9fS42xm1aTFr_YaU14zWWWqG_k9hKl_qlN9dpblaAFQ07kQ9C3UYZ5FkMKT30mQ0rnUdVE69HCTZ_uuHtQDoW2rKFMFnOdKEP9uvz6moJrAg5pnRXlJnDJEe7YfbXtohPPZcUmZ7UbL6qo4R48rxk1LalDEYGqlsbi5CX-Nw3Lo5bDebuYPWGNdALD7NJdRcQ4l-B4t4&sai=AMfl-YQ12GL-H4sYnI5fohXqivc0sg5qi_uC1oEen7orj5Wu1uXAzYoAlbCqpWV-UtR7N_YRraWh4wtlK4MGtYtkxNIamN5jKQuciclUfg_fPiuSp7YqE_ejcCsBudk0SDyhG5qstojgZnTcbkMpwqQZ_-fbmITNfHyALJLl0ChWAoDk7nPSbXchsKGWHa0K6jScx2N5HAHeoDf4R-amM2nHkLoC9ahlghcwAegVeNPD2nq-t9gCr8g8VSniihlpHv9b6Zu3AQw2QzrMplE9fdNtKdkmTJkTbQ&sig=Cg0ArKJSzPbkQtWfDaFfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=966&vt=11&dtpt=604&dett=3&cstd=354&cisv=r20230614.34535&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 18 Jun 2023 06:56:06 GMT
dt
dt.adsafeprotected.com/ Frame D379 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=fad760d5-2e86-7595-3518-0899658ca0c6&tv=%7Bc:fS13sR,pingTime:-10,time:796,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMzMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687071366272%7C%7C8b64388c6f1082eabfea295ded8a39d8%7C%7C8623b242deb4313525321dba17b62725%7C%7Cd2fd0b834ecbf3175645aaf3d3ebc20d%7C%7C8c194d6cec25ab76dadba799cae859a3%7C%7C54c4101d7deb3be328ffc2ff25dac105%7C%7C130fdc7ee8e29f2311857825544ced4c%7C%7C4adfedb2da3a2facdf540f51f5f31187%7C%7C1663701684,im:%7Bpci:%7Btdr:548%7D%7D%7D
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:f77:9d61:9942:8164 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 755F 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=gDHo5EdhSo&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=gDHo5EdhSo&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 06:56:06 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 755F 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=gDHo5EdhSo&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=gDHo5EdhSo&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85040
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 07:18:46 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6AD4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 06:56:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9538 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d20d5a7aeb3f2bde3e200ad4c83c0584ee15fe4036d7b9e7a1f5253649906ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5745
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 35D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvC6jOHqbKnQlaFvkWugCRN0xLgbb_yuXXLi9jGCMucvggyrp1fvK-QU80En9O7SGufoRabCypaXbrHCsEtdiMyj0bOO_1nUbHuJ-eJdOCJVHrICCEntjsuE9ZMRVP5mUIVHfryyAONdQ9dWgC4ruZjWa1wDG85NdUwsEudXUnvc6u8zANWMGaOYDTyqmIfQ1mWF-FRHSKTOM7JtF5ZpyJnNZk1RIJrXB2gfzE8W_R7z8cLyWG9uS4fpLuoL7nEWh55Xrzi7QfBcUiQ8vgtc1YPsZ0XV9hNU7xtNCGNtJkdloRzPGPh37FFDJwXALYMDNvV8ZoLlC1PKVEpkv_hxg95VPubtcp349hyxfjVawZUlbAeVp-8Fd-RH0So-lSKJ4T2b5QXvqWlBUeOK7yWbNebWrCclhKrCkKI-9b2rcc4tcgRfJKweXNo3zq5FvVsvAS17yoCVKZCP3o7ocQyPHgnm1qauVKIBa9VJ59ZYXXbnDq4MmbfLPOG21VfnXGLDcHh6dCTy-xGmzXxUM-inNqVtj4CsrhZRGBfrEN6d37bZNPQuOSqMFrBQmmeHXFa_Yg3XpKBWb0KGXLEQTFbPzmDqqpUNZ_btNY6fEMxWMsy8V8jygLeOyr8S0tBVltviKMbGB0NhqtXkB-4WhvHleLgmG7VxbdBOVFvAdn7zXjqFblMCGEpxYxdVEXT_XKy1TbcOKAh1AJbm6V2WE1tu6-2LPKq2dBLCwVL8GIgxT_P-bewz7B2fS1RBODwriqjXSe1HFnE37DNPXE8jVNWzICN_-H_sDO6rHje-5sqpHmkUab6L75scLO8P2nLJplOdVEwkCnMLBbsSx_UZq9Ve_7xLWljNhq6HvtEcD65_K4J7-eh3ST1Y61Tv-pnaIXFMQlpsaxv1RpRZh5OKpVTdU_yb-KppEEqje9fyAS3i_mcFcE0ZSLqJe7LOKaahhat_L1BnV3hw_YqRSdd2ArpXURzKTp1OQavydBieBw0KwCzX3dJEmK7hbWKG2HfF0Am1o9LW4hmnhCgas3gVSWjd3XVCGxfoAc3mgORJ3_rBWhDvm0ctO1GEqbdb6qYaj6X0sP4iAYII-mBXJwlMabv3njj_caORd8wNo2PB0rBVKmk_91p8OsbqdEHSP8bjKSa41E33AGONveLNiX3jJ_s38METi2IaU1d-EC1qjUz61juOEi-gDNMU4zsEzhEdEPwhAoPu83HYmPia1q5pezONSDk0NGd6tfTQ-aAPuG8zvZeT7ry31fjOTqddSOvgbrxsETihUCIgCygPGQO8P5MKmJxQvVA3y_LfZrrMIIkwNIbYOMGRbGmBiwRnQ&sai=AMfl-YSp4bnoi5mU8-fBYiNrelJOA2J07EPEoHW8DDCKtET6Unyj-5vWrQ1C2jBNslEoshfgFczCQJ56_7519jDh3wWSRf25NO1IWWSnKlbXypaUJP7CY-9OsxNmhzT5NspzhT4nu_QcSO3Z-CjpfgYq5uqB7R05FMtxpROAIO1_52GLBcm66iYtVStunEU32zzk9NsyheVk6TtuiN7iwqMt79Mz6nlTstECdcRhUpcrPO1hSmupTL3lyjUEx654Ia43Ah3e5wzR8H8MLbedoA0cVng3e_Blag&sig=Cg0ArKJSzIU1JAZF4md4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=913&vt=11&dtpt=638&dett=3&cstd=268&cisv=r20230614.30713&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 18 Jun 2023 06:56:06 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A1EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6z6-LJDxgtyXjhy9qxO7JyxqXk0DB-LFByTDWuMUGbniUKlAHfBC9ifrjbsUOfKjO7NbGSMVrQKJZjfSuZyobUZHe-qk9rthSGdgliDq5gMlgD6uqIG8ZzrLsei8VSVPI2KUJC7pXhcgBgTg3e05Sxnq-vTi1nRd0-bnFxvjxhLUflrEAaslyQcTEDhYN5DPPmC7yb9hFxQNzu4Sh8JWGJSeit5gUArxClIwAr1LzRYb5knoYz1MLyT1xCDpketsE2m4yI495wzekQxwHBC4I6AjX3EiAduIZuicTpbjGXTzHT1_uiaEYdBO1xCgxJj_GhaRhRNfueswCLE5wOhQN3HAt2dP4A5PbsjzRqyfMiNNB8siDspqsYfGpEA-k7EJt9zOJtmuog-qI7-v7FIMZXors_9eQhlTMJ7vQV84tjFYh8WTlXE7i-gtpmKCRvGNRy5Q_OX-kOY06J4rTZk4zj_SFWIYpMpoQjbl2KGqVUftcC9x1fYyjYIY4SRjcBWJ79pYzwny7CaodTTOTX5nlHO4nmK2uK1G_CckZknQ8WpcY9g_xRHGxZtqJXrqCcbaibss-0HDOwS11qCBGmJW357mm4r7Na9IEvvK1kNxiviqTXJZHCh2QIAn2SupB8KIs8cqg5tq7YYYYgFxrj5fIxy3MG-hArXn9PiZLqAQAQ93Yq0wCWmARN1Wcs8DCQk6LpC2KhYU8jHilj5t_Zcxj0Fg0wUa58FFf7Li6RQKGf9tzLuSGdaIoGn5TsYdFtPE9yd7g7ztlXzC-GwrmdNPJ6YAW9BBHgAJfkhECxrJ0SrOkddtMU96UmsSU7FzKqPBb5Tp8Wai8auIzm7F4ZtaEnF5Ue-KTMREEFhSxwZFUEGG-GcU0xYF0iPM9JHAm2YuLBmjWFsRFYVnIeI45KsjkGQRQv8gAy42-w1nk1AFFxdNXwl0oqbq74J8qusjChSrsHdIxBQADp7VuCXhjcaK28HjBVxW7KVrbEMEtrqqS1koNdJQdxzFPcppxsvfYKMF5HvdcImqZEFpNCS1kYeW9Z_OC5cRF9BN63mtnCehIzNb24lm3Jk75YuGoCDFCu66o5to9NPG-ciLcohXG1GT3yZdgk0AxmA49ZpCw-ggztALCaq4PSevPapKnY7-5lf1dkAeg8Raewpj4TNViTTh_6rdd5P7f6ZP_Degf7bb0522CABpLXtucrDYdEtFOJHPg7d7BHHdSJoYpDe090VuSZWup2sRv8N6ge5iwbHiQgF2F_3zyyR8mKrj6RTB0_YgEVRFTwvjF0Psj1xiAicvKzRtoOPUdOrq6sQYBKGPyRiJMi-ZT&sai=AMfl-YTeVxrAolfT_IQ8nU3eP9u5hFnTe4fg-7K4zaKXyPJOMeIqFrFT8PgE-i5r6xM-WtHlrhBedgbLooBFnGixQxWb5FBHoK6GNeT9WwJ42JWqH1zrROUupei5bAb6zLCYkE24YLF41qlTKqtIUxVDHF3KFtS1_uH3Y6PY1cdBGCaX4pAf7PZyr83UN39bmjVLP0CMFXCfFmw0RO11Zd1ZPxawQJkOq0wP8tj2By1s7NIffiedXAdcUcLGg8jMwZ9EqRmkFqoM4GhwwHPxxtW0tbZN80jepg&sig=Cg0ArKJSzIJn_pvKfZRFEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=904&vt=11&dtpt=620&dett=3&cstd=276&cisv=r20230614.57236&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 18 Jun 2023 06:56:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5580 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 06:56:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7B3B 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87c358def23762058a009020a81df8b1bf53a3cd5719752154dcea919c50706a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5882
x-xss-protection
0
visual.jpg
s0.2mdn.net/sadbundle/9170381621892120779/img/ Frame 9538 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9170381621892120779/img/visual.jpg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb578159169bb38173ca68b7f9ce061b18af4e4e6724bf3c9c3e745cc954f177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9170381621892120779/index.html?e=69&leftOffset=0&topOffset=0&c=P34UEfdXpJ&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 19:30:55 GMT
x-content-type-options
nosniff
age
473111
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94238
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jun 2024 19:30:55 GMT
visual.jpg
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame 7B3B 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7493198391404092334/img/visual.jpg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b438fcb0b6409866bcf245a57397590528a9db351cceb09953f27f9105069895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=0RTqzJl6OX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 02:36:08 GMT
x-content-type-options
nosniff
age
101998
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86025
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 10:59:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jun 2024 02:36:08 GMT
dt
dt.adsafeprotected.com/ Frame E2F4 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1484055&asId=a1216a5e-dc28-6f4e-f299-f0ff97eff4c4&tv=%7Bc:fS13vy,pingTime:-10,time:905,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMzMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687071366440%7C%7C07d201e85e18040cb4d2957298e4990c%7C%7C8623b242deb4313525321dba17b62725%7C%7C80e27425afbc02d97513327310ed3471%7C%7Cb716a03b1b6ea252827e8e089b7df234%7C%7Ca823439ce5b594c91f14c7d1c613c282%7C%7C54e272bceba4df0f6e93edffbdb27664%7C%7C206f29e17c0de7797237f945b3f0dcab%7C%7C1663701684,im:%7Bpci:%7Btdr:376%7D,imprf:%7Bttecl:1007,ecd:127,tsecr:278%7D%7D%7D
Requested by
Host: 598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
URL: https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:f77:9d61:9942:8164 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9538 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 06:56:06 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9F56 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_ysBO-O5MGomjElhZpE9eCD4o3bURKTRVR5eLaFXNaoCXssZUyiEdSwtDkygCRcERwS72c9NNh3DCjxOSSkia53_WzXLEiio211xYY7wTH-UI-mI2nDrRxPXyHpnsFLrI5rDZ-UMhU59T&sai=AMfl-YTVP5aMGpOiZyqSGgo58pGXBx6gbgOlK6yPVnnFAvvIeYMuQchUom3fwCol81aKaY7QPUA1VuMRz7jH5rQED_dH5YOFoyTIzTQBHJnZRLJy0p3Nu3zDx5MDYR8&sig=Cg0ArKJSzEi88Wk0JTgjEAE&cid=CAQSOwBygQiDeavpZx5HH0PIoMRqvbP-l5F7g3VB5zT3vkqHfzNT2iathIy7O2qZxEcuw9YDwQrHHerHNimrGAE&id=ampim&o=0,229&d=160,228&ss=1600,1200&bs=160,228&mcvt=1073&mtos=0,0,0,1073,1073&tos=0,0,0,1073,0&tfs=612&tls=1685&g=100&h=100&tt=1685&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F814 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
37180
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 20:36:26 GMT
expires
Sun, 16 Jun 2024 20:36:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8515 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
baefdc23f1f5415436ac0c756fbb8489bd02c4570dc9bb19d1ec1f88aa3519a6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-02-2l1th3GveJiq9fnxpKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-02-2l1th3GveJiq9fnxpKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:06 GMT
expires
Sun, 18 Jun 2023 06:56:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
googleads4.g.doubleclick.net/pcs/ Frame D379 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-4eKeiIa2L8b9ksKLtG7XM9EEmSA3cXbIiL_0Ff1RXGN7JdEPIqQ513El0Q_HbrK8QHZg8ystCnXHHL46bAYdG1YOBR5hIc2X35qDjon2HJynRAuMdl8_Idd5GzBUdCUj1W-GQyZkJXkwsLgmWioQyPMsDb5qt6EubQ&sai=AMfl-YRcTQjbs7GnbZl0eZU7ADJ1YcDIRuwEvdYWJncIUoRZcwfKLdZ098z4jYjowgI1vGG5RoQvJqxNMPfJHwMpasvVsgPhncefnEkjXlQWISt-glG052DNt8UJkuDvuw&sig=Cg0ArKJSzHskLMpqkMMCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=650&vt=11&dtpt=420&dett=3&cstd=224&cisv=r20230614.57184&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 18 Jun 2023 06:56:06 GMT
rs
ad4m.at/ Frame 67CE 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ea0a8843e493c4d2edf4e344d7238a43c48c43fa8d5d0ab97a94a48f73255300

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UN8fCZjfzx8W8Zk1J6Odyd4Wy5hqjFn0IxYjuH8oXU8dd9yFIdru5JcyDC3FGCPh%2BG%2B9%2F%2FCe36s%2FnuL7cQVaUXlQF1aPFeRD4FmRM%2Fbnu8pb1wRuOh47UHRRh8rV%2Fn%2FlkNJRI18%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7d91a1699a299bfe-FRA
x-backend-server
aa-reachservice-group-europe-west1-3zc0
alt-svc
h3=":443"; ma=86400
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame 1CA7 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 10:41:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
159274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 10:41:32 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 35D0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1ZjhNCc8T0k_fX5479tis4q_n2wsYoO_ZxvqdH6lFVJ-cV95q5swt5XxF_OnGjiTI9horFGiQjSTesw6DYwBwbroc2zNFYLId2fE_P_dp_-zNUuPBLrBzUDSwE-zauSmw-_CxkT24T6Et&sai=AMfl-YS_CiItx4lKpuwq9MJTAM13qnQ4ccb5Lr-oSrNoNPOnU8dW72nfgQu2a-Mtfn5CDpVaN2BMsKQVroHABaTUZF2vGjuTxVXoSmyocQhS0cpPITrEVNd1rBOYO2g&sig=Cg0ArKJSzJGxTpMhttn-EAE&cid=CAQSOwBygQiDSIK0l7fK7hS_NnWw_HWAHBcfoioTmvMX9Yie9b31DaRXxrAh85a-9q4AaBhj7YxFtP-I7-BjGAE&id=lidar2&mcvt=1010&p=0,0,90,728&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687071364777&rpt=776&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame ECAD 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1687071363658&userId=vnetdb434659-d2e9-4998-bd13-077019ab973e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 18 Jun 2023 06:56:06 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d91a16969c09bfe-FRA
content-length
24
content-type
text/plain
date
Sun, 18 Jun 2023 06:56:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMQcHsAgV3tOIyAQQtZ4Lm5JZ2aOnG0fPzBz506MNh4AqiBAN%2Ff2WQ0Q1AMQr6nLkSRXPhxUU19gKLeQDPgI2RPBdXCHZqjkqF6COwK0bp5rNJBMWHJLVm750JN36wmmDAJ73fw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-3zc0
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame 755F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=gDHo5EdhSo&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=gDHo5EdhSo&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:42:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
x-xss-protection
0
last-modified
Fri, 05 May 2023 10:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 06:57:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 755F 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc0149f4dea4ee8fae84a60bcbcf4e14f35a5996c4602d7f8860e4b4266778bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5708
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7B3B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 06:56:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2105 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByDFShaqOZJSWBpHA9u8PrbyD0AwAAAAAOAHgBAI&bg=!oaKlovbNAAaGYqkwpmI7ADkAdvg8WraD2_VqF83_ryiM9wH_YLG7gGhjk2nJYvykjOK3dAj4lUjq5Q5brznklFWA2QvLnwA-G5QCAAABMFIAAAACaAEHmQNjESPunRR6owOCNsVEflIReJoCtMZsxhqlodiT_PWvfbu3lAMY4xDGybWMbImVUsIkT1dpPaJWy2el5xkyAyHsv-VGuqJYJCA5P4Yi4dZc5qGAx6OsTQ4ai7Td6UhUTmsUWK4fgkZ2V6fZyJ_avKnJBB0bP7F7tqX9WPmJ29w5p8VXrKWpiRrq6epKLyMCIgav4zsn-8gYBuu2GLc9LvkKYdv2KhLiPxjJBGKeYmUJnPCHbfgnLSRWzNPub537bkdLGAnHN0xyWOfb0XB4BaqEWdlx5Owi-NNnQBHmNwAC7ka0QBq5ck1YTYVIEHCkOodiINr6uHtWzSt91KKtgI6zjt6liLZXDgHKlKYHaGmfS1Vi7P7AdTGOA2Gjfww1Evl0_BHl4o4Etgf_3xI5i-iBNSi3BQCUeVzLRxZC2KQfErRQg2Juq3-SHdQtVw0yii5U0m-d-TBhPX1ofXONOep42E2qjjC1AfOU8uJDiTGHPNT_cIUDUFw6bDDwHYWW-jWpjZOMvnaaMQUqHogh9Iz9jGlaW726DM0c1d-SYCJp2Pe9nqYgLgpKKzdgN1eJKcdG6ceoRbIuKMcrcvEG0NpXQgevHdCgmXgBLt5rP9tiRleLb7BG0WApmxCIXqEoN3yM_FWVuDjFoNBWUPFOs9InvbbxxOJ_MDwI9Km1-sBgo0WanFexJQp5-wYw28V5DKcLfsFkh9Wa-54idPK9CuFuDWjhFXtWpRcO07MEzznUVLVabhmiUMp3_7C5m9fg3-0S6N51dnyqqlM5-ERcYX7wGVnS93-XWRpvYKEP4IeF_HXfWFCQWSCnxCLwrSDy4ySCi_9C-_stRWVfe1UA24iAtxuVQg2lDNIxZaSjiRr0oC_mH3xXw-mXUJbCop4LXwa3EDn3hOrFQzg7skbNrEYpU6JRfR1se1lt3OLeIZizKO_eHZ063MSjROaEtJXdr_Z4tS19HIIjp3lrkNYK-YEHVtaowyNB-8mozsj4qb3n0xgkILU1ejaWSGiCmu-U1m4bOnyz0AcWWwH_9pe-6z0OEzuHQLxERlZHVEIT54oSMMLXWx4DAwX4UN4mh9YwW9woOmCryZDZz1h771Rg1lV_W7vtBQ_PffnZp-vCK0rjcB6UUESV2-WvNNwngnC34yASrXz7
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visual.jpg
s0.2mdn.net/sadbundle/16829948873192997814/img/ Frame 5580 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16829948873192997814/img/visual.jpg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a7236c859d6491548dcc21f41adf62f1ce3698c7a2bd60f9300634048de0c93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16829948873192997814/index.html?e=69&leftOffset=0&topOffset=0&c=u0LdbCMWet&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 19:24:54 GMT
x-content-type-options
nosniff
age
473472
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36861
x-xss-protection
0
last-modified
Fri, 12 May 2023 09:19:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jun 2024 19:24:54 GMT
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame 20F2 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 10:41:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
159274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 10:41:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D7E1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHFEshaqOZIqeEJX03wPM24SYCgAAAAA4AeAEAg&bg=!1tWl1YHNAAaGYqkwpmI7ADkAdvg8Wq1dCmmgXwzbYhQSaQRT9rbH3r3UOZ6AaGa3s3JGE0xY0j0GC0N9vKUrsPmXhrTO9ZvXMo4CAAABTVIAAAACaAEHmQNpIBe_tO1HYzrbSs0Ue6qvX1c4ntyV8qnhFrDQj7IZ3JEPY_1PSpskdV22IKwsOM_eNsu9XF-saahA8f4mNkciu2n0a_ReJwTzGnHoKaOmR7wv1LuO0hxE7Fr1X2X1fo0WRP-8D_G3JQ1fsEwshsVoyk-UjrnF-HDf6mUjqrung54si4IVpyRZbg4nkHPAjG5YqBBZ75XnSttV1Q048cJXqJ6mOLS5T1LWw76hC4mxfYGKLItnx4YG0jW75w0zzPNb2wAA74TQzucvEYggb2xHDoGyFOQaTRnLSA2nEqnyg3HeFxDZohvVyJR1ZY92qhWj8eO1l2r_HL5qE0fJ6wiYzlD7yR95VQl5QMlADFCKpBqlDJxoizp4da0f2NDdd_UGnuXLyBJFwjQkIhh-fQnBKwCyCSxcko4aWQunXDoSJ3PDdPxoKOtVukVnJo7glA6PUzsQ-TlL4h_gI6IyDIIJ6f4YcwLNlYZFyIYjPyqImT9bo2K5hYA_GkhEF6ZLzmk0w49RKLOri4-1KPIzVTvbLAmMerMeeD5eytbg5ALnoCgjxzWNJU25qN_6MG8tjgsc6lmWXrHjal4DD3eQiMdZWa790bu58nzlik_TKiNkKScNGyGsG0CvCErLU2Nb_wsYf_N5COa8eLNmdIMfHrpz2H6xyA64dePYUbWeZcrhpruOka5tiSohgfilpDiKfGwV-gaCbwU2F0yC4NRwFkwYkT5wWVCNQSgzhXoXsw1sqgEv10pTfHrSyjvxhv5L3iP76hq2EWxZYLgHlPFmHe7xOzF2nnaiakgirEp5Bg-Ib0UNOb7XkVxS3GltdS41vVSPLKMpqevGWGeAHbq5QWkaFQFWQdAlG8E7Ld6R2zIXOGzLhHdyQ2SUDus5soVJf53OO06Bm9SoGJTD-QiKi7HufxBtwnlsDF2Cux7qYCbM6CftMlBXQSKicEkMxclfyif_q3iIbFRws45noAXv6BEFFnmmSEOT6g9RodJdVnhvH_sEb91M52IkJ9jhSy_acArEW4VHtCLc-ycnXvVszrV9PLgBh8NJgbEpyDcNT5jxU5P44sxY7GPaP8SInu6tMu-f4BVPz5xa0A2MXPvScXMCmwaU3hO9IS-3XhGnIm_V9i7xUXhC09NOu1YmVSR7HwTExInUwRAzMue_
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AB1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByPqNhaqOZN2IEJKd9u8Puc-teAAAAAA4AeAEAg&bg=!vL-lv-vNAAaGYqkwpmI7ADkAdvg8WqCj04k40Ou8qQtixqlfYb5PUji6em1HemzMYc0Ib-WT7ZOohJUkAEzBKgRZSJY357ufMkICAAABClIAAAADaAEHmQNI5V7rZ7V0fZCmTZ7Ta0CVlST-cIpmRd7FT1s8Kqbr1OlGrpM-veT6oHEHXeeelsb9FnI0vjUHgPu4DtCgr1tcscVTN5E-302YEO5gvSOt_rAzG4LyWLwtPvlKXEjp0A7_feE6rGMN8PQYxMoYvCGSrItFjt8aQaxfjcuHEFrvn9IvsPE2zhjuXT54XFUnHM6-vHL9k-0q3v7nqpRIwIMlRyknNPhOGYQuVSYDh2suHnX4EsXCveVddvDGBlWGagv5co09F-YmxOIU9EbkCXsjyi4cswsnk-_Ccqoda-Dd-nhSylJsFb2EEP0bdIgHREwgl5-RM5QGGpxa1Vsvx2jdloDyoGUHLYaxDOxS1BavVYDvdwCK7AltJylihzpam5RcxR347-farcYrrZx9exxMDCgCksT_VXGGJvq18O1gNOk0BqjAjZ2dwiof9xd3sJz5QxgBbjkNpRU3UrDZXmp2DbvFz5Gz2qzqlGe2GaVEskghxN2_JkccPZkmAMHLr0KpHEDZjqXtIXKoDOue5Foju0LCMTGp35PuUdzhfffbM127aVi2ZjCZOuSu-1dJUaQO6wgzkEcxEIn8bnh9iFyXemthAP3CSlrpgZwAD-UdVUjoaN3fhZBMwH5DwiLzicmlDW_1MQM3Ss8bE0zVgr2YjuwcRNKGVZsgRLkCvFLZUuEEcZ_BdZp4ei-hbZnjRdrgJZSgTBjP2FER-FaOuVtNHK5_ywF7DU_3bA6tieonKW3aPCO7YyLzkjgMG2pnsZo5wi8__jx_epwJlRDQJrrdEROws3pNi5OxKLRF8Lud1LCUx-kaC-dEnDMgwKfOD70Oc06kC8LFmsY0o86HxDeQPoynPIY78fBPyoWEXGd8bXzpKZKdqhaNxtuglASlKyGshEkev0Qm3xrQjxRuSY5QLAYeDz3dWhoRhK_ZV9_PGKDUXQj3XZyt61TleupiQYeKJZuPmRUjseEQVQEW_QBdTQRidB2gvbj6qgxIzkH2a33OoTckuZraPb_qSAZVjeQlzmiEV43M7oQiLIY8Ty8yETQzdMaARNqzEGlElySq41D1XBTIMBKu8VVZh3YCtPX99KzGOmHuHW2QUZjF0iuX3Ej9Qq6VF0Js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC00 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnFwKhaqOZN-hENORjuwPrJOkqAIAAAAAOAHgBAI&bg=!VFelVwPNAAaGYqkwpmI7ADkAdvg8Wk3XdGTZz7ztAylaYOP0aez0qzg6XrMjRNRv2hKIniYE364JY16O5r3lOW182CLQznnV3gwCAAAA_1IAAAACaAEHmQNBLSXtxPQ8fhpOKakxoPcUGqVXbYLsreqj4KSx0XxwNWRMFkWNxvWA8SzPXyeFB2p6YkfGOj7_3TyjpZg0MXodNl6PoVRWCcaJL9_aqH-09NMl39Gm0BHLEZmaw5sPH0J-w9gL1AEESy3oDmQWA7nGA0k87Xk8R8s7cdZ1OalHbrlv9EH_eIMsab7MYzvRReZ8SzCOIhIQreMgDaEthkEZhLqzd-Sf6NeMjSRCFlVkVXdoLO2yGmse8JenXaaGNtwU_H1E_yMJvxEKNWIVacSeyuO0UnH9M-hcPkcqYVsvoFVza8jHtbMpRlWEs0CO39HtJCBNp1i9uczcUoQh8ivC4pGypDgcBVpQrA50TtEwW3jp-ysAQGkkC1u_D1UNy_V7Sia3Mb3uUv4Ghr9hIKDIg6Xb82L6Rzb8Nk2WTImRGCIkWjkuMrm_PKq563bwoIsMFABrCjZ8RBdXX4suhGG0DHPmS9hRBKNCWSuzBJkHDSFBgfZ-0vP8XF1WKcOQa4Jzvw0NbexzloVox-30O7CrB2GS5tDq-PLN0h2mfaKf4bceemeqQMzlHddpOVKgVHAq0bkofZtrZigo_EDr65JiRIkBxDUqzshC5GPwLsHYOSXKRqEMcTbuqZvtPAVcY6CF8X0qQU1jxdVhOWIqYsZRTTZHNhHIEel3nr6NvOGSIWLZEybf6XF4lAhGv0DfYNkzcUBb4IFbYvMwRymUESrX418G21-FoIvONZ3R8WNBMhSH0sHSw3GbdWWU2g1KUKvi_aQBzVerSqXjrtWks81W2LONcPsMECbq0ayFEMDMp7ZsYvudQBHi4ahcEz0uqTKt9qdaExYGwfQLoNnlMLlrH-ODQ1czflaDlTtLQBmXEg-JxuDRO2GksQM-b3n27TRQqHCa4CBBeoX0H3nZl38N62nLsyE8rFNcbsKYWt7fYICwTQYOsJ1cjw0g75LmFOzPFAeIY5_2c0TXNVRJbtrSSwHAr-B8yP6rT8umQk00yY9WG8HOkN-kc0sYfVp79Sy9ZEfx555HWCLKN23DreUlNxVkivEduD_ymNNLnqWpNnsj_hPO7IOci8UX44SR--l9pvnHKsdIT5LdlPDPCThn9es
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rar
as.ad4m.at/ad/ Frame 98FB 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=3a274e0e7bfba0a8fbb3b6b745060901%2F12932167818892883361&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687071366683&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac3e109905fddd5211e7629764b013918ceb389e938761e1aeed5f456e4d5100
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1k5tcbar52gbcws2r9b2jzx9y6yje9q2a2asrxz69qtg37exq1c887hg8de2z9w8kct64e01c1ae6jss8eg1y60n2bh5kk7q3wpkpykb5sas3r8c6c10bhbkzw2m820vxgmgr7h3y3fe9favyangyst63r9zre5a1exr1z14fj0jzk8ttvkfndmth2dks09t0wzhby3btwygz9kzsg0k5kypw5p6nkb70phqnsvdfeahbtch2rep8x3egzwqs9g1v3v4gc2pbfsc5ry2d5j3wt36r3x0mamra18k0fg1811gc6xtp35v00r3t5wfyfmqx29yxmznfjwvy5ebc6etckmpqkxjr2b6c1ewprxk1bvfs41zp80d8r95bmqpw676jbe17rcjeaym35kkcc0rz4dsbgfkk4dd3dk122p6esnp93nzbf02bcjaehdkqzwte9zy625q8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%26client%3Dca-pub-6593523210010154%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7d91a16a0c8018c5-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:06 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 755F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 06:56:06 GMT
728x90_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame 755F 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47a31dcc8145cda5077f9e148f349dc3efa073e864648d0608e5f5b6abbcfb3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=gDHo5EdhSo&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
390
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17826
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 08:38:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 07:04:36 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8515 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230614&jk=652952707877614&rc=
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame F814 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 10:41:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
159274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 10:41:32 GMT
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame F097 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 10:41:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
159274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 10:41:32 GMT
default.css
as.ad4m.at/ad/style/0.1.42/one-ad/ Frame 98FB 		106 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=3a274e0e7bfba0a8fbb3b6b745060901%2F12932167818892883361&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687071366683&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=3a274e0e7bfba0a8fbb3b6b745060901%2F12932167818892883361&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687071366683&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1686312358
age
758701
cf-polished
origSize=108907
x-guploader-uploadid
ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 09 Jun 2023 12:06:25 GMT
server
cloudflare
etag
W/"913a188acf4937267d989357edafdccf"
vary
Accept-Encoding
x-goog-generation
1686312385390155
content-type
text/css
x-goog-hash
crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=af9tjWq6v9gOpmNCkY%2FkFkOHkOj6JRmzp67vR370nFv7dAYkunTdttlZ84MG0urS08ulBrBVIksbkKlNggk4h%2F1XKXHp18zB1uvb04WXd3tLRu58u%2FlVVelbnNf9X1zMQryxU1%2FJUck%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
108907
cf-ray
7d91a16a4cc118c5-FRA
expires
Sun, 18 Jun 2023 07:56:06 GMT
C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 98FB 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=3a274e0e7bfba0a8fbb3b6b745060901%2F12932167818892883361&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687071366683&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2284215
cf-polished
origFmt=png, origSize=10283
alt-svc
h3=":443"; ma=86400
content-length
4736
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 12:21:02 GMT
server
cloudflare
etag
"b90d04a587c2a1ab6749e51d8bb195d1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qe3o%2Fu6WM0N0A4tMwtOwJMaXmsVCt1i6zwmdMzjuSDRRGQZjYJ%2BNvfq7hXYGMiZBPgARdD1sgPONe%2BLUwIdBdN42g0qt0mFnUgGIBI0QlFmC3j2GZT%2BiSsORsIA%2BA%2BSNGP5NsG82BgAvu%2Fq"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d91a16a49069bef-FRA
expires
Mon, 19 Jun 2023 06:56:06 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 98FB 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=3a274e0e7bfba0a8fbb3b6b745060901%2F12932167818892883361&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687071366683&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
733905
cf-polished
origSize=105738, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
92686
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5OFaGoWpU31JWibK2Jp%2BmyZxXRNkLmUx5zKJNHTotSZe%2FA4wLNRhW0pJEoDJLvN8hShA2rRYBka3Hp0uZrtanfjqaiLriT1AAYSdwFfO4RxHj2cptykzkfdChRMwu02gFwHJkEP6zrpjlDX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d91a16a69149bef-FRA
expires
Mon, 19 Jun 2023 06:56:06 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 98FB 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=3a274e0e7bfba0a8fbb3b6b745060901%2F12932167818892883361&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687071366683&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2093785
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=il0g%2B8UpdBSZKz%2Fz8CbFfcJnb0qeH3SmnVJU6W1kDF%2BK6DhwTBkUYqEREBmWDkEBG9c%2BK29viciYS076zu4pJiNyoq%2Bd1oomY5MuTYB1WvtsLq8MjrMSKVHiB4AAHX2ZFBEfqSH6Ys2xdib4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d91a16a69159bef-FRA
expires
Mon, 19 Jun 2023 06:56:06 GMT
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 98FB 		253 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=3a274e0e7bfba0a8fbb3b6b745060901%2F12932167818892883361&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687071366683&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160533
cf-polished
origFmt=png, origSize=431531
alt-svc
h3=":443"; ma=86400
content-length
259252
cf-bgj
imgq:85,h2pri
last-modified
Fri, 16 Jun 2023 10:20:07 GMT
server
cloudflare
etag
"16f7fe8ce7119ba0f513f8179ecb2d3a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrdIOHOnIHqHfv2dyl4u%2FDr1Wb7xh2mYJ17Wkn5pGRLOERqZJv5jbfoxVGlqJQNYGgYuKQTmL1Rw130BohI7LQlqrT9YeWcoFh9gS2kExOGtCPHUKtE0IUWwzcemu7gcvHu%2BUVHjOACDv2Ty"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d91a16a69169bef-FRA
expires
Mon, 19 Jun 2023 06:56:06 GMT
cshow.php
www.awin1.com/ Frame 98FB 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=3a274e0e7bfba0a8fbb3b6b745060901%2F12932167818892883361&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687071366683&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.218.19 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Jun 2023 06:56:06 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 98FB 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=3a274e0e7bfba0a8fbb3b6b745060901%2F12932167818892883361&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687071366683&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1592317
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YjF93hvdXD1h3Qvb3CDJIyCZMAKhlJL2USdIh17X55CDGsbckjIiC0En7pJjPcPm7gqt8MICNYnqdI38aeWUE5LxQHC%2FrcvGEUpIRmxLL1oYsGD4%2FCO9wTNtRXR2Oo4CQPaLmq3YBaHNVU%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d91a16a69199bef-FRA
expires
Mon, 19 Jun 2023 06:56:06 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 98FB 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=3a274e0e7bfba0a8fbb3b6b745060901%2F12932167818892883361&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687071366683&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
128312
cf-polished
qual=85, origFmt=jpeg, origSize=133780
alt-svc
h3=":443"; ma=86400
content-length
28740
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92TpwovZxOzlsvS0jOeCOIop996yFQg320u3Y%2FatVDSgX0STE%2BLQgjyrYQhFicKLYi0iaV%2FEo5oXSHX0s5PVRJxl3VZRzgb3d%2BHLhxeW30cBV6EiBqvq3U0a3HqB2eVqLHnOtL8HhQFvUDwH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d91a16a691c9bef-FRA
expires
Mon, 19 Jun 2023 06:56:06 GMT
cshow.php
www.awin1.com/ Frame 98FB 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=3a274e0e7bfba0a8fbb3b6b745060901%2F12932167818892883361&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687071366683&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.218.19 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Jun 2023 06:56:06 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A1EB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1BS9S2k5lSN5CGbGoWdhYGqwCbthhSWCTpOBgugmjlUM63QPpxvyzjZzwU-JMh_SfLIJz5PE4FWC5RC3pG6zOVeLcS8WAAmnMFsy84_TO84iT0ybdAPUnc2ix8LVcHCSaTxlssB28-2Ta&sai=AMfl-YS8Dtb9DsZ-lx_tmQUF5VRV6bAkYq0bG5uGtf80O_X6189pSYPQt-i_27c_9FEji0500yfdCHdIui4XbqenxVnKYMS2ASrk297pe9meFhw2f46qZXQdq4bTq_E&sig=Cg0ArKJSzNi4hBsCn7eeEAE&cid=CAQSOwBygQiDlZ4EcC7DXn7Kf3RZdPm6yjAXJvNO7-OrhgEi-1LtaOk3SCHhszK7UoLzao9CR2LAJGjgKZw3GAE&id=lidar2&mcvt=1012&p=0,119,40,160&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3299242717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687071364910&rpt=665&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
link.html
track.webgains.com/ Frame 98FB 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jc4vfc9bfxqc1ten1cbsynqjbadkxwmzwjf9z9s99yp1f7hmsrgkp7cf4kp7ssr3a96fcssd1yj1ekac5ttn4x8y5akwx4x7tqwk32n5tsa0bk625kavtw5awpqgjrg6yfn7we0rf2mz956zac7rtf35arqbvx4n0x20cqpn333gzcepf83z9bg9z5xxahmjc6v9abhka2b4tk4pyhc14ad1hcmfk4ynvzskdxh61prp334nznzzz7dd4tz0ydf738qc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=3a274e0e7bfba0a8fbb3b6b745060901%2F12932167818892883361&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687071366683&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.176.98 -, , ASN (),
Reverse DNS
Software
nginx / PHP/7.4.26
Resource Hash
7603ff1b892402e5aba1f9a28282fcbed65f6560157b106aea2859075cddd79b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:06 GMT
last-modified
Sun, 18 Jun 2023 06:56:06 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sun, 18 Jun 2023 06:57:06 GMT
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame FB23 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 10:41:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
159274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 10:41:32 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 755F 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=gDHo5EdhSo&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:53:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1840
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 11:00:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 07:08:46 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 755F 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=gDHo5EdhSo&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:50:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
312
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 07:05:54 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 755F 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=gDHo5EdhSo&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
784
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 06:58:02 GMT
NH_D_EU_Venice-Arcades-Indian_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 755F 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_EU_Venice-Arcades-Indian_728x90.jpg
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f9737142213941f3ca66450a4d1860a32f809bbbb301dd8493f20452e0b5644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=gDHo5EdhSo&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:48:46 GMT
x-content-type-options
nosniff
age
440
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49020
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 07:38:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 07:03:46 GMT
6363a944e4b0125bde9e6739
ng.virgul.com/tck/i_vb2/ Frame ECAD 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/6363a944e4b0125bde9e6739?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1687071366929&userId=vnetdb434659-d2e9-4998-bd13-077019ab973e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 18 Jun 2023 06:56:06 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame ECAD 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1687071366929&userId=vnetdb434659-d2e9-4998-bd13-077019ab973e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 18 Jun 2023 06:56:06 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame ECAD 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1687071366929&userId=vnetdb434659-d2e9-4998-bd13-077019ab973e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 18 Jun 2023 06:56:06 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame ECAD 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1687071366929&userId=vnetdb434659-d2e9-4998-bd13-077019ab973e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 18 Jun 2023 06:56:06 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 755F 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=gDHo5EdhSo&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:54:31 GMT
x-content-type-options
nosniff
age
95
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 07:09:31 GMT
pvClk.min.js
analytics.webgains.io/ Frame 98FB 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jc4vfc9bfxqc1ten1cbsynqjbadkxwmzwjf9z9s99yp1f7hmsrgkp7cf4kp7ssr3a96fcssd1yj1ekac5ttn4x8y5akwx4x7tqwk32n5tsa0bk625kavtw5awpqgjrg6yfn7we0rf2mz956zac7rtf35arqbvx4n0x20cqpn333gzcepf83z9bg9z5xxahmjc6v9abhka2b4tk4pyhc14ad1hcmfk4ynvzskdxh61prp334nznzzz7dd4tz0ydf738qc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.8 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 07:54:52 GMT
content-encoding
gzip
via
1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
82875
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
nO4w7QTpGQJGzBQN41ZDBwk0T3G1_OAN-ZglxqUHeE2t-3nXgYNfzg==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 98FB 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1687071666&Signature=e5Rr~yjbMvQFYDdJXczKk9dUprQ0a0DcOwdb3879N5xApWaWHYIMM8S172CUy612MnrLE3obCAReVJxizuqenDeBbH2A7a2HCPueIyjAWMQ-0yQhsPL2fXkpVSw2YKEUGiTDDuoWLrIZBdtqeHxbs-4y5eANgcC-LPnRDembLx~mRsjulAsQqmA5I3JxhkHonM~Kihpgco01W22gvBiR2pxkDi6A~PRoDea7llbXfYA86hdJiCM8cbHQ5pDnNnsrRm6~GsggxFMwWYjcMGAWOzT8oV5OzmQuLESofX4W5RUVX7VOVBWJK5QcwGxgDNQnloqmNx-hh0qjrnoFFjIgog__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=3a274e0e7bfba0a8fbb3b6b745060901%2F12932167818892883361&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687071366683&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.94 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 18 Jun 2023 03:54:55 GMT
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
10873
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
QGdDkxfk-eIAz0iWOKTS7UBoUDZ8d6WzglWg2VtQjZWPKZZQ6LT6Dg==
generate_204
tpc.googlesyndication.com/ Frame F814 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TQaMDA
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame ECAD 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306130101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d826950f2e75dedc1d1c7b60f8f52918e88fcf81548333584cc546cd70fd1ba6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11217
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame ECAD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 06:56:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E02C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
37181
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Jun 2023 20:36:26 GMT
expires
Sun, 16 Jun 2024 20:36:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9CAF 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b6460491a750c7a1d91107d6222a1bd830deccdaeb5d57ef141eba120bc5a021
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QlZ2okUWhacY0TzscNj-TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-QlZ2okUWhacY0TzscNj-TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 18 Jun 2023 06:56:07 GMT
expires
Sun, 18 Jun 2023 06:56:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
pagead2.googlesyndication.com/bg/ Frame E02C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 10:41:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
159275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 10:41:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 35D0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=607040779891&version=m202301230201&ct=76&x=1&cor=9080684888668259000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A1EB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8828466252687&version=m202301230201&ct=76&x=1&cor=2354334845996096500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9CAF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306130101&jk=1888609161828692&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E02C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?xO9EEg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 06:56:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame ECAD 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1687071363658&userId=vnetdb434659-d2e9-4998-bd13-077019ab973e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Sun, 18 Jun 2023 06:56:07 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
gen_204
pagead2.googlesyndication.com/pagead/ Frame D379 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1258818796452&version=m202301230201&ct=76&x=1&cor=14093905988457042000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 06:56:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| cloakan string| data object| xmlHttp number| data2 string| hash object| ifrm

32 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUmrtXforjh3r6ZnCNp_FVmGLQDa50q3mVJ1N7prCdh283BezqWe9n-NyOXRu0E
.casalemedia.com/ Name: CMID
Value: ZI6qhWsrOhSQBRTpGvL7PAAA
.casalemedia.com/ Name: CMPS
Value: 5266
.casalemedia.com/ Name: CMPRO
Value: 5266
.adnxs.com/ Name: uuid2
Value: 8603872878521083870
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb<qOaey!@wnfH8K6pQK`!5=E<*L5?%KF840^b/[JR#hg4Xx7NS'X0g:Ed?T@cN]xMqx%nugO%v4VB%nngm*92Du
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: DSID
Value: NO_DATA
.quantserve.com/ Name: d
Value: EBABCQGhKYEA
.quantserve.com/ Name: mc
Value: 648eaa85-aa5df-14e78-7d298
.mathtag.com/ Name: mt_mop
Value: 4:1687071366
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.de17a.com/ Name: guid
Value: 1.6543119766531971442
.adform.net/ Name: C
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-bf138026-ce02-4e53-a4ae-e7fc7e34c707-003%22%7D
.3lift.com/ Name: tluid
Value: 2363127801915398227332
.adfarm1.adition.com/ Name: UserID1
Value: 7245916338718898316
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 182B5535-73AC-4975-B507-4283FD1EFEFB
.adform.net/ Name: uid
Value: 2974580169185474747
.ctnsnet.com/ Name: gid_CAESEI0V4cvf-SndHxILSmjrftw
Value: 1
.ctnsnet.com/ Name: cid_37ee289bc5aa49559d009ede63fa5408
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBIWqjmQCEJU7KrMla6t7CzETpehK-JMFEgEBAQH8j2SYZAAAAAAA_eMAAA&S=AQAAAgBpn97LPRcUV_91OSBN3V0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-bf138026-ce02-4e53-a4ae-e7fc7e34c707-003%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: aDnoeUrwZayrQXwrURWeQip3aUW0Su3PFUtJCA8ti
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZI6qhQAFdsRWEQBR
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~2ca6
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:

11 Console Messages

Source Level URL
Text
network error URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript error URL: https://ye-mek.net/(Line 39)
Message:
Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x69807j0b5.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687071363898&bpp=3&bdt=849&idt=268&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&nras=1&correlator=2698482455062&frm=24&ife=1&pv=2&ga_vid=1925791966.1687071364&ga_sid=1687071364&ga_hid=1954295779&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44792108%2C44759876%2C44759927%2C31071756%2C44788442&oid=2&pvsid=1888609161828692&tmod=400041023&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.mx6u2di5cjhw&fsb=1&dtd=279
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://as.ad4m.at/ad/dr?ed=1k5tcbar52gbcws2r9b2jzx9y6yje9q2a2asrxz69qtg37exq1c887hg8de2z9w8kct64e01c1ae6jss8eg1y60n2bh5kk7q3wpkpykb5sas3r8c6c10bhbkzw2m820vxgmgr7h3y3fe9favyangyst63r9zre5a1exr1z14fj0jzk8ttvkfndmth2dks09t0wzhby3btwygz9kzsg0k5kypw5p6nkb70phqnsvdfeahbtch2rep8x3egzwqs9g1v3v4gc2pbfsc5ry2d5j3wt36r3x0mamra18k0fg1811gc6xtp35v00r3t5wfyfmqx29yxmznfjwvy5ebc6etckmpqkxjr2b6c1ewprxk1bvfs41zp80d8r95bmqpw676jbe17rcjeaym35kkcc0rz4dsbgfkk4dd3dk122p6esnp93nzbf02bcjaehdkqzwte9zy625q8g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%26client%3Dca-pub-6593523210010154%26adurl%3D
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=3a274e0e7bfba0a8fbb3b6b745060901%2F12932167818892883361&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1687071366683&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hqe8g4csdbv63ztza4nkwtnsr11h3brx2yq31zvztm213eysg6kr8rfw69bh94qwa0gpamvksytvwqabwrzygmy0vqe0de3023mny4zgscqcbvrz6zmxp82pp0hcct67wbwaqjmc095nzzfe12jz7zb2bdzfzt1vdfykvjv2xke9fnsgga80hghdgb0fdh8xka66v9zqcz9ga0wasdfpzk3ffbhdvj4m0kdvrf04k7m0dgpv7t153gs1vh8m0abqgygz2g86hr6qf4yw3ffkxd890%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2tN7haqOZMb-DInZ3wPP_Y2AA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAnH8qUpKWbI-qAMBqgSxAU_QNXuB1MRYsoi1TBxDsRp56_tbqtejHapfNgEg9Pv_F_3Asn3LG8s2hNelSQvpOPpJGVQt2aYt23yLti1NblozFmJEQT1vt38DGyLpbuYS_b1-P_vUG16IxgD6FYovWu_yw7mdTKhElKJGz-OL2nu5Ue5_1vNkToGpUMz93NJCCpeR9FdR8muh_VP2nmv3GIzKwMQGvxwDgb7QFPPrAvWDi8KdvMsG_f9YFwd5W6ZvyIAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0n5YJ2Y_9DeZXc3aWe50f908SD4Q%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

598f843be84be410c220c10fa6c7249f.safeframe.googlesyndication.com
a.tribalfusion.com
aax.amazon-adsystem.com
ad.turn.com
ad4m.at
ads.eu.criteo.com
adservice.google.com
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
as.ad4m.at
assets.ad4m.at
bid.g.doubleclick.net
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cat.nl3.eu.criteo.com
cdn.ampproject.org
cdn.doubleverify.com
cdn.track.production.webgains.team
cdn.ye-mek.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
csm.eu.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
m.exactag.com
ng.virgul.com
ng2.virgul.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pghub.io
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.adsafeprotected.com
static.criteo.net
static.virgul.com
sync-tm.everesttech.net
sync.1rx.io
sync.inmobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
track.webgains.com
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.cloakan.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ye-mek.net
104.102.35.84
104.75.88.126
108.138.36.8
130.211.44.5
141.95.98.64
142.250.186.130
151.101.194.49
151.139.128.10
172.217.16.194
178.250.1.6
18.66.181.233
185.29.132.245
185.64.190.78
185.7.176.221
185.80.39.216
185.86.138.151
185.89.210.101
20.127.253.7
20.60.220.36
2001:678:cb4:bbbb::11
213.155.156.183
216.239.32.3
216.52.2.91
23.212.218.19
2600:1901:0:76b9::
2600:1f13:800:7780:f77:9d61:9942:8164
2600:9000:2057:800:1b:5138:8a40:93a1
2600:9000:225b:1000:8:48e:53c0:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700::6812:19ad
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2006
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:26f0:6c00::210:ba19
2a02:6ea0:c700::11
2a02:fa8:8806:13::1370
2a03:2880:f084:d:face:b00c:0:3
2a05:d018:d29:3601:77de:ca3a:987:60cd
3.11.176.98
3.64.137.20
3.71.149.231
34.102.243.38
35.186.193.173
35.241.45.217
35.244.159.8
37.157.6.233
46.228.174.117
52.222.253.136
64.233.184.155
76.223.111.18
77.245.159.14
85.114.159.93
85.14.248.72
94.138.206.83
99.81.110.57
99.86.4.94
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00f3144b01e84e31eb08b2919a242a011735d97e954661e69536299b505af028
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
063f8f4e188f3fa9e65377bc04b667d77880ee000d6704882a8cfd0a61503421
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08ca9d4655083dfe571afe93a45f437954160d3790bfd7acdd118d3ca0bf6a6f
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0a5ab66434c4322d7b245f98e4a19100ad4c93bb8a9ecb5e261eaa7335a4a041
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
101470fcde40e5ad29c691a0cc4276b7e311972a8e02a684f19db29fd4698645
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143df4df7ef6db075122f1ff92dac0f5312486876a6201951477930c1d9883ea
187574c8a3cf0026b633b356842e03d60450be911027b697e9542a650d1049c8
1c67a7d5bd4eeea4dac61fdb402693f5ecce11630369d396bd6ec60516bda492
1e190fdf47cb7389e127605fc34bfb1bfc74281d5264501b79f2779008a2ae73
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
1fd48174b5d52189f68d8e4750ec5653340ad221d1491bd0d2a5c84ca5e0f8df
2207ae04d57fe0831896d5659843730d0234c7e7be605112a82ad42bc971d590
222cd4caabf2a0613dc6189df5fcf351899d8e1e891cbf6223b7d31ec701f55d
22fb5b0df795b4084882ef226c87823477476927bd5e3462db1db36f30bdcaf1
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
2aef5c7d8e9b4b3a34eef7c9c6f7e166ae691735c8057abdd57f67ddd4e69a20
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2b75e7c7d47eb17dfdaaa5716ca7e5a0f784d50226c330e6249ea38cf097491f
2bd86bfe685757ea2e9479089b69e21aae29a65856dbf161bccb48a18ae73d45
2d3ebc5963c3ba449fc6f11b2d5ac883abaf7dbc046ac7c1b267518e0ca5fa27
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eac5014c6a4d3caaf4a4ad525637c9033c42a9263bdf85df1649f768f84f0b6
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30bf458f10efd6425384a778db3797a4a3e045d9062684d32dd854e55af146b6
3161f812469fd0552b9863a8bf904c86342db3208368ef4460329fe5fc2f8863
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
356c56bea84a734eb3d9ba35c635c23835a65d1c3d9334d542cc49ad6f8c9275
373fdc72302b14cbf15f4fd5cc4378c62b0d444b480f02d7bc6d3370799b9bef
3af38e80486b9e7fca4521ee5c9ab0a05f346e10d5739bf2e2f026a3d3c07170
3b9b5991359e2cdfa8e276e9bf55663197a66994517e9bb9b1f7919f99fa066d
3d1be7afb3606c1dbff0d3410acf5f2d6423c7732967e605668d4ec1f30db333
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3dbe523940419cf1e82fbddd67e32fb86055a0cc5c1943e717d4e3f6500c3dd4
3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab
3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
43eac73630e0626c59c7a0687cc40e4348a75296f87c479a2f1797aba1cf4461
444d13abe4c68dd55ae700dde040602d788ddfa47daa706531fd7e54be7d712f
45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9
458fdd5f817b3ea37577635c1756da747f9329f5dde55faa47289c3e2b613e61
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f0e1ce5f1bc9e08e3dc864c6d65fb7bde761cdde2e8ca86780c539991badf5
47a31dcc8145cda5077f9e148f349dc3efa073e864648d0608e5f5b6abbcfb3d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d20d5a7aeb3f2bde3e200ad4c83c0584ee15fe4036d7b9e7a1f5253649906ea
4d58ffd6c1a138ba5a0ac17c16e0c3825fc0ff03cebeca70dd8cae5351faf16a
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505c82241812470854d47dbfda8144e5326b3264363a233e75efced811a1a3e1
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57a835c5d836b1cf5fa67347fc236c0f29253d86d07a7169204e7be865979f09
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
58ad2fcae9a30475cee93b2f3eff7a4030a9c92b854d0c5d1e565fcd27d6b91a
5a890b96bb00fd6a96f4b5e43fa646fb4b331d9c55b88bf6ca5dafd2bf1bf184
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f5363951377eaa801941089dd9c8f0945f06e4cef15332178bc688c0b3ecf5a
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624c4aa3137a5db9699eab8eecb5b285928af2b8c27977903f5658ab62e911c6
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
63993f897df6ee5a2dd577c13bf70998f1b15da58fc0965713fdad54826fdbba
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
680026f318b1fd16bc8e7b24ba4e32073bc98978f5bd67f19c1b30019a6decf0
691257cf7d510da3434f5eedca2b2e0137949c698e3750c7705526a1ee75684c
6a5c3836f01af05b52f926264495b7bac8dcef94acc6cfdbb3fbfa5054e941d8
6a7236c859d6491548dcc21f41adf62f1ce3698c7a2bd60f9300634048de0c93
6a9fd7ff0df2190e0549badffbecc3cf1e3abf802b3e8906fd8eb34cde4c0898
6af0e96e4358084cab3d271a7b82bbee2ffbfe90d3e97ed708dd69a4c5e52e80
6bc3d03f9d36b00c7c9e9480dc420908aaba03af664e60c3e09a12cc530a7436
6c6d900511c502a6d0b97a298ecab07040eb48a8756ec785beddb35006825f0a
6ce801c9b5a18d6e9a2b6914f7fcbb927cacf7199e21c2318ac42e594102e2a1
6e517f1f2da440c36103d61ae698974db84ded6b3ac8635a8c24d8ac8652c10d
72dff61a3e511bd5f6a34f4339d6529e3aa3a1e638b6bdf657a50cd71c8491da
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
751fb681f54d257d1e40ec453a64608224a9862491da12791310bdeb0c1d8a2a
75a654ce513996dc8f544619cc1c99b2361261bb6f38d51c619833d68d0a6a72
7603ff1b892402e5aba1f9a28282fcbed65f6560157b106aea2859075cddd79b
773efc86ce2fb9e38f71088338e92843749f32e64c0531a3096a295e66547141
78fd4a354423c85d1642848f4b080b013d5665cd01de872eda7230be0bb90357
7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
7d7862e6fbf2d69229da6a29919581daccb5fda185e6d92171147b42184eb460
7e10c75356ec658e2f2fb4a409b04977fca9251f009aa4518d20c96ee4cf3440
7f9737142213941f3ca66450a4d1860a32f809bbbb301dd8493f20452e0b5644
7fd291cd721a9eb1d02b69bbd49d6af1278f75be772d7f9955707f28fa603792
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
822511e83f8f0a91a794447e76b86cbe86ec23663f925f814dfbe9d3d859e85a
84e28969b50a98f8b0bfd1611008743300caaf54456d58bdce4b4129d56f3bc5
87c358def23762058a009020a81df8b1bf53a3cd5719752154dcea919c50706a
881213f5bf14adc34da1277be8dc17816579af33fb0ec4553a82b050e3ca216c
8990457a21f00804abdc26242cb7578ea076b5335db917456905022b2100a921
8abb9a7c59de697a9a80bc1d7c9d66d498f3373d9446130ea659c880dad364c7
9101720b593b89b811e53673543084fff4dff6e152241aaaeb167b185115f3cd
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
999c7f8b19c0a79c9fd14d0352ddc2d8341c0f385421c511edac6257e1566690
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
9eb13e0b19e9402cfa8b657698f30b802713a6ee217db3a7c90303092e6a74dc
9ecf549285abace95d82b3cb5ce900eb913f0933adecfb219323cfeb5cab342f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a21e2791ae5aa966afa16caf7621a56f950251668170cac0fadefbc0f402124c
a22f1ee12d1ed2bc67689df2690860340fd42776502ada33084a412bd06cd819
a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a3935d62c8753d9a1c063a77f799850f139b8f9b2899b3005e7169e2fb65b9c0
a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c
a498ff757038abe0601ed0855c1b760ee237e42f5c40b97e936dc057e1970762
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
aa39d2bba826f80fa31ea3957638a7ecefca1d5c40b14edcd098e0a3fdafdcef
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac2429c9dd60bbe0eeab4fb4322667db2a3566125b4a1d772c488381de05b9e6
ac3e109905fddd5211e7629764b013918ceb389e938761e1aeed5f456e4d5100
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04a746abda474a89f1628881bb939cd58f7152f2b0237adb82a0879cfbfa382
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
b438fcb0b6409866bcf245a57397590528a9db351cceb09953f27f9105069895
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6460491a750c7a1d91107d6222a1bd830deccdaeb5d57ef141eba120bc5a021
baefdc23f1f5415436ac0c756fbb8489bd02c4570dc9bb19d1ec1f88aa3519a6
bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a
bb8b1178b759a87b00aa44abf1019c82e9df19b6059f1761c4646b3d470a7f01
bd4fb6b6eb861abafa9e49a562d9e2621962d56c2d9698745abba5a6383ba755
bd5dbcd6157119b8381ccd9d4af3aed1bae1c2afa1f114c980113ba05b0b191f
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c
bead47bb08af73c61c4d920ed428af54cc8582bf2c69e9b8f7ffcc01bac902fb
c05fb2c2bc701654f036a32a831405bb166f0d6dcdeb1d02d965abb580d93c75
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c6dea53578e20163a028d16e7155dd9796ed8c98ac2a5c1a5b15f78d50c59969
caa3c8e065ebed1584f4d19268711f4253dac01f4d46a503a80d4fe64eaf6bf1
cc768907a13ed8d1731eea6ea6d8feeab05c62f17dbd7bcd97b8bc6b03994fb7
ce3cf09c371f16e84cd9db5935613c3c8eeb5b5cf14511fa484818c7282cf5fb
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2910edc03b089aad72e3858373f35c82784d56372c6c3b0cf2abead2697862c
d3c70a5ecb1b5c16ddff716d6a83d189efa57a07c4210acf01c978093e3a80eb
d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f
d63bdd4e02d52f5d85a7853ee58684729ce320a2ed6936734d004c2a0e93e273
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d77eea56e7599c32b64635a7499fceffb58445fdeda265bf0eb2e9d02869e927
d826950f2e75dedc1d1c7b60f8f52918e88fcf81548333584cc546cd70fd1ba6
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
db35ac8ee2c3638909664abccc24d8f21ed9ac2cc1e633ae7e677d0f147f5084
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc
dc0149f4dea4ee8fae84a60bcbcf4e14f35a5996c4602d7f8860e4b4266778bd
de67caa68089fe4c0bd2b58459817273318bb5090db4d8f590b601072dba7be9
de828c1de3b057a2132f7e790523411695d4c0189b0eaeb5f0f4f3d92462a540
dfada1f1e29812e88fab5265168ccf013f402811c42a1dd9c868c39b8679694a
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e28786e68ee9365dbc5f4b39fa49358367e4371322c7bfc70f7b016e7cfed3
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e83e8632256c5072bcc9d126fd31fc4e8bfa323231f1d212e745dab97d90895c
e8cd9f7f932e502b97e7ebd1194ba28e4b5a441b6100a07a09a6c02f102c8b55
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
e9fa3835f791662d1582515fbdcc5fdcfd09154c65b6522c65bdf7faf97c0124
ea0a8843e493c4d2edf4e344d7238a43c48c43fa8d5d0ab97a94a48f73255300
ea8dafa4f284f554e2b11152a0dec1bf77ad06747bf600c734c427ecf7b631a7
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24746296af7af2e912a763c913494be293d41c5528df7b39561e5887407c84d
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f74a971771bbed56a13238f100e81152d4e14e3efb0a3da5772340955160f5d6
fb578159169bb38173ca68b7f9ce061b18af4e4e6724bf3c9c3e745cc954f177
fc265e13cdd917dcae8970394dcba2f0954530ac4b31bacf52191c45b9d46173
fd5bb4d2d15db4d9dd6a46041aedba1055b3b9a64d08aa66003fd35d42da4f8f
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
ff8d5f7ef5edd0eabaff1c87e64a56682d3d2f8c952dc42f3ad4e5cb1d3c9f8b