pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Submission: On June 05 via api (June 5th 2023, 4:54:33 pm UTC) from TR — Scanned from DE

Summary HTTP 327 Redirects Behaviour Indicators

Summary

This website contacted 65 IPs in 8 countries across 57 domains to perform 327 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
2	94.138.206.83 94.138.206.83	49126 (AS49126) (AS49126)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
40	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	184.30.16.120 184.30.16.120	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
19	185.7.176.223 185.7.176.223	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
15	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	52.222.181.100 52.222.181.100	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.125.195.44 3.125.195.44	16509 (AMAZON-02) (AMAZON-02)
6	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
3 7	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	85.111.6.48 85.111.6.48	9121 (TTNET) (TTNET)
2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.7.176.222 185.7.176.222	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3 12	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7 24	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.168.49.43 18.168.49.43	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	52.85.92.55 52.85.92.55	() ()
1	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2 4	54.246.82.89 54.246.82.89	() ()
5 9	185.80.39.216 185.80.39.216	() ()
6	2600:9000:223... 2600:9000:223f:f400:8:48e:53c0:93a1	() ()
9	2600:1f13:800... 2600:1f13:800:7781:cb7c:335e:4faa:1c54	() ()
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
1 1	185.29.132.245 185.29.132.245	() ()
2 2	37.157.4.25 37.157.4.25	() ()
1 1	51.89.9.254 51.89.9.254	() ()
1 1	20.127.253.7 20.127.253.7	() ()
1	162.19.138.119 162.19.138.119	() ()
3 3	18.185.140.51 18.185.140.51	() ()
2 2	52.49.34.214 52.49.34.214	() ()
2 2	52.208.60.203 52.208.60.203	() ()
3 3	213.19.147.44 213.19.147.44	() ()
2 2	76.223.111.18 76.223.111.18	() ()
2 2	3.75.62.37 3.75.62.37	() ()
1 1	185.89.210.20 185.89.210.20	() ()
2	3.8.42.199 3.8.42.199	() ()
327	65

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)

ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.16.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-120.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.181.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-181-100.ham50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.195.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-195-44.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.210.122 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns2.ttidc.com.tr

cpm.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.186.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.168.49.43 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-49-43.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.92.55 (None, )

ASN- ()

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.246.82.89 (None, ) 2 redirects

ASN- ()

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.80.39.216 (None, ) 5 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223f:f400:8:48e:53c0:93a1 (None, )

ASN- ()

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f13:800:7781:cb7c:335e:4faa:1c54 (None, )

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.25 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (None, ) 1 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (None, ) 1 redirects

ASN- ()

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.140.51 (None, ) 3 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.34.214 (None, ) 2 redirects

ASN- ()

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.60.203 (None, ) 2 redirects

ASN- ()

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (None, ) 3 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (None, ) 2 redirects

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (None, ) 2 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.20 (None, ) 1 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.8.42.199 (None, )

ASN- ()

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	628 KB
51	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221 googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 cm.g.doubleclick.net — Cisco Umbrella Rank: 231	287 KB
42	ye-mek.net ye-mek.net — Cisco Umbrella Rank: 437805 cdn.ye-mek.net	618 KB
20	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 366	435 KB
19	adsafeprotected.com 2 redirects fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	233 KB
19	virgul.com static.virgul.com — Cisco Umbrella Rank: 56516 ng.virgul.com — Cisco Umbrella Rank: 49823 ng2.virgul.com — Cisco Umbrella Rank: 54223	231 KB
16	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 3	2 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 27106 ad4m.at — Cisco Umbrella Rank: 9491 assets.ad4m.at — Cisco Umbrella Rank: 43882	706 KB
9	casalemedia.com 5 redirects dsum-sec.casalemedia.com ssum-sec.casalemedia.com	6 KB
8	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 239 secure.adnxs.com	9 KB
7	rubiconproject.com prebid-server.rubiconproject.com — Cisco Umbrella Rank: 975 fastlane.rubiconproject.com — Cisco Umbrella Rank: 523	10 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 398 imasdk.googleapis.com — Cisco Umbrella Rank: 486 fonts.googleapis.com — Cisco Umbrella Rank: 66	159 KB
5	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 748 dis.criteo.com — Cisco Umbrella Rank: 587 gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2331	8 KB
4	gstatic.com fonts.gstatic.com	134 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	213 KB
4	adform.net 2 redirects adx.adform.net — Cisco Umbrella Rank: 4102 c1.adform.net	2 KB
4	programattik.com cpm.programattik.com — Cisco Umbrella Rank: 52678	565 B
4	google.de adservice.google.de — Cisco Umbrella Rank: 8155	940 B
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 348 aax.amazon-adsystem.com — Cisco Umbrella Rank: 440	60 KB
4	windows.net pcloak.blob.core.windows.net	3 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	webgains.io analytics.webgains.io api.webgains.io	31 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1494 mp.4dex.io — Cisco Umbrella Rank: 2461	25 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	798 B
2	3lift.com 2 redirects eb2.3lift.com	956 B
2	1rx.io 2 redirects sync.1rx.io	2 KB
2	360yield.com 2 redirects match.360yield.com	811 B
2	avct.cloud 2 redirects ads.avct.cloud	1 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	869 B
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 16544	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 569	59 KB
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 2034	571 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 808 s.tribalfusion.com — Cisco Umbrella Rank: 2005	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3164	207 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 149238 static-de.ad4mat.net — Cisco Umbrella Rank: 199940	4 KB
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 93434	131 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 1962 feed.pghub.io — Cisco Umbrella Rank: 8248	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	89 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 12805	6 KB
2	cloakan.co www.cloakan.co	1 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	574 B
1	id5-sync.com id5-sync.com	1 KB
1	inmobi.com 1 redirects sync.inmobi.com	710 B
1	onetag-sys.com 1 redirects onetag-sys.com	335 B
1	mathtag.com 1 redirects sync.mathtag.com	870 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 64647	15 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 34840	2 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 692	98 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 870	715 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 773	465 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1450	377 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 718	397 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 541	112 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2020
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	47 KB
0	emxdgt.com Failed hb.emxdgt.com Failed
327	57

	Domain	Requested by
40	cdn.ye-mek.net	ye-mek.net cdn.ye-mek.net
32	tpc.googlesyndication.com	ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com pcloak.blob.core.windows.net ye-mek.net cdn.ampproject.org
31	pagead2.googlesyndication.com	static.virgul.com pagead2.googlesyndication.com ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com pcloak.blob.core.windows.net www.googletagservices.com
24	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com pcloak.blob.core.windows.net
20	cdn.ampproject.org	securepubads.g.doubleclick.net
15	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com www.googletagservices.com ye-mek.net
12	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com ye-mek.net ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com pcloak.blob.core.windows.net ye-mek.net
9	dt.adsafeprotected.com	ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com pcloak.blob.core.windows.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	ng.virgul.com	static.virgul.com ye-mek.net pcloak.blob.core.windows.net
7	ib.adnxs.com	3 redirects static.virgul.com googleads.g.doubleclick.net
7	static.virgul.com	ye-mek.net static.virgul.com pcloak.blob.core.windows.net
6	static.adsafeprotected.com	ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
6	assets.ad4m.at	as.ad4m.at
6	fastlane.rubiconproject.com	static.virgul.com
4	fw.adsafeprotected.com	2 redirects ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	securepubads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	ng2.virgul.com	ye-mek.net pcloak.blob.core.windows.net
4	www.googletagservices.com	ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	cpm.programattik.com	static.virgul.com
4	ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	x.bidswitch.net	3 redirects
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
2	api.webgains.io	analytics.webgains.io
2	ups.analytics.yahoo.com	2 redirects
2	eb2.3lift.com	2 redirects
2	sync.1rx.io	2 redirects
2	match.360yield.com	2 redirects
2	ads.avct.cloud	2 redirects
2	c1.adform.net	2 redirects
2	www.awin1.com	as.ad4m.at
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	static.virgul.com static.criteo.net
2	tr.blismedia.com	1 redirects googleads.g.doubleclick.net
2	dclk-match.dotomi.com	googleads.g.doubleclick.net ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
2	adx.adform.net	static.virgul.com
2	script.4dex.io	static.virgul.com script.4dex.io
2	connect.facebook.net	ye-mek.net connect.facebook.net
2	images.dmca.com	ye-mek.net
2	ye-mek.net	www.cloakan.co ye-mek.net
2	www.cloakan.co	pcloak.blob.core.windows.net
1	secure.adnxs.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	id5-sync.com	pcloak.blob.core.windows.net
1	sync.inmobi.com	1 redirects
1	onetag-sys.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	sync.mathtag.com	1 redirects
1	r.turn.com	ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	mug.criteo.com	pcloak.blob.core.windows.net
1	static-de.ad4mat.net	as.ad4m.at
1	dis.criteo.com	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	pcloak.blob.core.windows.net
1	a.tribalfusion.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	imasdk.googleapis.com	c1.imgiz.com
1	feed.pghub.io	pghub.io
1	mp.4dex.io	static.virgul.com
1	a.teads.tv	static.virgul.com
1	ap.lijit.com	static.virgul.com
1	hbopenbid.pubmatic.com	static.virgul.com
1	prebid-server.rubiconproject.com	static.virgul.com
1	bidder.criteo.com	static.virgul.com
1	pghub.io	static.virgul.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	www.google-analytics.com	www.googletagmanager.com
1	s7.addthis.com	ye-mek.net
1	www.googletagmanager.com	ye-mek.net
1	ajax.googleapis.com	ye-mek.net
0	hb.emxdgt.com Failed	static.virgul.com
327	85

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
www.ye-mek.net RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-29` - `2023-07-07`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
1099124734.rsc.cdn77.org R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
images.dmca.com R3	`2023-05-13` - `2023-08-11`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-09-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-15` - `2023-06-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.programattik.com GeoTrust RSA CA 2018	`2022-10-25` - `2023-10-25`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-31` - `2023-08-31`	a year	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-27` - `2023-09-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-06-04` - `2023-09-02`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Frame ID: 6103FB0ACFB50B737543F9E5E00B9FBC
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: 11BAD9EF89B1A3C85DFB5B0C85AD7608
Requests: 121 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 010FC5FBE95FE43E5E3167A17608E538
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html
Frame ID: 58A7985110FD68739AD6D984D8BE0176
Requests: 1 HTTP requests in this frame

Frame: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 828222ED663CA13BF30274C036189367
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 2E31C733FF806677359C3F5F7E5D4B08
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685984069108&bpp=3&bdt=746&idt=245&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&nras=1&correlator=4273565171847&frm=24&ife=1&pv=2&ga_vid=2108588104.1685984069&ga_sid=1685984069&ga_hid=431588719&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31074198%2C31074580%2C44785292%2C44788441&oid=2&pvsid=260274777520877&tmod=370842348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.7ad3wz7fe0fv&fsb=1&dtd=261
Frame ID: C84FCB912095242280052F79CD827E9B
Requests: 1 HTTP requests in this frame

Frame: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: AD396B460ED74030E9C2E4445F1B37E2
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685984069923&bpp=8&bdt=91&idt=260&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&nras=1&correlator=3525878555178&frm=8&ife=1&pv=2&ga_vid=898662593.1685984070&ga_sid=1685984070&ga_hid=1715336396&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1228059428&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074198%2C31074990%2C42531706%2C44788442%2C31061690&oid=2&pvsid=2628914133262026&tmod=1170838230&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.qiawz9mto4ef&fsb=1&dtd=288
Frame ID: 40F5D9319206A11C47D2461CBA1844D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685984069931&bpp=2&bdt=99&idt=287&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3525878555178&frm=8&ife=1&pv=1&ga_vid=898662593.1685984070&ga_sid=1685984070&ga_hid=1715336396&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1228059428&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074198%2C31074990%2C42531706%2C44788442%2C31061690&oid=2&pvsid=2628914133262026&tmod=1170838230&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.a18k6d12addk&fsb=1&dtd=291
Frame ID: 430B0F1040A49C0F28C782FB01E9667F
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hq22wm0tg70b4qw183ey6afbt4ps0xvq6xnr8hbftq0m6wa60vb81m2z0dwzfsrha6dg5ycyge1dx4zkn0t4evkpxtren2w9kk2a84s7pta1df3m4nzqfnb7v5f0xhjx6rsac09kc8ddj43v40te3q7sbcdwhyw1gsf89h31vyv9vfqefehwrmt4q8v4tpq1k9asjqpsc2qsn6k31jc1jxm320fy9585b875wwbzqst8xh26kqsg8rnxmfwn4cnem455ea7by4axzq5b3mqvvetsgeedf147vhfjeth6bddpqa4c5zngt8m9a6b6d9ranrzgjnsdfwt9chgv0dvv3gatxpb5zwqa05dq54gpsrz1txh8rnt593h5y30a5kd1bebax5dtwq5k6fjpe6rq5bvzy6vymftkpw4a28cgtjy66sxntvvdszbnhxt9d8p94h3bj2f7r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: 814D44A1480BDEC33176C7DAEBF0A679
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CFA768EF58DD982411945B128FCD8641
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D6193C090D8FE616E89D5E8B82DE2215
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: EEDB3DD9DC736EAD038A43FA3863879A
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2ab03750c7968da47e1573cd8d172faa%2F9086229262986773378&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685984070891&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kdp4eea03rje118v4xc895e707nwmh2mf4j6ggk6p9gxhwp1pwycw1t61c7kgxqnj0v646qmd032aw8b4gwgh6zzy6jvn26f8szyb2kmkbgqhp71tkervpfzskqqeec9hbxmf1bhff0ra7ka1pce9c19p6kp3vr9a3jss2cyg9rg7b7n5kq6kp9b15bbxmgve0a4dt7wt14qwg4qeb838kbx0atk4bvhrjra19j1ekk0ay667v1jp41kah89zsgvcv7cg150rj3x2mhhsscmx3jq4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Frame ID: E63538430A3A209B19DE589DF5E58309
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 03CEF22056628689CC03306C86CCA653
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2C2D96C9FD758E1FB34713576A028230
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0FD0F2D90B1E621A6FB0503F64F8C3C0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 699C34B5A698092CE541094B3EAA4C13
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032305252018000/amp4ads-v0.mjs
Frame ID: 5FB441D1397390D54937AEEAD4DB6973
Requests: 16 HTTP requests in this frame

Frame: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 21BD92639967C0BB32786B69E954BC5F
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032305252018000/amp4ads-v0.mjs
Frame ID: BAC5A5579D8599D93838927D7CB0197D
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY64no4gEwAQ&v=APEucNXhUjEzcObg9Cz7qQkUjODLk21ikioTotjPyV45OJE0lfjSsWnsGXmID9xMG0WkmA5C18ra_5w4AAq5sTmhB_RP0EjhKb5WL0sgo3uP3ySLN5ioNIoyzq89Qtsn7G7rvmznH2H0DapysfJ00BnCVGqb6Wz_93L9nRyQdWiWQ1DewQz59oA
Frame ID: 82177A2445771A3A4447306AF38E7ECB
Requests: 5 HTTP requests in this frame

Frame: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 75D1028393C1A67E7551926C3C05AA70
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032305252018000/amp4ads-v0.mjs
Frame ID: 48AF24C58B1AB4B69D97F3BC1951B6BA
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032305252018000/amp4ads-v0.mjs
Frame ID: BCEAF981446F02A5F932A191FEEBD97C
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYiIzo4gEwAQ&v=APEucNVbr0iyJDBalRn8qgXaIuhkAxSsADp1zRw7dEQLWkeXCbZV9zQ-HB-U5a5FGc2AuHyeqB5WK0zFzAgkJ3hqi1sIiafTc5RfsXgHg5jDUw_mbicbNd4vzNTfor50noWdy-uWBdgQt7H1i3I9TQVIaQfBwewhfH16HQkXDFpSYi15WVRWNo8
Frame ID: FDEF88E659CF437051CB36DEC6B642EA
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7603A5B61FD7F2512997346ADCCAC5F8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3DA6860624BFC05356E0FA7FCC96BA78
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 86AABE8352480CC0CA0F2A3EFC004617
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8934965C1D056192396FBD3BD4896B32
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F8081965962D162AEB0D23B710A50085
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8B91A30D0BB07EBA7D6F133C8E7B4AE2
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

327
Requests

91 %
HTTPS

43 %
IPv6

57
Domains

85
Subdomains

65
IPs

8
Countries

4175 kB
Transfer

9866 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 133

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGSDPCMupWDaKU-N2sAHzHI&google_cver=1&google_push=ATf1kGO5l-04Bz3C0dl_Y7XpwgJNmFve9Teu2jLTD_mBFeBxxBHRF_yJZRta93L4Ao9bTcdn-wHbFi3Qu-9wVnaIQkizdN-uxKuO_rY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO5l-04Bz3C0dl_Y7XpwgJNmFve9Teu2jLTD_mBFeBxxBHRF_yJZRta93L4Ao9bTcdn-wHbFi3Qu-9wVnaIQkizdN-uxKuO_rY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGSDPCMupWDaKU-N2sAHzHI&google_cver=1&google_push=ATf1kGO5l-04Bz3C0dl_Y7XpwgJNmFve9Teu2jLTD_mBFeBxxBHRF_yJZRta93L4Ao9bTcdn-wHbFi3Qu-9wVnaIQkizdN-uxKuO_rY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO5l-04Bz3C0dl_Y7XpwgJNmFve9Teu2jLTD_mBFeBxxBHRF_yJZRta93L4Ao9bTcdn-wHbFi3Qu-9wVnaIQkizdN-uxKuO_rY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 134

https://um.simpli.fi/gp_match?google_gid=CAESEMmKVfF3hO2X30n-dr0jlV0&google_cver=1&google_push=ATf1kGO-p0Qe7HFWC-JeVG6f_p4VE00i3lwFOme4pWusEQX-2Ic53oIH_j0bkEMkuObcv2bDWhfi9I-QO1Ga0jSKwwMPt5DyMlyPUCo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EBB910D43EBE4C65834507AB2D312192&google_push=ATf1kGO-p0Qe7HFWC-JeVG6f_p4VE00i3lwFOme4pWusEQX-2Ic53oIH_j0bkEMkuObcv2bDWhfi9I-QO1Ga0jSKwwMPt5DyMlyPUCo

Request Chain 160

https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=O9-MYHxGNGpQV3NGWFNpUU5Ra052RTQ4WUd1Qi9wSkxzaENjWDkvdmF5elE5aFBZN084eVZsQmxEM3pZbStHWDhiSjd6bGhBUk9vZjVNV1prY3pxWW9VM1FEd3ZmMngva0tLWWxEZ1BkZmFwSTgrM3Y0czNiTXpiSXN2T3loTllQYWNnVUFwL0NGVDhINE01L2Jicm1HMmdwd2pxVnkyNVFlZ0JiS2t6MVJaWjRCOU1vOHRxOTRkQ2VkTENWdWExVVRLWkFsSXVrT1FwKzZCd0NzbFlkZlRTc3RQdHZjRWFWaFhZVkl1b1p4NjdvTkRxWEZ1NkswbG5Nc2VXMVBLVkhZNFU0Um1kVlRVTnovSDRwUjM5TjBsQ0hXOW1HaTQ4clpIeW1oT3IrN0VvTnh4ST18&cppv=2

Request Chain 223

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 224

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1&C=1

Request Chain 225

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH4TRyJ8R-6D0ZOMH2W24QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKXO-mnN1M4MNL3AvWpBMdk&google_cver=1

Request Chain 227

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4NjQ3ODU5ODQwNjE4NjYwOA%3D%3D

Request Chain 230

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 275

https://fw.adsafeprotected.com/rfw/bgd/1352960/70224217/xbbe/creative/adj?p=APEucNVY_pKe3ij1OzgW_-a2_cSSgB5EmkzEcQMe5m2yqzP-GUxeOvE&d=CokBAKAmf-BdRwwiMTR2YSziw1Un4kALh0zHJ9P9LCjsUzXUwlEtZJn5aON0lXgQh1xwDaG6caR92w7lFwKbBXkp5tgNd6bpN098BLzuFsx8VulhPwtJm0u0yUz4PZMT3WmLD-IVa-qqFNH_4i8IzmxwTK1sLBpR9DEBU2Q0KRiORTurb3V5zlJPh9wS2RQAoCZ_4F0vLmpbQXgVz7DyBbOjDvuN-42SMrtWSiJUxULmbzPAgUbX3zZTbLwtv3n3UIHIlI82oKbcLimGSaK70P9Ird6qzLG6jPyUdxIBTD_59BMLJBme3M-UEuIpwkNF5q-aWJmoL5K7Q9ZRvOTILuk2GmJGlExZ_DzAk4y2T-GXm92DICpFXXnIxwShnyp0SOXIOyffi6B8GIbZLS1HObGAZO_o2gauUmAnqJs13IcsmGNvvEaPPUT2TO5OBtOfuSS2q8JvYSZXHut_CM1rHb4VtidglDOfqwRfCKoshefkUucQJ4rq15wX4LhvsHyYhbBwmoU9G9OZFsT04_EyuBDIuA-R_6uZ8M9hCxJucHeylmhzqN2HPO2j_zApsj8wEPqzr4eiRVj8Ek2dUteHwkJFNRfBkC62oFlkQwd-RcNXu6H-uf506UxDcI9R-7lGNGeCsT3wYbF_nIaAyU3tyW1ynZaep_i6Cyu5nFkYI8_qolrIGsAYBXqW-qKvYz5Ols-lOMt4OB4q9OwBLhcXBt7AgL38p1Tf4XMSpjfbmCG_AFE-M3vcqGc3VZLpm89SWQDXLcn8r2Q25LPNoFJD5Ndskj_YsAC9TpHX1q0sgeVIUARk_GyONx_xGY2UQyBgZ51eMIblxf7PxTk9vliLIuWbq-Cjj8QoDHbqr8FKqQyfjlxKuYAXDaWXTloDbZyiaem4L0mN8CNnhdEVQ-OtW3X0VLQbixUYcalNBP7cRh3BFo5UGpG4BYDXOF3US9iEJNC86xCbftSro1sKl0FMhkctrp9KNlk5tCoM1ZbeSE2d7onUVCrvX7OieOrQPScAPOMbgHnnqxb3zciCXGLer6eqj555NJ55OPVhTd4aQoXhO_Z-Dk0PLToNaqg964EcjENsppYCUSI3iOhOU7G1iz9-AQ9rqo3HRTuLehDq99MGbGONQsMzRWYL31ENe1pVhnEhwR799dgZ3Np-B4V-ASuaFZVA6s6HSfk6Euh6JK5nYcK8GPCZ-nzQB-LDzYRJSopFrtWY2gvi9QPmyI8DiJKS5fd-YfS3rM_fJ9CZWrarioJj8WaUmvlZiYdhZSD12ZD7vYgXCUF3aED5l_H7_-AShilnm-h8GHtBR2NiFRWMW91AQVXXeDkyDfoTFEdSfCnOQ3dazfHWY_qSSVHjv0_ha7sj87owpTtFwI3PJlcB9LOHaKA0Sq1pzXy87rjvXrTdxty4_gWhZyZ32Jf7RAfHcIMQmppd9T9L2Rkt5E2N-F3pP7GhnV-A2PALXZson4jg2gNfrTx2TzHAW-XkK4LY0HtfTf_w1cGUKLIIlxY1ccITkEl-9-S4Fm1vPRLPjTDeOwlao9-bbxUELlnGsljrfvWfyxOz7mdAL0g1fVnsSBVi09dfpC-yrj4SWUVzWXuKPcXwSTaEB7xL2nlNcOj-q4sTNrSR768gl44CRGJG6dy_CqggUnqqeT-1UDUEh1l4fVnS5Emgpx3kNKhXZ87eXl4bxGZLJaijsu7R1Had69jas5vcWVyscrtkrPzzY_c095u1v0vdnBF7PRFhuudO_HJqbkCk5kqE-G8FCRDrC2h9o06uFaRM1dTI3OHbU6J_x7ZfL1XA5T5s35ufkyip1QJuXB4pyetvHIv4aW3oSmP1flmcuRD1MQlzswPtDpfWpbpoaHRdg5rsCHZ27j1qmeK117sWJyIlsVberL8b8J53cAB6jtHZzblhm-ZG2MLGFIpPz-8BvIivnKKyOb_niMB9oMf-n3ph2Ihjqf6lDWjEdRY5T4R4R6TkTBl4835Vn1Y6bAtmSinQsJaWX7qiVbYao4AQP5RDweRVJXGsVOYV2c-uxcepn6UVT9yYs7Ymh9PQSq4tNIL7tVUcqlkJJxePb4XZEb_Q6uTasV_Ift4XRrBJuaRniG93tvapBUMPu7uzS6OqSaD1-TdIxybl0mRiPZ2QEWitnb3sBIxXpkoa0CfTa3uRLlsdFQJaOQ6QZhFmrHBaKGOyBT9_AInqBav3TfsSmEOosAb51vkX3DSAnPdKf0vs9uYg7j7M_khNasG8Y1MHQhElj6n3imedrQes72mRCrmoVJrLu5gYhNiOec-28chg_9DUYVBouYXErPRHafgWwhfOZeiI8RcBJL2DeAP_xXuNjc8HMNjxodgKnSBKflEuLn2YW7TGPar-IXMrrqFjiAjR0Lj0528-pF52guPU1K7ArTjnOBFNDO77uRspGlPlxV5xE3eZPGY9hzVFYgOYXyxi2u7Eibbxr8nWa6HwgHm6gdPincWDMvzUUGtwHnvCPPaKA25jj1WfUv5mFKxDbUKOIyfeiRmnOYuxUZCfdJ59xzG4E47FbAmw7mkwcq-h7EfgxMi262RVxJAdodA3eV3OhWiD2ZPorGs3ddvEw7Tlhjv4bjgBXRIahQbyDAYAKiCDq7CRTFEt85RLhjLLOsg5uUWRzHTr7i9C38PlIbul4U5B2hfaa3_roN5GV3AKSh0915KFXwzd6j2FQx2hoTbgPO762lwceBwmJGYilYEdkfHHA0RmYd6MFbgi8oy4PjqVIU6cdFsZ-9fsUaQt_1pB_e3MUWQ3nSchqb_ZhQxZteKN3Ihsqyo70ZIlDHRZXNjhspLjjeK4RgD7ONtO6-P2iVawvzvG3pGvrZHXx2-5WNIsVrfm3xUg-E6_3FMaq_Y6Sk9mPWgUwaNGAfwxKUkRZfXqDhEhs8PDkSERKQDV6LLjxO79Zl9qS7xWyqYqptq9bucvcJAgxqJZ9OblfeTJKo0rlrEAjGCSge8j6JzQBMkpw9O160GoqdUWLgBPb7UfFZ101EZ18lEGXZ3DPpk110pEfhdKiccHVC0kIVY3oLCAcLd_Jv0Vs1HniV3Mmo7jMgPHKZ7WiJf17f1ZN7LeLEH0ExEHzI8ab4xo5ASevDcRpaAAaoLZh10rm9UAuqRjaSiLE3VPpL5nTj4z5G0AGsM0TGI1t8Vj4hu4PC9yy5zHdX9TfODQFIhXmFLJXLyb-8XpFj2A10QbGhA_tj1edW7y--eTEqgRlWTDnoWyYEEdcBi-ZTkH1tej05j85DktyvraDaqtw8V8NRrlFnP-3pTvDuTMyZ5-3_0XYiKpkPJSBh95VPOmthV0DZoh2rj_hfgE7YIGnB0NNcxr5fEKBn3l1ovst_FIZgkoZ-mzWcnhttUIVzlmKjSKCL5jYrwQy7TWfKLY0IrDmuwdMCf4244eXnsV9mMm46SFtF0Nm9I2ydJg4Dw-bAeH2CL7LGLGZkyWkasGnaZhkMaUBHMfMNIGmHtQSccHjpBLVywy7q13PtHeABz-b1vS5M_SKMzP8QykHdDrZZD4Xw7DqxihK0MuW-iCOJGeFwjmZOZKNa1pWH7qmbHCRH_LbKAi1X8X7QWKT7LXJYbkzrODoU77MS_m5O0LxWRaieZzlisJyAv_UEDCb6pG2E_WRQtU29UPD2DK5OoI3OLlj0O2uD4W0TxRdX1AOvAeBGnUlHdsHBKC6bJm9-BSnhO4umr2QsQ0IbBQ9oI28mLYGrgaQQgEEjsAcoEIg8kSbpiQtm8gxhv6fCFMYPATv6-AiRVbyIyYp20e8LcX25AeCbgLtVtkZyxzlM-cVK4_jfjA-xgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782785437&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jzTqOtwnF0SfGkAemTTNlr&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:1442031a-9d22-b0d6-ea27-54dc5f14ab63,c:eGqSrp,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-597464b965-zwphf,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tGkhlqs+111%7C112%7C113%7C114%7C115%7C1161%7C116211%7C116212%7C11622%7C1163%7C1164%7C117%7C118%7C119%7C11a%7C11b*.1352960-70224217%7C11b1%7C11c%7C11d1%7C11e%7C11f,idMap:11b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:23,oid:a43e1f24-03c1-11ee-9d5b-fae1f02c6fdc,v:19.8.416,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_160x600.js

Request Chain 279

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 286

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1

Request Chain 287

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH4TRyJ8R-6D0ZOMH2W24QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1

Request Chain 288

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKXO-mnN1M4MNL3AvWpBMdk&google_cver=1

Request Chain 289

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4NjQ3ODU5ODQwNjE4NjYwOA%3D%3D

Request Chain 291

https://fw.adsafeprotected.com/rfw/bgd/1352960/70224159/xbbe/creative/adj?p=APEucNVyJZUbxX1wNlfaDcHT9vXF7BqXsxe-p4hKKsgIbkI3a5PK0FY&d=CokBAKAmf-C0OmhgRyvkRyBTTqKCRxduKqyWC20gwlGmQK3CY7efbod0_iHYDy2Vu6d6M8FvtFt76twboJzSmMppV1OryipeT65u_Y8RPyEWhx_0LBqcqkCpPG4XDy5zjy4vF2M536fRFSd6J3TYrHqqB-jKZ6zoRMjGe9xAry_SvQbr4HBG9CoEPX8SyRQAoCZ_4OPPdQ8BugABUVqy8X61ltG6vAv82smXsjmXDniRtbE4ZYxRNQeg1HmfA_IHZ2JMP9weVpcC0XHamKQZkqG6lv3ApYR7Joq7yOujvWW-JiT-MJMJHV-zKQCuDTImYkSWkzDMnG0BTcM87AcVvcDKepJeViuFMxnTtzFRlZMByEt1k0sN9OdtjpRvq-7KfcmpySZ0x48jOLHekN0hV2GaV9U9gXW25sSpSLFUBp76neJYjHKdy8Q6IemB4oHF4g-lTdBd5CdqZ7mkxUCkD1_x_xj4Nimoq8c_8uh2qVIxBCFXVYj844s-qEylxAD4PpL1TN0e58cvV0KkH0TELTfJTFowp8422wxyJDPVk7sRKWqqdFpLppru_qVIlvO8c_CiJ4zRM4DFf7_o3izVjCBEG4r1Bv7l80KItxV1RVbs9fI5oQ6lAKk5kn6wM3T8-5ryk8-S6g2RYS74jgjWEVZPWhVC5uBjre2BeNSLNjZn7-37Xp1wfD3yWpqQhzuOZAPqsRerp9VErHisVOh8yUC2rhy0Ha00S6tEjO-ZT1aysckeke-VU_iRnSgbGG_zdfniiuTNrRWQEMD2W7zP1z1Ll6F2Uzmv7ufwibLBVC-ewHdAeNPy7NGAL1NweGjirS5tPDHESwlIdmqY8Xr5rp1kahGu8eUeq1dapnw_W80C_D3_LWSnhIxr0uLkT1Hn446zU0d9zC_y8i5LQg1UhPpfkc8QA5xrOE9ZCHbdYhLOAwELK5hX_6tbhl2HJTMp3KLJEK6bXBCHWGrTRjTqTXDhAE0ZjdCAIYJKxBXUiQu1zBFeyXg_UcgPMYB2d4NWVco6u_1vEqOoSGNaEomSwCk_l_AP3XDXv7L2XIfA7wDCuAzlrciofLWcVIfrcwvuosOipKL6eWH2Zil976JuGenHfTLtBspHW3yPpUFXK-46ckGH8TKTNl6xcYljFXN6Ch01R7O6EW8COfUKUNTeZqxXvBus8Er7ks4RUC8rO-pp7p8VnNUTpSqC5y7vATPEcaecHcmrl1Zq3XznmNKJ5RIEt9u04sA67JrqfVQjbbYQsZQvDYZFfmIYG6CnTTV_7SsZ4ruDT8k2LJXuIzEoLgH2fi5r8VVbo86B1ijNOmNqBrRQXivqLhF08V8Kd9QMickBtLPdbIYIljZ75LlkPX_V22Ue7a6LO_oxgiTo1FiPdwq8zNcTo-HXALly3GPEeEtT5FGzYLLQ2XJKiaMYX_iRBZ7hq-RQ8rKnWJzm1jqmYl-YxursEDMGl7lf8ahsUK7Ke_umnGnXVUy-Yz5qtqon021PcOps_1BLQ44_xBtHLbi7pHrsNh-IeUYbh3dOq6v2ijVH1g9hRaR4nhVa7Nt2DMhv485RHIstS8OV699iu0QeNtQMkBwLrpj639KLHvrgV2jHbBjWzoffp-B564-ZG_BLxzlhOrota_HcWknXkYkZSjreEMxRf_tgMJY-YBPbFFamfFHYbZ_0Py76jbOWakAPFouK2qnz93It_-e1jaKb-PTd3W0OwepSJqWNwh4Z2pYNQchJgjuJ18P1FffUgPxIL7-xM9S0lfnCMjg5-KC5kCxJmU1HqYt4S_o6YMzJMyq-tDGamla47YptZrK3TIoViitVHFMxitz3f2iOhiPlIjc-DQQ_WrBrtwxvw-B40wKVz6_ri2aFQNTJb_43-uJuRX-LqVrZRl7KIKE3MnR2-mPR7lobZyCntrDPm0M6u1kMIyocfX5ETfZHEd7cB48E0eE4j9TZ8cZ269qzOhDmxWfN38x-2ZxqmayVNJ6TfzRUjjlEvoGf6N_h_xOWwYRnWhqbzsitF672U_EbNSfhl5RX_OhBNoqyTfedRtCc7W0qmWRGatVqqhIAFJUFCL2bakOc5QcrX3yv4fPiH2L6qvO0VHpFJ835T-1ylC9MvarmYwaltitsweLgy0V9UleqcLt9nNvUOrlE8E7vV_JDq4nckRCD_xBhuD0F5VAKv60SfMNaft83KUbgqj_-5oK1VwH9Crrd1Pq_dN0X4itzDev2HGAptbTedfgSvUF4m11JtXAENlZRuKsgkswuhqb1kdDfbNyrwEnowmlqh4ihwS7hdcUAPQSLsGd7YP3hYxdfc0KBO7gwQFTcHkN4yqtJxOgu9pynb2x7zxd-c6TfDUX7v8DKNFa3kCFLfpwCERonpCwTu2J6V5eZLc2vpiot7KRb_1aAlOkR4nFaqAUHogOoPIpyKMU45UnoROCvpy8L-bMgEdMTFhhdwjBlEn5hqKGyJBpfk51NXE353_fIi4yDnPfLRD4-TkfrLKNirqh9v2vaVFu4FrhPiEmh7EBHwrgjXUI_56U2kk2xE7TrW3Ew45AqYb1i0nV6R5z7xzyjk7HduxBWiSOZNfulhNB7uPk38KnOPItBR9RXt-la_-kMxNHcjek9U9PL8qmA9Ex4MFy0Z6G5CTb2TvAHfCYubNBbl67M6EB8oi9SekcQc0KIGOAohAQInC5ir_IQGArzyQ4c8xjgnQ8nos4Sy3AyA2Xp1HtRpNwJAStlUMSYM7VyCE6EKI-IUS5Ap-hqYHYcT4FiG8hBNAV-mpTGgkEY5LxJ3uzFH8PiqmlgMZGhbsbJlKcijMvXC2501w8lRC1mk3GQ5U0QQbi8TMOvV-2r6bTCjwNlQSSRJTx8FwQ5UA9C7zU5i16yTrcbX_WDWgOzhTpI1C7FOF_HUKWethk0yrVbGFnUgAwp_vot2kcKYg4qmwSD4wUHW22todX2Juq17Cb1AHzchqYxKDdpKh_DeD75pLF_jDQLvpyMn42ZZyB5GVc43xnxbo3bYxnoV0S-KDT8cOsIniPHPffHmjSJy7cIoUp-hibOmulTCPv3gYVjKzKKAOo-neGSsy9_SlyN_FYwC-eKFGA9fM_zzp93xlgUN8nbDRQUHQWKvx7ktYxxUoUoWmRGFBnJXW6yUuaLt6mkd0pF4uVfm07risbzScgXduG_T65TOcGOqjAxPsQrF6rmGirGR5vOK1o3GPQBXgaUu9_C8ghX_MmFcD5iAyT6vrefFLrppfQUPKs9nyurg-qj1twNMRyP4medDZl6KBJZo1immBt9N0sDEMgjREJHoklcgiASh6sSBghdpJuYs_yBPP294wmedYJGivyScKzegDSsEZxbclgli7AzFZwH9hCUiRya9FjdiqUoTylAsbzlBQ0oNup8kfwXXwNqG5fuE_VZAZgWBiXVPI7ltWYSMfmmjxYga5IOmtiuoekustLBpGdnui1Zv_Yv_pTAUJPU41ygoylN4pzXpDXE4mExwEA-01LiaYfinxUjRW9mZRB3vMWP2cy7T4euoE5mHhwzHMdBYAcBxE2fffmBlxvNdyTJdcpjvGFA8LtzSPiza2dARArjOp5YavU2thSurwffuF9SeTJHjzD1OliHtIIT396ZHHDT_us89Pdl5sCRa0ykVZ28PYae1Oj5SFF8Vg-2YSSEM9986iEdy8TrVeu2UJbYdXCrDrlcuAjU4aXfyxpBCAQSOwBygQiDSWCvKWJ-8B3KofN27QT5nCzLSuPLmRCW5tdNUozZS-ubU4XxpghHqQcIoGnPWQbbZbulPnHbGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782785437&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h9WZj7G11dSsMahcJk1fNB&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:4372b4d1-745f-1c6f-595c-d3686b8ce864,c:eGqSvw,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-597464b965-xvkvq,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tGkhluF+111%7C112%7C113%7C114%7C115%7C1161%7C116211%7C116212%7C11622%7C1163%7C117%7C118%7C119%7C11a%7C11b1%7C11b2%7C11b3%7C11c%7C11d*.1352960-70224159%7C11d1%7C11e%7C11f,idMap:11d*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:17,oid:a44e4b54-03c1-11ee-8b0f-d661b5ce4804,v:19.8.416,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_728x90.js

Request Chain 303

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBK-DkVdTpmiQ9Y7o6P105g&google_cver=1&google_push=ATf1kGMT_3I0zXPhG7Ixl9ziBPRKjiwDws1fH7RXj4loqvP6DVQlXdJyeEON_IvJU0V2th84LHP-4Qcj9m6wS-7qKaXrnhqM0-Fd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQwMzIwNTY4Nzg2NTA3ODkwNA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBK-DkVdTpmiQ9Y7o6P105g&google_cver=1

Request Chain 305

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAQ4jeJwT63BwemJ7z-vXBI&google_cver=1&google_push=ATf1kGPh-YjYW3iXf-_s9zvP7-NMtyIRSS3tY2ESOHNgMtJz1Oes4H5Y4s3DMJqdA9K4DSWhVx4Rd9W4yEDO4IpxAAgQTcp9ARBC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPh-YjYW3iXf-_s9zvP7-NMtyIRSS3tY2ESOHNgMtJz1Oes4H5Y4s3DMJqdA9K4DSWhVx4Rd9W4yEDO4IpxAAgQTcp9ARBC

Request Chain 306

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEI8gOZ-YbBf1lvmDCz5OuVU&google_cver=1&google_push=ATf1kGM7pdvQxW_U1QFmfMGLQfF5MEj6MWum46i3sC0dhICwMwanUA6AJ1jjsHK5v2qwSzub2jVnhzwAN0-3utIpKsPxRmJSN0A HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEI8gOZ-YbBf1lvmDCz5OuVU&google_cver=1&google_push=ATf1kGM7pdvQxW_U1QFmfMGLQfF5MEj6MWum46i3sC0dhICwMwanUA6AJ1jjsHK5v2qwSzub2jVnhzwAN0-3utIpKsPxRmJSN0A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjgyOTM1MTE3ODg2MDQyOTI4NA&google_push=ATf1kGM7pdvQxW_U1QFmfMGLQfF5MEj6MWum46i3sC0dhICwMwanUA6AJ1jjsHK5v2qwSzub2jVnhzwAN0-3utIpKsPxRmJSN0A

Request Chain 307

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL7hJ60FZgnoY4_6upRsA1Q&google_cver=1&google_push=ATf1kGNNO3QYSSeAvfRW9YX9yoEoS_Gzr2Ru9L2omK4cUDFQDbkmaBjiryw-XSXbmiOzJiTA0V3tLmaJBJeWgB-cr3W6JKg2na2T HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL7hJ60FZgnoY4_6upRsA1Q&google_hm=ZH4TRyJ8R_6D0ZOMH2W24QAACLEAAAAB&google_nid=index&google_push=ATf1kGNNO3QYSSeAvfRW9YX9yoEoS_Gzr2Ru9L2omK4cUDFQDbkmaBjiryw-XSXbmiOzJiTA0V3tLmaJBJeWgB-cr3W6JKg2na2T

Request Chain 308

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEM4Dsvpy1xWATxpE7N364OM&google_cver=1&google_push=ATf1kGN3ghpuAHZku86V8y7lN1T2H4fHDwWMXsvmfWbWsCZ2Uw4OGkb26EPlvDgoypsNNRgHJIwrkOoizcV7LXYroIZJWBjJKaI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN3ghpuAHZku86V8y7lN1T2H4fHDwWMXsvmfWbWsCZ2Uw4OGkb26EPlvDgoypsNNRgHJIwrkOoizcV7LXYroIZJWBjJKaI

Request Chain 309

https://sync.inmobi.com/gob?google_gid=CAESENcN_0RrInyGA9fUnsZCwlE&google_cver=1&google_push=ATf1kGOv6PbbPQoXNH58aUQUcfWj_Tb_DjczYv2ovYath_mKznwjBV9eE_CJ8CaE6llO39T67z6U1GVGnrUCp-yVN-gFpxoHKd7apw HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGOv6PbbPQoXNH58aUQUcfWj_Tb_DjczYv2ovYath_mKznwjBV9eE_CJ8CaE6llO39T67z6U1GVGnrUCp-yVN-gFpxoHKd7apw

Request Chain 315

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAK1y1J1RRFNM8Pk4r6MgFA&google_cver=1&google_push=ATf1kGPi3TJmx1AHpEZmuv65Gy0uj_7kQVjPQ8DzvcZFO4PEE2GM9S1Lz8mBKgqVWRzZ442g9gM0-xV96EF5UXP7IIlvcTdkomiP HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ATf1kGPi3TJmx1AHpEZmuv65Gy0uj_7kQVjPQ8DzvcZFO4PEE2GM9S1Lz8mBKgqVWRzZ442g9gM0-xV96EF5UXP7IIlvcTdkomiP&google_hm=hmR-E0YKpV4angXDQA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D647E13460AA55E1A9E05C340BLIS

Request Chain 316

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGbMKYBKl6LPxIGuJzLsysM&google_cver=1&google_push=ATf1kGPpnP1CrXApV8V-WK9rnVvgFnzq8IVG3EUxtihA10yZyugF-6Y2wzn6rWl9gHUNEDm6BWa2EWTVm-2rQVEDgwcOuMf6ckI HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGbMKYBKl6LPxIGuJzLsysM&google_cver=1&google_push=ATf1kGPpnP1CrXApV8V-WK9rnVvgFnzq8IVG3EUxtihA10yZyugF-6Y2wzn6rWl9gHUNEDm6BWa2EWTVm-2rQVEDgwcOuMf6ckI HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=ea0e0443-f341-4425-8b6d-fa9be079df03&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPpnP1CrXApV8V-WK9rnVvgFnzq8IVG3EUxtihA10yZyugF-6Y2wzn6rWl9gHUNEDm6BWa2EWTVm-2rQVEDgwcOuMf6ckI&google_hm=qe8A_c6OQP2gb43dIwzm9A==

Request Chain 317

https://match.360yield.com/match/ebda?google_gid=CAESENRpU2gZdHeBha3qU9aGmco&google_cver=1&google_push=ATf1kGPL4vSMod9f_NOEJGdtaIVUMBieYF77pBRMZPasOGkv17JY_-aG0jpUxxMCMzfYbCOKGVmviXiGJiMK56drtpBFmJJzEEc HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENRpU2gZdHeBha3qU9aGmco&google_cver=1&google_push=ATf1kGPL4vSMod9f_NOEJGdtaIVUMBieYF77pBRMZPasOGkv17JY_-aG0jpUxxMCMzfYbCOKGVmviXiGJiMK56drtpBFmJJzEEc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=U5aNuth8TR-AyZG3u3mlEQ&google_push=ATf1kGPL4vSMod9f_NOEJGdtaIVUMBieYF77pBRMZPasOGkv17JY_-aG0jpUxxMCMzfYbCOKGVmviXiGJiMK56drtpBFmJJzEEc

Request Chain 318

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL2TQVWUhCtvwAaxVWygZhA&google_cver=1&google_push=ATf1kGNvk-4QMoHHjbu2IfhA7gQxr56GehF7gcvsAgxzgqbZwj2rSmGkstnzWicJz4fMNDyWp2JBxYadlV0psGseejbgeAtK5_Qj HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGNvk-4QMoHHjbu2IfhA7gQxr56GehF7gcvsAgxzgqbZwj2rSmGkstnzWicJz4fMNDyWp2JBxYadlV0psGseejbgeAtK5_Qj&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1685984072259 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-fa3d9500-f9ef-4895-80a1-2ce958726a5f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGNvk-4QMoHHjbu2IfhA7gQxr56GehF7gcvsAgxzgqbZwj2rSmGkstnzWicJz4fMNDyWp2JBxYadlV0psGseejbgeAtK5_Qj%26google_hm%3DA_o9lQD570iVgKEs6Vhyal8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGNvk-4QMoHHjbu2IfhA7gQxr56GehF7gcvsAgxzgqbZwj2rSmGkstnzWicJz4fMNDyWp2JBxYadlV0psGseejbgeAtK5_Qj&google_hm=A_o9lQD570iVgKEs6Vhyal8

Request Chain 319

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOG03AJIXUU_W8SMwKkGpL0&google_cver=1&google_push=ATf1kGP3K3V46ZjT7tr5I3ClyQ9Y_cYW7j9EudPOsEyqsWnbCbWMaFkuu-QIOQlwo8x_tqyYoDnhwuBMXhcuEVDTEHeoU4jIu_s HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGP3K3V46ZjT7tr5I3ClyQ9Y_cYW7j9EudPOsEyqsWnbCbWMaFkuu-QIOQlwo8x_tqyYoDnhwuBMXhcuEVDTEHeoU4jIu_s&google_gid=CAESEOG03AJIXUU_W8SMwKkGpL0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQwNDM5NTgyOTk0MjU2ODc0MjYzNw%3D%3D&google_push=ATf1kGP3K3V46ZjT7tr5I3ClyQ9Y_cYW7j9EudPOsEyqsWnbCbWMaFkuu-QIOQlwo8x_tqyYoDnhwuBMXhcuEVDTEHeoU4jIu_s

Request Chain 320

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHqZU-OObdAQUwaJ7fkAstc&google_cver=1&google_push=ATf1kGOq7O4_eycmEkZonEy4wmQzVuJ_UkgGL4WN0Aq3xFwaUsvMLEsgdLgMr8uLhhIQBawXrpf5WZaBtdYpSaKwd3NIDg1PWYBoWQ HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHqZU-OObdAQUwaJ7fkAstc&google_cver=1&google_push=ATf1kGOq7O4_eycmEkZonEy4wmQzVuJ_UkgGL4WN0Aq3xFwaUsvMLEsgdLgMr8uLhhIQBawXrpf5WZaBtdYpSaKwd3NIDg1PWYBoWQ&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tRlUuQWQxRTJ1RzhYajA5STdsUURsNk0yTHpEQlBvcn5B&google_push=ATf1kGOq7O4_eycmEkZonEy4wmQzVuJ_UkgGL4WN0Aq3xFwaUsvMLEsgdLgMr8uLhhIQBawXrpf5WZaBtdYpSaKwd3NIDg1PWYBoWQ

Request Chain 321

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJJl6Fs1M69f7q60w4V46QI&google_cver=1&google_push=ATf1kGONgZbqfYDlRst6LSFDi63epQQM72i4yv-rRvbbmv_cKzQh2JYKqYkJWcKcudEhd-545VI6jLa479FU83Vz_2nzho7tHgOUIA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njk4NjQ3ODU5ODQwNjE4NjYwOA%3D%3D&google_gid=CAESEJJl6Fs1M69f7q60w4V46QI&google_cver=1&google_push=ATf1kGONgZbqfYDlRst6LSFDi63epQQM72i4yv-rRvbbmv_cKzQh2JYKqYkJWcKcudEhd-545VI6jLa479FU83Vz_2nzho7tHgOUIA

327 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x69807j0b5.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 427ms
97ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1318
Content-MD5: +Dz/d7Mp2GQfilgWrAkqiw==
Content-Type: text/html
Date: Mon, 05 Jun 2023 16:54:26 GMT
ETag: 0x8DB5ED0599CC10C
Last-Modified: Sat, 27 May 2023 16:35:15 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: cc7183e2-b01e-002b-1dce-97c2c1000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 95ms
94ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-request-id: cc718481-b01e-002b-31ce-97c2c1000000
Date: Mon, 05 Jun 2023 16:54:26 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 305ms
96ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 05 Jun 2023 16:54:26 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: cc7185c6-b01e-002b-65ce-97c2c1000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 206ms
110ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 05 Jun 2023 16:54:26 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: cc718511-b01e-002b-37ce-97c2c1000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 743 B
681 B 298ms
132ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x69807j0b5
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:25 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 404

GET
H2 200 nv.php Show response
www.cloakan.co/ 232 B
385 B 212ms
96ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:25 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 112

GET
H2 200 / Show response
ye-mek.net/ Frame 11BA 76 KB
76 KB 259ms
53ms Document
text/html 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/
Requested by: Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 00ce306cf481fb8e0a4fda19526dde1a8a9d670a07f143d832a445fbcf2db6eb

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 77471
content-type: text/html; charset=utf-8
date: Mon, 05 Jun 2023 16:54:28 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 11BA 90 KB
33 KB 39ms
9ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:49:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jun 2024 16:49:11 GMT

GET
H2 200 yemeknet.js Show response
ye-mek.net/js/ Frame 11BA 10 KB
2 KB 74ms
73ms Script
application/javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/js/yemeknet.js?v=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Mon, 05 Jun 2023 16:54:28 GMT
content-encoding: br
last-modified: Tue, 20 Aug 2019 13:15:54 GMT
server: Microsoft-IIS/10.0
etag: "0a144655957d51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2179

GET
H2 200 maincss.css
cdn.ye-mek.net/ Frame 11BA 40 KB
12 KB 154ms
16ms Stylesheet
text/css 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ye-mek.net/maincss.css?v=434
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 4174616
x-accel-date: 1681809452
x-77-nzt: AZySIYveplP/GLM/AA
x-accel-expires: @1713345452
last-modified: Tue, 24 Nov 2020 00:00:32 GMT
server: CDN77-Turbo
etag: W/"5fbc4d20-9e5b"
x-77-nzt-ray: cf878727ede9932c44137e644589741e
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 11BA 119 KB
47 KB 36ms
15ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f6f268c7c0bf2115730ab47d014e9a39b3352ff9a6918fcf0303880b1b2d1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47387
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 16:05:29 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Jun 2023 16:54:28 GMT

GET
H2 200 searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame 11BA 542 B
898 B 13ms
13ms Image
image/png 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174683
x-accel-date: 1681809385
content-length: 542
x-77-nzt: AZySIYuyZWP/W7M/AA
x-accel-expires: @1713345385
last-modified: Sat, 22 Oct 2022 20:00:57 GMT
server: CDN77-Turbo
etag: "63544bf9-21e"
x-77-nzt-ray: cf878727ede9932c44137e645315e91e
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ara.png
cdn.ye-mek.net/App_UI/Img/ Frame 11BA 2 KB
2 KB 15ms
15ms Image
image/png 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174611
x-accel-date: 1681809457
content-length: 1651
x-77-nzt: AZySIYuYf2H/E7M/AA
x-accel-expires: @1713345457
last-modified: Mon, 14 May 2018 22:41:08 GMT
server: CDN77-Turbo
etag: "5afa1084-673"
x-77-nzt-ray: cf878727ede9932c44137e643de2a11f
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kuru-domates-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 11BA 13 KB
13 KB 17ms
16ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/kuru-domates-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 40e79ea3833e391579a893edcb1311f9d82372fcf6ad18ebd245b7535bc2eef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 69005
x-accel-date: 1685915063
content-length: 13287
x-77-nzt: AZySIYut+Wv/jQ0BAA
x-accel-expires: @1717451063
last-modified: Sun, 04 Jun 2023 20:08:17 GMT
server: CDN77-Turbo
etag: "647cef31-33e7"
x-77-nzt-ray: cf878727ede9932c44137e646b5dde1f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 semizotu-yogurtlamasi-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 11BA 16 KB
17 KB 22ms
16ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/semizotu-yogurtlamasi-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 39ddfa0e149ffe66b2480afecb8501822ac2d7aba2f841103eb7caab5ab7fe2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 150870
x-accel-date: 1685833198
content-length: 16694
x-77-nzt: AZySIYs6fzv/Vk0CAA
x-accel-expires: @1717369198
last-modified: Sat, 03 Jun 2023 22:46:59 GMT
server: CDN77-Turbo
etag: "647bc2e3-4136"
x-77-nzt-ray: cf878727ede9932c44137e642d882f20
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mantarli-ispanakli-yumurta-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 11BA 16 KB
16 KB 27ms
20ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/mantarli-ispanakli-yumurta-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b626cb98565e377b5fbb449fcb91acaaa421a333bcea9850b70ac58cf9fc4432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 236396
x-accel-date: 1685747672
content-length: 15966
x-77-nzt: AZySIYu0pU//bJsDAA
x-accel-expires: @1717283672
last-modified: Fri, 02 Jun 2023 23:01:10 GMT
server: CDN77-Turbo
etag: "647a74b6-3e5e"
x-77-nzt-ray: cf878727ede9932c44137e6413715d20
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 citir-tavuk-kanatlari-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 11BA 15 KB
16 KB 32ms
25ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/citir-tavuk-kanatlari-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3c2fc0614d14f19c7b68d795bbd361ec0baa28f2f72f7fd645cb7967f380af07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 328370
x-accel-date: 1685655698
content-length: 15552
x-77-nzt: AZySIYtyrmP/sgIFAA
x-accel-expires: @1717191698
last-modified: Thu, 01 Jun 2023 21:24:53 GMT
server: CDN77-Turbo
etag: "64790ca5-3cc0"
x-77-nzt-ray: cf878727ede9932c44137e64c1a16420
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 nohutlu-misket-kofte-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2014/02/ Frame 11BA 13 KB
13 KB 36ms
29ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2014/02/nohutlu-misket-kofte-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 50282fee83281adfa1bd8aa7771950d435a2799ca90959ae8f3a483ff4fb0be0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174197
x-accel-date: 1681809871
content-length: 13272
x-77-nzt: AZySIYtyr+z/dbE/AA
x-accel-expires: @1713345871
last-modified: Wed, 01 May 2019 22:22:18 GMT
server: CDN77-Turbo
etag: "5cca1c1a-33d8"
x-77-nzt-ray: cf878727ede9932c44137e64cd036a20
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-kofteli-patates-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/06/ Frame 11BA 12 KB
13 KB 36ms
30ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/06/firinda-kofteli-patates-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fcc8d02d1890db4b4310e06955eb7c309069e9672717fe97e043d6114cd105ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171158
x-accel-date: 1681812910
content-length: 12649
x-77-nzt: AZySIYs1Xp7/lqU/AA
x-accel-expires: @1713348910
last-modified: Wed, 01 May 2019 23:19:29 GMT
server: CDN77-Turbo
etag: "5cca2981-3169"
x-77-nzt-ray: cf878727ede9932c44137e644d0a6f20
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-porsiyon-musakka-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 11BA 18 KB
18 KB 36ms
30ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/firinda-porsiyon-musakka-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9edb23e141fe20aa066d445f9933b24561e461ab1f90a02d40dd2027023a94cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4173865
x-accel-date: 1681810203
content-length: 17964
x-77-nzt: AZySIYtUXvz/KbA/AA
x-accel-expires: @1713346203
last-modified: Thu, 14 May 2020 23:54:34 GMT
server: CDN77-Turbo
etag: "5ebdda3a-462c"
x-77-nzt-ray: cf878727ede9932c44137e646c297220
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-bamya-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/08/ Frame 11BA 12 KB
12 KB 36ms
30ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/08/tavuklu-bamya-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 94dc350acb3e491e883e23665acdfe801c1559d67026fbcd533dfce70d5a6270

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 1874353
x-accel-date: 1684109715
content-length: 12328
x-77-nzt: AZySIYs+8nv/sZkcAA
x-accel-expires: @1715645715
last-modified: Wed, 21 Aug 2019 22:20:01 GMT
server: CDN77-Turbo
etag: "5d5dc391-3028"
x-77-nzt-ray: cf878727ede9932c44137e64ff177520
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hasu-pilavi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/04/ Frame 11BA 17 KB
17 KB 36ms
30ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/04/hasu-pilavi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2581753667ea9096139c6e824317f55122ac3bc2c6c0227fe9168cd247061a1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174503
x-accel-date: 1681809565
content-length: 17045
x-77-nzt: AZySIYsP5q3/p7I/AA
x-accel-expires: @1713345565
last-modified: Fri, 31 Mar 2023 23:41:35 GMT
server: CDN77-Turbo
etag: "64276faf-4295"
x-77-nzt-ray: cf878727ede9932c44137e6441127820
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hosmerim-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/10/ Frame 11BA 9 KB
10 KB 36ms
30ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/10/hosmerim-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 42957ef601fd013119bccbb5d1a6a656f89851c80a3e5a1482315b87251f53be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174263
x-accel-date: 1681809805
content-length: 9683
x-77-nzt: AZySIYtL7Jb/t7E/AA
x-accel-expires: @1713345805
last-modified: Tue, 04 Oct 2022 22:04:12 GMT
server: CDN77-Turbo
etag: "633caddc-25d3"
x-77-nzt-ray: cf878727ede9932c44137e64811e7b20
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pilic-topkapi-resimli-yemek-tarifi(24).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/04/ Frame 11BA 15 KB
15 KB 36ms
30ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/04/pilic-topkapi-resimli-yemek-tarifi(24).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7c61fa1cf06e1231a6cbcbd22e6fd065c2934749e2e2af038318feaa79f54c93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174630
x-accel-date: 1681809438
content-length: 15292
x-77-nzt: AZySIYuncnH/JrM/AA
x-accel-expires: @1713345438
last-modified: Mon, 26 Apr 2021 22:52:38 GMT
server: CDN77-Turbo
etag: "60874436-3bbc"
x-77-nzt-ray: cf878727ede9932c44137e64da647d20
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pesmet-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/06/ Frame 11BA 13 KB
14 KB 36ms
30ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/06/pesmet-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 02dae736d2648c67319cc03736039f03dd6e6304f15177c973f1eb9051d83230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171170
x-accel-date: 1681812898
content-length: 13551
x-77-nzt: AZySIYvdAnn/oqU/AA
x-accel-expires: @1713348898
last-modified: Thu, 18 Jun 2020 21:46:42 GMT
server: CDN77-Turbo
etag: "5eebe0c2-34ef"
x-77-nzt-ray: cf878727ede9932c44137e64014a8020
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hunkar-begendi-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/03/ Frame 11BA 12 KB
13 KB 38ms
32ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/03/hunkar-begendi-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ca52a0eec13c48696bf05cbe5e76a0b67c73967c1f8825cfe4b733e24a775580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174411
x-accel-date: 1681809657
content-length: 12532
x-77-nzt: AZySIYvYNVj/S7I/AA
x-accel-expires: @1713345657
last-modified: Wed, 01 May 2019 23:32:05 GMT
server: CDN77-Turbo
etag: "5cca2c75-30f4"
x-77-nzt-ray: cf878727ede9932c44137e6482468320
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 macar-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/04/ Frame 11BA 14 KB
15 KB 38ms
32ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/04/macar-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 68bbcab002cfe978fe70454b240f442046de6170bdef247b98f4819f1e7f2417

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174592
x-accel-date: 1681809476
content-length: 14810
x-77-nzt: AZySIYulGNP/ALM/AA
x-accel-expires: @1713345476
last-modified: Fri, 24 Apr 2020 23:44:43 GMT
server: CDN77-Turbo
etag: "5ea379eb-39da"
x-77-nzt-ray: cf878727ede9932c44137e6495768520
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hamburger-koftesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 11BA 10 KB
11 KB 38ms
32ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/hamburger-koftesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: db725e2f455d418fe503bf105ae1f43045035eb576fa2f667e21a8c290e06d17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4173602
x-accel-date: 1681810466
content-length: 10591
x-77-nzt: AZySIYs27VL/Iq8/AA
x-accel-expires: @1713346466
last-modified: Tue, 26 May 2020 22:36:22 GMT
server: CDN77-Turbo
etag: "5ecd99e6-295f"
x-77-nzt-ray: cf878727ede9932c44137e648ef78720
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kabak-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 11BA 15 KB
16 KB 38ms
33ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/kabak-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b2614739e5032eef7a58aa35faf7010861d20c62b93b0e8d42a1e8d0a2a7ffa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174090
x-accel-date: 1681809978
content-length: 15726
x-77-nzt: AZySIYt+eK7/CrE/AA
x-accel-expires: @1713345978
last-modified: Mon, 04 May 2020 23:42:37 GMT
server: CDN77-Turbo
etag: "5eb0a86d-3d6e"
x-77-nzt-ray: cf878727ede9932c44137e649f598a20
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 soganli-tavuk-sote-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame 11BA 14 KB
14 KB 38ms
33ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/soganli-tavuk-sote-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6d4b039e13080924553d42c56051ec773abb13dd903a5ea542eb3d23702a821a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171395
x-accel-date: 1681812673
content-length: 14064
x-77-nzt: AZySIYtZyJT/g6Y/AA
x-accel-expires: @1713348673
last-modified: Fri, 21 May 2021 22:11:36 GMT
server: CDN77-Turbo
etag: "60a83018-36f0"
x-77-nzt-ray: cf878727ede9932c44137e64b88d8c20
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 cerkez-pilavi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/04/ Frame 11BA 16 KB
16 KB 38ms
33ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/04/cerkez-pilavi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 298e30cd4e01948d540e8aff796e294da1ae095578b2403f2b97280e3b969a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174630
x-accel-date: 1681809438
content-length: 16373
x-77-nzt: AZySIYtYbRP/JrM/AA
x-accel-expires: @1713345438
last-modified: Tue, 11 Apr 2023 16:32:39 GMT
server: CDN77-Turbo
etag: "64358ba7-3ff5"
x-77-nzt-ray: cf878727ede9932c44137e6457d08f20
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-ic-pilavli-b%C3%BCt%C3%BCn-tavuk-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/08/ Frame 11BA 16 KB
16 KB 38ms
33ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/08/firinda-ic-pilavli-b%C3%BCt%C3%BCn-tavuk-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 65676ff9ee174f1af8dd161a2b306631500e0e3ee01ace918e221312048e9bc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171499
x-accel-date: 1681812569
content-length: 16247
x-77-nzt: AZySIYskWXL/66Y/AA
x-accel-expires: @1713348569
last-modified: Wed, 01 May 2019 22:46:25 GMT
server: CDN77-Turbo
etag: "5cca21c1-3f77"
x-77-nzt-ray: cf878727ede9932c44137e64ca7b9220
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pilic-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ Frame 11BA 15 KB
15 KB 38ms
33ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/12/pilic-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2c481ccdb6e10e0136132ac25c732c873df15b1cf23a063a714f63606159551e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171395
x-accel-date: 1681812673
content-length: 15498
x-77-nzt: AZySIYu7/jT/g6Y/AA
x-accel-expires: @1713348673
last-modified: Fri, 30 Dec 2022 22:50:02 GMT
server: CDN77-Turbo
etag: "63af6b1a-3c8a"
x-77-nzt-ray: cf878727ede9932c44137e6408589620
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-koz-tadinda-patates-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/11/ Frame 11BA 11 KB
12 KB 38ms
33ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/11/firinda-koz-tadinda-patates-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a4e20e17e33fe6f4b0488f8547af1e685ff73b8ece971d6c780db52c6391ab38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174224
x-accel-date: 1681809844
content-length: 11480
x-77-nzt: AZySIYv0awf/kLE/AA
x-accel-expires: @1713345844
last-modified: Wed, 11 Nov 2020 23:10:35 GMT
server: CDN77-Turbo
etag: "5fac6f6b-2cd8"
x-77-nzt-ray: cf878727ede9932c44137e6415269920
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 karnabahar-mantisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/12/ Frame 11BA 16 KB
16 KB 38ms
33ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/12/karnabahar-mantisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 167b361207c0dbe5cc3e6a4aded1c1523af5ca6241dd25f5087a33d63ed89ed0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 180449
x-accel-date: 1685803619
content-length: 15923
x-77-nzt: AZySIYsuLkz/4cACAA
x-accel-expires: @1717339619
last-modified: Thu, 30 Dec 2021 20:54:18 GMT
server: CDN77-Turbo
etag: "61ce1c7a-3e33"
x-77-nzt-ray: cf878727ede9932c44137e644fd39b20
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-peynirli-ispanak-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/09/ Frame 11BA 12 KB
12 KB 38ms
34ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/09/firinda-peynirli-ispanak-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: dfb24cd229db2187732c7a2744b85312cf3da6be84e6e55ff7fc0e166a78d492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174339
x-accel-date: 1681809729
content-length: 12268
x-77-nzt: AZySIYu4uCX/A7I/AA
x-accel-expires: @1713345729
last-modified: Wed, 01 May 2019 23:39:34 GMT
server: CDN77-Turbo
etag: "5cca2e36-2fec"
x-77-nzt-ray: cf878727ede9932c44137e6428b09e20
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 patlican-baligi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/11/ Frame 11BA 13 KB
13 KB 39ms
34ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/11/patlican-baligi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1c9af0fc292c8fb8f9dc82487cf57b1854797659160b14b7afd9566c7d068c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171131
x-accel-date: 1681812937
content-length: 12996
x-77-nzt: AZySIYtpwK7/e6U/AA
x-accel-expires: @1713348937
last-modified: Thu, 31 Oct 2019 23:15:55 GMT
server: CDN77-Turbo
etag: "5dbb6b2b-32c4"
x-77-nzt-ray: cf878727ede9932c44137e643d41a120
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hanimaga-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/06/ Frame 11BA 14 KB
14 KB 39ms
34ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/06/hanimaga-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a401ab3b7ec5aad2e82fd1df7e4b4c9eb24ea37d3689ffd3384ceaafd4571226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4173897
x-accel-date: 1681810171
content-length: 13961
x-77-nzt: AZySIYtfpin/SbA/AA
x-accel-expires: @1713346171
last-modified: Wed, 01 May 2019 23:36:26 GMT
server: CDN77-Turbo
etag: "5cca2d7a-3689"
x-77-nzt-ray: cf878727ede9932c44137e64620fa420
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ipek-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/04/ Frame 11BA 9 KB
10 KB 39ms
34ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/04/ipek-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b3fce6c522254e35e5dbbdd484afaacc4007ffc56c7cb235b9a6e7b15d3d6f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4173992
x-accel-date: 1681810076
content-length: 9371
x-77-nzt: AZySIYukP3f/qLA/AA
x-accel-expires: @1713346076
last-modified: Wed, 01 May 2019 23:47:22 GMT
server: CDN77-Turbo
etag: "5cca300a-249b"
x-77-nzt-ray: cf878727ede9932c44137e64c35ca720
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 salcali-mantar-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame 11BA 14 KB
14 KB 39ms
34ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/salcali-mantar-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c5f8b4170bce8ae3ccf764003a02f508d29710a8d212e596fc4ebcd388620000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174611
x-accel-date: 1681809457
content-length: 14262
x-77-nzt: AZySIYsiTCr/E7M/AA
x-accel-expires: @1713345457
last-modified: Fri, 03 Mar 2023 22:14:03 GMT
server: CDN77-Turbo
etag: "6402712b-37b6"
x-77-nzt-ray: cf878727ede9932c44137e64956da920
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mantarli-domates-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ Frame 11BA 11 KB
11 KB 39ms
34ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/12/mantarli-domates-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 57d6270f8a2410ea0ae988122b1d818fcf9a73b139b68c281c344bd48431558a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174504
x-accel-date: 1681809564
content-length: 11238
x-77-nzt: AZySIYvlM/H/qLI/AA
x-accel-expires: @1713345564
last-modified: Wed, 30 Nov 2022 21:15:52 GMT
server: CDN77-Turbo
etag: "6387c808-2be6"
x-77-nzt-ray: cf878727ede9932c44137e64a094ac20
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 bardakta-tiramisu-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/11/ Frame 11BA 11 KB
12 KB 39ms
34ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/11/bardakta-tiramisu-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d4c1f6add2cb4767abeb3bd68800c055096f7fbfd99006d23fc286fabae7aa5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174059
x-accel-date: 1681810009
content-length: 11437
x-77-nzt: AZySIYvnKWv/67A/AA
x-accel-expires: @1713346009
last-modified: Wed, 01 May 2019 23:27:20 GMT
server: CDN77-Turbo
etag: "5cca2b58-2cad"
x-77-nzt-ray: cf878727ede9932c44137e647de3af20
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 cilekli-kek-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/04/ Frame 11BA 16 KB
16 KB 39ms
34ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/04/cilekli-kek-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 43c1db258054fd904a5ea889573e183fce6b54fbe0217e7d72cf1ef6881c94ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4173021
x-accel-date: 1681811047
content-length: 16262
x-77-nzt: AZySIYtcnBz/3aw/AA
x-accel-expires: @1713347047
last-modified: Thu, 08 Apr 2021 13:49:23 GMT
server: CDN77-Turbo
etag: "606f09e3-3f86"
x-77-nzt-ray: cf878727ede9932c44137e64e82db220
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hira-tatlisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/06/ Frame 11BA 12 KB
13 KB 39ms
35ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/06/hira-tatlisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 79076f5e5894a65c86f101fdc051b1b77e6dcdefa5e657675cf047e0e84c3358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174625
x-accel-date: 1681809443
content-length: 12477
x-77-nzt: AZySIYvE9R3/IbM/AA
x-accel-expires: @1713345443
last-modified: Wed, 01 May 2019 23:01:00 GMT
server: CDN77-Turbo
etag: "5cca252c-30bd"
x-77-nzt-ray: cf878727ede9932c44137e649eb0b420
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 biskuvili-porsiyonluk-pasta-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/02/ Frame 11BA 14 KB
14 KB 39ms
35ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/02/biskuvili-porsiyonluk-pasta-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6d735ee9e8a233928f4788ed6b6c5a25a6d434e80a2af59d107fa242aec2a8ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174247
x-accel-date: 1681809821
content-length: 14043
x-77-nzt: AZySIYtLvsr/p7E/AA
x-accel-expires: @1713345821
last-modified: Wed, 01 May 2019 23:13:02 GMT
server: CDN77-Turbo
etag: "5cca27fe-36db"
x-77-nzt-ray: cf878727ede9932c44137e648d25b720
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavada-pisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/12/ Frame 11BA 11 KB
11 KB 39ms
35ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/12/tavada-pisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7fb65548f1070a02531030355eb69c1dbdaa000acc7997f5c2af52e01bc29aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4171169
x-accel-date: 1681812899
content-length: 11084
x-77-nzt: AZySIYsuhfr/oaU/AA
x-accel-expires: @1713348899
last-modified: Mon, 16 Dec 2019 21:44:06 GMT
server: CDN77-Turbo
etag: "5df7faa6-2b4c"
x-77-nzt-ray: cf878727ede9932c44137e64c665b920
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kasnika-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/01/ Frame 11BA 15 KB
16 KB 39ms
35ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/01/kasnika-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 40d704fcf4405f97ac78ba9d102e436a0482e3a47576de24a70f370f970dc0f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174330
x-accel-date: 1681809738
content-length: 15753
x-77-nzt: AZySIYsVHkH/+rE/AA
x-accel-expires: @1713345738
last-modified: Mon, 09 Jan 2023 22:11:43 GMT
server: CDN77-Turbo
etag: "63bc911f-3d89"
x-77-nzt-ray: cf878727ede9932c44137e64b54ebc20
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sutlu-mantar-kavurmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/02/ Frame 11BA 15 KB
16 KB 39ms
35ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/02/sutlu-mantar-kavurmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 38a45d2622d89b3d2da8101fa1ecdc03ed87f51af4d93f1358530610ffd7cfcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4173814
x-accel-date: 1681810254
content-length: 15570
x-77-nzt: AZySIYs5Mfz/9q8/AA
x-accel-expires: @1713346254
last-modified: Fri, 17 Feb 2023 22:43:31 GMT
server: CDN77-Turbo
etag: "63f00313-3cd2"
x-77-nzt-ray: cf878727ede9932c44137e64def4be20
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sutlu-mayasiz-pogaca-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/07/ Frame 11BA 15 KB
15 KB 39ms
35ms Image
image/jpeg 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/07/sutlu-mayasiz-pogaca-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ca138e0e125de786e1444b2a71ee42335397a6d1c97828fa54ed803efeda0388

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 375041
x-accel-date: 1685609027
content-length: 15266
x-77-nzt: AZySIYtjU97/AbkFAA
x-accel-expires: @1717145027
last-modified: Mon, 13 Jul 2020 21:25:48 GMT
server: CDN77-Turbo
etag: "5f0cd15c-3ba2"
x-77-nzt-ray: cf878727ede9932c44137e649062c120
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 _dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame 11BA 5 KB
6 KB 69ms
21ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:28 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "8ae3cdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1685984068.cds322.lo4.hn,1685984068.cds041.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length: 5605

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame 11BA 0
0 552ms
17ms Script
text/plain 184.30.16.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/js/300/addthis_widget.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ Frame 11BA 465 B
585 B 71ms
23ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:28 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1685984068.cds322.lo4.hn,1685984068.cds281.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 11BA 51 KB
21 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 16:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1141
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 05 Jun 2023 18:35:27 GMT

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ Frame 11BA 74 KB
26 KB 364ms
48ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e83a6e6d3b514c443964ced040878fe12d03f326240804355adc29084ed7ca8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:28 GMT
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 17:43:14 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 11BA 3 KB
3 KB 35ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c888348c8dacfc400c82f8d478c5355ae8e9b30ff7a976d157efba0180eac183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 16:54:28 GMT
content-md5: MBWvHSAOtizm+fy39TYi2g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 0qLNHCqRGwnRrVpICM9pSFnkCEJbeopsML5vJ01goDLofJS1E4wblIdkOKhxi4TtZbRPHyj8YCUB0mt7m1uMBg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: e6dc8ff2159d9ecbb89d10792353f296
cross-origin-opener-policy: same-origin-allow-popups
etag: "740d73b3625e8b87079c1471377e9a07"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 05 Jun 2023 17:11:05 GMT

GET
H2 200 sprite_3.png
cdn.ye-mek.net/grafik/ Frame 11BA 21 KB
21 KB 36ms
35ms Image
image/png 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by: Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ye-mek.net/maincss.css?v=434
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Jun 2023 16:54:28 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4174611
x-accel-date: 1681809457
content-length: 21525
x-77-nzt: AZySIYvIoOH/E7M/AA
x-accel-expires: @1713345457
last-modified: Mon, 14 May 2018 20:55:05 GMT
server: CDN77-Turbo
etag: "5af9f7a9-5415"
x-77-nzt-ray: cf878727ede9932c44137e64961cc420
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H3 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 11BA 307 KB
87 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=51bb2e2ba45f15c498596086b0b2dcfb

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

91c7496b7c9be699a6cd12b4417fc92a6c6644d2961621daa1c0e51ff3af8b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 16:54:28 GMT
content-md5: Sek3FeKYlPuzPKIpQPfAtQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88757
x-fb-rlafr: 0
x-fb-debug: D/38E5QmE2fmKRRswD3vhreg94f/7UsbbDA1OkW7IT8xD3A2O598vhxIZ++KaL+XmXCltsVYkj1n59fehaXxGA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 419d44c90c2f114d6b41010e1a0d72bc
cross-origin-opener-policy: same-origin-allow-popups
etag: "af54aafcb39c608901cd644c739d0d4d"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 04 Jun 2024 16:47:54 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 11BA 76 KB
25 KB 93ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa7070f6608a0e81c102e441a155acef767f68dad7a006467d35a2bc2a3538f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25308
x-xss-protection: 0
server: cafe
etag: 498 / 19513 / 31075020 / config-hash: 10797701864995568876
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 16:54:29 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 11BA 120 B
306 B 45ms
44ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:28 GMT
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame 010F 891 B
1 KB 48ms
46ms Document
text/html 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Mon, 05 Jun 2023 16:54:28 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 11BA 137 KB
47 KB 113ms
66ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f146cfc35ddd32ce5e5b1be928b15b51ad1698cb7d8a7efb6e4eb903d38cd72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47543
x-xss-protection: 0
server: cafe
etag: 3907405432550567060
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 16:54:29 GMT

GET
H2 200 prebid7.38.0.js Show response
static.virgul.com/theme/mockups/outside/ Frame 11BA 489 KB
182 KB 51ms
49ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:28 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:56:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 11BA 228 KB
56 KB 86ms
15ms Script
application/javascript 52.222.181.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.181.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-181-100.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:47:34 GMT
content-encoding: gzip
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 8c7d2e4b1dd1d9cc43ca7f060033ac40.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 19:17:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, HAM50-C1
age: 416
x-amz-server-side-encryption: AES256
etag: W/"d18b57a80b57082ffb531a2e077b3016"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: iH0TyhKDBuig8PyEU9M_G4FDechKEKpuvOM7_DLSaP8CV4BnQ7zOYg==

GET
H2 200 pageview Show response
ng.virgul.com/ Frame 11BA 33 KB
5 KB 141ms
67ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1685984068976&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.1291068841581402
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: f5171c16500e8917691e07df9e906bf25adb42caf8bf3f704a7cd50f557701b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/fallback/ Frame 11BA 12 KB
2 KB 86ms
85ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19513
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: gzip
last-modified: Wed, 31 May 2023 14:14:23 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 hb Show response
ng.virgul.com/ Frame 11BA 49 KB
5 KB 121ms
58ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=468328
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 056b37a8ef9455d3f77615c4083ffdd880b895384c89f8c16a8f6a6908fa1374

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/ Frame 11BA 406 KB
126 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e36af7b80897b61ec68d3c4e222b6367a4fea0143dbca2c6884aa4623feb040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14689
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128353
x-xss-protection: 0
server: cafe
etag: 2840082887590536516
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 04 Jun 2024 12:49:40 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 11BA 0
305 B 14ms
13ms XHR
text/plain 52.222.181.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.181.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-181-100.ham50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 15:05:04 GMT
via: 1.1 8c7d2e4b1dd1d9cc43ca7f060033ac40.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: HAM50-C1
age: 6564
x-cache: Hit from cloudfront
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: Pu0PqcAOs-nMDy86L3AztYeg_J_CGOEdMgMlU1FRzEp1uRvg8namZQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 11BA 6 KB
3 KB 40ms
13ms XHR
application/javascript 52.222.181.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.181.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-181-100.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding: gzip
via: 1.1 64c57433dbc269a88f86e72ae54bfe36.cloudfront.net (CloudFront)
date: Mon, 05 Jun 2023 01:39:37 GMT
x-amz-cf-pop: HAM50-C1
age: 54893
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 01:35:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: bagiVN8MBAXa1f8KxAH1WbBieGruYw9veN_AB-ZAHJC0hZBn__bMiA==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ Frame 11BA 351 KB
118 KB 93ms
79ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2eb1b176f87726fb502afa368e5fb38429d5bc523e2ff58a27712d803c5bd16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120659
x-xss-protection: 0
server: cafe
etag: 15352794945140978075
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 16:54:29 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/ Frame 58A7 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 13:00:21 GMT
etag: 15057649708203361565
expires: Mon, 19 Jun 2023 13:00:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 empowerwebplayer3.js Show response
static.virgul.com/theme/mockups/outside/ Frame 11BA 9 KB
3 KB 45ms
45ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 09:38:48 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 11BA 483 B
1 KB 45ms
13ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 16:54:29 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 955205
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liWrlIqlfhqLO%2Fa9C8p%2BBiRxK3sB0byWg%2FYni%2FKPn2J7vLO0fMHvj5UlwRV%2FpeGJA9cF8PoXx6ZZWJxNX9%2Bi%2B599UxskDIs6suLB9ji8YotgzlPilUNZj3opU4hHil9MH0ExKNKHeiJbo%2Bv2"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7d29f0108a7168fb-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 11BA 23 B
459 B 160ms
110ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=zS2rx3NCkGjEB&cb=0&ws=1600x1200&v=23.517.1921&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: KWDSJNF9F87Z4P65632H
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: o05gcrySFLBUkjkdSjKlzlyqM7wxjwnkaCHR3GeCNcC3BNcgaAvqpQ==

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/sites/ Frame 11BA 11 KB
5 KB 45ms
45ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=468328
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 09:08:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ Frame 11BA 17 KB
5 KB 47ms
8ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:51:54 GMT
content-encoding: gzip
age: 155
x-guploader-uploadid: ADPycdscSN_YR1RYZs1Zht4JFmN9Z4ob44ACvw1DFjfyfqbNRKCuYP5P1pvexZ_Q1zEcjr-Usa2AwOopPBN9H03trOz8kg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5009
last-modified: Mon, 05 Jun 2023 16:36:50 GMT
server: UploadServer
etag: "47a886353056caf33a998c6041e20896"
vary: Accept-Encoding
x-goog-generation: 1685983010517890
x-goog-hash: crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 5009
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ Frame 11BA 0
209 B 44ms
44ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1685984069166&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.5463418617280706
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 16:54:29 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 11BA 107 B
531 B 51ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 11BA 107 B
456 B 42ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 11BA 27 KB
11 KB 590ms
589ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=260274777520877&correlator=1855838011827012&eid=31074988%2C31075020&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685984068976%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet81c66b0a40f740ee981ee4f5d7c7fd04&sc=1&cdm=ye-mek.net&abxe=1&dt=1685984069193&lmt=1685984069&dlt=1685984068362&idt=766&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=bblm4avy9rvl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=2108588104.1685984069&ga_sid=1685984069&ga_hid=431588719&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9967d7206ebf35efa37bfb6fd26b27655d40118b2b3bf294821a512647a1d04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11332
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425583933
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8282 6 KB
3 KB 109ms
46ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 16:54:29 GMT
expires: Tue, 04 Jun 2024 16:54:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST /
hb.emxdgt.com/ Frame 11BA 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 11BA 0
189 B 98ms
32ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.38.0&cb=74154007216&lsavail=0

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 16:54:28 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 11BA 173 B
400 B 71ms
11ms XHR
application/json 3.125.195.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-195-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: df82fc1feae440a953d5e8ddf8f30f024f4511fdc9f354d99ed2e1c58877c42b

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: gzip
x-prebid: pbs-java/1.119.0
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 11BA 416 B
965 B 115ms
66ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862172&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=06c27ebb-f81c-41e8-acd2-293d684e3491%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&tk_flint=pbjs_lite_v7.38.0&x_source.tid=304f68ec-f2f1-449e-bb24-11b76f822329&l_pb_bid_id=114003e3a1b41f4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3489531051520218
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 969ebec6e7961d299490f6bda3e1175773050ca7eefa6be2bcec63263caf5569

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:29 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 416
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 11BA 410 B
735 B 162ms
113ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862174&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=06c27ebb-f81c-41e8-acd2-293d684e3491%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&tk_flint=pbjs_lite_v7.38.0&x_source.tid=f746137a-d194-442b-8649-d29c20a1e727&l_pb_bid_id=129a58bee49656f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.46419269700035026
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fa5102c8827ae170cce7b7ac4d5e8970dedf7023dc41cd21053c5f7d24af5687

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:29 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 410
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 11BA 404 B
730 B 149ms
100ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746578&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C55%2C57&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=06c27ebb-f81c-41e8-acd2-293d684e3491%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead&tk_flint=pbjs_lite_v7.38.0&x_source.tid=d8f929f4-9ee8-44d0-85c6-9151e8084935&l_pb_bid_id=13ba0c10c0ae411&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6686038396585474
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f86172806b19a319d6947325eb41f18d5a67930e36d2d5dd98005c9f23d4e9f7

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:29 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 404
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 11BA 398 B
724 B 162ms
115ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746730&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=06c27ebb-f81c-41e8-acd2-293d684e3491%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=f518d789-134e-467b-aab8-65936afc3ca5&l_pb_bid_id=14d81a7ff09d83a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7808572175470572
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 13be3f564953f22852963fe4d578f16d4303b84d522ed92923883fe79744d0f9

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:29 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 398
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 11BA 12 KB
6 KB 170ms
123ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746580&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=06c27ebb-f81c-41e8-acd2-293d684e3491%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=35604163-ae96-4ef9-b008-2ff154a3a8b5&l_pb_bid_id=1597a433eb64dbc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7766952114663199
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 49c10561c677f6393905ed175cef6fb8e7b41e4b7e316cd04ebb95d8325d9518

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 11BA 408 B
735 B 173ms
125ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862158&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=06c27ebb-f81c-41e8-acd2-293d684e3491%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&tk_flint=pbjs_lite_v7.38.0&x_source.tid=58c35f3c-07f4-4469-81a6-4b718a175ed0&l_pb_bid_id=1750e866f2c3702&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4220401557284892
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f9e3153fc8248b5d7f8642ec4296f31f3bde29328dc0be0890ef1569cafad4df

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:29 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 408
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 11BA 19 B
822 B 49ms
16ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 16:54:29 GMT
AN-X-Request-Uuid: 0838541d-b68f-44b4-8309-561d63f34224
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 146.70.117.119; 146.70.117.119; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 11BA 0
112 B 108ms
60ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 16:54:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 11BA 0
142 B 173ms
50ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=43&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Mon, 05 Jun 2023 16:54:29 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 11BA 0
141 B 218ms
96ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=45&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Mon, 05 Jun 2023 16:54:29 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 11BA 0
141 B 217ms
95ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=44&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Mon, 05 Jun 2023 16:54:29 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 11BA 0
141 B 172ms
50ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=80&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Mon, 05 Jun 2023 16:54:29 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 11BA 470 B
1 KB 46ms
18ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

234739666441df382d1271a78d052762a82b8340232aa67186b055dd6a529833

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 16:54:29 GMT
AN-X-Request-Uuid: b8347211-d39a-42b9-a556-879789d11e62
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 146.70.117.119; 146.70.117.119; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 470
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 11BA 0
528 B 114ms
57ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 11BA 24 B
397 B 61ms
24ms XHR
application/json 216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.38.0
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: d83b62d49ad47d63238f3e0d0257fd9a07517d7f2d4a71862d2a5b1ac5ec22b3

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 05 Jun 2023 16:54:29 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ye-mek.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 11BA 0
527 B 115ms
58ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 bid-request Show response
a.teads.tv/hb/ Frame 11BA 16 B
377 B 221ms
133ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Mon, 05 Jun 2023 16:54:29 GMT

POST
H2 204 prebid Show response
mp.4dex.io/ Frame 11BA 0
281 B 65ms
28ms XHR
text/plain 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:29 GMT
x-err: Parsing the Prebid Request. adrequest and manager domains do not match
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7d29f010fe5e368a-FRA
expires: 0

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ Frame 11BA 7 KB
3 KB 390ms
46ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19513
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Mon, 12 Jun 2023 16:54:29 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 11BA 74 KB
24 KB 33ms
19ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 16:54:29 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NMYYQ26E7ASZD4GN
Age: 802527
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: qVwmnnUaet5GOC0u0QNHEEcPDc+/iqAq9/yUcDGfDGEJItwcjB7L4ByLv69hSUOMX4H0I0lTdkg=
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WP3WFou3QFX7faDvwnIcnuVNBmWt2u282HrC%2FX%2BN0mpANH9nuoiGjuDJy%2BSu6AEhJWwoU5p8OL4zgJlCC2VJ%2BiZYeS5hoReEAHv%2BTwsfExiMGs%2FC32fQAjP3MlMVBD85i67dZ0AzTWF%2FkCCn"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY: 7d29f010ea7d30f9-FRA

GET
H2 200 zoneview
ng.virgul.com/ Frame 11BA 0
209 B 44ms
44ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1685984069253&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.5054475789314314
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 16:54:29 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 tag Show response
feed.pghub.io/ Frame 2E31 13 B
257 B 39ms
19ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Mon, 05 Jun 2023 16:54:29 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 11BA 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 11BA 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C84F 603 B
218 B 149ms
149ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685984069108&bpp=3&bdt=746&idt=245&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&nras=1&correlator=4273565171847&frm=24&ife=1&pv=2&ga_vid=2108588104.1685984069&ga_sid=1685984069&ga_hid=431588719&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31074198%2C31074580%2C44785292%2C44788441&oid=2&pvsid=260274777520877&tmod=370842348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.7ad3wz7fe0fv&fsb=1&dtd=261

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 16:54:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 11BA 361 KB
121 KB 67ms
25ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160d1864783c67f39eb03bef232d860b57aba8f26003317974a774a3d5146345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123219
x-xss-protection: 0
expires: Mon, 05 Jun 2023 16:54:29 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ Frame 11BA 398 KB
128 KB 50ms
50ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=6/5/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19513
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2023 18:51:56 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Mon, 12 Jun 2023 16:54:29 GMT

GET
H2 200 container.html Show response
ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AD39 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 16:54:29 GMT
expires: Tue, 04 Jun 2024 16:54:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AD39 24 KB
7 KB 48ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 09:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28107
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Jun 2024 09:06:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AD39 136 KB
46 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76306b9d8180fd3fb55e3407dd03fb7efe3f8c43ec801c13a9e414104016ecf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
Origin: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47362
x-xss-protection: 0
server: cafe
etag: 11793533129259513416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 16:54:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD39 171 KB
54 KB 58ms
31ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 16:54:29 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD39 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssijzxq75K6d-NQ2Zl-CB-uUSZt0OrWVrKWdOl05y0mstmDz98AfYx08yQ01TVyivhbkymVyk_-Z_9G6qfOiPjYgHe3xMAe8lp7q5O05R0-Ztegj5gnpeUJTVb2uq9rzeHZWIT5vdAtvU3BLNg0oevkCT1MVy_D7_Uf26SUsn73zCYzt4n78q3mENjzjes7wM_ps5OKciDTI_v0JxD4VqYK-yLDnpmxiMjydAKCrfcrga0XWmSXQ4uDcQIX5LxUdzHAmhblqhUhsACpf5JDm7ryrPGQlbqCNYIkcasoLYNNZiOFS9f-U8qa0yMPVVbGyFkjBbQROk8_QiBpQynXG2QeKFgKdxhuodJteYcDP2kVSaoxLwE&sai=AMfl-YRndUmPsY7sTUWrz6X1juOspt2QxxRcyGnDX9yaUf0csdvBfruVzRQEREtCbmCnm_i1l0BzVrhZfSv3-a-9cMcsMiSLy8n2h8mCVUy4ZDA&sig=Cg0ArKJSzAH7A8TrPbC6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Jun 2023 16:54:29 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ Frame AD39 351 KB
118 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5352b3b0a0852a22dee798975fdb3c764d664eeea3ffe84799e71aaf539a5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120659
x-xss-protection: 0
server: cafe
etag: 10792662746848641068
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 16:54:29 GMT

GET
DATA 200
OK truncated
/ Frame AD39 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65dee0fc000c61ffb078333e3d58c25d19d056ab9402149dd85e55918841a77c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 5ed7638be4b07a92411bbffe
ng2.virgul.com/tck/imp/ Frame 11BA 0
209 B 144ms
55ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7638be4b07a92411bbffe?g=1&t=gb&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685984068976&userId=vnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 16:54:30 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame AD39 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame AD39 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 40F5 0
16 B 216ms
216ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685984069923&bpp=8&bdt=91&idt=260&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&nras=1&correlator=3525878555178&frm=8&ife=1&pv=2&ga_vid=898662593.1685984070&ga_sid=1685984070&ga_hid=1715336396&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1228059428&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074198%2C31074990%2C42531706%2C44788442%2C31061690&oid=2&pvsid=2628914133262026&tmod=1170838230&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.qiawz9mto4ef&fsb=1&dtd=288

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 16:54:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 430B 31 KB
13 KB 417ms
416ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685984069931&bpp=2&bdt=99&idt=287&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3525878555178&frm=8&ife=1&pv=1&ga_vid=898662593.1685984070&ga_sid=1685984070&ga_hid=1715336396&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1228059428&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074198%2C31074990%2C42531706%2C44788442%2C31061690&oid=2&pvsid=2628914133262026&tmod=1170838230&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.a18k6d12addk&fsb=1&dtd=291

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36313a9137f8f92d2f01451a77a68f6688629136626f7fd3927bbda857a337eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13573
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 16:54:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 430B 3 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685984069931&bpp=2&bdt=99&idt=287&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3525878555178&frm=8&ife=1&pv=1&ga_vid=898662593.1685984070&ga_sid=1685984070&ga_hid=1715336396&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1228059428&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074198%2C31074990%2C42531706%2C44788442%2C31061690&oid=2&pvsid=2628914133262026&tmod=1170838230&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.a18k6d12addk&fsb=1&dtd=291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 08:52:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 430B 19 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 430B 0
0 40ms
16ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaROnRCa_VifSOWOkX-wxDn-PvC1YuxPg8lQ94Nxlw-TKFvT4iv4Ab3QYiafF3U8JPkYk-UQ1xsgwExxj_UUJ-88i0aNIA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685984069931&bpp=2&bdt=99&idt=287&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3525878555178&frm=8&ife=1&pv=1&ga_vid=898662593.1685984070&ga_sid=1685984070&ga_hid=1715336396&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1228059428&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074198%2C31074990%2C42531706%2C44788442%2C31061690&oid=2&pvsid=2628914133262026&tmod=1170838230&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.a18k6d12addk&fsb=1&dtd=291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 430B 171 KB
53 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 16:54:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 430B 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWs7uRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSuAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOi0yegyH1lPcijjwg2OQMNr7Kvp4R938iCCQ8YZW0bKiWaAgTivcYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjU5MzUyMzIxMDAxMDE1NBgA&sigh=CFe2dc3BKpY&uach_m=[UACH]&cid=CAQSKQBygQiDCceeZzayTqIooI75T_iCulnw-HmUAiIV2oziCe1M-QwIldBrGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685984069931&bpp=2&bdt=99&idt=287&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3525878555178&frm=8&ife=1&pv=1&ga_vid=898662593.1685984070&ga_sid=1685984070&ga_hid=1715336396&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1228059428&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074198%2C31074990%2C42531706%2C44788442%2C31061690&oid=2&pvsid=2628914133262026&tmod=1170838230&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.a18k6d12addk&fsb=1&dtd=291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Jun 2023 16:54:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 430B 0
0 49ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g3x9636anq9db8q4azf9j4t4kpkss538jqgvr52mnxevax9zxkfb3yk09s62atvfdxw9hwg03v9rf4gjgcg1s97vctxbn8whymwrq7c80pkkf3mdn0kdsqte1m6qxk2hhk1xpjtnysh5vng1t247x4m3bg3thhzhada9c6809henvc5w9x0rfrr1cfdz07wyq1k909c3kz2510xr77xjkwjvpde4b4yzkhj672479ykxbgc3vmmpaadfb95hnfp7gcstcyv4e03znk9b70rdsfqhx03yeqv28vg1mpsx2d2ghrn6ss244r49mxn9dnt8rvm29v05jppqjp0f54n56smz67cjwyxs9kkqkyygdhcfkq04wnbzfw82ws1m2vzvnam7scb25hsqkp5&b=ZH4TRgAEvLQKoQIMAAovDBeKYq-_MCvd80PiLA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685984069931&bpp=2&bdt=99&idt=287&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3525878555178&frm=8&ife=1&pv=1&ga_vid=898662593.1685984070&ga_sid=1685984070&ga_hid=1715336396&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1228059428&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074198%2C31074990%2C42531706%2C44788442%2C31061690&oid=2&pvsid=2628914133262026&tmod=1170838230&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.a18k6d12addk&fsb=1&dtd=291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Jun 2023 16:54:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 814D 2 KB
2 KB 55ms
29ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hq22wm0tg70b4qw183ey6afbt4ps0xvq6xnr8hbftq0m6wa60vb81m2z0dwzfsrha6dg5ycyge1dx4zkn0t4evkpxtren2w9kk2a84s7pta1df3m4nzqfnb7v5f0xhjx6rsac09kc8ddj43v40te3q7sbcdwhyw1gsf89h31vyv9vfqefehwrmt4q8v4tpq1k9asjqpsc2qsn6k31jc1jxm320fy9585b875wwbzqst8xh26kqsg8rnxmfwn4cnem455ea7by4axzq5b3mqvvetsgeedf147vhfjeth6bddpqa4c5zngt8m9a6b6d9ranrzgjnsdfwt9chgv0dvv3gatxpb5zwqa05dq54gpsrz1txh8rnt593h5y30a5kd1bebax5dtwq5k6fjpe6rq5bvzy6vymftkpw4a28cgtjy66sxntvvdszbnhxt9d8p94h3bj2f7r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%26client%3Dca-pub-6593523210010154%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c2f211a9a1c8e677c96690bac96daf02a90ddfa51b894d4c54949294eefc17d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d29f019f8fb6961-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 16:54:30 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CFA7 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 12:05:32 GMT
etag: 48472445140208031
expires: Tue, 06 Jun 2023 12:05:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 430B 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7505589e892ed8db8c8ef71412e41cf0aebb1ebc5bd43ab0d0c727790850bfc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame CFA7 35 B
465 B 40ms
8ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOZfTKQifqBZ5Vg_Do5n1YU&google_cver=1&google_push=ATf1kGOCT12mKJ2N0viNX2INGiWk-XVDngg4tb1IXV-RX9w3kFiAjwHu7G_4DuFURXuvIUIxGl3HTFbOl3pKTa6eFuS0c0VlRUEQ-oQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame CFA7 0
104 B 87ms
23ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHBqVBKC9Yne92QmjNodDhM&google_cver=1&google_push=ATf1kGMHc6X9sJMqBUTubQqZvs7Ve3ErJQWPsYQUEhCZHAAvKeniH_cq_N5tm2aqk0a5e3bFx-7N7oAC0lvG86R3UG3GFK2cZpcA2cg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685984069931&bpp=2&bdt=99&idt=287&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3525878555178&frm=8&ife=1&pv=1&ga_vid=898662593.1685984070&ga_sid=1685984070&ga_hid=1715336396&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1228059428&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074198%2C31074990%2C42531706%2C44788442%2C31061690&oid=2&pvsid=2628914133262026&tmod=1170838230&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.a18k6d12addk&fsb=1&dtd=291
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:30 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame CFA7
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGSDPCMupWDaKU-N2sAHzHI&google_cver=1&google_push=ATf1kGO5l-04Bz3C0dl_Y7XpwgJNmFve9Teu2jLTD_mBFeBxxBHRF_yJZRta93L4Ao9bTcdn-wHbFi3Qu-9wVnaIQkizdN-uxKuO_...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGSDPCMupWDaKU-N2sAHzHI&google_cver=1&google_push=ATf1kGO5l-04Bz3C0dl_Y7XpwgJNmFve9Teu2jLTD_mBFeBxxBHRF_yJZRta93L4Ao9bTcdn-wHbFi3Qu-9wVnaIQkizdN-uxKu...

43 B
424 B

197ms
187ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGSDPCMupWDaKU-N2sAHzHI&google_cver=1&google_push=ATf1kGO5l-04Bz3C0dl_Y7XpwgJNmFve9Teu2jLTD_mBFeBxxBHRF_yJZRta93L4Ao9bTcdn-wHbFi3Qu-9wVnaIQkizdN-uxKuO_rY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO5l-04Bz3C0dl_Y7XpwgJNmFve9Teu2jLTD_mBFeBxxBHRF_yJZRta93L4Ao9bTcdn-wHbFi3Qu-9wVnaIQkizdN-uxKuO_rY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d29f01c2e5e1c05-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 108
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGSDPCMupWDaKU-N2sAHzHI&google_cver=1&google_push=ATf1kGO5l-04Bz3C0dl_Y7XpwgJNmFve9Teu2jLTD_mBFeBxxBHRF_yJZRta93L4Ao9bTcdn-wHbFi3Qu-9wVnaIQkizdN-uxKuO_rY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO5l-04Bz3C0dl_Y7XpwgJNmFve9Teu2jLTD_mBFeBxxBHRF_yJZRta93L4Ao9bTcdn-wHbFi3Qu-9wVnaIQkizdN-uxKuO_rY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d29f01a2bb41c05-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CFA7
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMmKVfF3hO2X30n-dr0jlV0&google_cver=1&google_push=ATf1kGO-p0Qe7HFWC-JeVG6f_p4VE00i3lwFOme4pWusEQX-2Ic53oIH_j0bkEMkuObcv2bDWhfi9I-QO1Ga0jSKwwMPt5DyMlyPUCo
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EBB910D43EBE4C65834507AB2D312192&google_push=ATf1kGO-p0Qe7HFWC-JeVG6f_p4VE00i3lwFOme4pWusEQX-2Ic53oIH_j0bkEMkuObcv2bDWhfi9I-QO1Ga0jS...

170 B
329 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EBB910D43EBE4C65834507AB2D312192&google_push=ATf1kGO-p0Qe7HFWC-JeVG6f_p4VE00i3lwFOme4pWusEQX-2Ic53oIH_j0bkEMkuObcv2bDWhfi9I-QO1Ga0jSKwwMPt5DyMlyPUCo

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 05 Jun 2023 16:54:30 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EBB910D43EBE4C65834507AB2D312192&google_push=ATf1kGO-p0Qe7HFWC-JeVG6f_p4VE00i3lwFOme4pWusEQX-2Ic53oIH_j0bkEMkuObcv2bDWhfi9I-QO1Ga0jSKwwMPt5DyMlyPUCo
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 04 Jun 2023 16:54:30 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame CFA7 0
173 B 51ms
15ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAK1y1J1RRFNM8Pk4r6MgFA&google_cver=1&google_push=ATf1kGO-0HvFltFpSwVSxcR8c-exZfkPGoIBdBSsdJ4kRuRSUYaTrhPFfOYXhA9GKkaGUmY9DMGNeH57oMSvbXZuk1y1r_BbgcnReOI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685984069931&bpp=2&bdt=99&idt=287&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3525878555178&frm=8&ife=1&pv=1&ga_vid=898662593.1685984070&ga_sid=1685984070&ga_hid=1715336396&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1228059428&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074198%2C31074990%2C42531706%2C44788442%2C31061690&oid=2&pvsid=2628914133262026&tmod=1170838230&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.a18k6d12addk&fsb=1&dtd=291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 451 466606.gif
id.rlcdn.com/ Frame CFA7 0
98 B 49ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DATf1kGO1bk4K8J9PtY9-s1u_8RqBP6BzgEB7EASm3S51rBaOTs029jsVFRfOpzU_67VX0Fjw83setoiM0K1Yo400tMRDggM346Xiq5E&google_gid=CAESECj3Na2tSmDXvshLM_GeKgA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685984069931&bpp=2&bdt=99&idt=287&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3525878555178&frm=8&ife=1&pv=1&ga_vid=898662593.1685984070&ga_sid=1685984070&ga_hid=1715336396&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1228059428&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31074198%2C31074990%2C42531706%2C44788442%2C31061690&oid=2&pvsid=2628914133262026&tmod=1170838230&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.a18k6d12addk&fsb=1&dtd=291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame CFA7 43 B
363 B 58ms
16ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEIdqbpE26wqMtX3RI_5TuZ0&google_cver=1&google_push=ATf1kGNOKXRjQ-47YWw0sd1DEz3fx_h5tF55UzZELLi6J-Dx4Mgw5pKN6WLg6hLvLIhswjTEFmQ_14FbVsKkwZNd9RsvRDkiz_ppgVo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:30 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 266905
expires: Mon, 05 Jun 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CFA7 0
130 B 63ms
16ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JKSAv5l3RcfI4jKzZEsxP4kxCDpn-hz44_9n1RVav547xS365HftG6Ov1kvh9wmKA4-kgJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 11BA 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 11BA 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 11BA 59 KB
13 KB 646ms
646ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=260274777520877&correlator=3513801268391436&eid=31074988%2C31075020&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160%7C640x205&fluid=height&ifi=3&adks=3050045420&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685984068976%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet81c66b0a40f740ee981ee4f5d7c7fd04&sc=1&cdm=ye-mek.net&abxe=1&dt=1685984070758&lmt=1685984070&dlt=1685984068362&idt=766&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=osdhjnvg2lsj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=996x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvgiOjZHh7WNsAOOYLf1oNLnNH5K33vohe9hIpTkjMB3DHN6hu5CcJhMiBYWgV-0E5U_HIqNYV7uxSa6uXf8Bg&ga_vid=2108588104.1685984069&ga_sid=1685984069&ga_hid=431588719&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eecf3dcd56d779d0a06fbee253d578ad8ba84f08d8c5fdb918f90d054b13d935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13550
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 11BA 57 KB
13 KB 645ms
644ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=260274777520877&correlator=890502210485544&eid=31074988%2C31075020&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=4&adks=3299242717&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.63%26hb_adid%3D6816bca7e168b31%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D0.63%26hb_adid_rubicon%3D6816bca7e168b31%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D0.63&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685984068976%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet81c66b0a40f740ee981ee4f5d7c7fd04&sc=1&cdm=ye-mek.net&abxe=1&dt=1685984070761&lmt=1685984070&dlt=1685984068362&idt=766&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=fnfutj4hrfvs&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvgiOjZHh7WNsAOOYLf1oNLnNH5K33vohe9hIpTkjMB3DHN6hu5CcJhMiBYWgV-0E5U_HIqNYV7uxSa6uXf8Bg&ga_vid=2108588104.1685984069&ga_sid=1685984069&ga_hid=431588719&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

489a317285add37c0fa5a737657dffc0bbc3517a459ad216abf276ef99a05ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13288
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 11BA 34 KB
13 KB 613ms
612ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=260274777520877&correlator=3932119958303238&eid=31074988%2C31075020&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=5&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685984068976%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet81c66b0a40f740ee981ee4f5d7c7fd04&sc=1&cdm=ye-mek.net&abxe=1&dt=1685984070764&lmt=1685984070&dlt=1685984068362&idt=766&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=u4ejxqe4exow&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvgiOjZHh7WNsAOOYLf1oNLnNH5K33vohe9hIpTkjMB3DHN6hu5CcJhMiBYWgV-0E5U_HIqNYV7uxSa6uXf8Bg&ga_vid=2108588104.1685984069&ga_sid=1685984069&ga_hid=431588719&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5db79bf00b004754c8301b08701190a9568a8cf791f7f1ac2bb533e8f50d9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13744
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 11BA 65 KB
14 KB 471ms
470ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=260274777520877&correlator=1387360083620259&eid=31074988%2C31075020&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=6&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685984068976%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet81c66b0a40f740ee981ee4f5d7c7fd04&sc=1&cdm=ye-mek.net&abxe=1&dt=1685984070767&lmt=1685984070&dlt=1685984068362&idt=766&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=2cbw3vrbnztu&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvgiOjZHh7WNsAOOYLf1oNLnNH5K33vohe9hIpTkjMB3DHN6hu5CcJhMiBYWgV-0E5U_HIqNYV7uxSa6uXf8Bg&ga_vid=2108588104.1685984069&ga_sid=1685984069&ga_hid=431588719&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97fbb170cc281658edc47d9ad9cc2491a98d5de011851ef93831bf0282d14ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14132
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 11BA 34 KB
13 KB 455ms
454ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=260274777520877&correlator=2309596229845478&eid=31074988%2C31075020&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=7&adks=3203893797&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685984068976%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet81c66b0a40f740ee981ee4f5d7c7fd04&sc=1&cdm=ye-mek.net&abxe=1&dt=1685984070770&lmt=1685984070&dlt=1685984068362&idt=766&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=47xwz1l95scv&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvgiOjZHh7WNsAOOYLf1oNLnNH5K33vohe9hIpTkjMB3DHN6hu5CcJhMiBYWgV-0E5U_HIqNYV7uxSa6uXf8Bg&ga_vid=2108588104.1685984069&ga_sid=1685984069&ga_hid=431588719&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56456e2f1ddccefe6bc16fceaca7691690d940879347f36441e9a97f60805a69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13733
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 11BA 63 KB
14 KB 423ms
423ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=260274777520877&correlator=3430893994801202&eid=31074988%2C31075020&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=8&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685984068976%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet81c66b0a40f740ee981ee4f5d7c7fd04&sc=1&cdm=ye-mek.net&abxe=1&dt=1685984070773&lmt=1685984070&dlt=1685984068362&idt=766&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=vy956ukcti08&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvgiOjZHh7WNsAOOYLf1oNLnNH5K33vohe9hIpTkjMB3DHN6hu5CcJhMiBYWgV-0E5U_HIqNYV7uxSa6uXf8Bg&ga_vid=2108588104.1685984069&ga_sid=1685984069&ga_hid=431588719&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7512cb0f04e0257fc12aee6f77ae3d539d573c1951b8cbdd4521c74d5153205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13985
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ Frame 11BA 89 KB
29 KB 55ms
26ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 06 Jun 2023 16:54:30 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 814D 103 KB
13 KB 18ms
17ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hq22wm0tg70b4qw183ey6afbt4ps0xvq6xnr8hbftq0m6wa60vb81m2z0dwzfsrha6dg5ycyge1dx4zkn0t4evkpxtren2w9kk2a84s7pta1df3m4nzqfnb7v5f0xhjx6rsac09kc8ddj43v40te3q7sbcdwhyw1gsf89h31vyv9vfqefehwrmt4q8v4tpq1k9asjqpsc2qsn6k31jc1jxm320fy9585b875wwbzqst8xh26kqsg8rnxmfwn4cnem455ea7by4axzq5b3mqvvetsgeedf147vhfjeth6bddpqa4c5zngt8m9a6b6d9ranrzgjnsdfwt9chgv0dvv3gatxpb5zwqa05dq54gpsrz1txh8rnt593h5y30a5kd1bebax5dtwq5k6fjpe6rq5bvzy6vymftkpw4a28cgtjy66sxntvvdszbnhxt9d8p94h3bj2f7r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hq22wm0tg70b4qw183ey6afbt4ps0xvq6xnr8hbftq0m6wa60vb81m2z0dwzfsrha6dg5ycyge1dx4zkn0t4evkpxtren2w9kk2a84s7pta1df3m4nzqfnb7v5f0xhjx6rsac09kc8ddj43v40te3q7sbcdwhyw1gsf89h31vyv9vfqefehwrmt4q8v4tpq1k9asjqpsc2qsn6k31jc1jxm320fy9585b875wwbzqst8xh26kqsg8rnxmfwn4cnem455ea7by4axzq5b3mqvvetsgeedf147vhfjeth6bddpqa4c5zngt8m9a6b6d9ranrzgjnsdfwt9chgv0dvv3gatxpb5zwqa05dq54gpsrz1txh8rnt593h5y30a5kd1bebax5dtwq5k6fjpe6rq5bvzy6vymftkpw4a28cgtjy66sxntvvdszbnhxt9d8p94h3bj2f7r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 953721
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4A8wzR0PbfcGxhAC%2FlGw75sPhP9FDl%2F0CsyC2uxJwajOP9AlG9X35sLs6g%2BaF1QIlfJ2XHvxZ1ZhCjo3NzOwPnDWPd126rQHnTYge6HqsFFVtrwoOoR%2FpzHPLP3VDchaBciCCcs2ir0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7d29f01a69766961-FRA
expires: Mon, 05 Jun 2023 17:54:30 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 814D 25 KB
10 KB 36ms
20ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hq22wm0tg70b4qw183ey6afbt4ps0xvq6xnr8hbftq0m6wa60vb81m2z0dwzfsrha6dg5ycyge1dx4zkn0t4evkpxtren2w9kk2a84s7pta1df3m4nzqfnb7v5f0xhjx6rsac09kc8ddj43v40te3q7sbcdwhyw1gsf89h31vyv9vfqefehwrmt4q8v4tpq1k9asjqpsc2qsn6k31jc1jxm320fy9585b875wwbzqst8xh26kqsg8rnxmfwn4cnem455ea7by4axzq5b3mqvvetsgeedf147vhfjeth6bddpqa4c5zngt8m9a6b6d9ranrzgjnsdfwt9chgv0dvv3gatxpb5zwqa05dq54gpsrz1txh8rnt593h5y30a5kd1bebax5dtwq5k6fjpe6rq5bvzy6vymftkpw4a28cgtjy66sxntvvdszbnhxt9d8p94h3bj2f7r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 529715
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOdQn8CUioXfqYBsw5ayOLmQ%2F%2BlefHdEyqvKG2nbMRldwVz8f%2FtUhM9425zZA75mKipBbeLlfw1YznWdPpUDzNko2mTwchrGXSuMdjlys9Gk2K6OJOC43fDwOEgllKdhzLQFvOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7d29f01a898c6961-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 23 May 2023 13:46:09 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 814D 3 KB
4 KB 54ms
19ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 796
x-guploader-uploadid: ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kX9T9zK6XxjdHhzx7YX43%2FKyxo2F6%2FxXALYmZjna2p1Ut3MKLcVDH6f8puuUtBdbmEecwZ5EitJ3W2svyq6mjlMm4plJLgQzYDKqyJk1z9dxS4c9y0y%2FbEP7rzzxtP%2FamsCmJs8z62MZPbfbeXUTrYcx"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7d29f01aec453a90-FRA
expires: Mon, 05 Jun 2023 17:41:14 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame D619 2 KB
1 KB 20ms
20ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 683808
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7d29f01aaf0a91f0-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 05 Jun 2023 16:54:30 GMT
expires: Mon, 08 May 2023 00:16:30 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sH6d1C3HLcYVgTFk5u1EwAI7gxAd5aZ3rSbIrNSZYqaJADwCnEG%2BBom7EdfSKB0lbGWigyBTLBjBaeNP86vxXPcI1FhhWsOAMLAvFuMi6Yj7fuy%2Fn%2F%2FcBd7yiPgNx3gfpS%2BNtag%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 11BA 94 KB
30 KB 52ms
26ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-176eb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 06 Jun 2023 16:54:30 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 814D 1 KB
2 KB 36ms
32ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9af65951d79619df5e0bcaae28144bc0ecd67021555dfe10a56d0b4f53bc6ae3

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBDiP8P7Zd1ZOftg5hMRCMWrRarnkCCwE3MEzP%2BCbsRr6Oey9RxrcMC19eq2GEfnw89CPqj5lliQqfc%2BnfC4Mw03jlGcVWyzuG%2BXADRv%2Fz67Piv5fXzcTocfPe8NItBPpeFE8hs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7d29f01b2bd82c04-FRA
x-backend-server: aa-reachservice-group-europe-west1-4gk8
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 39ms
29ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d29f01aeb7a2c04-FRA
content-length: 24
content-type: text/plain
date: Mon, 05 Jun 2023 16:54:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyL%2BP6gDgJ69%2BIUciaEwbj52dk1GifNoHz2luZyX58UxYdHWxbGwSANR0XOtqhvndmFtp5VLygFh%2BVy%2F5KinoPvbHdUrU5UFVhsHnUowFPomyFWMMaUJBftFKvsrgxm1qVXq6Zs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-4gk8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD39 0
0 65ms
44ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurgtGGCT_SRkXiRta8L2Zp1iQSaXBcL6SDgK2HfhGepxkLij5KkEQwbE6qpWJ9rjoqt4FaPOsq-ghd901rMpxRDFx66Tt5LJi6JQmSAOFUbejAZoZd52PFdqGRn_1VtJusBnVZQ87w_Zy9m7Nda07Iyzx5B7h0UMfKpDgX71I7uIVJo_R7vy83oYYA3JWkmuzawy_QbAq1GpHlw-c90wPe8jd8T_3t6I7ff55UDdkrvH0C2guyTQVFzfT_JbwjU4xasIJACYb2gXXzaQOmOJ4cKkFniN25BjuRFBvBuIk51Bu8n9QMsKRGwvLtHrzV43_MBq0LJsNzZkwVmUzAcelPVIv5VG9UXXzRVAXFSRtwGzm3WdUV6Q&sai=AMfl-YRLAPdovEyQRPMLWKNlbp5vgCpfMH488iLxUvcZ9FgS_TH2qqmbcGaozYMcxpEbNJGMCGn-fqGsrhYt0nval7QLsgd2YssuF__8ODImHEk&sig=Cg0ArKJSzC5bfNCY4103EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Jun 2023 16:54:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AD39 15 KB
11 KB 65ms
62ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230531&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0ea2de6d9d4d99d50f57e16a797fd567a85b44ed32ed9b6c9e72a81ec3512c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11319
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 11BA 14 KB
11 KB 56ms
55ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22b67f32725810acdb8b53d87507d305416bb50e4ed3d92f44eb0f458d2b9d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11179
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EEDB 15 KB
6 KB 44ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 16:54:30 GMT
server: Kestrel
server-processing-duration-in-ticks: 431490
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame E635 10 KB
4 KB 30ms
29ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2ab03750c7968da47e1573cd8d172faa%2F9086229262986773378&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685984070891&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kdp4eea03rje118v4xc895e707nwmh2mf4j6ggk6p9gxhwp1pwycw1t61c7kgxqnj0v646qmd032aw8b4gwgh6zzy6jvn26f8szyb2kmkbgqhp71tkervpfzskqqeec9hbxmf1bhff0ra7ka1pce9c19p6kp3vr9a3jss2cyg9rg7b7n5kq6kp9b15bbxmgve0a4dt7wt14qwg4qeb838kbx0atk4bvhrjra19j1ekk0ay667v1jp41kah89zsgvcv7cg150rj3x2mhhsscmx3jq4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30236662b71c82e831449138ce08eadd67da6494def298f3c64d4674a6512497

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hq22wm0tg70b4qw183ey6afbt4ps0xvq6xnr8hbftq0m6wa60vb81m2z0dwzfsrha6dg5ycyge1dx4zkn0t4evkpxtren2w9kk2a84s7pta1df3m4nzqfnb7v5f0xhjx6rsac09kc8ddj43v40te3q7sbcdwhyw1gsf89h31vyv9vfqefehwrmt4q8v4tpq1k9asjqpsc2qsn6k31jc1jxm320fy9585b875wwbzqst8xh26kqsg8rnxmfwn4cnem455ea7by4axzq5b3mqvvetsgeedf147vhfjeth6bddpqa4c5zngt8m9a6b6d9ranrzgjnsdfwt9chgv0dvv3gatxpb5zwqa05dq54gpsrz1txh8rnt593h5y30a5kd1bebax5dtwq5k6fjpe6rq5bvzy6vymftkpw4a28cgtjy66sxntvvdszbnhxt9d8p94h3bj2f7r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%26client%3Dca-pub-6593523210010154%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d29f01b680891f0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 16:54:30 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2

200

sid Show response
mug.criteo.com/ Frame EEDB
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=O9-MYHxGNGpQV3NGWFNpUU5Ra052RTQ4WUd1Qi9wSkxzaENjWDkvdmF5elE5aFBZN084eVZsQmxEM3pZbStHWDhiSjd6bGhBUk9vZjVNV1prY3pxWW9VM1FEd3ZmMngva0tLWWxEZ1BkZmFwSTgrM3Y0czNiTXpiSXN2T3...

436 B
655 B

81ms
16ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=O9-MYHxGNGpQV3NGWFNpUU5Ra052RTQ4WUd1Qi9wSkxzaENjWDkvdmF5elE5aFBZN084eVZsQmxEM3pZbStHWDhiSjd6bGhBUk9vZjVNV1prY3pxWW9VM1FEd3ZmMngva0tLWWxEZ1BkZmFwSTgrM3Y0czNiTXpiSXN2T3loTllQYWNnVUFwL0NGVDhINE01L2Jicm1HMmdwd2pxVnkyNVFlZ0JiS2t6MVJaWjRCOU1vOHRxOTRkQ2VkTENWdWExVVRLWkFsSXVrT1FwKzZCd0NzbFlkZlRTc3RQdHZjRWFWaFhZVkl1b1p4NjdvTkRxWEZ1NkswbG5Nc2VXMVBLVkhZNFU0Um1kVlRVTnovSDRwUjM5TjBsQ0hXOW1HaTQ4clpIeW1oT3IrN0VvTnh4ST18&cppv=2

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

124bbc802d717cf030379ba108adafeba483ac04b6cce7004552c9898892723d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:30 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1354913
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=O9-MYHxGNGpQV3NGWFNpUU5Ra052RTQ4WUd1Qi9wSkxzaENjWDkvdmF5elE5aFBZN084eVZsQmxEM3pZbStHWDhiSjd6bGhBUk9vZjVNV1prY3pxWW9VM1FEd3ZmMngva0tLWWxEZ1BkZmFwSTgrM3Y0czNiTXpiSXN2T3loTllQYWNnVUFwL0NGVDhINE01L2Jicm1HMmdwd2pxVnkyNVFlZ0JiS2t6MVJaWjRCOU1vOHRxOTRkQ2VkTENWdWExVVRLWkFsSXVrT1FwKzZCd0NzbFlkZlRTc3RQdHZjRWFWaFhZVkl1b1p4NjdvTkRxWEZ1NkswbG5Nc2VXMVBLVkhZNFU0Um1kVlRVTnovSDRwUjM5TjBsQ0hXOW1HaTQ4clpIeW1oT3IrN0VvTnh4ST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 319911
content-length: 0
expires: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AD39 17 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 16:54:31 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 11BA 17 KB
6 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 16:54:31 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame E635 103 KB
13 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2ab03750c7968da47e1573cd8d172faa%2F9086229262986773378&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685984070891&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kdp4eea03rje118v4xc895e707nwmh2mf4j6ggk6p9gxhwp1pwycw1t61c7kgxqnj0v646qmd032aw8b4gwgh6zzy6jvn26f8szyb2kmkbgqhp71tkervpfzskqqeec9hbxmf1bhff0ra7ka1pce9c19p6kp3vr9a3jss2cyg9rg7b7n5kq6kp9b15bbxmgve0a4dt7wt14qwg4qeb838kbx0atk4bvhrjra19j1ekk0ay667v1jp41kah89zsgvcv7cg150rj3x2mhhsscmx3jq4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2ab03750c7968da47e1573cd8d172faa%2F9086229262986773378&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685984070891&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kdp4eea03rje118v4xc895e707nwmh2mf4j6ggk6p9gxhwp1pwycw1t61c7kgxqnj0v646qmd032aw8b4gwgh6zzy6jvn26f8szyb2kmkbgqhp71tkervpfzskqqeec9hbxmf1bhff0ra7ka1pce9c19p6kp3vr9a3jss2cyg9rg7b7n5kq6kp9b15bbxmgve0a4dt7wt14qwg4qeb838kbx0atk4bvhrjra19j1ekk0ay667v1jp41kah89zsgvcv7cg150rj3x2mhhsscmx3jq4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 4512
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22M4TB5AXASrFXVmzZTtxfhk2Ft%2FtjAljnawtueN%2FYAsohqBa0UlDNd%2BBn8DdgtCPVQzVn4OaULlvIi78LYfIT43kUbF6atHwJyEDHz1K%2BVkPW4lU36B%2FBn0%2FgXOG21cM1FudNn2%2FlM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7d29f01ba87a91f0-FRA
expires: Mon, 05 Jun 2023 17:54:31 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame E635 5 KB
5 KB 48ms
31ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2ab03750c7968da47e1573cd8d172faa%2F9086229262986773378&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685984070891&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kdp4eea03rje118v4xc895e707nwmh2mf4j6ggk6p9gxhwp1pwycw1t61c7kgxqnj0v646qmd032aw8b4gwgh6zzy6jvn26f8szyb2kmkbgqhp71tkervpfzskqqeec9hbxmf1bhff0ra7ka1pce9c19p6kp3vr9a3jss2cyg9rg7b7n5kq6kp9b15bbxmgve0a4dt7wt14qwg4qeb838kbx0atk4bvhrjra19j1ekk0ay667v1jp41kah89zsgvcv7cg150rj3x2mhhsscmx3jq4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 501973
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o388wxzULCKFXRrFX%2BttG5msIWYhW8Zi%2FUwG8L0mPzhSJ4neKPg%2BRvQjfrxYqn69bxR1L4eCXHrP%2FevSyiVzVcUbTU65DJtJ0BEN%2Fp3m6RwiqDr04LXLga4UKOOzIWtY7OqvL8SdF9i%2FFJBI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d29f01bcafe6961-FRA
expires: Tue, 06 Jun 2023 16:54:31 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame E635 91 KB
91 KB 37ms
23ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2ab03750c7968da47e1573cd8d172faa%2F9086229262986773378&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685984070891&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kdp4eea03rje118v4xc895e707nwmh2mf4j6ggk6p9gxhwp1pwycw1t61c7kgxqnj0v646qmd032aw8b4gwgh6zzy6jvn26f8szyb2kmkbgqhp71tkervpfzskqqeec9hbxmf1bhff0ra7ka1pce9c19p6kp3vr9a3jss2cyg9rg7b7n5kq6kp9b15bbxmgve0a4dt7wt14qwg4qeb838kbx0atk4bvhrjra19j1ekk0ay667v1jp41kah89zsgvcv7cg150rj3x2mhhsscmx3jq4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 511331
cf-polished: origSize=105738, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 92686
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86TrcZUWeIQYhRtBs229FhRfhvX8kFgct2iLcqylBWuJwvLxOm2pEfNmAcXDvfnx8N%2Fm93M2ZtGi%2BS6ATXaLbndDr%2FDeIHy1F%2FIY0w%2BU8EF4pQ8CumUOLH3%2Bno5pbv5bIGWOx6VejHRT%2BBhQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d29f01bcb076961-FRA
expires: Tue, 06 Jun 2023 16:54:31 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame E635 2 KB
3 KB 49ms
35ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2ab03750c7968da47e1573cd8d172faa%2F9086229262986773378&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685984070891&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kdp4eea03rje118v4xc895e707nwmh2mf4j6ggk6p9gxhwp1pwycw1t61c7kgxqnj0v646qmd032aw8b4gwgh6zzy6jvn26f8szyb2kmkbgqhp71tkervpfzskqqeec9hbxmf1bhff0ra7ka1pce9c19p6kp3vr9a3jss2cyg9rg7b7n5kq6kp9b15bbxmgve0a4dt7wt14qwg4qeb838kbx0atk4bvhrjra19j1ekk0ay667v1jp41kah89zsgvcv7cg150rj3x2mhhsscmx3jq4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1319806
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EabV1LJxQGfHkREmB%2B1Z9qQWnxcmQnlCVYYu7kCaCMpQQ0NFq%2FXE1L9IhLtpIZOWiDZ92544vFFjIvhb84PNEYLE1AoPsVHnLboe5hpt4ZEUs8yf8bqnnKp1vtVzzNr3VoIWVLiDX4fzDZuE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d29f01bcb036961-FRA
expires: Tue, 06 Jun 2023 16:54:31 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame E635 496 KB
497 KB 48ms
34ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2ab03750c7968da47e1573cd8d172faa%2F9086229262986773378&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685984070891&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kdp4eea03rje118v4xc895e707nwmh2mf4j6ggk6p9gxhwp1pwycw1t61c7kgxqnj0v646qmd032aw8b4gwgh6zzy6jvn26f8szyb2kmkbgqhp71tkervpfzskqqeec9hbxmf1bhff0ra7ka1pce9c19p6kp3vr9a3jss2cyg9rg7b7n5kq6kp9b15bbxmgve0a4dt7wt14qwg4qeb838kbx0atk4bvhrjra19j1ekk0ay667v1jp41kah89zsgvcv7cg150rj3x2mhhsscmx3jq4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e61c4c6f2c0c52c9b5dadb303f0db1128715c2e8819a50b1d24c6d7089fbebb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1204829
cf-polished: origSize=563367, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 508355
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5NDPkuPP73uQEopIs3H4wjNTSPafisWxrIZm1Ramew%2FDUqqughcS%2FEqyPlkMHWlGI%2F%2BIAxX2Zm2m8q0eQBNlA17Gz%2BDCTDsp1iVGSqLTV2S7OBo%2FsPupIaQS%2F%2BoiDhc5lzSdTfQoaMFNKjl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d29f01bcb016961-FRA
expires: Tue, 06 Jun 2023 16:54:31 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E635 43 B
705 B 85ms
61ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2ab03750c7968da47e1573cd8d172faa%2F9086229262986773378&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685984070891&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kdp4eea03rje118v4xc895e707nwmh2mf4j6ggk6p9gxhwp1pwycw1t61c7kgxqnj0v646qmd032aw8b4gwgh6zzy6jvn26f8szyb2kmkbgqhp71tkervpfzskqqeec9hbxmf1bhff0ra7ka1pce9c19p6kp3vr9a3jss2cyg9rg7b7n5kq6kp9b15bbxmgve0a4dt7wt14qwg4qeb838kbx0atk4bvhrjra19j1ekk0ay667v1jp41kah89zsgvcv7cg150rj3x2mhhsscmx3jq4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 16:54:31 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame E635 36 KB
36 KB 44ms
30ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2ab03750c7968da47e1573cd8d172faa%2F9086229262986773378&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685984070891&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kdp4eea03rje118v4xc895e707nwmh2mf4j6ggk6p9gxhwp1pwycw1t61c7kgxqnj0v646qmd032aw8b4gwgh6zzy6jvn26f8szyb2kmkbgqhp71tkervpfzskqqeec9hbxmf1bhff0ra7ka1pce9c19p6kp3vr9a3jss2cyg9rg7b7n5kq6kp9b15bbxmgve0a4dt7wt14qwg4qeb838kbx0atk4bvhrjra19j1ekk0ay667v1jp41kah89zsgvcv7cg150rj3x2mhhsscmx3jq4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1034531
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xa1FxsnDbzddeWkMDbg3B%2BSLb795VEVef6gAaZge7pRD6T%2FhxaHAJnbDPOUb0NO9W%2BLjMMcIAG8tQZM669JAL%2B3oYCKx3XJrHnRZNMJOUzcvglW6v2zfz7RjDMAPmDx0zGr8BhQVFIzEzN9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d29f01bcafa6961-FRA
expires: Tue, 06 Jun 2023 16:54:31 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame E635 28 KB
28 KB 44ms
31ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2ab03750c7968da47e1573cd8d172faa%2F9086229262986773378&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685984070891&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kdp4eea03rje118v4xc895e707nwmh2mf4j6ggk6p9gxhwp1pwycw1t61c7kgxqnj0v646qmd032aw8b4gwgh6zzy6jvn26f8szyb2kmkbgqhp71tkervpfzskqqeec9hbxmf1bhff0ra7ka1pce9c19p6kp3vr9a3jss2cyg9rg7b7n5kq6kp9b15bbxmgve0a4dt7wt14qwg4qeb838kbx0atk4bvhrjra19j1ekk0ay667v1jp41kah89zsgvcv7cg150rj3x2mhhsscmx3jq4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 349964
cf-polished: qual=85, origFmt=jpeg, origSize=133780
alt-svc: h3=":443"; ma=86400
content-length: 28740
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rm6tNQpT2J20xnjbwIS%2FmlQKoKmRFnH25a%2F%2F9OBaakpKg2j8kJey7MPUiVmTwASESRuyIOqOxosM72syiRy%2BqNq3d8%2BFuVPpcsyTKzkHpr4SsfeqxM6bw1j4dUMtRUcAnO4k%2FPBPCNZ9ham6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d29f01bcb066961-FRA
expires: Tue, 06 Jun 2023 16:54:31 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E635 43 B
705 B 83ms
59ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 16:54:31 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame 11BA 0
209 B 44ms
44ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685984068976&userId=vnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 16:54:31 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 link.html Show response
track.webgains.com/ Frame E635 2 KB
2 KB 171ms
95ms Script
text/html 18.168.49.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g8fbt70e1evvyh5y85h4ktmjtbvnqst0paqxp3g0qwscf7tbf4vjvm5s5wz3bt6vzdcj36033a52ycevx02t2q0ry5j39d47rhjenk3t0eayh5ww3agd6h8gheaqf1y6fwhetk09gm093ern5a84nbj5114sy9a40tb8m28kcz18kmyeyspcgmfs6jye1epkkbp62kpw749t735fbbyzfqj21wpkhvdhr3kwf9by2zz8m1pbf59bf5a7s2k47rtdth0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kdp4eea03rje118v4xc895e707nwmh2mf4j6ggk6p9gxhwp1pwycw1t61c7kgxqnj0v646qmd032aw8b4gwgh6zzy6jvn26f8szyb2kmkbgqhp71tkervpfzskqqeec9hbxmf1bhff0ra7ka1pce9c19p6kp3vr9a3jss2cyg9rg7b7n5kq6kp9b15bbxmgve0a4dt7wt14qwg4qeb838kbx0atk4bvhrjra19j1ekk0ay667v1jp41kah89zsgvcv7cg150rj3x2mhhsscmx3jq4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2ab03750c7968da47e1573cd8d172faa%2F9086229262986773378&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685984070891&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kdp4eea03rje118v4xc895e707nwmh2mf4j6ggk6p9gxhwp1pwycw1t61c7kgxqnj0v646qmd032aw8b4gwgh6zzy6jvn26f8szyb2kmkbgqhp71tkervpfzskqqeec9hbxmf1bhff0ra7ka1pce9c19p6kp3vr9a3jss2cyg9rg7b7n5kq6kp9b15bbxmgve0a4dt7wt14qwg4qeb838kbx0atk4bvhrjra19j1ekk0ay667v1jp41kah89zsgvcv7cg150rj3x2mhhsscmx3jq4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.49.43 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-49-43.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 54206c3cd3ba96fe9f1b68aa0bf2ea48ab8fb2b985bbf8a10f2fb1af14cda012

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
last-modified: Mon, 05 Jun 2023 16:54:31 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 05 Jun 2023 16:55:31 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 03CE 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 16:23:54 GMT
expires: Tue, 04 Jun 2024 16:23:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2C2D 783 B
998 B 17ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

682a38b289b3cdf227569a758d4542e8f4008ba788dbdf1f4ed741ab38551110

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5T_xE7Flwntx7A7Ys00NyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-5T_xE7Flwntx7A7Ys00NyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 16:54:31 GMT
expires: Mon, 05 Jun 2023 16:54:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js Show response
pagead2.googlesyndication.com/bg/ Frame 03CE 37 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 12:49:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2C2D 0
0 40ms
40ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230531&jk=2628914133262026&rc=
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0FD0 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 16:23:54 GMT
expires: Tue, 04 Jun 2024 16:23:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 699C 783 B
534 B 19ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23d7b58c9a37ec6531e52d88f4c7836bdc5679c98ab5d9c6ed0e662f56f83707

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C6ZF3t3l1rAgubhfDlWwew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-C6ZF3t3l1rAgubhfDlWwew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 16:54:31 GMT
expires: Mon, 05 Jun 2023 16:54:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 699C 0
0 40ms
40ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305310101&jk=260274777520877&rc=
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js Show response
pagead2.googlesyndication.com/bg/ Frame 0FD0 37 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 12:49:42 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 03CE 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oGmHow
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032305252018000/ Frame 5FB4 222 KB
61 KB 71ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

026ea7ee6b3f89ff44678e36a04f461d8a50979812a390537845226ab48cd1b2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 20:32:48 GMT
age: 159703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61823
x-xss-protection: 0
server: sffe
etag: "83381e4039281ff8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 20:32:48 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032305252018000/v0/ Frame 5FB4 15 KB
5 KB 85ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 19:49:19 GMT
age: 248712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5238
x-xss-protection: 0
server: sffe
etag: "6efdfbd3c81d03c9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 01 Jun 2024 19:49:19 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032305252018000/v0/ Frame 5FB4 94 KB
28 KB 82ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 14:03:52 GMT
age: 183039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28864
x-xss-protection: 0
server: sffe
etag: "51fe97ef57b83921"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 14:03:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032305252018000/v0/ Frame 5FB4 5 KB
2 KB 84ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 09:17:47 GMT
age: 200204
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1896
x-xss-protection: 0
server: sffe
etag: "9635e780e0a5dede"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 09:17:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032305252018000/v0/ Frame 5FB4 40 KB
13 KB 80ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 10:32:54 GMT
age: 195697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "bd37dd4c3b7b688b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 10:32:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5FB4 14 KB
2 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 14:59:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Jun 2023 16:54:31 GMT

GET
H3 200 tr_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5FB4 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr_bl.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb8e687f8ef4d4838ea77f88aa15f238529f8273aa2d22b7efc8ff18460f7757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 03:27:43 GMT
x-content-type-options: nosniff
server: cafe
age: 48408
etag: 2395455429816220802
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3040
x-xss-protection: 0
expires: Tue, 06 Jun 2023 03:27:43 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5FB4 344 B
368 B 7ms
6ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 11961
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 06 Jun 2023 13:35:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5FB4 0
0 14ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQsdlj5RAwKgqcnL_SPn-hWGA-nMwYUxrQaIdpIBRYMlqRKYoBlAL109mqndTlA4YU4qUzUWAfTk8PsOVL1hSewDFKhww
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5FB4 0
0 51ms
51ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ckj49RhN-ZLa5NJrJtwegnIuADe-B1ftwmITd78UQt8uCm48OEAEgwLKCa2CV4pCCoAegAd7Z9YwpyAEGqQLZ77fCrvixPuACAKgDAaoE3gFP0B3f9dX_DMhQk3dDA7rCmZMluLA5BJ0SvxxBjxOPmwhEiyFfqvVeQy0SiUJzdQZWpOr8FEOOUuhEG0BvH3DvcjXHsdP8cxOmLOkcFnwGNb6LCaCcTNPBzdtX1uEc5sESKLQ3OpF_DjpaR_oNPE0Gd3YaA_mv3xlbVFPG0XLA74yOPrYsqKuIFrKmxH28Bzj24B-W4Mh5GDZT3pAA8IdfExeZQOOeZKHQvXkYPLb7CwbUwzsDyeWAF6GVY398FG82TFsCHfuXrXWovdMmEcnPuyt2YAogtWsVkQAoHJzABICXkOOtBOAEAZIFBAgEGAGSBQQIBRgEgAfekcbsA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENqPAtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBjqwW0&sigh=ixXf9SIXlNc&uach_m=[UACH]&cid=CAQSOwBygQiDMJW6u_VXYZ9dpfhDC-1cqqGhISnWxz-NDdkWc43K0oZbFyFn0Yli7bLLsMon0HBtZaEtAz6-GAE&template_id=492
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 5FB4 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5FB4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 300223f81c00aff52c026af4b6a07872ee6dc67ab7a0f6198e3ba34beca33764

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 21BD 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 16:54:29 GMT
expires: Tue, 04 Jun 2024 16:54:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame E635 85 KB
31 KB 71ms
14ms Script
text/javascript 52.85.92.55

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g8fbt70e1evvyh5y85h4ktmjtbvnqst0paqxp3g0qwscf7tbf4vjvm5s5wz3bt6vzdcj36033a52ycevx02t2q0ry5j39d47rhjenk3t0eayh5ww3agd6h8gheaqf1y6fwhetk09gm093ern5a84nbj5114sy9a40tb8m28kcz18kmyeyspcgmfs6jye1epkkbp62kpw749t735fbbyzfqj21wpkhvdhr3kwf9by2zz8m1pbf59bf5a7s2k47rtdth0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kdp4eea03rje118v4xc895e707nwmh2mf4j6ggk6p9gxhwp1pwycw1t61c7kgxqnj0v646qmd032aw8b4gwgh6zzy6jvn26f8szyb2kmkbgqhp71tkervpfzskqqeec9hbxmf1bhff0ra7ka1pce9c19p6kp3vr9a3jss2cyg9rg7b7n5kq6kp9b15bbxmgve0a4dt7wt14qwg4qeb838kbx0atk4bvhrjra19j1ekk0ay667v1jp41kah89zsgvcv7cg150rj3x2mhhsscmx3jq4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.92.55 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 14:02:22 GMT
content-encoding: gzip
via: 1.1 8425e6875af3862b0f8a816b9812f408.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
age: 10330
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: H_5di21QQS44iBUSxxSoJWL6YAHQ6L-a4csYRetH1tKvxU09CRR2Ww==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame E635 15 KB
15 KB 43ms
7ms Image
image/png 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1685984371&Signature=iNKqJvp2CEW9Zf5uO70CaLJircnZEpmXh~0v6fhgdaqa7egnRV7SBurlmSI4t6nfW8Pu1aEhvIzqZ8jhBnnKrF2yjFGel3BApayQURJI8Mv6kcYn2XIUrrhLx3sQ4vzvwkn9FwquFY-rmgfuYR1bmM1L6nxkXb4KExTQriZ6O00k2-TXQK33oC99gNv7IFwTQivWmyupOZ-tRQwQdlBBHbYbG50comLB-B6Dr-eqw8zkWEEyL2pHm9~bxZc67gu1QEGQ2nlyw45NOwGptyEF41uj9ohqCN8W4EUpfDKWNQqfYzCnKbylCJimJmIqCLCOCpqsC2YHLklxXMZAuKY-2A__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2ab03750c7968da47e1573cd8d172faa%2F9086229262986773378&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685984070891&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kdp4eea03rje118v4xc895e707nwmh2mf4j6ggk6p9gxhwp1pwycw1t61c7kgxqnj0v646qmd032aw8b4gwgh6zzy6jvn26f8szyb2kmkbgqhp71tkervpfzskqqeec9hbxmf1bhff0ra7ka1pce9c19p6kp3vr9a3jss2cyg9rg7b7n5kq6kp9b15bbxmgve0a4dt7wt14qwg4qeb838kbx0atk4bvhrjra19j1ekk0ay667v1jp41kah89zsgvcv7cg150rj3x2mhhsscmx3jq4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 09:08:25 GMT
x-amz-version-id: null
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 27967
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: XJGlDYGNCAFLj3Mu3dFjtGKMAGlhRJyuUm5TvthREnXXypO7RhukMA==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0FD0 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ETc7_Q
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032305252018000/ Frame BAC5 222 KB
60 KB 36ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

026ea7ee6b3f89ff44678e36a04f461d8a50979812a390537845226ab48cd1b2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 20:32:48 GMT
age: 159703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61823
x-xss-protection: 0
server: sffe
etag: "83381e4039281ff8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 20:32:48 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032305252018000/v0/ Frame BAC5 15 KB
5 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 19:49:19 GMT
age: 248712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5238
x-xss-protection: 0
server: sffe
etag: "6efdfbd3c81d03c9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 01 Jun 2024 19:49:19 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032305252018000/v0/ Frame BAC5 94 KB
28 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 14:03:52 GMT
age: 183039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28864
x-xss-protection: 0
server: sffe
etag: "51fe97ef57b83921"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 14:03:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032305252018000/v0/ Frame BAC5 5 KB
2 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 09:17:47 GMT
age: 200204
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1896
x-xss-protection: 0
server: sffe
etag: "9635e780e0a5dede"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 09:17:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032305252018000/v0/ Frame BAC5 40 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 10:32:54 GMT
age: 195697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "bd37dd4c3b7b688b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 10:32:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BAC5 14 KB
1 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 14:55:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Jun 2023 16:54:31 GMT

GET
H3 200 tr_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BAC5 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr_bl.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb8e687f8ef4d4838ea77f88aa15f238529f8273aa2d22b7efc8ff18460f7757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 03:27:43 GMT
x-content-type-options: nosniff
server: cafe
age: 48408
etag: 2395455429816220802
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3040
x-xss-protection: 0
expires: Tue, 06 Jun 2023 03:27:43 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BAC5 344 B
368 B 8ms
7ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 11961
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 06 Jun 2023 13:35:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BAC5 0
0 14ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzQmSUjYvbIToYO6LDoBuEq_Yvvi12Qs0afabDDuSYHa5N5fUrseowr76idm8Nz61I05r0mnINAA3nCRJs5Dai8H376g
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BAC5 0
0 52ms
52ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cpj_uRhN-ZOLMNMbytweTn4-ABprq0Plwy6yruZ0R6Kq2lYsDEAEgwLKCa2CV4pCCoAegAeismsIpyAEG4AIAqAMBqgTWAU_Q3MjfkchlRas_KEA5rSzIYn87ot9cqOIqHDdrF0rkyOSAz35mVpKnSm_wBE3ZLf13l7rAvnUr5dxes6MGOajtiZ4bSTDMO5JI0SUzUelYuxk2Ihh7FtVuzpZJN_c9wY5k5zlXZC90BbrIjIUDEshfv9flIqopW2Z5g_ctOsS64vLF7d7_eGQxNfdqIOCJlMxOayinLtdVhgaXrxotmuv_wKuAHxSgc0Xh5TKXhm2irH-DntXQvrkzyITj7v0wjICSp9ZNIxaAaTayBu2FN8dr3-xVwavABIqpuJquBOAEAZIFBAgEGAGSBQQIBRgEgAfo5OqhBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENuvAtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgPICwHYEwyIFAHQFQGAFwGyFx4KHAgAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBjqwW0&sigh=jZPNnaKQZqc&uach_m=[UACH]&cid=CAQSOwBygQiD5yudr3CUGYbf0VyH1HFa7pU7i7HjHMtcjUWw8otoV95TPqB97s1ZAeQHEh6zkSIgiCPk9wZGGAE&template_id=5001
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5FB4 33 KB
34 KB 37ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:10:42 GMT
x-content-type-options: nosniff
age: 510229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 19:10:42 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8118981172978842176/ Frame BAC5 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8118981172978842176/14763004658117789537?w=100&h=100

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02aecbb9e06fc27e40b7b1a9c89a24cdb0b7df9e7392187bc195ce97c93c1f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 09:53:08 GMT
x-content-type-options: nosniff
age: 111683
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2175
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 14:59:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 03 Jun 2024 09:53:08 GMT

GET
DATA 200
OK truncated
/ Frame BAC5 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BAC5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c608032868709ef991ab9aaa6dc4fe976709a13260222ec2e6b8eee498b34c45

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8217 624 B
242 B 51ms
46ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY64no4gEwAQ&v=APEucNXhUjEzcObg9Cz7qQkUjODLk21ikioTotjPyV45OJE0lfjSsWnsGXmID9xMG0WkmA5C18ra_5w4AAq5sTmhB_RP0EjhKb5WL0sgo3uP3ySLN5ioNIoyzq89Qtsn7G7rvmznH2H0DapysfJ00BnCVGqb6Wz_93L9nRyQdWiWQ1DewQz59oA

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 16:54:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 21BD 78 KB
27 KB 88ms
83ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 16:54:31 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 21BD 42 B
63 B 45ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bxe_JldzzEGh2wSAFB9w6-FgPt4nzCdmMCl-PSJGSj5oSrx_iZs6gHpMgA5r98y4XzOkaH9bnm5TUOXBSjEQsSvnJm-4065RVGEbPyzJnhAop4ihg

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 21BD 0
20 B 45ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=297355209509896555&x=1&ct=76

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1352960/70224217/xbbe/creative/ Frame 21BD 253 KB
77 KB 138ms
33ms Script
application/javascript 54.246.82.89

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1352960/70224217/xbbe/creative/adj?p=APEucNVY_pKe3ij1OzgW_-a2_cSSgB5EmkzEcQMe5m2yqzP-GUxeOvE&d=CokBAKAmf-BdRwwiMTR2YSziw1Un4kALh0zHJ9P9LCjsUzXUwlEtZJn5aON0lXgQh1xwDaG6caR92w7lFwKbBXkp5tgNd6bpN098BLzuFsx8VulhPwtJm0u0yUz4PZMT3WmLD-IVa-qqFNH_4i8IzmxwTK1sLBpR9DEBU2Q0KRiORTurb3V5zlJPh9wS2RQAoCZ_4F0vLmpbQXgVz7DyBbOjDvuN-42SMrtWSiJUxULmbzPAgUbX3zZTbLwtv3n3UIHIlI82oKbcLimGSaK70P9Ird6qzLG6jPyUdxIBTD_59BMLJBme3M-UEuIpwkNF5q-aWJmoL5K7Q9ZRvOTILuk2GmJGlExZ_DzAk4y2T-GXm92DICpFXXnIxwShnyp0SOXIOyffi6B8GIbZLS1HObGAZO_o2gauUmAnqJs13IcsmGNvvEaPPUT2TO5OBtOfuSS2q8JvYSZXHut_CM1rHb4VtidglDOfqwRfCKoshefkUucQJ4rq15wX4LhvsHyYhbBwmoU9G9OZFsT04_EyuBDIuA-R_6uZ8M9hCxJucHeylmhzqN2HPO2j_zApsj8wEPqzr4eiRVj8Ek2dUteHwkJFNRfBkC62oFlkQwd-RcNXu6H-uf506UxDcI9R-7lGNGeCsT3wYbF_nIaAyU3tyW1ynZaep_i6Cyu5nFkYI8_qolrIGsAYBXqW-qKvYz5Ols-lOMt4OB4q9OwBLhcXBt7AgL38p1Tf4XMSpjfbmCG_AFE-M3vcqGc3VZLpm89SWQDXLcn8r2Q25LPNoFJD5Ndskj_YsAC9TpHX1q0sgeVIUARk_GyONx_xGY2UQyBgZ51eMIblxf7PxTk9vliLIuWbq-Cjj8QoDHbqr8FKqQyfjlxKuYAXDaWXTloDbZyiaem4L0mN8CNnhdEVQ-OtW3X0VLQbixUYcalNBP7cRh3BFo5UGpG4BYDXOF3US9iEJNC86xCbftSro1sKl0FMhkctrp9KNlk5tCoM1ZbeSE2d7onUVCrvX7OieOrQPScAPOMbgHnnqxb3zciCXGLer6eqj555NJ55OPVhTd4aQoXhO_Z-Dk0PLToNaqg964EcjENsppYCUSI3iOhOU7G1iz9-AQ9rqo3HRTuLehDq99MGbGONQsMzRWYL31ENe1pVhnEhwR799dgZ3Np-B4V-ASuaFZVA6s6HSfk6Euh6JK5nYcK8GPCZ-nzQB-LDzYRJSopFrtWY2gvi9QPmyI8DiJKS5fd-YfS3rM_fJ9CZWrarioJj8WaUmvlZiYdhZSD12ZD7vYgXCUF3aED5l_H7_-AShilnm-h8GHtBR2NiFRWMW91AQVXXeDkyDfoTFEdSfCnOQ3dazfHWY_qSSVHjv0_ha7sj87owpTtFwI3PJlcB9LOHaKA0Sq1pzXy87rjvXrTdxty4_gWhZyZ32Jf7RAfHcIMQmppd9T9L2Rkt5E2N-F3pP7GhnV-A2PALXZson4jg2gNfrTx2TzHAW-XkK4LY0HtfTf_w1cGUKLIIlxY1ccITkEl-9-S4Fm1vPRLPjTDeOwlao9-bbxUELlnGsljrfvWfyxOz7mdAL0g1fVnsSBVi09dfpC-yrj4SWUVzWXuKPcXwSTaEB7xL2nlNcOj-q4sTNrSR768gl44CRGJG6dy_CqggUnqqeT-1UDUEh1l4fVnS5Emgpx3kNKhXZ87eXl4bxGZLJaijsu7R1Had69jas5vcWVyscrtkrPzzY_c095u1v0vdnBF7PRFhuudO_HJqbkCk5kqE-G8FCRDrC2h9o06uFaRM1dTI3OHbU6J_x7ZfL1XA5T5s35ufkyip1QJuXB4pyetvHIv4aW3oSmP1flmcuRD1MQlzswPtDpfWpbpoaHRdg5rsCHZ27j1qmeK117sWJyIlsVberL8b8J53cAB6jtHZzblhm-ZG2MLGFIpPz-8BvIivnKKyOb_niMB9oMf-n3ph2Ihjqf6lDWjEdRY5T4R4R6TkTBl4835Vn1Y6bAtmSinQsJaWX7qiVbYao4AQP5RDweRVJXGsVOYV2c-uxcepn6UVT9yYs7Ymh9PQSq4tNIL7tVUcqlkJJxePb4XZEb_Q6uTasV_Ift4XRrBJuaRniG93tvapBUMPu7uzS6OqSaD1-TdIxybl0mRiPZ2QEWitnb3sBIxXpkoa0CfTa3uRLlsdFQJaOQ6QZhFmrHBaKGOyBT9_AInqBav3TfsSmEOosAb51vkX3DSAnPdKf0vs9uYg7j7M_khNasG8Y1MHQhElj6n3imedrQes72mRCrmoVJrLu5gYhNiOec-28chg_9DUYVBouYXErPRHafgWwhfOZeiI8RcBJL2DeAP_xXuNjc8HMNjxodgKnSBKflEuLn2YW7TGPar-IXMrrqFjiAjR0Lj0528-pF52guPU1K7ArTjnOBFNDO77uRspGlPlxV5xE3eZPGY9hzVFYgOYXyxi2u7Eibbxr8nWa6HwgHm6gdPincWDMvzUUGtwHnvCPPaKA25jj1WfUv5mFKxDbUKOIyfeiRmnOYuxUZCfdJ59xzG4E47FbAmw7mkwcq-h7EfgxMi262RVxJAdodA3eV3OhWiD2ZPorGs3ddvEw7Tlhjv4bjgBXRIahQbyDAYAKiCDq7CRTFEt85RLhjLLOsg5uUWRzHTr7i9C38PlIbul4U5B2hfaa3_roN5GV3AKSh0915KFXwzd6j2FQx2hoTbgPO762lwceBwmJGYilYEdkfHHA0RmYd6MFbgi8oy4PjqVIU6cdFsZ-9fsUaQt_1pB_e3MUWQ3nSchqb_ZhQxZteKN3Ihsqyo70ZIlDHRZXNjhspLjjeK4RgD7ONtO6-P2iVawvzvG3pGvrZHXx2-5WNIsVrfm3xUg-E6_3FMaq_Y6Sk9mPWgUwaNGAfwxKUkRZfXqDhEhs8PDkSERKQDV6LLjxO79Zl9qS7xWyqYqptq9bucvcJAgxqJZ9OblfeTJKo0rlrEAjGCSge8j6JzQBMkpw9O160GoqdUWLgBPb7UfFZ101EZ18lEGXZ3DPpk110pEfhdKiccHVC0kIVY3oLCAcLd_Jv0Vs1HniV3Mmo7jMgPHKZ7WiJf17f1ZN7LeLEH0ExEHzI8ab4xo5ASevDcRpaAAaoLZh10rm9UAuqRjaSiLE3VPpL5nTj4z5G0AGsM0TGI1t8Vj4hu4PC9yy5zHdX9TfODQFIhXmFLJXLyb-8XpFj2A10QbGhA_tj1edW7y--eTEqgRlWTDnoWyYEEdcBi-ZTkH1tej05j85DktyvraDaqtw8V8NRrlFnP-3pTvDuTMyZ5-3_0XYiKpkPJSBh95VPOmthV0DZoh2rj_hfgE7YIGnB0NNcxr5fEKBn3l1ovst_FIZgkoZ-mzWcnhttUIVzlmKjSKCL5jYrwQy7TWfKLY0IrDmuwdMCf4244eXnsV9mMm46SFtF0Nm9I2ydJg4Dw-bAeH2CL7LGLGZkyWkasGnaZhkMaUBHMfMNIGmHtQSccHjpBLVywy7q13PtHeABz-b1vS5M_SKMzP8QykHdDrZZD4Xw7DqxihK0MuW-iCOJGeFwjmZOZKNa1pWH7qmbHCRH_LbKAi1X8X7QWKT7LXJYbkzrODoU77MS_m5O0LxWRaieZzlisJyAv_UEDCb6pG2E_WRQtU29UPD2DK5OoI3OLlj0O2uD4W0TxRdX1AOvAeBGnUlHdsHBKC6bJm9-BSnhO4umr2QsQ0IbBQ9oI28mLYGrgaQQgEEjsAcoEIg8kSbpiQtm8gxhv6fCFMYPATv6-AiRVbyIyYp20e8LcX25AeCbgLtVtkZyxzlM-cVK4_jfjA-xgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782785437&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jzTqOtwnF0SfGkAemTTNlr
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.82.89 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3984d57271ac4e5d4220ddee4b2339fd841b4a65b3b5024f0b7caf539c58e54a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 21BD 3 KB
1 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 08:52:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 21BD 19 KB
8 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 21BD 0
0 19ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkA2MaeP7HATHRFXnAcolbrlFpXRaVsJf5jKLQpA1hEy432OmeuL6jY-pcBFR7Up9A7CwmiH2BdKbsY_VQQ6DcPZDH5g
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 21BD 171 KB
53 KB 36ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 16:54:31 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame BAC5 33 KB
33 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:10:42 GMT
x-content-type-options: nosniff
age: 510229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 19:10:42 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5FB4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

45ms
44ms

Image
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Redirect headers

date: Mon, 05 Jun 2023 16:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8217
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1&C=1

43 B
632 B

14ms
13ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY64no4gEwAQ&v=APEucNXhUjEzcObg9Cz7qQkUjODLk21ikioTotjPyV45OJE0lfjSsWnsGXmID9xMG0WkmA5C18ra_5w4AAq5sTmhB_RP0EjhKb5WL0sgo3uP3ySLN5ioNIoyzq89Qtsn7G7rvmznH2H0DapysfJ00BnCVGqb6Wz_93L9nRyQdWiWQ1DewQz59oA
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 16:54:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 16:54:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8217
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH4TRyJ8R-6D0ZOMH2W24QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY64no4gEwAQ&v=APEucNXhUjEzcObg9Cz7qQkUjODLk21ikioTotjPyV45OJE0lfjSsWnsGXmID9xMG0WkmA5C18ra_5w4AAq5sTmhB_RP0EjhKb5WL0sgo3uP3ySLN5ioNIoyzq89Qtsn7G7rvmznH2H0DapysfJ00BnCVGqb6Wz_93L9nRyQdWiWQ1DewQz59oA
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 16:54:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8217
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKXO-mnN1M4MNL3AvWpBMdk&google_cver=1

43 B
1 KB

34ms
33ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKXO-mnN1M4MNL3AvWpBMdk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY64no4gEwAQ&v=APEucNXhUjEzcObg9Cz7qQkUjODLk21ikioTotjPyV45OJE0lfjSsWnsGXmID9xMG0WkmA5C18ra_5w4AAq5sTmhB_RP0EjhKb5WL0sgo3uP3ySLN5ioNIoyzq89Qtsn7G7rvmznH2H0DapysfJ00BnCVGqb6Wz_93L9nRyQdWiWQ1DewQz59oA

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 16:54:31 GMT
AN-X-Request-Uuid: a1fc8d4e-8b3e-4fe6-ac7b-cc32274a4fec
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 146.70.117.119; 146.70.117.119; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKXO-mnN1M4MNL3AvWpBMdk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8217
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4NjQ3ODU5ODQwNjE4NjYwOA%3D%3D

170 B
188 B

19ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4NjQ3ODU5ODQwNjE4NjYwOA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 05 Jun 2023 16:54:31 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 146.70.117.119; 146.70.117.119; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f09cb2b0-ec90-4bdf-962e-3d3340a9d6fd
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4NjQ3ODU5ODQwNjE4NjYwOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 tr_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5FB4 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr_bl.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032305252018000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb8e687f8ef4d4838ea77f88aa15f238529f8273aa2d22b7efc8ff18460f7757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 03:27:43 GMT
x-content-type-options: nosniff
server: cafe
age: 48408
etag: 2395455429816220802
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3040
x-xss-protection: 0
expires: Tue, 06 Jun 2023 03:27:43 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5FB4 344 B
368 B 7ms
7ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032305252018000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 11961
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 06 Jun 2023 13:35:10 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame BAC5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

25ms
25ms

Image
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Redirect headers

date: Mon, 05 Jun 2023 16:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 75D1 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 16:54:29 GMT
expires: Tue, 04 Jun 2024 16:54:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 21BD 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=254091766475&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 21BD 0
20 B 46ms
46ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=254091766475&version=m202301230201&ct=76&x=1&cor=297355209509896600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 21BD 15 KB
11 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CF3COlON6vTt5Kh9fV7nXyFqzEqbgnapceJhoFFVYGY4smdmOxPA05QbEUJUPqCOd4zqRx8h5WPn3povz6Kp7zmGEllRG49Q8W1JfEPMCo49sZN8lKPoA8n6qP4hohTc5QuBLOnxIONt2rUWeid_Ka47VjXN64kDU-iFmqsT5cSiOUf5Q&cry=1&dbm_d=AKAmf-ChhDyPEC9m2eiyrasE_urflDxGvwEgfPFEX2QPgYrAStBvZDhMfN2nLYwiEjNT7zXPzJ7Onz70RGU_O8OrzPDwYwzv-0uqho1gIC0xf_Uc8aNOsCIOjSS7aph4zxDtoo_qizm0OGR-E2qmo8pHImC5wHeymv4TznXwo69EBsO2JpnesKMXeqqHDYxiLeYltallmsli-y5sXZTA029LYuAuRILPijdTgXOK9ihW5-w15r-p1UfbJRlkl64YlO2ustS3A3YlGRDJF4jTlNhIsnNw97yfn1u03qxf1k-3agpLM8P2xllSVAZzNeluGUQ8UUQKMX1jW89wAyZO06ob2FHAYJCtZ7krGou7g_yUuwWQxAX73FkVg94DGwPRnlhi4rUI3LTdVpBay3HNyLqiwbB2kOrIGzi53bGNEyHZVuW0YWtHf_ntnLReIHg-u-Qs5eLv67o5IqrbgLhazqyCAroez2tvAEUExoEf-jhIePXa9SyiJR0oI0UOgc2Z_Q0Uj15Az0W9cLeocoLSbTfMNqL7AySr6feBnLYrz5LSmgz2cQiGjoIvcwT7mirZfvxnc-g8p87Oh9w-jrFwWoxPyfKaoGUhDM7b7hSlIXaTsjgwLDmMVT8Ir7Aqee22UGJLqT0apEfAo8EJDyJuTtq48WzuGzVG4w7OVeV-vR05S6fcsNw3hgDm4GWMrsnxjAJ9DKQzp6WIP1iO_72pGUUD1WDLYOTRFviVP8AUcrXbq3ybao2Pxtj2CAp2vfLepFDMzoRTIbQrvhFVKzMttGaOLCRC6WjdRNSgmnjW3Fec8L9G61Wa_pzgaGp-LG70ec_mCj3iK99QMQWgI-R2qqE59KLeZ2orjgtPI4BZ-i04OODWjsQP8i7rQDj7zi52wCm2noivDzAYHW4ONUVOGBZt3ARPhRYdki-o9j7OKzUY7-4USdSL9elqiU3_NQXcs23AFIC1yzLLNjeIdomRUnugvF9WvP4nUDDLV_9ZnnOGClFA4JVtK2mxjGMJE3pVMyfQUBqYlHrKtcFYvGKjQ3xRcE9csGoB3zuhNwEjoEkjtNhYjTzTNxr52yq-koY5jKUlgduNSHaD3E0Igetwnig9-cqSq2Bp23twP-7Yl41RPhlBHJFFkSVyBFgkOTD5nJepDUDzdPokq3CCrMfGDe_mB6tQI7Qk27RPrIlCUPu8kOTa-_6WCE6TjGi9ujjoClkh1swSJw-wVWbdvIxEsDDPbirsiJaML-OKiNa2s9Orcj8w1makB4q0MXCWhSQmsC5792tYXMc4hx2cUhql8KmrRMjwFouKV2GdpnIAE9BkSqycrumk4tGVjH8Ov-uCWSMwRCAvbeu9P4KUcqkIhg2UHX7vaE6anS31H4ombwCNQPbOZuuzP9GGFl9dAbHtIzPPjMwAuxNEkSoBTejVeHbfOAyQ98LoFrw6t2iUDbmXyD7Xkufn5F2s1YkSjg5LawUxNXvqfDkFxBrV46pvI26MoB3Xuyu62V56zfmXzAVee_cilEEQt3DzPMh8WU5dLNJoUOZLMkOdZqiGfEEibhKhYHEn3UgQGDf4t3ufGlGr37C4AkE93K7SbXDr_QECyF5TG32Hk8tGIe6R0pwWZzDlfTGyXMeJKXiWeNkN46czJw0TU0rFhC8sbUMZPYE0ufN_1bwaApkzCL5_LjhSLPtJ8D7ScG0Y_9ywiEEY6GrnCsfv-Uy90ynlILzmKvhjaidnH_JB3ZhPAwXCkvfTUPrJ-DkVWUFE2CmHSYFP_Up16KWudBkkZ3_RdMHBC-EC8LRibXH5oZUU8IhF29DqPpu_rpcitbMayQDKu0wOHWOk-EXIAgVJ5yyDlbR2TOg___g_qlYf6wnYNdWEHGGNtm1wZmzGrwMX-ll8s2M0pzyGbppX9OjSt1D6AsY3U6ZQzOP_ctQ5aTMjiDjaXcXV-oqX9ov0979X1yt_-W29DLmMu7B_BzyKKXab9HI_lp9ms5x6Psalmo9QBce0jdJKF5IP4mt0U3o54KulHDAJJyZ2EbfpzCn790-uhqF_RFvyi0zchNZXq3UHaAwl6jPyGYGknKfDG8QSHxyhBDa7v1-JKfAwnfuNQ8sEFfEtkle60hcd33cYgnwt0okO3vEzND3nyu57o2P_PO7oJ_hnxOhMtB8mZcE2yRZoM0oHMGRKXjHiE4bkrvbaKpRyfTohAUbRUFqqWP3aJC3SSvtiRzVQeft5-HgXJkfLoTzC4UlYi-c4lg8dBcAQl4Rn0MpYC0r8GPzZMwQmw3EBF0SnBrBbT_D5r6QW2KJGguPrnWWwc0EMlv_PaEj2wCpbQPKXeiLkcbxUfrjQvkfR1SwjUtLwFyMMxJ89XeM2E7EmXV876jjx9r42hi6kBt8AjKGGgmP4a8rV81r8c_pum7T1qNIOkm9oZxyOc5Wlj-2KGXGgSEY5mMJ6UcRVIfp2nhXh3QmEbU2VBeByb8UuuV5Ur1rWJ5nvBhr0RJKmD7L3FLN2CIWapcsXQn09JMHiiepNP486TsK6ieRIsOUtoNymVGt1fwHIKJZ1FzCptfTdZWOj4GsNqheosvLnCwYx7FJ7H77VNnGIRi1XJ8Fi3BWQggVXRZfHBV29e2l8DJRt3MHGggPloLzqmodNb5ymOFJlOLD2QQkWhrrAO7TC_STsSnjl5cXgWPaNuaEPUoMzprCQx8t7HCwMF0Jpm5QvL3zvz4_KEy63_WLE2TJwqMWNNF76kdJD3hCD5j1Kb9PBAkg5IrCbk10ytOjskqfuqb1bYSzMbKR6kUuUVYA53DTtz8u2zsf-26RGLCfIQL5U6S6Eswo328rkExh6t_2lTSWQ1Y_VlI_1yAOvRqiBqfC_0mfr5CaEdwnE6HXY5wrMkXDDYDY6yooOrwWk2nfcxxkPpYnPXcyFTfmoRauaafeGStQhmH_wKCjHKX4goW68xb-dU7db7m0cyFrdbsanlk5miNR5rCWs6lJEsUmVMPiIqhaoIFYWPzUYQKKpKYWxIzsgPc5x8vZcR61GouKu1D8IaoQ6HsKTydm-AA&cid=CAQSOwBygQiDyRJumJC2byDGG_p8IUxg8BO_r4CJFVvIjJinbR7wtxfbkB4JuAu1W2RnLHOUz5xUrj-N-MD7GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=297355209509896600&adk=3587751834&idt=93&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d834dd87793efcea8cc2e278b3ccb3086457fe55fae0f00342c685c68b60392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032305252018000/ Frame 48AF 222 KB
60 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

026ea7ee6b3f89ff44678e36a04f461d8a50979812a390537845226ab48cd1b2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 20:32:48 GMT
age: 159703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61823
x-xss-protection: 0
server: sffe
etag: "83381e4039281ff8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 20:32:48 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032305252018000/v0/ Frame 48AF 15 KB
5 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 19:49:19 GMT
age: 248712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5238
x-xss-protection: 0
server: sffe
etag: "6efdfbd3c81d03c9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 01 Jun 2024 19:49:19 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032305252018000/v0/ Frame 48AF 94 KB
28 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 14:03:52 GMT
age: 183039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28864
x-xss-protection: 0
server: sffe
etag: "51fe97ef57b83921"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 14:03:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032305252018000/v0/ Frame 48AF 5 KB
2 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 09:17:47 GMT
age: 200204
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1896
x-xss-protection: 0
server: sffe
etag: "9635e780e0a5dede"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 09:17:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032305252018000/v0/ Frame 48AF 40 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 10:32:54 GMT
age: 195697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "bd37dd4c3b7b688b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 10:32:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 48AF 14 KB
1 KB 22ms
22ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 15:13:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Jun 2023 16:54:31 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 48AF 344 B
368 B 11ms
10ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 11961
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 06 Jun 2023 13:35:10 GMT

GET
H3 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 48AF 3 KB
3 KB 15ms
15ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 19:04:08 GMT
x-content-type-options: nosniff
server: cafe
age: 78623
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3057
x-xss-protection: 0
expires: Mon, 05 Jun 2023 19:04:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 48AF 0
0 18ms
17ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKATrhZFK8yjKeS5cDbNfrc_5DXJmQzpiiFo6RtFUHPbBE6T7AE_ZGme6QKCC7RO-V9KUwBUCyuZaUEVGtcRnE3YRNAA
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 48AF 0
0 51ms
50ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPuo9RhN-ZKPaNNnYtweNgqjgCe-B1ftwmITd78UQt8uCm48OEAEgwLKCa2CV4pCCoAegAd7Z9YwpyAEGqQLZ77fCrvixPuACAKgDAaoE3wFP0NnxpoDkuGZXOK3nJdtN2x4MeyHaoGI4wXDKo8u52MD1ttZKu0zFRRHPqcmxcHYXXDvqDgRM3_v0T1hcTSI0ZFczwqgEQbO1S3vGlTpiACv6nF042vEa4wOZEKSb4V1XCrMf3lMc9biaEnvJnhYio_BZLzUGeTdJfSkKbYDik9GdjNzNLOKqJyvYBRnGiWbFDB2m41dFlxcagmXJzVwCAufR6pqq8SfgCIhrjYR2NEKE-ZkSgSWvFXiLhh3JXKasRJ8VuKsP0VKpxexlN1DMiDVG0N_CqzYAc-MeJgYEwASAl5DjrQTgBAGSBQQIBBgBkgUECAUYBIAH3pHG7AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDx6QXSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=S4hMZ5Mjbuw&uach_m=[UACH]&cid=CAQSOwBygQiDsPRnX47gi-gz-pyEab_a1zSMt1kwTMpsg_f0tSrJvOaKBmWzkEaITkP7e5fZIxy2JZA6J2ncGAE&template_id=5001
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032305252018000/ Frame BCEA 222 KB
60 KB 17ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

026ea7ee6b3f89ff44678e36a04f461d8a50979812a390537845226ab48cd1b2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 20:32:48 GMT
age: 159703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61823
x-xss-protection: 0
server: sffe
etag: "83381e4039281ff8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 20:32:48 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032305252018000/v0/ Frame BCEA 15 KB
5 KB 34ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 19:49:19 GMT
age: 248712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5238
x-xss-protection: 0
server: sffe
etag: "6efdfbd3c81d03c9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 01 Jun 2024 19:49:19 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032305252018000/v0/ Frame BCEA 94 KB
28 KB 37ms
28ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 14:03:52 GMT
age: 183039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28864
x-xss-protection: 0
server: sffe
etag: "51fe97ef57b83921"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 14:03:52 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032305252018000/v0/ Frame BCEA 5 KB
2 KB 35ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 09:17:47 GMT
age: 200204
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1896
x-xss-protection: 0
server: sffe
etag: "9635e780e0a5dede"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 09:17:47 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032305252018000/v0/ Frame BCEA 40 KB
13 KB 36ms
27ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032305252018000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 10:32:54 GMT
age: 195697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "bd37dd4c3b7b688b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 10:32:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BCEA 14 KB
1 KB 26ms
17ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 15:47:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Jun 2023 16:54:31 GMT

GET
H3 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BCEA 3 KB
3 KB 15ms
6ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 19:04:08 GMT
x-content-type-options: nosniff
server: cafe
age: 78623
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3057
x-xss-protection: 0
expires: Mon, 05 Jun 2023 19:04:08 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BCEA 344 B
368 B 15ms
7ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 11961
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 06 Jun 2023 13:35:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BCEA 0
0 20ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7BYyb5kVTDjuewwAZkCJ80iG7GsLGA7sdvEpoK92eAP2wEjyhKgAqnZ1INKunoFS_j5iEZFuTk6ttHNR4wTTZE8Khqw
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BCEA 0
0 59ms
53ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cf9ZvRhN-ZLnwNIfmtgejnb3QCZ_f9fFw_fvH66ARs7fjq9M7EAEgwLKCa2CV4pCCoAegAciMpPwDyAEJqQLZ77fCrvixPuACAKgDAcgDCqoE1QFP0HdMfKeKKBLorh2UgDTlVf-ty-BWwUXKb7auJ_RxMd5vZVcUZKtUiQLTVi9VovOJ-sB86AZmN-5dDHqlHILizTyWZSrBuPUxF8lSM5CCcfq_3ap5dtdDFtKh_0XyUZI-_XT9NP6OkzMfEG_7rtx68ktskLaREuZV-uR6cD49G3fjHxG8FV5E_Uxx-R94j9_AgrcDCMfwxQ6M1Y2aUYzaBMKVAMQ-JuKlylg8RLxr-yYu12pEtrmmXD9lg03N2iDvHJgm1w82CwBGBKulZXiuU5Si3ATABOOmsM2rBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeg89sDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ_Z8N0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA8gLAdgTDogUAtAVAZgWAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=UvBOcgyX65Y&uach_m=[UACH]&cid=CAQSOwBygQiDCmyM_gmICrIfIkuxNapdILa6J8_2kdbvdDEG27k7Jjfl7by-5piAFWiyrcuBavXOoK2v39ojGAE&template_id=5000
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 tr_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BAC5 3 KB
3 KB 13ms
6ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr_bl.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032305252018000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb8e687f8ef4d4838ea77f88aa15f238529f8273aa2d22b7efc8ff18460f7757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 03:27:43 GMT
x-content-type-options: nosniff
server: cafe
age: 48408
etag: 2395455429816220802
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3040
x-xss-protection: 0
expires: Tue, 06 Jun 2023 03:27:43 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BAC5 344 B
368 B 13ms
7ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032305252018000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 11961
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 06 Jun 2023 13:35:10 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11055800874229895024/ Frame 48AF 10 KB
10 KB 7ms
7ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11055800874229895024/14763004658117789537?w=100&h=100

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c104ec098bbe63627860a2d0144e9864c4db095e1e4f1e9f38119affa80bc39c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:56:16 GMT
x-content-type-options: nosniff
age: 543495
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10673
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 21:06:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 May 2024 09:56:16 GMT

GET
DATA 200
OK truncated
/ Frame 48AF 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a5d12e963c336c68c674efd433a10b09fdfebcbf3917996e31f5b7dccd29ef0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15526145321348145647/ Frame BCEA 15 KB
15 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15526145321348145647/14763004658117789537

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6405536ffab9964897bf86e7810a18c058c3c3aa3635ba1a27efac910e2af6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 05:06:18 GMT
x-content-type-options: nosniff
age: 474493
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15769
x-xss-protection: 0
last-modified: Wed, 10 May 2023 11:43:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 May 2024 05:06:18 GMT

GET
DATA 200
OK truncated
/ Frame BCEA 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BCEA 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BCEA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9be9f735aee5e8f2a8b52fe145aaa5ddfdb20512edd942bc4e78c5dde71f55e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FDEF 624 B
242 B 51ms
46ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYiIzo4gEwAQ&v=APEucNVbr0iyJDBalRn8qgXaIuhkAxSsADp1zRw7dEQLWkeXCbZV9zQ-HB-U5a5FGc2AuHyeqB5WK0zFzAgkJ3hqi1sIiafTc5RfsXgHg5jDUw_mbicbNd4vzNTfor50noWdy-uWBdgQt7H1i3I9TQVIaQfBwewhfH16HQkXDFpSYi15WVRWNo8

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 16:54:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 75D1 78 KB
27 KB 62ms
57ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 16:54:31 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 75D1 42 B
63 B 44ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cg04XmBIz1dWjZJX7zQ1-nhB9HIXds3I7-8WPFeMvIzeT1EjA9WJjkCgoDdpN5Qh9GNs85xo1KMVdSMPCWQ_qFq39XDZYrOW3erWOgMRffNOeT34U

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 75D1 0
20 B 44ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5756405015870805353&x=1&ct=76

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1352960/70224159/xbbe/creative/ Frame 75D1 253 KB
77 KB 38ms
33ms Script
application/javascript 54.246.82.89

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1352960/70224159/xbbe/creative/adj?p=APEucNVyJZUbxX1wNlfaDcHT9vXF7BqXsxe-p4hKKsgIbkI3a5PK0FY&d=CokBAKAmf-C0OmhgRyvkRyBTTqKCRxduKqyWC20gwlGmQK3CY7efbod0_iHYDy2Vu6d6M8FvtFt76twboJzSmMppV1OryipeT65u_Y8RPyEWhx_0LBqcqkCpPG4XDy5zjy4vF2M536fRFSd6J3TYrHqqB-jKZ6zoRMjGe9xAry_SvQbr4HBG9CoEPX8SyRQAoCZ_4OPPdQ8BugABUVqy8X61ltG6vAv82smXsjmXDniRtbE4ZYxRNQeg1HmfA_IHZ2JMP9weVpcC0XHamKQZkqG6lv3ApYR7Joq7yOujvWW-JiT-MJMJHV-zKQCuDTImYkSWkzDMnG0BTcM87AcVvcDKepJeViuFMxnTtzFRlZMByEt1k0sN9OdtjpRvq-7KfcmpySZ0x48jOLHekN0hV2GaV9U9gXW25sSpSLFUBp76neJYjHKdy8Q6IemB4oHF4g-lTdBd5CdqZ7mkxUCkD1_x_xj4Nimoq8c_8uh2qVIxBCFXVYj844s-qEylxAD4PpL1TN0e58cvV0KkH0TELTfJTFowp8422wxyJDPVk7sRKWqqdFpLppru_qVIlvO8c_CiJ4zRM4DFf7_o3izVjCBEG4r1Bv7l80KItxV1RVbs9fI5oQ6lAKk5kn6wM3T8-5ryk8-S6g2RYS74jgjWEVZPWhVC5uBjre2BeNSLNjZn7-37Xp1wfD3yWpqQhzuOZAPqsRerp9VErHisVOh8yUC2rhy0Ha00S6tEjO-ZT1aysckeke-VU_iRnSgbGG_zdfniiuTNrRWQEMD2W7zP1z1Ll6F2Uzmv7ufwibLBVC-ewHdAeNPy7NGAL1NweGjirS5tPDHESwlIdmqY8Xr5rp1kahGu8eUeq1dapnw_W80C_D3_LWSnhIxr0uLkT1Hn446zU0d9zC_y8i5LQg1UhPpfkc8QA5xrOE9ZCHbdYhLOAwELK5hX_6tbhl2HJTMp3KLJEK6bXBCHWGrTRjTqTXDhAE0ZjdCAIYJKxBXUiQu1zBFeyXg_UcgPMYB2d4NWVco6u_1vEqOoSGNaEomSwCk_l_AP3XDXv7L2XIfA7wDCuAzlrciofLWcVIfrcwvuosOipKL6eWH2Zil976JuGenHfTLtBspHW3yPpUFXK-46ckGH8TKTNl6xcYljFXN6Ch01R7O6EW8COfUKUNTeZqxXvBus8Er7ks4RUC8rO-pp7p8VnNUTpSqC5y7vATPEcaecHcmrl1Zq3XznmNKJ5RIEt9u04sA67JrqfVQjbbYQsZQvDYZFfmIYG6CnTTV_7SsZ4ruDT8k2LJXuIzEoLgH2fi5r8VVbo86B1ijNOmNqBrRQXivqLhF08V8Kd9QMickBtLPdbIYIljZ75LlkPX_V22Ue7a6LO_oxgiTo1FiPdwq8zNcTo-HXALly3GPEeEtT5FGzYLLQ2XJKiaMYX_iRBZ7hq-RQ8rKnWJzm1jqmYl-YxursEDMGl7lf8ahsUK7Ke_umnGnXVUy-Yz5qtqon021PcOps_1BLQ44_xBtHLbi7pHrsNh-IeUYbh3dOq6v2ijVH1g9hRaR4nhVa7Nt2DMhv485RHIstS8OV699iu0QeNtQMkBwLrpj639KLHvrgV2jHbBjWzoffp-B564-ZG_BLxzlhOrota_HcWknXkYkZSjreEMxRf_tgMJY-YBPbFFamfFHYbZ_0Py76jbOWakAPFouK2qnz93It_-e1jaKb-PTd3W0OwepSJqWNwh4Z2pYNQchJgjuJ18P1FffUgPxIL7-xM9S0lfnCMjg5-KC5kCxJmU1HqYt4S_o6YMzJMyq-tDGamla47YptZrK3TIoViitVHFMxitz3f2iOhiPlIjc-DQQ_WrBrtwxvw-B40wKVz6_ri2aFQNTJb_43-uJuRX-LqVrZRl7KIKE3MnR2-mPR7lobZyCntrDPm0M6u1kMIyocfX5ETfZHEd7cB48E0eE4j9TZ8cZ269qzOhDmxWfN38x-2ZxqmayVNJ6TfzRUjjlEvoGf6N_h_xOWwYRnWhqbzsitF672U_EbNSfhl5RX_OhBNoqyTfedRtCc7W0qmWRGatVqqhIAFJUFCL2bakOc5QcrX3yv4fPiH2L6qvO0VHpFJ835T-1ylC9MvarmYwaltitsweLgy0V9UleqcLt9nNvUOrlE8E7vV_JDq4nckRCD_xBhuD0F5VAKv60SfMNaft83KUbgqj_-5oK1VwH9Crrd1Pq_dN0X4itzDev2HGAptbTedfgSvUF4m11JtXAENlZRuKsgkswuhqb1kdDfbNyrwEnowmlqh4ihwS7hdcUAPQSLsGd7YP3hYxdfc0KBO7gwQFTcHkN4yqtJxOgu9pynb2x7zxd-c6TfDUX7v8DKNFa3kCFLfpwCERonpCwTu2J6V5eZLc2vpiot7KRb_1aAlOkR4nFaqAUHogOoPIpyKMU45UnoROCvpy8L-bMgEdMTFhhdwjBlEn5hqKGyJBpfk51NXE353_fIi4yDnPfLRD4-TkfrLKNirqh9v2vaVFu4FrhPiEmh7EBHwrgjXUI_56U2kk2xE7TrW3Ew45AqYb1i0nV6R5z7xzyjk7HduxBWiSOZNfulhNB7uPk38KnOPItBR9RXt-la_-kMxNHcjek9U9PL8qmA9Ex4MFy0Z6G5CTb2TvAHfCYubNBbl67M6EB8oi9SekcQc0KIGOAohAQInC5ir_IQGArzyQ4c8xjgnQ8nos4Sy3AyA2Xp1HtRpNwJAStlUMSYM7VyCE6EKI-IUS5Ap-hqYHYcT4FiG8hBNAV-mpTGgkEY5LxJ3uzFH8PiqmlgMZGhbsbJlKcijMvXC2501w8lRC1mk3GQ5U0QQbi8TMOvV-2r6bTCjwNlQSSRJTx8FwQ5UA9C7zU5i16yTrcbX_WDWgOzhTpI1C7FOF_HUKWethk0yrVbGFnUgAwp_vot2kcKYg4qmwSD4wUHW22todX2Juq17Cb1AHzchqYxKDdpKh_DeD75pLF_jDQLvpyMn42ZZyB5GVc43xnxbo3bYxnoV0S-KDT8cOsIniPHPffHmjSJy7cIoUp-hibOmulTCPv3gYVjKzKKAOo-neGSsy9_SlyN_FYwC-eKFGA9fM_zzp93xlgUN8nbDRQUHQWKvx7ktYxxUoUoWmRGFBnJXW6yUuaLt6mkd0pF4uVfm07risbzScgXduG_T65TOcGOqjAxPsQrF6rmGirGR5vOK1o3GPQBXgaUu9_C8ghX_MmFcD5iAyT6vrefFLrppfQUPKs9nyurg-qj1twNMRyP4medDZl6KBJZo1immBt9N0sDEMgjREJHoklcgiASh6sSBghdpJuYs_yBPP294wmedYJGivyScKzegDSsEZxbclgli7AzFZwH9hCUiRya9FjdiqUoTylAsbzlBQ0oNup8kfwXXwNqG5fuE_VZAZgWBiXVPI7ltWYSMfmmjxYga5IOmtiuoekustLBpGdnui1Zv_Yv_pTAUJPU41ygoylN4pzXpDXE4mExwEA-01LiaYfinxUjRW9mZRB3vMWP2cy7T4euoE5mHhwzHMdBYAcBxE2fffmBlxvNdyTJdcpjvGFA8LtzSPiza2dARArjOp5YavU2thSurwffuF9SeTJHjzD1OliHtIIT396ZHHDT_us89Pdl5sCRa0ykVZ28PYae1Oj5SFF8Vg-2YSSEM9986iEdy8TrVeu2UJbYdXCrDrlcuAjU4aXfyxpBCAQSOwBygQiDSWCvKWJ-8B3KofN27QT5nCzLSuPLmRCW5tdNUozZS-ubU4XxpghHqQcIoGnPWQbbZbulPnHbGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-7983651257838282&ias_chanId=1&ias_placementId=19782785437&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h9WZj7G11dSsMahcJk1fNB
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.82.89 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 695d6527f14dafb20984246049fda76626fbac71611872a3df0ff1d9a826711e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 75D1 3 KB
1 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 08:52:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 75D1 19 KB
8 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 75D1 0
0 20ms
16ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNszJ_X2qRm_Er7OGAJfkGWkcUhov_y0-tmDQJOLv6I6X2-i7xsqrtLFi3bbH5wghsOVYKvnxN4BsAMRFJv3po78CJBA
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 75D1 171 KB
53 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 16:54:31 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 48AF 33 KB
33 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:10:42 GMT
x-content-type-options: nosniff
age: 510229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 19:10:42 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 21BD 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CF3COlON6vTt5Kh9fV7nXyFqzEqbgnapceJhoFFVYGY4smdmOxPA05QbEUJUPqCOd4zqRx8h5WPn3povz6Kp7zmGEllRG49Q8W1JfEPMCo49sZN8lKPoA8n6qP4hohTc5QuBLOnxIONt2rUWeid_Ka47VjXN64kDU-iFmqsT5cSiOUf5Q&cry=1&dbm_d=AKAmf-ChhDyPEC9m2eiyrasE_urflDxGvwEgfPFEX2QPgYrAStBvZDhMfN2nLYwiEjNT7zXPzJ7Onz70RGU_O8OrzPDwYwzv-0uqho1gIC0xf_Uc8aNOsCIOjSS7aph4zxDtoo_qizm0OGR-E2qmo8pHImC5wHeymv4TznXwo69EBsO2JpnesKMXeqqHDYxiLeYltallmsli-y5sXZTA029LYuAuRILPijdTgXOK9ihW5-w15r-p1UfbJRlkl64YlO2ustS3A3YlGRDJF4jTlNhIsnNw97yfn1u03qxf1k-3agpLM8P2xllSVAZzNeluGUQ8UUQKMX1jW89wAyZO06ob2FHAYJCtZ7krGou7g_yUuwWQxAX73FkVg94DGwPRnlhi4rUI3LTdVpBay3HNyLqiwbB2kOrIGzi53bGNEyHZVuW0YWtHf_ntnLReIHg-u-Qs5eLv67o5IqrbgLhazqyCAroez2tvAEUExoEf-jhIePXa9SyiJR0oI0UOgc2Z_Q0Uj15Az0W9cLeocoLSbTfMNqL7AySr6feBnLYrz5LSmgz2cQiGjoIvcwT7mirZfvxnc-g8p87Oh9w-jrFwWoxPyfKaoGUhDM7b7hSlIXaTsjgwLDmMVT8Ir7Aqee22UGJLqT0apEfAo8EJDyJuTtq48WzuGzVG4w7OVeV-vR05S6fcsNw3hgDm4GWMrsnxjAJ9DKQzp6WIP1iO_72pGUUD1WDLYOTRFviVP8AUcrXbq3ybao2Pxtj2CAp2vfLepFDMzoRTIbQrvhFVKzMttGaOLCRC6WjdRNSgmnjW3Fec8L9G61Wa_pzgaGp-LG70ec_mCj3iK99QMQWgI-R2qqE59KLeZ2orjgtPI4BZ-i04OODWjsQP8i7rQDj7zi52wCm2noivDzAYHW4ONUVOGBZt3ARPhRYdki-o9j7OKzUY7-4USdSL9elqiU3_NQXcs23AFIC1yzLLNjeIdomRUnugvF9WvP4nUDDLV_9ZnnOGClFA4JVtK2mxjGMJE3pVMyfQUBqYlHrKtcFYvGKjQ3xRcE9csGoB3zuhNwEjoEkjtNhYjTzTNxr52yq-koY5jKUlgduNSHaD3E0Igetwnig9-cqSq2Bp23twP-7Yl41RPhlBHJFFkSVyBFgkOTD5nJepDUDzdPokq3CCrMfGDe_mB6tQI7Qk27RPrIlCUPu8kOTa-_6WCE6TjGi9ujjoClkh1swSJw-wVWbdvIxEsDDPbirsiJaML-OKiNa2s9Orcj8w1makB4q0MXCWhSQmsC5792tYXMc4hx2cUhql8KmrRMjwFouKV2GdpnIAE9BkSqycrumk4tGVjH8Ov-uCWSMwRCAvbeu9P4KUcqkIhg2UHX7vaE6anS31H4ombwCNQPbOZuuzP9GGFl9dAbHtIzPPjMwAuxNEkSoBTejVeHbfOAyQ98LoFrw6t2iUDbmXyD7Xkufn5F2s1YkSjg5LawUxNXvqfDkFxBrV46pvI26MoB3Xuyu62V56zfmXzAVee_cilEEQt3DzPMh8WU5dLNJoUOZLMkOdZqiGfEEibhKhYHEn3UgQGDf4t3ufGlGr37C4AkE93K7SbXDr_QECyF5TG32Hk8tGIe6R0pwWZzDlfTGyXMeJKXiWeNkN46czJw0TU0rFhC8sbUMZPYE0ufN_1bwaApkzCL5_LjhSLPtJ8D7ScG0Y_9ywiEEY6GrnCsfv-Uy90ynlILzmKvhjaidnH_JB3ZhPAwXCkvfTUPrJ-DkVWUFE2CmHSYFP_Up16KWudBkkZ3_RdMHBC-EC8LRibXH5oZUU8IhF29DqPpu_rpcitbMayQDKu0wOHWOk-EXIAgVJ5yyDlbR2TOg___g_qlYf6wnYNdWEHGGNtm1wZmzGrwMX-ll8s2M0pzyGbppX9OjSt1D6AsY3U6ZQzOP_ctQ5aTMjiDjaXcXV-oqX9ov0979X1yt_-W29DLmMu7B_BzyKKXab9HI_lp9ms5x6Psalmo9QBce0jdJKF5IP4mt0U3o54KulHDAJJyZ2EbfpzCn790-uhqF_RFvyi0zchNZXq3UHaAwl6jPyGYGknKfDG8QSHxyhBDa7v1-JKfAwnfuNQ8sEFfEtkle60hcd33cYgnwt0okO3vEzND3nyu57o2P_PO7oJ_hnxOhMtB8mZcE2yRZoM0oHMGRKXjHiE4bkrvbaKpRyfTohAUbRUFqqWP3aJC3SSvtiRzVQeft5-HgXJkfLoTzC4UlYi-c4lg8dBcAQl4Rn0MpYC0r8GPzZMwQmw3EBF0SnBrBbT_D5r6QW2KJGguPrnWWwc0EMlv_PaEj2wCpbQPKXeiLkcbxUfrjQvkfR1SwjUtLwFyMMxJ89XeM2E7EmXV876jjx9r42hi6kBt8AjKGGgmP4a8rV81r8c_pum7T1qNIOkm9oZxyOc5Wlj-2KGXGgSEY5mMJ6UcRVIfp2nhXh3QmEbU2VBeByb8UuuV5Ur1rWJ5nvBhr0RJKmD7L3FLN2CIWapcsXQn09JMHiiepNP486TsK6ieRIsOUtoNymVGt1fwHIKJZ1FzCptfTdZWOj4GsNqheosvLnCwYx7FJ7H77VNnGIRi1XJ8Fi3BWQggVXRZfHBV29e2l8DJRt3MHGggPloLzqmodNb5ymOFJlOLD2QQkWhrrAO7TC_STsSnjl5cXgWPaNuaEPUoMzprCQx8t7HCwMF0Jpm5QvL3zvz4_KEy63_WLE2TJwqMWNNF76kdJD3hCD5j1Kb9PBAkg5IrCbk10ytOjskqfuqb1bYSzMbKR6kUuUVYA53DTtz8u2zsf-26RGLCfIQL5U6S6Eswo328rkExh6t_2lTSWQ1Y_VlI_1yAOvRqiBqfC_0mfr5CaEdwnE6HXY5wrMkXDDYDY6yooOrwWk2nfcxxkPpYnPXcyFTfmoRauaafeGStQhmH_wKCjHKX4goW68xb-dU7db7m0cyFrdbsanlk5miNR5rCWs6lJEsUmVMPiIqhaoIFYWPzUYQKKpKYWxIzsgPc5x8vZcR61GouKu1D8IaoQ6HsKTydm-AA&cid=CAQSOwBygQiDyRJumJC2byDGG_p8IUxg8BO_r4CJFVvIjJinbR7wtxfbkB4JuAu1W2RnLHOUz5xUrj-N-MD7GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=297355209509896600&adk=3587751834&idt=93&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 18:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 18:25:16 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame BCEA 33 KB
33 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:10:42 GMT
x-content-type-options: nosniff
age: 510229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 19:10:42 GMT

GET
H2

200

passback_160x600.js Show response
static.adsafeprotected.com/ Frame 21BD
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1352960/70224217/xbbe/creative/adj?p=APEucNVY_pKe3ij1OzgW_-a2_cSSgB5EmkzEcQMe5m2yqzP-GUxeOvE&d=CokBAKAmf-BdRwwiMTR2YSziw1Un4kALh0zHJ9P9LCjsUzXUwlEtZJn5aON0lXg...
https://static.adsafeprotected.com/passback_160x600.js

3 KB
2 KB

7ms
6ms

Script
application/javascript

2600:9000:223f:f400:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_160x600.js
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2600:9000:223f:f400:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95e9b520e4fa4708a1c77240f74659b7964412a25f37c656cb1cb05cfed6b324

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:25:20 GMT
x-amz-version-id: 8Lk6nwqXh6k6nfZmyjbOHVq75QkTtjZi
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 505751
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:36 GMT
server: AmazonS3
etag: W/"e27cc778cdbd4fb2ab2c39d090d5c119"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: GeANVyAmQ0o8HHas4--chwVTpgce8oFzIvr2eBxzgLh4watWtVRIwA==

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
server: nginx
x-server-name: app15.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_160x600.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 7603 91 KB
23 KB 191ms
7ms Script
application/javascript 2600:9000:223f:f400:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f400:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 22209495
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: k_eh_HYtxkfHUyhAPhaqc_-Pm8JVMcTYVt4Cmg4v6-OeGW8yVzFKpQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 21BD 43 B
216 B 549ms
171ms Image
image/gif 2600:1f13:800:7781:cb7c:335e:4faa:1c54

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=1442031a-9d22-b0d6-ea27-54dc5f14ab63&tv=%7Bc:eGqSs6,pingTime:-3,time:66,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:66,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B60~0%5D,as:%5B60~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGkhlqs+111%7C112%7C113%7C114%7C115%7C1161%7C116211%7C116212%7C11622%7C1163%7C1164%7C117%7C118%7C119%7C11a%7C11b*.1352960-70224217%7C11b1%7C11c%7C11d1%7C11e%7C11f,idMap:11b*,rmeas:1,rend:0,renddet:IMG.us,siq:24%7D&br=c
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:cb7c:335e:4faa:1c54 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: nginx
x-server-name: dt27.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 21BD 43 B
215 B 548ms
173ms Image
image/gif 2600:1f13:800:7781:cb7c:335e:4faa:1c54

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=1442031a-9d22-b0d6-ea27-54dc5f14ab63&tv=%7Bc:eGqSs7,pingTime:-6,time:67,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:67,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B61~0%5D,as:%5B61~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGkhlqs+111%7C112%7C113%7C114%7C115%7C1161%7C116211%7C116212%7C11622%7C1163%7C1164%7C117%7C118%7C119%7C11a%7C11b*.1352960-70224217%7C11b1%7C11c%7C11d1%7C11e%7C11f,idMap:11b*,rmeas:1,rend:0,renddet:IMG.us,siq:24%7D&tpiLookup=ao:pcloak.blob.core.windows.net*%2Cye-mek.net*&br=c
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:cb7c:335e:4faa:1c54 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 48AF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

29ms
28ms

Image
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Redirect headers

date: Mon, 05 Jun 2023 16:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 21BD 43 B
215 B 529ms
172ms Image
image/gif 2600:1f13:800:7781:cb7c:335e:4faa:1c54

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=1442031a-9d22-b0d6-ea27-54dc5f14ab63&tv=%7Bc:eGqSss,pingTime:-2,time:88,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:301,beZ:302,mfA:304,cmA:305,inA:305,inZ:309,prA:309,prZ:319,si:324,poA:325,poZ:344,cmZ:344,mfZ:344,loA:368,loZ:370,ltA:389,ltZ:389%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:88,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B82~0%5D,as:%5B82~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGkhlqs+111%7C112%7C113%7C114%7C115%7C1161%7C116211%7C116212%7C11622%7C1163%7C1164%7C117%7C118%7C119%7C11a%7C11b*.1352960-70224217%7C11b1%7C11c%7C11d1%7C11e%7C11f,idMap:11b*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:24,sinceFw:64,readyFired:false%7D&br=c
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:cb7c:335e:4faa:1c54 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 75D1 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9086913107162&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 75D1 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9086913107162&version=m202301230201&ct=76&x=1&cor=5756405015870805000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 75D1 15 KB
11 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BSXnRD8dEYM4vQ22NMgcdYdmNjBujzhAxnkx9YdI5EbgVV9yn1_NdHTb9oX0cP5GYm-ff0XjeNE81cNPBFly-gheR4lOeiQDHFc7Bcxt-CyWrEhqVbhRDink23S4-FN8FhYWdQzJ-YmnCmtsYEZx4Z09IrH1JcJMLOcUt38jhOR5yh6JM&cry=1&dbm_d=AKAmf-AFozFqWzfOp0LN4EkqjiiZU4h6IanET0Pmo3AvqOF63QjgBRZmogTFReqkjkqXFuCUeNQDCLmT0ODYCJFkm3nit32aKqiTCJTDS4yyZkJXecy01o4hh3WP7HoA5Mk-NyYsBo9bxqjzRNcguDWYGsoT_O4IlbTrJ9URF8KdDokAL7IcSSvWwRsPYccZ4XLi91zctbjpiWFk-oQIDQ9TYvNKrf8PqaiaAPUQgbDYMa5IFs9xvUVYraq99F5-DlYvcBXDaUR2_4LnnfcEO-CdPY7zegMhztEftJRtdMMN9_661MXt_MrcBJJmeMCB3xQtf0NYtf1wLUi0uKJQhaEsNyLdDiaPhSMpfkWwjvX09qYmY7xM2dDhUu8gHDlHZoS7rcz6bpPICkiun5qK8yMzHdqBxjlBUcy3Y1HZnMv8BsGjWbr4grIrvE8hnOrVvhswgyF4sYTurx4p6--1MkSxHrd3jA2tptuzHIUU1Qee0WF9mK-eqTC4gKeyBdWjeqQkzmQxWhr9G2mXijWY4O2sg4B38-dLUGVPaBRbuJJNCii7Y3eMW5EzxDm6vu_Om4l-hEaNJn4teflbJNSQ7hhOf8ryJ5vauNI7inGn9ZecNG8ycJmDA052TgPQOiDQy8kY5qA3zrsYup8Bk4pr6xOXGv2ZtT_VZ_0KZdEMHEgYy68BZpjxmSLCuK23PPgvdvz1BDBcVLPvtZOnTLnLDa-q2z1-zSvBaMoMGQPEheivZxATsejSz0nJpdGEYRnJqBMYUmp_bRgW4KBN55CSVgt-pQYmPphdi2ESHfKePN7JauLaZptn8zD8Bpj8ES5HTn9yPjfojr5AYCQf8R66_TUyVJMELEQle1a39LYO7Gmm0k0LwAYODKC48svIFn3HTUQ16Ldb0Ij7faljF5w9wKLUT60ovic77VDzRwezrGY-3AEcn7G-nnN3xphI-Mv9UEWb21RMXwtvilWBpYuNw5rChU0sN_I5MCZQwIXOYwR0BFMIi_2CtmspNvbplurw6yeThlkHgGySr13xvUfhra_hexZKBgxw6DSAUrUxCJ9XRt9Ux66LHhnpiOUdWTRS0HeynTN5636iFO2tAgGk6kfv72sk4g7trChAd9--rKsKU4VEnmY4ZkiiXhkAFugdlps25xRxTNNhkr7zKDlopC2D3b2rOjW9aZlZJEQqHBHUDklOrGro4q2zowHsfBHYzIZxBX7oOor5YrfXMaST3_kxhhSDZiPxip3EbX8xtneyBNKHLEPjdY4fNfNFh1Jquw1G1JLlVdN_WHAkc2Q0huq_sbItOjis_Iuy_vcMNOLJG1Q-WfayLWOg5YThXtCHqJMqzFwoVSkScnVmqr_lPstIzxRRK_zjxDwitGqLFZzDupeD1TxRyXFN4kejBhyK666IEGr7uVQ_RcgyHijmNfmFYv1xerPPnqGNYgtf7E5eS3I93O5ixtvdIk6p6YboBvJ_rlobNhLU1L38IW2V4fftb3vOrfl5VgH4qT-DWyX2X359BA91BZXF2MU7zP87PXu1aj2GKGeyR8G8vQUTKxO-8ltKj_2PfDUFyYHJ7o__fowJmfuhEzw8YEAta8F5eh8IYwWmDjSKsPo1yBo4kwL9aVKkFCaCp-vtkiNYx8FUYQ902cuO9fB2F6js1LV0mSfLrDKrA5iDYIct062Eb-pvrTEZ6rvJHN7l7lTnUbf_i3QWZJ1B0f-jQsRzQWveHh3ybPgqT_LYGBqdzuwBaE6Yyc3MzjFxH7TS_wScvGwImL-yoQIxYX2yxOWwpBzpN4OcH430jAGWzc35Rt9iEFuUzcU1kmY2Ol8VVW930vmRpcckwLcAGpQJ54BbCTAtKsCJhlqAZJOeMD0s5Ed5si5vN3-_mGhfWbIu0wZU5VhrqlYSk2hpREN3bv9MFqVuisDOcGl_w5IRMjdPDNzCcRZzBgXmt4rH3U-O93FZjXBjOs02_h4QwX_u-PVmA6UOhLhFxlJqmPZ0NTEn2P5pMT4Y0KREdxoUlJ5WwVqVmiCe6SXGhOyMa8RuPJqU1TaPuj7ovrhiA6AdeEmbXGd7n5Li35ObfqI5vnzy6H1u0vs3MagxetG85ukITLbuAzvQOosbuqOYINGAnXOjUHy2fIFDcNZFZQIxm63WL5rvnrSh3JA_m9fy7C-pgL0u6elj0AJG_ciRjr_yuOuWhr9dmMtXiGAkF95rGVUOyvQlGj6jHYYy0IuGLtA-E_euwXJqDCngf2009jF9LBFXVQTYiT6KSIQoUxG_qwzPsJJyqglB8dSbruaTXJPi8frodNij6U7KOThoN34cDksvp7tLoN5BBp5PtonexvFDZ71StkehAZQnX9AI-3ECcbBXsrdnzSBUWcQxB_F5eVJ721quf1mG2PACyklCMY9FMKbOH9aJ8z7TxYx4iH4_ZvoZQDmn4gFJDAyWUuofjj6R7EciiRLCrAPlM7cH3ic4n2cL2V7Hb-VMGRdbCU1tFoxrVMEDUVkIzn_trDlClm23hgKD3klaeRRIpX1uq803-jv9LQyVrdC1Nk_fs3pT_dSjaFyI7MQKWrCjFzsSGQVjKo40Ii8tLRBDusv5Dx-yDKYR8Y7ky_tlEmxxqtTorYA3FYdBuUTsAD4e_Qvyda1xdYz_nLDYmr1ZZjSFK9qkyICntM3mAxoM_kSK5PfGGnFPS0rCuEqoRT2oDBd_pfJPLk4SHquhjCrAG-xM_SpFs53XmYEAn971CAqhyEum71YUvUFXu2mb6P9y_rL0KMGkQBmTLQlqVlySb9GUIdvZpuwKI7eLD39ppehisFv3iMWUg6Gbhzwf8Yp1DR-5I5q5wtxKLtNoBPb2BDzbTDOLoK-L3JvWwbHEza8xdj1zK2lSWjxgdDDA1siOxrGCcSof8MNYvLBiYYuiDS37WuLojNOoDYISoIHc-SVBIVIw8N43fWvc2wSKAlfhZkIu2aKOhHeysUTscJ_Kjt9YPBwfVimZjIClQ2Kv_AM9niYfdsVftZIVVMXwB_AlNCTl&cid=CAQSOwBygQiDSWCvKWJ-8B3KofN27QT5nCzLSuPLmRCW5tdNUozZS-ubU4XxpghHqQcIoGnPWQbbZbulPnHbGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=5756405015870805000&adk=3860319555&idt=66&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

273df20f6b36599b84f554c83a9c4b1c1af6596785bf74bb87ab1bc10d7986b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11434
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3DA6 22 KB
8 KB 8ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 206269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 07:36:42 GMT
expires: Sun, 02 Jun 2024 07:36:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AD39 0
0 43ms
43ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230531&jk=2628914133262026&bg=!2tml2Y3NAAY9J7QfHSc7ADkAdvg8WjwBKcfUm1mN7LsR5RYsyTafmDxT1VU-7967kjRTnAyrMpNwzD1YsKZ4IWmnhOA5yYsYU7ICAAAAdFIAAAACaAEHmQNGOKk4Y-UXMY3jQTXdhFOXAI7kS9tUb8t0TvtpdBc1V76U5HRjC1C4lXTTeIVIs02ZCG-Im1dm38LAn8q0C3f9e89EO6hrQppbAVwWFxk-yn9ZktjzbnL8Lohwq074eaSvZnDgeN2DAjDtz3c9EB_aOSyMHdhFgqJgC5-Vg9u9aFDh0787fjdaURw91zQErM_XTwY52GcPTiImy4ulYDN21GcYjXq-ri5lLCr5i3Y3zQ5GT-zkiR3u1xjDWI6c_Vm0itydo4lLlehm_7CdAHJNhnV8dpdlWc47aC-uVKJoC_z9VzwBZ2laFgG9Tl2PwR5QWc5icNQi0vDn_tvJURTGLcJQmPaw5MEmyeWTnC52KRMFJrc47DUeExVkuJtEe9qQmodnYXsAXCdp0iVyF0NuVB2ONhOsrHRiNwxugR0B2qBxoul39Cn0NgJSf2PFm9n8RZCg6k7g3eZxdsQj8PfxOcvapOqyoeh5CEs0-Nt3k_aKHf7qMSUmKJ_vbgHU39u0kdv0QJfEvpO9PB0zz9rKkbFZ723ggSU64RuX6N_UvRG21D4Mstex-JCOKucRwGQAqxexGc4M1AXcve5xxhwvc8PuktYUmapgYzTSu_AcqVfpyXKFjvpJBbSMYURahBu8DWr6kXPaSI5pmZL-x8tL0J5u3uI-m5t0VCQ_UJixbhfqNWQOiI9cBAhXJ1tgMwUTP-1th4BrdzllPmn4rOdnEbW5M_Sx23ccyUl2BKaxx-69xjCW8dsiNhb7KSW_R-z4n9mknlZYCA3zMUqOgJmWr5CUpomq8oovGw9VPNt9HaxtCf6BltVSEZKZ2xgQi-IG1jJ9Dch38upDRlujjmwG4UiUgIVDJsE8tSLSXk-yd3JtJqjpziu3mk00t2NCEjUft3vVda5TIPjL1A_TOxwLJt1_8fGwgbg9QVxBE0dnWUNyZuxKGxiKjtSk6ifS8bIheIc8ufz-gpEFx2bMomUeFNAfitnzxXD1f_wkEPrCtQIOfvlByXPOreGYE4yJEf3jId-eW8R3IkrbuLsJF2xQ_FFB_MNjhmdkTIEoHAwVpYeRtq3QlQGHCZBZzGQ9qbshJ66TdULsi7ScjGqMlhgu713iMEhk3Q
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FDEF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYiIzo4gEwAQ&v=APEucNVbr0iyJDBalRn8qgXaIuhkAxSsADp1zRw7dEQLWkeXCbZV9zQ-HB-U5a5FGc2AuHyeqB5WK0zFzAgkJ3hqi1sIiafTc5RfsXgHg5jDUw_mbicbNd4vzNTfor50noWdy-uWBdgQt7H1i3I9TQVIaQfBwewhfH16HQkXDFpSYi15WVRWNo8
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 16:54:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FDEF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH4TRyJ8R-6D0ZOMH2W24QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYiIzo4gEwAQ&v=APEucNVbr0iyJDBalRn8qgXaIuhkAxSsADp1zRw7dEQLWkeXCbZV9zQ-HB-U5a5FGc2AuHyeqB5WK0zFzAgkJ3hqi1sIiafTc5RfsXgHg5jDUw_mbicbNd4vzNTfor50noWdy-uWBdgQt7H1i3I9TQVIaQfBwewhfH16HQkXDFpSYi15WVRWNo8
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 16:54:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECE4CcO9WCFbe-NppI9d9vI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame FDEF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKXO-mnN1M4MNL3AvWpBMdk&google_cver=1

43 B
1 KB

21ms
20ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKXO-mnN1M4MNL3AvWpBMdk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYiIzo4gEwAQ&v=APEucNVbr0iyJDBalRn8qgXaIuhkAxSsADp1zRw7dEQLWkeXCbZV9zQ-HB-U5a5FGc2AuHyeqB5WK0zFzAgkJ3hqi1sIiafTc5RfsXgHg5jDUw_mbicbNd4vzNTfor50noWdy-uWBdgQt7H1i3I9TQVIaQfBwewhfH16HQkXDFpSYi15WVRWNo8

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 16:54:31 GMT
AN-X-Request-Uuid: 12419a07-7e18-426c-91b6-3f7dcec0287c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 146.70.117.119; 146.70.117.119; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKXO-mnN1M4MNL3AvWpBMdk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDEF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4NjQ3ODU5ODQwNjE4NjYwOA%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4NjQ3ODU5ODQwNjE4NjYwOA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 05 Jun 2023 16:54:31 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 146.70.117.119; 146.70.117.119; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f74856d6-c339-4eb9-8875-4c9406bf6e2e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4NjQ3ODU5ODQwNjE4NjYwOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 75D1 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BSXnRD8dEYM4vQ22NMgcdYdmNjBujzhAxnkx9YdI5EbgVV9yn1_NdHTb9oX0cP5GYm-ff0XjeNE81cNPBFly-gheR4lOeiQDHFc7Bcxt-CyWrEhqVbhRDink23S4-FN8FhYWdQzJ-YmnCmtsYEZx4Z09IrH1JcJMLOcUt38jhOR5yh6JM&cry=1&dbm_d=AKAmf-AFozFqWzfOp0LN4EkqjiiZU4h6IanET0Pmo3AvqOF63QjgBRZmogTFReqkjkqXFuCUeNQDCLmT0ODYCJFkm3nit32aKqiTCJTDS4yyZkJXecy01o4hh3WP7HoA5Mk-NyYsBo9bxqjzRNcguDWYGsoT_O4IlbTrJ9URF8KdDokAL7IcSSvWwRsPYccZ4XLi91zctbjpiWFk-oQIDQ9TYvNKrf8PqaiaAPUQgbDYMa5IFs9xvUVYraq99F5-DlYvcBXDaUR2_4LnnfcEO-CdPY7zegMhztEftJRtdMMN9_661MXt_MrcBJJmeMCB3xQtf0NYtf1wLUi0uKJQhaEsNyLdDiaPhSMpfkWwjvX09qYmY7xM2dDhUu8gHDlHZoS7rcz6bpPICkiun5qK8yMzHdqBxjlBUcy3Y1HZnMv8BsGjWbr4grIrvE8hnOrVvhswgyF4sYTurx4p6--1MkSxHrd3jA2tptuzHIUU1Qee0WF9mK-eqTC4gKeyBdWjeqQkzmQxWhr9G2mXijWY4O2sg4B38-dLUGVPaBRbuJJNCii7Y3eMW5EzxDm6vu_Om4l-hEaNJn4teflbJNSQ7hhOf8ryJ5vauNI7inGn9ZecNG8ycJmDA052TgPQOiDQy8kY5qA3zrsYup8Bk4pr6xOXGv2ZtT_VZ_0KZdEMHEgYy68BZpjxmSLCuK23PPgvdvz1BDBcVLPvtZOnTLnLDa-q2z1-zSvBaMoMGQPEheivZxATsejSz0nJpdGEYRnJqBMYUmp_bRgW4KBN55CSVgt-pQYmPphdi2ESHfKePN7JauLaZptn8zD8Bpj8ES5HTn9yPjfojr5AYCQf8R66_TUyVJMELEQle1a39LYO7Gmm0k0LwAYODKC48svIFn3HTUQ16Ldb0Ij7faljF5w9wKLUT60ovic77VDzRwezrGY-3AEcn7G-nnN3xphI-Mv9UEWb21RMXwtvilWBpYuNw5rChU0sN_I5MCZQwIXOYwR0BFMIi_2CtmspNvbplurw6yeThlkHgGySr13xvUfhra_hexZKBgxw6DSAUrUxCJ9XRt9Ux66LHhnpiOUdWTRS0HeynTN5636iFO2tAgGk6kfv72sk4g7trChAd9--rKsKU4VEnmY4ZkiiXhkAFugdlps25xRxTNNhkr7zKDlopC2D3b2rOjW9aZlZJEQqHBHUDklOrGro4q2zowHsfBHYzIZxBX7oOor5YrfXMaST3_kxhhSDZiPxip3EbX8xtneyBNKHLEPjdY4fNfNFh1Jquw1G1JLlVdN_WHAkc2Q0huq_sbItOjis_Iuy_vcMNOLJG1Q-WfayLWOg5YThXtCHqJMqzFwoVSkScnVmqr_lPstIzxRRK_zjxDwitGqLFZzDupeD1TxRyXFN4kejBhyK666IEGr7uVQ_RcgyHijmNfmFYv1xerPPnqGNYgtf7E5eS3I93O5ixtvdIk6p6YboBvJ_rlobNhLU1L38IW2V4fftb3vOrfl5VgH4qT-DWyX2X359BA91BZXF2MU7zP87PXu1aj2GKGeyR8G8vQUTKxO-8ltKj_2PfDUFyYHJ7o__fowJmfuhEzw8YEAta8F5eh8IYwWmDjSKsPo1yBo4kwL9aVKkFCaCp-vtkiNYx8FUYQ902cuO9fB2F6js1LV0mSfLrDKrA5iDYIct062Eb-pvrTEZ6rvJHN7l7lTnUbf_i3QWZJ1B0f-jQsRzQWveHh3ybPgqT_LYGBqdzuwBaE6Yyc3MzjFxH7TS_wScvGwImL-yoQIxYX2yxOWwpBzpN4OcH430jAGWzc35Rt9iEFuUzcU1kmY2Ol8VVW930vmRpcckwLcAGpQJ54BbCTAtKsCJhlqAZJOeMD0s5Ed5si5vN3-_mGhfWbIu0wZU5VhrqlYSk2hpREN3bv9MFqVuisDOcGl_w5IRMjdPDNzCcRZzBgXmt4rH3U-O93FZjXBjOs02_h4QwX_u-PVmA6UOhLhFxlJqmPZ0NTEn2P5pMT4Y0KREdxoUlJ5WwVqVmiCe6SXGhOyMa8RuPJqU1TaPuj7ovrhiA6AdeEmbXGd7n5Li35ObfqI5vnzy6H1u0vs3MagxetG85ukITLbuAzvQOosbuqOYINGAnXOjUHy2fIFDcNZFZQIxm63WL5rvnrSh3JA_m9fy7C-pgL0u6elj0AJG_ciRjr_yuOuWhr9dmMtXiGAkF95rGVUOyvQlGj6jHYYy0IuGLtA-E_euwXJqDCngf2009jF9LBFXVQTYiT6KSIQoUxG_qwzPsJJyqglB8dSbruaTXJPi8frodNij6U7KOThoN34cDksvp7tLoN5BBp5PtonexvFDZ71StkehAZQnX9AI-3ECcbBXsrdnzSBUWcQxB_F5eVJ721quf1mG2PACyklCMY9FMKbOH9aJ8z7TxYx4iH4_ZvoZQDmn4gFJDAyWUuofjj6R7EciiRLCrAPlM7cH3ic4n2cL2V7Hb-VMGRdbCU1tFoxrVMEDUVkIzn_trDlClm23hgKD3klaeRRIpX1uq803-jv9LQyVrdC1Nk_fs3pT_dSjaFyI7MQKWrCjFzsSGQVjKo40Ii8tLRBDusv5Dx-yDKYR8Y7ky_tlEmxxqtTorYA3FYdBuUTsAD4e_Qvyda1xdYz_nLDYmr1ZZjSFK9qkyICntM3mAxoM_kSK5PfGGnFPS0rCuEqoRT2oDBd_pfJPLk4SHquhjCrAG-xM_SpFs53XmYEAn971CAqhyEum71YUvUFXu2mb6P9y_rL0KMGkQBmTLQlqVlySb9GUIdvZpuwKI7eLD39ppehisFv3iMWUg6Gbhzwf8Yp1DR-5I5q5wtxKLtNoBPb2BDzbTDOLoK-L3JvWwbHEza8xdj1zK2lSWjxgdDDA1siOxrGCcSof8MNYvLBiYYuiDS37WuLojNOoDYISoIHc-SVBIVIw8N43fWvc2wSKAlfhZkIu2aKOhHeysUTscJ_Kjt9YPBwfVimZjIClQ2Kv_AM9niYfdsVftZIVVMXwB_AlNCTl&cid=CAQSOwBygQiDSWCvKWJ-8B3KofN27QT5nCzLSuPLmRCW5tdNUozZS-ubU4XxpghHqQcIoGnPWQbbZbulPnHbGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=5756405015870805000&adk=3860319555&idt=66&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 18:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 18:25:16 GMT

GET
H2

200

passback_728x90.js Show response
static.adsafeprotected.com/ Frame 75D1
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1352960/70224159/xbbe/creative/adj?p=APEucNVyJZUbxX1wNlfaDcHT9vXF7BqXsxe-p4hKKsgIbkI3a5PK0FY&d=CokBAKAmf-C0OmhgRyvkRyBTTqKCRxduKqyWC20gwlGmQK3CY7efbod0_iHYDy2...
https://static.adsafeprotected.com/passback_728x90.js

3 KB
2 KB

6ms
6ms

Script
application/javascript

2600:9000:223f:f400:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_728x90.js
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2600:9000:223f:f400:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
date: Thu, 01 Jun 2023 03:03:29 GMT
x-amz-cf-pop: FRA56-P5
age: 395463
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:52 GMT
server: AmazonS3
etag: W/"696b4c19d35efd706805137a8a4b3831"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: lUj2563PqZ-oFUT30Njc2r-vp8CrhGha6rdvFyZuAKNoVKBqKYF39A==

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
server: nginx
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 86AA 91 KB
23 KB 7ms
6ms Script
application/javascript 2600:9000:223f:f400:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f400:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 22209495
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 5TTidYnHD06YFz2oZrEpT-VKJqIPCYR1d1geS4hx6GDQzUp1Jf7wWQ==

GET
H2 200 IAS_PassbackAds_160x600.png
static.adsafeprotected.com/ Frame 21BD 16 KB
17 KB 7ms
6ms Image
image/png 2600:9000:223f:f400:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_160x600.png
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f400:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13340dfc25a96d245772fb41c7aa01c32723b80d8dd8240864b747610d2ff745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: Ax9g4_p37qT.TuZCPzwZssuxM41dY1J7
date: Mon, 05 Jun 2023 16:06:57 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 448708
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 16777
last-modified: Fri, 18 Feb 2022 23:28:48 GMT
server: AmazonS3
etag: "eef84d4a7321b73260b41707db98756f"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: r2o_IZG1xNxDx2dNqnZnfXThfZYqI3037YT3RYAunYt-MjHOVe9EcA==

GET
H3 200 021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DA6 37 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 12:49:42 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 75D1 43 B
215 B 311ms
172ms Image
image/gif 2600:1f13:800:7781:cb7c:335e:4faa:1c54

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=4372b4d1-745f-1c6f-595c-d3686b8ce864&tv=%7Bc:eGqSvY,pingTime:-3,time:45,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:45,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGkhluF+111%7C112%7C113%7C114%7C115%7C1161%7C116211%7C116212%7C11622%7C1163%7C117%7C118%7C119%7C11a%7C11b1%7C11b2%7C11b3%7C11c%7C11d*.1352960-70224159%7C11d1%7C11e%7C11f,idMap:11d*,rmeas:1,rend:0,renddet:IMG.us,siq:18%7D&br=c
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:cb7c:335e:4faa:1c54 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 75D1 43 B
215 B 307ms
171ms Image
image/gif 2600:1f13:800:7781:cb7c:335e:4faa:1c54

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=4372b4d1-745f-1c6f-595c-d3686b8ce864&tv=%7Bc:eGqSvZ,pingTime:-6,time:46,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:46,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGkhluF+111%7C112%7C113%7C114%7C115%7C1161%7C116211%7C116212%7C11622%7C1163%7C117%7C118%7C119%7C11a%7C11b1%7C11b2%7C11b3%7C11c%7C11d*.1352960-70224159%7C11d1%7C11e%7C11f,idMap:11d*,rmeas:1,rend:0,renddet:IMG.us,siq:18%7D&tpiLookup=ao:pcloak.blob.core.windows.net*%2Cye-mek.net*&br=c
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:cb7c:335e:4faa:1c54 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8934 1 KB
643 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17339
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 12:05:32 GMT
etag: 48472445140208031
expires: Tue, 06 Jun 2023 12:05:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 75D1 43 B
215 B 282ms
172ms Image
image/gif 2600:1f13:800:7781:cb7c:335e:4faa:1c54

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=4372b4d1-745f-1c6f-595c-d3686b8ce864&tv=%7Bc:eGqSwq,pingTime:-2,time:73,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:391,beZ:392,mfA:393,cmA:394,inA:395,inZ:398,prA:398,prZ:404,si:409,poA:410,poZ:428,cmZ:428,mfZ:428,loA:437,loZ:440,ltA:464,ltZ:464%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:73,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B68~0%5D,as:%5B68~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tGkhlqs+111%7C112%7C113%7C114%7C115%7C1161%7C116211%7C116212%7C11622%7C1163%7C117%7C118%7C119%7C11a%7C11b.1352960-70224217%7C11b1%7C11b2%7C11b3%7C11c%7C11d*.1352960-70224159%7C11d1%7C11e%7C11f,idMap:11d*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:18,sinceFw:55,readyFired:false%7D&br=c
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:cb7c:335e:4faa:1c54 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame 21BD 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87a21c6424932c39e09fa819054d7a32d920ca85b20da195261658a1d63da99d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F808 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 206269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 07:36:42 GMT
expires: Sun, 02 Jun 2024 07:36:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame 11BA 0
209 B 45ms
45ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685984068976&userId=vnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 16:54:31 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 11BA 0
0 43ms
43ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305310101&jk=260274777520877&bg=!Pj2lPWnNAAY9J7QfHSc7ADkAdvg8WqoSKx9IxopcleAR6wFFZ-F6mSPKuf1vK-8VtawLTzqeKnmnImY1T1JnNLmPB4Feu7CaVV4CAAAAoFIAAAACaAEHCgAisz8tISSle-a6jqm1TEWAqAIU-B7RO_3Z6wNZxYJSPikt5JkDASd6ZFJ94U7Z5eP5w4NQxOTUtV5X47Vyd9aXIR9_AyCuFQUzVwvG9Fgy6lO4NT4p6gZuoKStZYcFZ9rnqNDXd061pXabt40JjjunuIcGcYXBW7WC32LplANWeFITwvB-bHGBuwZ6vmxn00GrWv3wZLa60wwrTql1vyUnlYcHPdm745-VNWvMJsT4FmpsI5iFc88t8VmLqwde_xIuN5GrlEvyujBHr3NK16RbdRg8EnwGdAatMY4vNCeUloZHS4R9XQDz2q3QCwteWx1rkD8bFCW6VTSp0_hKT-8Xre7Z0EP3DUp4g463RAltQjpSYGNXhpRwfILOC1ajl-9Znx10u_v4sJEDBVgUNbWSprrovG0dq9oe1CxrrrbZGXphcjQCKDlkztcawaK8EbebGSkh69GTvfZaVCMIclE9lkeBRFyt11BZznYZiLKZn0L9Es_3DbXsXPE0l6cbsiU140hNwuoUy-WVClwB0tT2XUoSewvd7N1N2K3SPXNeqF3XGW_QRQWe6J9rtZpZV8bAKiHiaNZYR1D0PPOPqodDaeTzPC0cULOH4jnNkVqCS5h9kGUkD42UC0UDnwVKmxLXUxMuLJlVTAPuJjAlU2zxKsQL0wleoD-9A4t2jzXdDz0kabiqnfYdY6RLhZLBf1g6YTFbDYoEhyL7nWb1YqNUpC3YF19tRxdw_VAYtt8A6Ld4VedjSbtUHt0tvMEQJLiQIJBGV5XzW0cYqUS7wU-pAxGmxz6WHnZpEazM9V8PlPKkQnK8QeGWxBMZk35JyFgyhdLUFejZw-WMWGurw0WyzGmv4zlyEnt0H9PepZDiDdKXkW26qOGiissu3LXRgEsHeC8OcdrJHIEaeHKec5GNkH8AZQOqWMnjlvJJKfSFKF15OWl7VKni85KEVfb4zVvKbbHfNDj7vbT4ebx4KdxWg1d7lNIdOEZbFb5xCvPmnSbPfPAwFObEpPr8P8yNpY7emmlHkAWuKbB5qLPGZEMK7D72k_a_QkLmi2vR_BPaKPw1tXdfL3I
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8934
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBK-DkVdTpmiQ9Y7o6P105g&google_cver=1&google_push=ATf1kGMT_3I0zXPhG7Ixl9ziBPRKjiwDws1fH7RXj4loqvP6DVQlXdJyeEON_IvJU0V2th84LHP-4Qcj9m6wS-7qKaXrnhqM0-Fd
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQwMzIwNTY4Nzg2NTA3ODkwNA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBK-DkVdTpmiQ9Y7o6P105g&google_cver=1

43 B
398 B

66ms
24ms

Image
image/gif

2001:678:cb4:bbbb::11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBK-DkVdTpmiQ9Y7o6P105g&google_cver=1
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBK-DkVdTpmiQ9Y7o6P105g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 8934 0
103 B 13ms
12ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHBqVBKC9Yne92QmjNodDhM&google_cver=1&google_push=ATf1kGPd5yzWnGacrBzda83aGbHFGnggsJvZusc1PnY0jFA0sIENZiMTR2jFeG049lXw-UPuN60UUy-K63qG1vVL5WlM_euta6TJ
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8934
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAQ4jeJwT63BwemJ7z-vXBI&google_cver=1&google_push=ATf1kGPh-YjYW3iXf-_s9zvP7-NMtyIRSS3tY2ESOHNgMtJz1Oes4H5Y4s3DMJqdA9K4DSWhVx4Rd9W4yEDO4Ipx...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPh-YjYW3iXf-_s9zvP7-NMtyIRSS3tY2ESOHNgMtJz1Oes4H5Y4s3DMJqdA9K4DSWhVx4Rd9W4yEDO4IpxAAgQTcp9ARBC

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPh-YjYW3iXf-_s9zvP7-NMtyIRSS3tY2ESOHNgMtJz1Oes4H5Y4s3DMJqdA9K4DSWhVx4Rd9W4yEDO4IpxAAgQTcp9ARBC

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 05 Jun 2023 16:54:32 GMT
Server: MT3 851 9bd98ae master zrh-pixel-x27 config_version:"3792"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPh-YjYW3iXf-_s9zvP7-NMtyIRSS3tY2ESOHNgMtJz1Oes4H5Y4s3DMJqdA9K4DSWhVx4Rd9W4yEDO4IpxAAgQTcp9ARBC
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 05 Jun 2023 16:54:31 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8934
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEI8gOZ-YbBf1lvmDCz5OuVU&google_cver=1&google_push=ATf1kGM7pdvQxW_U1QFmfMGLQfF5MEj6MWum46i3sC0dhICwMwanUA6AJ1jjsHK5v2qwSzub2jVnhzwA...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEI8gOZ-YbBf1lvmDCz5OuVU&google_cver=1&google_push=ATf1kGM7pdvQxW_U1QFmfMGLQfF5MEj6MWum46i3sC0dhICwMwanUA6AJ1jjsHK5v2qwSzub2jV...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjgyOTM1MTE3ODg2MDQyOTI4NA&google_push=ATf1kGM7pdvQxW_U1QFmfMGLQfF5MEj6MWum46i3sC0dhICwMwanUA6AJ1jjsHK5v2qwSzub2jVnhz...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjgyOTM1MTE3ODg2MDQyOTI4NA&google_push=ATf1kGM7pdvQxW_U1QFmfMGLQfF5MEj6MWum46i3sC0dhICwMwanUA6AJ1jjsHK5v2qwSzub2jVnhzwAN0-3utIpKsPxRmJSN0A

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjgyOTM1MTE3ODg2MDQyOTI4NA&google_push=ATf1kGM7pdvQxW_U1QFmfMGLQfF5MEj6MWum46i3sC0dhICwMwanUA6AJ1jjsHK5v2qwSzub2jVnhzwAN0-3utIpKsPxRmJSN0A
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8934
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL7hJ60FZgnoY4_6upRsA1Q&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL7hJ60FZgnoY4_6upRsA1Q&google_hm=ZH4TRyJ8R_6D0ZOMH2W24QAACLEAAAAB&google_nid=index&google_push=ATf1kGNNO3QYSSeAvfRW9YX9yoEoS_Gzr2Ru9...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL7hJ60FZgnoY4_6upRsA1Q&google_hm=ZH4TRyJ8R_6D0ZOMH2W24QAACLEAAAAB&google_nid=index&google_push=ATf1kGNNO3QYSSeAvfRW9YX9yoEoS_Gzr2Ru9L2omK4cUDFQDbkmaBjiryw-XSXbmiOzJiTA0V3tLmaJBJeWgB-cr3W6JKg2na2T

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 16:54:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL7hJ60FZgnoY4_6upRsA1Q&google_hm=ZH4TRyJ8R_6D0ZOMH2W24QAACLEAAAAB&google_nid=index&google_push=ATf1kGNNO3QYSSeAvfRW9YX9yoEoS_Gzr2Ru9L2omK4cUDFQDbkmaBjiryw-XSXbmiOzJiTA0V3tLmaJBJeWgB-cr3W6JKg2na2T
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8934
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEM4Dsvpy1xWATxpE7N364OM&google_cver=1&google_push=ATf1kGN3ghpuAHZku86V8y7lN1T2H4fHDwWMXsvmfWbWsCZ2Uw4OGkb26EPlvDgoypsNNRgHJIwrkOoizcV7...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN3ghpuAHZku86V8y7lN1T2H4fHDwWMXsvmfWbWsCZ2Uw4OGkb26EPlvDgoypsNNRgHJIwrkOoizcV7LXYroIZJWBjJKaI

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN3ghpuAHZku86V8y7lN1T2H4fHDwWMXsvmfWbWsCZ2Uw4OGkb26EPlvDgoypsNNRgHJIwrkOoizcV7LXYroIZJWBjJKaI

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN3ghpuAHZku86V8y7lN1T2H4fHDwWMXsvmfWbWsCZ2Uw4OGkb26EPlvDgoypsNNRgHJIwrkOoizcV7LXYroIZJWBjJKaI
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 8934
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESENcN_0RrInyGA9fUnsZCwlE&google_cver=1&google_push=ATf1kGOv6PbbPQoXNH58aUQUcfWj_Tb_DjczYv2ovYath_mKznwjBV9eE_CJ8CaE6llO39T67z6U1GVGnrUCp-yVN-gFpxoHKd7apw
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGOv6PbbPQoXNH58aUQUcfWj_Tb_DjczYv2ovYath_mK...

43 B
1 KB

39ms
8ms

Image
image/gif

162.19.138.119

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGOv6PbbPQoXNH58aUQUcfWj_Tb_DjczYv2ovYath_mKznwjBV9eE_CJ8CaE6llO39T67z6U1GVGnrUCp-yVN-gFpxoHKd7apw

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

HTTP/1.1

Server

162.19.138.119 -, , ASN (),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 05 Jun 2023 16:54:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Mon, 05 Jun 2023 16:54:32 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGOv6PbbPQoXNH58aUQUcfWj_Tb_DjczYv2ovYath_mKznwjBV9eE_CJ8CaE6llO39T67z6U1GVGnrUCp-yVN-gFpxoHKd7apw
x-download-options: noopen
vary: Accept
content-length: 273
x-xss-protection: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8934 0
12 B 16ms
15ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K6RaeRC2dyr3Hp93igPB3coZz0x-rZIYzCPp3f6CXWvc5wKGQZDWV8xkroO3mUVxmDWPoB5g

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame 75D1 10 KB
10 KB 7ms
7ms Image
image/png 2600:9000:223f:f400:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by: Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f400:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: 4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
date: Wed, 31 May 2023 04:05:25 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 478148
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 10216
last-modified: Fri, 18 Feb 2022 23:29:13 GMT
server: AmazonS3
etag: "b1464a7201f691a1e4cf6fc057919d7f"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: x1ody7iY66Tx-sujH7805SS2INKloW03lC5OzE38ES1Lg7bbzdOYPA==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8B91 1 KB
643 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 12:05:32 GMT
etag: 48472445140208031
expires: Tue, 06 Jun 2023 12:05:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 75D1 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b94a2a38274660efe46f6a0a9efb49c5663d321dbda9e8f6167198118656a56c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js Show response
pagead2.googlesyndication.com/bg/ Frame F808 37 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 12:49:42 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B91
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAK1y1J1RRFNM8Pk4r6MgFA&google_cver=1&google_push=ATf1kGPi3TJmx1AHpEZmuv65Gy0uj_7kQVjPQ8DzvcZFO4PEE2GM9S1Lz8mBKgqVWRzZ442g9gM0-xV96EF5UX...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ATf1kGPi3TJmx1AHpEZmuv65Gy0uj_7kQVjPQ8DzvcZFO4PEE2GM9S1Lz8mBKgqVWRzZ442g9gM0-xV96EF5UXP7IIlvcTdkomiP&google_hm=hmR-E0YKpV4angXDQ...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ATf1kGPi3TJmx1AHpEZmuv65Gy0uj_7kQVjPQ8DzvcZFO4PEE2GM9S1Lz8mBKgqVWRzZ442g9gM0-xV96EF5UXP7IIlvcTdkomiP&google_hm=hmR-E0YKpV4angXDQA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D647E13460AA55E1A9E05C340BLIS

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ATf1kGPi3TJmx1AHpEZmuv65Gy0uj_7kQVjPQ8DzvcZFO4PEE2GM9S1Lz8mBKgqVWRzZ442g9gM0-xV96EF5UXP7IIlvcTdkomiP&google_hm=hmR-E0YKpV4angXDQA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D647E13460AA55E1A9E05C340BLIS
date: Mon, 05 Jun 2023 16:54:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B91
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGbMKYBKl6LPxIGuJzLsysM&google_cver=1&google_push=ATf1kGPpnP1CrXApV8V-WK9rnVvgFnzq8IVG3EUxtihA10yZyugF-6Y2wzn6rWl9gHUNEDm6BWa2EWTVm-2rQVEDgwcO...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGbMKYBKl6LPxIGuJzLsysM&google_cver=1&google_push=ATf1kGPpnP1CrXApV8V-WK9rnVvgFnzq8IVG3EUxtihA10yZyugF-6Y2wzn6rWl9gHUNEDm6BWa2EWTVm-2rQV...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=ea0e0443-f341-4425-8b6d-fa9be079df03&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPpnP1CrXApV8V-WK9rnVvgFnzq8IVG3EUxtihA10yZyugF-6Y2wzn6rWl9gHUNEDm6BWa2EWTVm-2rQVEDgwcOuMf6ckI&google_hm=qe8A_c6OQP2gb43dIwzm9A==

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPpnP1CrXApV8V-WK9rnVvgFnzq8IVG3EUxtihA10yZyugF-6Y2wzn6rWl9gHUNEDm6BWa2EWTVm-2rQVEDgwcOuMf6ckI&google_hm=qe8A_c6OQP2gb43dIwzm9A==

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPpnP1CrXApV8V-WK9rnVvgFnzq8IVG3EUxtihA10yZyugF-6Y2wzn6rWl9gHUNEDm6BWa2EWTVm-2rQVEDgwcOuMf6ckI&google_hm=qe8A_c6OQP2gb43dIwzm9A==
date: Mon, 05 Jun 2023 16:54:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B91
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESENRpU2gZdHeBha3qU9aGmco&google_cver=1&google_push=ATf1kGPL4vSMod9f_NOEJGdtaIVUMBieYF77pBRMZPasOGkv17JY_-aG0jpUxxMCMzfYbCOKGVmviXiGJiMK56drtpBFmJ...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENRpU2gZdHeBha3qU9aGmco&google_cver=1&google_push=ATf1kGPL4vSMod9f_NOEJGdtaIVUMBieYF77pBRMZPasOGkv17JY_-aG0jpUxxMCMzfYbCOKGVmviXiGJiMK56dr...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=U5aNuth8TR-AyZG3u3mlEQ&google_push=ATf1kGPL4vSMod9f_NOEJGdtaIVUMBieYF77pBRMZPasOGkv17JY_-aG0jpUxxMCMzfYbCOKGVmviXiGJiMK56d...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=U5aNuth8TR-AyZG3u3mlEQ&google_push=ATf1kGPL4vSMod9f_NOEJGdtaIVUMBieYF77pBRMZPasOGkv17JY_-aG0jpUxxMCMzfYbCOKGVmviXiGJiMK56drtpBFmJJzEEc

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=U5aNuth8TR-AyZG3u3mlEQ&google_push=ATf1kGPL4vSMod9f_NOEJGdtaIVUMBieYF77pBRMZPasOGkv17JY_-aG0jpUxxMCMzfYbCOKGVmviXiGJiMK56drtpBFmJJzEEc
access-control-allow-origin: *
date: Mon, 05 Jun 2023 16:54:32 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B91
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGNvk-4QMoHHjbu2IfhA7gQxr56GehF7gcvsAgxzgqbZwj2rSmGkstnzWicJz4fMNDyWp2JBxYadlV0psGseejbgeAtK5_Qj&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-fa3d9500-f9ef-4895-80a1-2ce958726a5f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGNvk-4QMoHHjbu2IfhA7...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGNvk-4QMoHHjbu2IfhA7gQxr56GehF7gcvsAgxzgqbZwj2rSmGkstnzWicJz4fMNDyWp2JBxYadlV0psGseejbgeAtK5_Qj&google_hm=A_o9lQD570iVgKEs6Vhyal8

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGNvk-4QMoHHjbu2IfhA7gQxr56GehF7gcvsAgxzgqbZwj2rSmGkstnzWicJz4fMNDyWp2JBxYadlV0psGseejbgeAtK5_Qj&google_hm=A_o9lQD570iVgKEs6Vhyal8

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGNvk-4QMoHHjbu2IfhA7gQxr56GehF7gcvsAgxzgqbZwj2rSmGkstnzWicJz4fMNDyWp2JBxYadlV0psGseejbgeAtK5_Qj&google_hm=A_o9lQD570iVgKEs6Vhyal8
date: Mon, 05 Jun 2023 16:54:32 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXfa3d9500f9ef489580a12ce958726a5f003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B91
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOG03AJIXUU_W8SMwKkGpL0&google_cver=1&google_push=ATf1kGP3K3V46ZjT7tr5I3ClyQ9Y_cYW7j9EudPOsEyqsWnbCbWMaFkuu-QIOQlwo8x_tqyYoDnhwuBMXhcuEVDTEHeoU4jIu_s
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGP3K3V46ZjT7tr5I3ClyQ9Y_cYW7j9EudPOsEyqsWnbCbWMaFkuu-QIOQlwo8x_tqyYoDnhwuBMXhcuEVDTEHeoU4jIu_s...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQwNDM5NTgyOTk0MjU2ODc0MjYzNw%3D%3D&google_push=ATf1kGP3K3V46ZjT7tr5I3ClyQ9Y_cYW7j9EudPOsEyqsWnbCbWMaFku...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQwNDM5NTgyOTk0MjU2ODc0MjYzNw%3D%3D&google_push=ATf1kGP3K3V46ZjT7tr5I3ClyQ9Y_cYW7j9EudPOsEyqsWnbCbWMaFkuu-QIOQlwo8x_tqyYoDnhwuBMXhcuEVDTEHeoU4jIu_s

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQwNDM5NTgyOTk0MjU2ODc0MjYzNw%3D%3D&google_push=ATf1kGP3K3V46ZjT7tr5I3ClyQ9Y_cYW7j9EudPOsEyqsWnbCbWMaFkuu-QIOQlwo8x_tqyYoDnhwuBMXhcuEVDTEHeoU4jIu_s
date: Mon, 05 Jun 2023 16:54:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B91
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHqZU-OObdAQUwaJ7fkAstc&google_cver=1&google_push=ATf1kGOq7O4_eycmEkZonEy4wmQzVuJ_UkgGL4WN0Aq3xFwaUsvMLEsgdLgMr8uLhhIQBawXrp...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHqZU-OObdAQUwaJ7fkAstc&google_cver=1&google_push=ATf1kGOq7O4_eycmEkZonEy4wmQzVuJ_UkgGL4WN0Aq3xFwaUsvMLEsgdLgMr8uLhhIQBawXrp...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tRlUuQWQxRTJ1RzhYajA5STdsUURsNk0yTHpEQlBvcn5B&google_push=ATf1kGOq7O4_eycmEkZonEy4wmQzVuJ_UkgGL4WN0Aq3xFwaUsvMLEsgd...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tRlUuQWQxRTJ1RzhYajA5STdsUURsNk0yTHpEQlBvcn5B&google_push=ATf1kGOq7O4_eycmEkZonEy4wmQzVuJ_UkgGL4WN0Aq3xFwaUsvMLEsgdLgMr8uLhhIQBawXrpf5WZaBtdYpSaKwd3NIDg1PWYBoWQ

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1tRlUuQWQxRTJ1RzhYajA5STdsUURsNk0yTHpEQlBvcn5B&google_push=ATf1kGOq7O4_eycmEkZonEy4wmQzVuJ_UkgGL4WN0Aq3xFwaUsvMLEsgdLgMr8uLhhIQBawXrpf5WZaBtdYpSaKwd3NIDg1PWYBoWQ
date: Mon, 05 Jun 2023 16:54:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B91
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJJl6Fs1M69f7q60w4V46QI&google_cver=1&google_push=ATf1kGONgZbqfYDlR...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njk4NjQ3ODU5ODQwNjE4NjYwOA%3D%3D&google_gid=CAESEJJl6Fs1M69f7q60w4V46QI&google_cver=1&google_push=ATf1kGONgZbqfYDlRst6LSFDi63epQQM72...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njk4NjQ3ODU5ODQwNjE4NjYwOA%3D%3D&google_gid=CAESEJJl6Fs1M69f7q60w4V46QI&google_cver=1&google_push=ATf1kGONgZbqfYDlRst6LSFDi63epQQM72i4yv-rRvbbmv_cKzQh2JYKqYkJWcKcudEhd-545VI6jLa479FU83Vz_2nzho7tHgOUIA

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 05 Jun 2023 16:54:32 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 146.70.117.119; 146.70.117.119; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0dfa2485-957b-4ebe-a11a-6c43018b6da1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njk4NjQ3ODU5ODQwNjE4NjYwOA%3D%3D&google_gid=CAESEJJl6Fs1M69f7q60w4V46QI&google_cver=1&google_push=ATf1kGONgZbqfYDlRst6LSFDi63epQQM72i4yv-rRvbbmv_cKzQh2JYKqYkJWcKcudEhd-545VI6jLa479FU83Vz_2nzho7tHgOUIA
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8B91 0
12 B 17ms
16ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ii2eT3T5R4IaIQ-aNwd9IXAnnbpHepwWK8cBSHZX2ySUV1BgL9lNqbQNLhoShr8WQpoBzrIWE

Requested by

Host: ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
URL: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:54:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 5ed7638be4b07a92411bbffe
ng.virgul.com/tck/i_vb2/ Frame 11BA 0
209 B 46ms
45ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed7638be4b07a92411bbffe?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1685984072221&userId=vnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 16:54:32 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame 11BA 0
209 B 45ms
44ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1685984072222&userId=vnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 16:54:32 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame 11BA 0
209 B 45ms
44ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1685984072222&userId=vnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 16:54:32 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame 11BA 0
209 B 45ms
45ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1685984072222&userId=vnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 16:54:32 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 101ms
21ms Preflight 3.8.42.199

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.8.42.199 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 05 Jun 2023 16:54:32 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame E635 16 B
232 B 94ms
94ms Fetch
application/json 3.8.42.199

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.8.42.199 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 05 Jun 2023 16:54:32 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 21BD 43 B
215 B 172ms
172ms Image
image/gif 2600:1f13:800:7781:cb7c:335e:4faa:1c54

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=1442031a-9d22-b0d6-ea27-54dc5f14ab63&tv=%7Bc:eGqSCp,pingTime:-10,time:705,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS45MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1685984072245%7C%7C1bf619a2e48e733fcf2b2bdf93f8e0fc%7C%7Ce2cb1dcbe7da8721e3ae9a3fd2b4449b%7C%7Ccf7c7fd558247ef45495027a914c2146%7C%7C0808682921152bef7a6d61a7bcc7fe13%7C%7Ce454e2a45a60c80d36c28295d8fa85fe%7C%7Cb74902a17603be1f89e4c40a7b3082f3%7C%7C3dbee1bb4383b7befc3d37b289b9ed11%7C%7C1663701684,im:%7Bpci:%7Btdr:542%7D%7D%7D
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:cb7c:335e:4faa:1c54 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 75D1 43 B
215 B 171ms
171ms Image
image/gif 2600:1f13:800:7781:cb7c:335e:4faa:1c54

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=4372b4d1-745f-1c6f-595c-d3686b8ce864&tv=%7Bc:eGqSCy,pingTime:-10,time:453,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS45MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1685984072254%7C%7C6816c86683fe8a69c37ec2181a99aa57%7C%7Ce2cb1dcbe7da8721e3ae9a3fd2b4449b%7C%7Caa5354ba101db6fe7f1d6316d1a6b085%7C%7Ce11c2cb6e7e5faf2fa3cdce9da444d6e%7C%7C2e60791d2d90dcf9116c32adc98a4e7a%7C%7C1863ac822075528227ffd014d5a39566%7C%7C0906fef14711e46d86314e7893866596%7C%7C1663701684%7D
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:cb7c:335e:4faa:1c54 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DA6 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bf6-DRxN-ZJPZG5rz3wPb1b3wCgAAAAA4AeAEAg&bg=!JCelJ3PNAAY9J7QfHSc7ADkAdvg8WgP0e78Q5nEPKWT22RHqQRfxUQgYBQ_VSpIUptXL3Eu7DTjtEoAb03KkfGYH3YwfhygdKkkCAAABk1IAAAADaAEHmQNZDqExB46dAA6iT61HWGMtfukc5RRkzLQJXwpfM1zEiUkqGJE-xfxP5jk9wmmojE9nPybSrERiSBawsoIlUWAMVV-rnjNUs-_7tlNNKQ-Jl0SrCULBucUTLL5Tl_uBwka0hRzVf5Vz3-aJWoINrSCzS7CbtLVWOPv4UfJYbGT_vjpsStMpOVjk4IJhXzTCTmjXYVRCFWSsl_enFMvGNTBAIOi_XbrFS_TWvw7IB7b1pIOQucbaDEZM3JbuCHGid67k6nCOiF3wgZdsrpHfcAoQ8g-eBtIKQYgRjRTMUR9Zw8NCnDwjPKCWQ_zU0n_gHTdKtF5yO76582_m3OjTIoDBc4tK-csMAtvgAqEBloUMH-iHbJ8Xx8UGufzlD9EbknnYnEX81jT-6RqYYwy61BH5JHaxqg_ne07IZyMuS89QQijbqX5_YgLhihMe2FJg3oQMFuLCzGHOVCYKpJHceOxHao83-FGLenaE1dhchSUKd5AKTrcr2ZvsfzAEPdDfk0120VWC49DJ93pc4aURsk6d0ySe7fReRs5TJbgVQTKCEI8wNGNmEUbp3XQMpNgjcYfVAj1GHh06piYp4SEJVehdxxuTO-VbYYqO6N4nWFfOyLXCPbV3VwMBGRSvGobMx2Vra37QpjtLc0Xf4WrqYpanLXVjcfywO4yzxVhsy8IhfxcWaHIEtB4Wjf-pHmjUPlVKBWPC5j8Sj2HHvpN5YCsqM4Hm48zviAIEDDBFIgDwlSJb6BtOpYeCGSBY47wt2m4XVtwP2_gjLUxLXjJ9HKlFmE7b68Daw64g7_NAJ7gxL9O54JUdz4ETAUhlURgQPo_3LKfbNOg5Wv6uJxHfV_ksTI2Yq2KJIk8HIQggjwKPF98zxdBbRPR4VFPwf5JVZL464fwlGr3j40VwX8GNB9pYjAFCOqL6awdjAAYoJZ3IpIvnjTCEHz55mLQDeb2Egke2lulDzBNBQhy1T-5TK-SNNg5EGDmotxDA4p782XqGPZaziXmz681Myvx6jz-JF84cpMd-aPC9Y2-482n2YT9ZFGdQOnXVy_r2pzReiNfHfu3e9TYeoMuDbA3JbU01FZ2MzehmVN4NLjtueoFxuLjWBURNpf9fba7VckfsIrw6jk3xVmDniuEfg1I

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 75D1 43 B
215 B 172ms
171ms Image
image/gif 2600:1f13:800:7781:cb7c:335e:4faa:1c54

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=4372b4d1-745f-1c6f-595c-d3686b8ce864&tv=%7Bc:eGqSEw,time:575,type:e,im:%7Bpci:%7Btdr:516%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:575,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B570~0%5D,as:%5B570~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:376,fm:tGkhlqs+111%7C112%7C113%7C114%7C115%7C1161%7C116211%7C116212%7C11622%7C1163%7C117%7C118%7C119%7C11a%7C11b.1352960-70224217%7C11b1%7C11b2%7C11b3%7C11c%7C11d*.1352960-70224159%7C11d1%7C11e%7C11f,idMap:11d*,rmeas:1,rend:1,renddet:IMG.qs,siq:18,sis:209%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:cb7c:335e:4faa:1c54 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F808 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtLkORxN-ZPHbJ4fvgAegt5XAAgAAAAA4AeAEAg&bg=!g4ClgNTNAAY9J7QfHSc7ADkAdvg8WtzzXU5njDGsoWWrRNrVAgn0S8uBCCwI3oycFnNDaSpnycYkjGLgwOiIbWmugc45W8nS7BICAAAAZVIAAAACaAEHmQNBZnGs62T_926RjpLRcBehPgZR_LhiKniZ2YBNzYRbrEYxyqb8ySsH1giYYTkmQ8OeTxEDJxKwt3TJkkzRjslGkuu0EM9nkh58C_Qmm-dCj0vxZGkHnPgyMklrrpJvCKVAj6sj0IU7CFgbe5w_zaUr8I1-BcrOmxMx67QwyOLvuFaI1nSMfaURy0mP63uATsAt_92zBrAHFgIIAGpz5XNqjs311phSBEZwDBEsxs3TSKoNt4cJmm_7KRt0Vf3ZhYHUNsy2vIaGaEeyfcmUukeXmN_y6EzM88gkXhDrCRk-JxwjOvhfphMP60sUYDnm-JC9hLye_zKHF6QXqRKR5Df_rDBO4XkCQ8vUB4y6jatIPQKJkTFYu0uYQz6RyFyiZO9i4tjEmtRE-rnCK_X_NPAf2zaemu-1Z-MzRSO9WoAAyfY_2mSlXFxVXlacZ3zSLfXOQHNus0XFKtSosOEWlanFGdlNiyzlxEbIoX1k1DKe09lna_W4A5tOCcKZhVKVYQwAbpOYVjnGCHN5GowQgOi3yAYBXa3YMO9s4vFWFI4F4E5CprHrzuven8M0Nmo_us_UFkgAZejQjx3B1KgerOUg0lRf15xAN9Nuqtp-RtGofIvPmdEH9Bq_g4d0fmEtQUj4ZSCSX_SyfEpif68QymcM4cTwq6HFl6glON91MKYYbzZ-gCokE_uIGs_qgi2sIcffID_VI5oO8U7REmnEsFAeC-wdPGa9maTIoSIfQkpT87nNNDPexHJZATyXrdhEeCS7AgS5siPHfm_OFhn3Tj5HbjdZUa0GJoV-g78fWyWpFceX9Hesq_ezgx_uoItTf4mswSGKqcsoKlhbXNeTPHlydgB9s_6fkfYbBFiFq19MBb55vLwPUmm_LwLUjjUTQlSa_lUUv6KCoH8GE17kIMLdzJLFZtoMVwD2TdO8X6znnhVtApwSoZOjXkd0lx480WMnrU0z_KdP1_F82txN8Gv99kCqfv3kevKkoI6Ay6ZIp0dgHeAguINfMoeZGIaYn2-aGnTLfhoRmK3S6oOQryMVChcESyZMMRuEwQXqjhf9lnLtLfKE3jQ6nxK0XBnifFsqkpcp0Q4uNABjvdDcKxpQ2_k

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 48AF 42 B
64 B 48ms
47ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrlW9agTN95_pJveviN0d7IYEwrcunPyY3-NU7Bj7o9Jo5_lJ2QkxThhnNj3re0VhFLIgAOuRMW4gNZV3zgyBkPMQxDRFzjtXer6-62SMplJ2LhzYs7NkDiBKlOpL4Of6P_FSLAw&sai=AMfl-YRlkTZU94XMAf8TOeookg-jirUKF6fYIaKVhKaYFhmQ5vUDqvFa7Uh-_OoPeUvWFBKZtdtYwT1fCeR58HFxmPKzRb2pHGt0wd8ngHymOBIwPzgbhxpobl2GR7Y&sig=Cg0ArKJSzLk2ON-B4EycEAE&cid=CAQSOwBygQiDsPRnX47gi-gz-pyEab_a1zSMt1kwTMpsg_f0tSrJvOaKBmWzkEaITkP7e5fZIxy2JZA6J2ncGAE&id=ampim&o=0,601&d=160,600&ss=1600,1200&bs=160,600&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=205&tls=1205&g=100&h=100&tt=1205&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BCEA 42 B
64 B 48ms
48ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqOQGS65dazcFK0VuMgo1GuYmogZCOAC3c3nFlFbtXjT7zwGEjE-Xd8jnCth5ZCFg2O3Ckhd7mD7QnMb9yxV4sxE7n-eub9lY86lCecFAqL6JzsRHmaKKx7X5mTWAUj2xOeBDsFg&sai=AMfl-YTKn4qiXOfNOt4tNqXr2MiLUYg1It3CMXWF7MVEni-eT6M_kL26RrjpPkIF_wDkFuKvy1xspE5LccKZpJED0HHnZtuOQKD2NGoP-SP09991RQJsk7lM0Ekhagc&sig=Cg0ArKJSzPhuHVYXUc-kEAE&cid=CAQSOwBygQiDCmyM_gmICrIfIkuxNapdILa6J8_2kdbvdDEG27k7Jjfl7by-5piAFWiyrcuBavXOoK2v39ojGAE&id=ampim&o=0,251&d=996,250&ss=1600,1200&bs=996,250&mcvt=1002&mtos=0,0,0,1002,1002&tos=0,0,0,1002,0&tfs=195&tls=1197&g=100&h=100&tt=1197&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 16:54:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame 11BA 0
209 B 45ms
45ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685984068976&userId=vnet81c66b0a-40f7-40ee-981e-e4f5d7c7fd04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 05 Jun 2023 16:54:32 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 21BD 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=1500&ts=1685984069219&src=pbjs

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfcZjv8UqJI1BiBrqk1s7ewlOYP6NYT68CiBWGGNT0PZtTzahzo0Z8vE-rTjy9_Vkn2ksUIKmTzNv6q-IiSI6N7MDkbGdLOMC5P0I4FUacHWZ4boNBpIdWF3kYSudtlb0aA9eSCg&sai=AMfl-YScpPbHte8n3sRX6TFRWnTwNqUrDU04nIRJGcIB1tT4ZDLgy0rYFCGThSFLHSwm1M4dL9mM30TBGbxffMGhxZXuXeYy3EAvhw7-T2NASKYV9dmiyNb2GY9vmRI&sig=Cg0ArKJSzEYAG6xRYtHNEAE&cid=CAQSOwBygQiDyRJumJC2byDGG_p8IUxg8BO_r4CJFVvIjJinbR7wtxfbkB4JuAu1W2RnLHOUz5xUrj-N-MD7GAE&id=lidar2&mcvt=1000&p=0,0,604,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=3203893797&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685984071240&rpt=651&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubiconproject.com/	1970-01-20 21:05:20	Name: khaos Value: LIJ3DTPL-1Y-JAHM
.rubiconproject.com/	1970-01-20 21:05:20	Name: audit Value: 1\|naVuGyos1qq9/kHKL4Jj7Q/5onLiA/RiY1TdhAkPVQC15hXKCnPm+K5TxRwWs8OZ8NhzLov3/0MOwzHLtYfPBBoZUFBBzTvW0A+VO7RH1E0=
.doubleclick.net/	1970-01-20 21:41:20	Name: IDE Value: AHWqTUlQT60c1uD1HOy6y0PiVKI-R__4dAYWxttzfYZPaJ_GD-Vvl7T_LK1ohwZfBS4
.quantserve.com/	1970-01-20 14:29:20	Name: d Value: ECUBCQGUKYEA
.quantserve.com/	1970-01-20 21:49:58	Name: mc Value: 647e1346-b5637-704d3-7db7f
.blismedia.com/	1970-01-20 21:05:24	Name: b Value: 647E13460AA55E1A9E05C340BLIS
.simpli.fi/	1970-01-20 21:06:46	Name: suid Value: EBB910D43EBE4C65834507AB2D312192
.criteo.com/	1970-01-20 21:41:20	Name: uid Value: 8b4c99a6-bc1d-4944-ba68-eb51a203efd0
.awin1.com/	1970-01-20 12:22:36	Name: awpv14702 Value: 412871\|1685984071\|a4053441-03c1-11ee-9d45-2261c3620022
.awin1.com/	1970-01-20 12:22:36	Name: awpv20044 Value: 412871\|1685984071\|a405d081-03c1-11ee-9d45-2261c3620022
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.tribalfusion.com/	1970-01-20 14:29:20	Name: ANON_ID Value: alntmItZdPuem7SpBnAoqwFDsMuVgZcGdJU73TZdOLaOijIipsWfG8bqgnXaJSRXMsfliraYZc5E3PTVVCWOUXBYBZbRl
.adnxs.com/	1970-01-20 14:29:20	Name: uuid2 Value: 6986478598406186608
.doubleclick.net/	1970-01-20 12:19:47	Name: DSID Value: NO_DATA

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript	error	URL: https://ye-mek.net/(Line 39) Message: Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x69807j0b5.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685984069108&bpp=3&bdt=746&idt=245&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&nras=1&correlator=4273565171847&frm=24&ife=1&pv=2&ga_vid=2108588104.1685984069&ga_sid=1685984069&ga_hid=431588719&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31074198%2C31074580%2C44785292%2C44788441&oid=2&pvsid=260274777520877&tmod=370842348&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.7ad3wz7fe0fv&fsb=1&dtd=261 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://as.ad4m.at/ad/dr?ed=1hq22wm0tg70b4qw183ey6afbt4ps0xvq6xnr8hbftq0m6wa60vb81m2z0dwzfsrha6dg5ycyge1dx4zkn0t4evkpxtren2w9kk2a84s7pta1df3m4nzqfnb7v5f0xhjx6rsac09kc8ddj43v40te3q7sbcdwhyw1gsf89h31vyv9vfqefehwrmt4q8v4tpq1k9asjqpsc2qsn6k31jc1jxm320fy9585b875wwbzqst8xh26kqsg8rnxmfwn4cnem455ea7by4axzq5b3mqvvetsgeedf147vhfjeth6bddpqa4c5zngt8m9a6b6d9ranrzgjnsdfwt9chgv0dvv3gatxpb5zwqa05dq54gpsrz1txh8rnt593h5y30a5kd1bebax5dtwq5k6fjpe6rq5bvzy6vymftkpw4a28cgtjy66sxntvvdszbnhxt9d8p94h3bj2f7r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%26client%3Dca-pub-6593523210010154%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DATf1kGO1bk4K8J9PtY9-s1u_8RqBP6BzgEB7EASm3S51rBaOTs029jsVFRfOpzU_67VX0Fjw83setoiM0K1Yo400tMRDggM346Xiq5E&google_gid=CAESECj3Na2tSmDXvshLM_GeKgA&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=2ab03750c7968da47e1573cd8d172faa%2F9086229262986773378&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685984070891&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kdp4eea03rje118v4xc895e707nwmh2mf4j6ggk6p9gxhwp1pwycw1t61c7kgxqnj0v646qmd032aw8b4gwgh6zzy6jvn26f8szyb2kmkbgqhp71tkervpfzskqqeec9hbxmf1bhff0ra7ka1pce9c19p6kp3vr9a3jss2cyg9rg7b7n5kq6kp9b15bbxmgve0a4dt7wt14qwg4qeb838kbx0atk4bvhrjra19j1ekk0ay667v1jp41kah89zsgvcv7cg150rj3x2mhhsscmx3jq4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeCXXRhN-ZLT5EoyEhAWM3qjwBJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAjUz9aPP8LE-qAMBqgSxAU_QMox055rp0R0NwKiRFGH6kspsJTelrIwy38Dkhog5GSmCzfXjj5E0a4x04pgoI6P9RDa39kaMS3PgUhb3CqZGP4FAX7Lvs7i1WAjENAOZ7TmhO6qcilaqMqTX_4xqgVqTWCA2HrJKPFOg9r1fhyAlDG15Xmd5HYxzlvfLz5lA7ZNld-TSKOj2y8mgyKDIMuBkiptUCVGZ1b_jTBVZ6v0CgY-Lo9LUpX5VXafvuVqJN4AGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Ktp7tmue1jSKco4lMoTLD4EDqYg%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a.tribalfusion.com
aax.amazon-adsystem.com
ab1433b1b78432927e4c45e7f8eb819c.safeframe.googlesyndication.com
ad.turn.com
ad4m.at
ads.avct.cloud
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cdn.ampproject.org
cdn.track.production.webgains.team
cdn.ye-mek.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cpm.programattik.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
fastlane.rubiconproject.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
images.dmca.com
imasdk.googleapis.com
match.360yield.com
mp.4dex.io
mug.criteo.com
ng.virgul.com
ng2.virgul.com
onetag-sys.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pghub.io
prebid-server.rubiconproject.com
prod-rtb.ad4mat.net
r.turn.com
s.tribalfusion.com
s7.addthis.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.adsafeprotected.com
static.criteo.net
static.virgul.com
sync.1rx.io
sync.inmobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
ups.analytics.yahoo.com
www.awin1.com
www.cloakan.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ye-mek.net
hb.emxdgt.com
pagead2.googlesyndication.com
104.102.45.165
108.138.9.235
142.250.186.130
151.139.128.10
162.19.138.119
178.250.1.11
178.250.7.11
18.168.49.43
18.185.140.51
184.30.16.120
185.29.132.245
185.64.189.112
185.7.176.222
185.7.176.223
185.80.39.216
185.89.210.122
185.89.210.20
2.18.232.7
20.127.253.7
20.60.220.36
2001:678:cb4:bbbb::11
213.19.147.44
216.52.2.16
2600:1901:0:76b9::
2600:1f13:800:7781:cb7c:335e:4faa:1c54
2600:9000:223f:f400:8:48e:53c0:93a1
2602:803:c003:200::51
2606:4700:20::681a:61b
2606:4700:20::681a:8a9
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700::6812:18ad
2606:4700::6812:272
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:806::2001
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2008
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::a
2a02:6ea0:c700::18
2a02:fa8:8806:20::2010
2a03:2880:f084:d:face:b00c:0:3
3.125.195.44
3.75.62.37
3.8.42.199
34.102.243.38
34.91.62.186
34.96.105.8
35.241.45.217
35.244.174.68
37.157.2.234
37.157.4.25
51.89.9.254
52.208.60.203
52.222.181.100
52.49.34.214
52.85.92.55
54.246.82.89
76.223.111.18
77.245.159.14
85.111.6.48
94.138.206.83
99.86.4.53
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00ce306cf481fb8e0a4fda19526dde1a8a9d670a07f143d832a445fbcf2db6eb
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
026ea7ee6b3f89ff44678e36a04f461d8a50979812a390537845226ab48cd1b2
02aecbb9e06fc27e40b7b1a9c89a24cdb0b7df9e7392187bc195ce97c93c1f10
02dae736d2648c67319cc03736039f03dd6e6304f15177c973f1eb9051d83230
056b37a8ef9455d3f77615c4083ffdd880b895384c89f8c16a8f6a6908fa1374
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
124bbc802d717cf030379ba108adafeba483ac04b6cce7004552c9898892723d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13340dfc25a96d245772fb41c7aa01c32723b80d8dd8240864b747610d2ff745
13be3f564953f22852963fe4d578f16d4303b84d522ed92923883fe79744d0f9
160d1864783c67f39eb03bef232d860b57aba8f26003317974a774a3d5146345
167b361207c0dbe5cc3e6a4aded1c1523af5ca6241dd25f5087a33d63ed89ed0
1c2f211a9a1c8e677c96690bac96daf02a90ddfa51b894d4c54949294eefc17d
1c9af0fc292c8fb8f9dc82487cf57b1854797659160b14b7afd9566c7d068c2c
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
1f6f268c7c0bf2115730ab47d014e9a39b3352ff9a6918fcf0303880b1b2d1c5
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
22b67f32725810acdb8b53d87507d305416bb50e4ed3d92f44eb0f458d2b9d38
234739666441df382d1271a78d052762a82b8340232aa67186b055dd6a529833
23d7b58c9a37ec6531e52d88f4c7836bdc5679c98ab5d9c6ed0e662f56f83707
2581753667ea9096139c6e824317f55122ac3bc2c6c0227fe9168cd247061a1e
273df20f6b36599b84f554c83a9c4b1c1af6596785bf74bb87ab1bc10d7986b5
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
298e30cd4e01948d540e8aff796e294da1ae095578b2403f2b97280e3b969a6f
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2c481ccdb6e10e0136132ac25c732c873df15b1cf23a063a714f63606159551e
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2d834dd87793efcea8cc2e278b3ccb3086457fe55fae0f00342c685c68b60392
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
300223f81c00aff52c026af4b6a07872ee6dc67ab7a0f6198e3ba34beca33764
30236662b71c82e831449138ce08eadd67da6494def298f3c64d4674a6512497
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad
36313a9137f8f92d2f01451a77a68f6688629136626f7fd3927bbda857a337eb
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
38a45d2622d89b3d2da8101fa1ecdc03ed87f51af4d93f1358530610ffd7cfcf
3984d57271ac4e5d4220ddee4b2339fd841b4a65b3b5024f0b7caf539c58e54a
39ddfa0e149ffe66b2480afecb8501822ac2d7aba2f841103eb7caab5ab7fe2a
3c2fc0614d14f19c7b68d795bbd361ec0baa28f2f72f7fd645cb7967f380af07
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
40d704fcf4405f97ac78ba9d102e436a0482e3a47576de24a70f370f970dc0f3
40e79ea3833e391579a893edcb1311f9d82372fcf6ad18ebd245b7535bc2eef1
42957ef601fd013119bccbb5d1a6a656f89851c80a3e5a1482315b87251f53be
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
43c1db258054fd904a5ea889573e183fce6b54fbe0217e7d72cf1ef6881c94ec
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
489a317285add37c0fa5a737657dffc0bbc3517a459ad216abf276ef99a05ffa
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49c10561c677f6393905ed175cef6fb8e7b41e4b7e316cd04ebb95d8325d9518
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e61c4c6f2c0c52c9b5dadb303f0db1128715c2e8819a50b1d24c6d7089fbebb
50282fee83281adfa1bd8aa7771950d435a2799ca90959ae8f3a483ff4fb0be0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54206c3cd3ba96fe9f1b68aa0bf2ea48ab8fb2b985bbf8a10f2fb1af14cda012
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56456e2f1ddccefe6bc16fceaca7691690d940879347f36441e9a97f60805a69
57d6270f8a2410ea0ae988122b1d818fcf9a73b139b68c281c344bd48431558a
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5db79bf00b004754c8301b08701190a9568a8cf791f7f1ac2bb533e8f50d9ffc
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6405536ffab9964897bf86e7810a18c058c3c3aa3635ba1a27efac910e2af6e7
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306
65676ff9ee174f1af8dd161a2b306631500e0e3ee01ace918e221312048e9bc6
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65dee0fc000c61ffb078333e3d58c25d19d056ab9402149dd85e55918841a77c
682a38b289b3cdf227569a758d4542e8f4008ba788dbdf1f4ed741ab38551110
68bbcab002cfe978fe70454b240f442046de6170bdef247b98f4819f1e7f2417
695d6527f14dafb20984246049fda76626fbac71611872a3df0ff1d9a826711e
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6d4b039e13080924553d42c56051ec773abb13dd903a5ea542eb3d23702a821a
6d735ee9e8a233928f4788ed6b6c5a25a6d434e80a2af59d107fa242aec2a8ac
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76306b9d8180fd3fb55e3407dd03fb7efe3f8c43ec801c13a9e414104016ecf4
79076f5e5894a65c86f101fdc051b1b77e6dcdefa5e657675cf047e0e84c3358
7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e
7c61fa1cf06e1231a6cbcbd22e6fd065c2934749e2e2af038318feaa79f54c93
7e36af7b80897b61ec68d3c4e222b6367a4fea0143dbca2c6884aa4623feb040
7fb65548f1070a02531030355eb69c1dbdaa000acc7997f5c2af52e01bc29aa4
87a21c6424932c39e09fa819054d7a32d920ca85b20da195261658a1d63da99d
91c7496b7c9be699a6cd12b4417fc92a6c6644d2961621daa1c0e51ff3af8b76
94dc350acb3e491e883e23665acdfe801c1559d67026fbcd533dfce70d5a6270
95e9b520e4fa4708a1c77240f74659b7964412a25f37c656cb1cb05cfed6b324
969ebec6e7961d299490f6bda3e1175773050ca7eefa6be2bcec63263caf5569
97fbb170cc281658edc47d9ad9cc2491a98d5de011851ef93831bf0282d14ece
9a5d12e963c336c68c674efd433a10b09fdfebcbf3917996e31f5b7dccd29ef0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af65951d79619df5e0bcaae28144bc0ecd67021555dfe10a56d0b4f53bc6ae3
9be9f735aee5e8f2a8b52fe145aaa5ddfdb20512edd942bc4e78c5dde71f55e7
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d
9edb23e141fe20aa066d445f9933b24561e461ab1f90a02d40dd2027023a94cc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a401ab3b7ec5aad2e82fd1df7e4b4c9eb24ea37d3689ffd3384ceaafd4571226
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e20e17e33fe6f4b0488f8547af1e685ff73b8ece971d6c780db52c6391ab38
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
a7505589e892ed8db8c8ef71412e41cf0aebb1ebc5bd43ab0d0c727790850bfc
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2614739e5032eef7a58aa35faf7010861d20c62b93b0e8d42a1e8d0a2a7ffa2
b3fce6c522254e35e5dbbdd484afaacc4007ffc56c7cb235b9a6e7b15d3d6f5a
b626cb98565e377b5fbb449fcb91acaaa421a333bcea9850b70ac58cf9fc4432
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b94a2a38274660efe46f6a0a9efb49c5663d321dbda9e8f6167198118656a56c
b9967d7206ebf35efa37bfb6fd26b27655d40118b2b3bf294821a512647a1d04
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c
c104ec098bbe63627860a2d0144e9864c4db095e1e4f1e9f38119affa80bc39c
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c5f8b4170bce8ae3ccf764003a02f508d29710a8d212e596fc4ebcd388620000
c608032868709ef991ab9aaa6dc4fe976709a13260222ec2e6b8eee498b34c45
c888348c8dacfc400c82f8d478c5355ae8e9b30ff7a976d157efba0180eac183
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca138e0e125de786e1444b2a71ee42335397a6d1c97828fa54ed803efeda0388
ca52a0eec13c48696bf05cbe5e76a0b67c73967c1f8825cfe4b733e24a775580
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f
d4c1f6add2cb4767abeb3bd68800c055096f7fbfd99006d23fc286fabae7aa5e
d5352b3b0a0852a22dee798975fdb3c764d664eeea3ffe84799e71aaf539a5fe
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
d83b62d49ad47d63238f3e0d0257fd9a07517d7f2d4a71862d2a5b1ac5ec22b3
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
db725e2f455d418fe503bf105ae1f43045035eb576fa2f667e21a8c290e06d17
df82fc1feae440a953d5e8ddf8f30f024f4511fdc9f354d99ed2e1c58877c42b
dfb24cd229db2187732c7a2744b85312cf3da6be84e6e55ff7fc0e166a78d492
e0ea2de6d9d4d99d50f57e16a797fd567a85b44ed32ed9b6c9e72a81ec3512c0
e2eb1b176f87726fb502afa368e5fb38429d5bc523e2ff58a27712d803c5bd16
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e83a6e6d3b514c443964ced040878fe12d03f326240804355adc29084ed7ca8c
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eb8e687f8ef4d4838ea77f88aa15f238529f8273aa2d22b7efc8ff18460f7757
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eecf3dcd56d779d0a06fbee253d578ad8ba84f08d8c5fdb918f90d054b13d935
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f146cfc35ddd32ce5e5b1be928b15b51ad1698cb7d8a7efb6e4eb903d38cd72f
f5171c16500e8917691e07df9e906bf25adb42caf8bf3f704a7cd50f557701b4
f7512cb0f04e0257fc12aee6f77ae3d539d573c1951b8cbdd4521c74d5153205
f86172806b19a319d6947325eb41f18d5a67930e36d2d5dd98005c9f23d4e9f7
f9e3153fc8248b5d7f8642ec4296f31f3bde29328dc0be0890ef1569cafad4df
fa5102c8827ae170cce7b7ac4d5e8970dedf7023dc41cd21053c5f7d24af5687
fa7070f6608a0e81c102e441a155acef767f68dad7a006467d35a2bc2a3538f9
fcc8d02d1890db4b4310e06955eb7c309069e9672717fe97e043d6114cd105ae

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

327 Requests

91 %HTTPS

43 %IPv6

57 Domains

85 Subdomains

65 IPs

8 Countries

4175 kBTransfer

9866 kBSize

14 Cookies

0 Outgoing links

Redirected requests

327 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

327
Requests

91 %
HTTPS

43 %
IPv6

57
Domains

85
Subdomains

65
IPs

8
Countries

4175 kB
Transfer

9866 kB
Size

14
Cookies

327 HTTP transactions
12 data transactions