pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Submission: On May 23 via api (May 23rd 2023, 1:07:43 pm UTC) from TR — Scanned from DE

Summary HTTP 477 Redirects Behaviour Indicators

Summary

This website contacted 95 IPs in 13 countries across 71 domains to perform 477 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
3	94.138.206.83 94.138.206.83	49126 (AS49126) (AS49126)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
40	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
19	185.7.176.222 185.7.176.222	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2a03:2880:f03... 2a03:2880:f03d:1c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
2	185.7.176.223 185.7.176.223	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
12	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
4	85.111.6.48 85.111.6.48	9121 (TTNET) (TTNET)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.195.127.74 18.195.127.74	16509 (AMAZON-02) (AMAZON-02)
6	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
3	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
47	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3	185.29.132.242 185.29.132.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	3.64.145.154 3.64.145.154	16509 (AMAZON-02) (AMAZON-02)
2	192.229.233.53 192.229.233.53	15133 (EDGECAST) (EDGECAST)
2	2600:9000:249... 2600:9000:2491:5800:1b:f040:3600:93a1	16509 (AMAZON-02) (AMAZON-02)
2	154.58.197.185 154.58.197.185	174 (COGENT-174) (COGENT-174)
1 2	52.17.198.205 52.17.198.205	16509 (AMAZON-02) (AMAZON-02)
1	2602:803:c003... 2602:803:c003:200::47	26667 (RUBICONPR...) (RUBICONPROJECT)
4	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
8 35	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	23.209.16.125 23.209.16.125	16625 (AKAMAI-AS) (AKAMAI-AS)
24	52.212.133.238 52.212.133.238	16509 (AMAZON-02) (AMAZON-02)
4	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
3	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4 4	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
7 7	3.77.69.115 3.77.69.115	16509 (AMAZON-02) (AMAZON-02)
2 2	54.76.65.236 54.76.65.236	() ()
2 6	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
7 9	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.22.42 49.12.22.42	24940 (HETZNER-AS) (HETZNER-AS)
8	18.133.36.104 18.133.36.104	16509 (AMAZON-02) (AMAZON-02)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	() ()
5	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	2600:9000:211... 2600:9000:211e:c200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	64.233.166.154 64.233.166.154	() ()
1	2600:9000:223... 2600:9000:223f:3400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
6	2600:1f18:1ac... 2600:1f18:1aca:4281:13ee:cc81:4828:61d9	() ()
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
24	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.130.49 151.101.130.49	() ()
3	18.66.147.98 18.66.147.98	() ()
2	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:f7ba:e8c1:aa5f:8d5a	() ()
1 2	2a02:2638:d::d 2a02:2638:d::d	() ()
2	2a00:1450:400... 2a00:1450:4001:828::2003	() ()
11	2a00:1450:400... 2a00:1450:4001:827::2006	() ()
1	178.250.7.13 178.250.7.13	() ()
2	2606:4700:20:... 2606:4700:20::681a:71b	() ()
4	23.201.255.110 23.201.255.110	() ()
2	142.250.186.66 142.250.186.66	() ()
1	213.202.235.8 213.202.235.8	() ()
4	2606:4700:20:... 2606:4700:20::681a:ad1	() ()
1	35.227.252.103 35.227.252.103	() ()
2 3	185.64.190.78 185.64.190.78	() ()
2	104.103.93.163 104.103.93.163	() ()
2 4	67.220.228.202 67.220.228.202	() ()
4 4	69.173.144.138 69.173.144.138	() ()
2 3	52.46.143.56 52.46.143.56	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
2	13.42.73.17 13.42.73.17	() ()
2	23.35.236.201 23.35.236.201	() ()
1	151.101.193.108 151.101.193.108	() ()
3	185.64.190.80 185.64.190.80	() ()
1 1	193.0.160.131 193.0.160.131	() ()
4	185.64.189.110 185.64.189.110	() ()
2 2	213.155.156.169 213.155.156.169	() ()
1	54.194.111.53 54.194.111.53	() ()
1	35.204.158.49 35.204.158.49	() ()
6	35.241.34.106 35.241.34.106	() ()
477	95

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)

ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f03d:1c:face:b00c:0:3 (Prague, Czech Republic)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns2.ttidc.com.tr

cpm.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.127.74 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-127-74.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.242 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.64.145.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-145-154.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.233.53 (Granada Hills, United States)

ASN15133 (EDGECAST, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:5800:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.58.197.185 (United States)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com

t.hspvst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.198.205 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-198-205.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::47 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 142.250.185.66 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.209.16.125 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-16-125.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 52.212.133.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com

s.h.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.117 (Esslingen am Neckar, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal90003.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.134.248 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.77.69.115 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-69-115.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.65.236 (None, ) 2 redirects

ASN- ()

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.7.11 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.243 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.165 (Frankfurt am Main, Germany) 7 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (Amsterdam, Netherlands) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 1 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.133.36.104 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-36-104.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (None, )

ASN- ()

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:c200:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.166.154 (None, )

ASN- ()

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:3400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:1aca:4281:13ee:cc81:4828:61d9 (None, )

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (None, ) 1 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.98 (None, )

ASN- ()

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:f7ba:e8c1:aa5f:8d5a (None, ) 2 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (None, ) 1 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:71b (None, )

ASN- ()

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.201.255.110 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (None, )

ASN- ()

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:ad1 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (None, )

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (None, ) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.103.93.163 (None, )

ASN- ()

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.220.228.202 (None, ) 2 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (None, ) 4 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.143.56 (None, ) 2 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.42.73.17 (None, )

ASN- ()

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (None, ) 1 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.169 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.111.53 (None, )

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.241.34.106 (None, )

ASN- ()

c.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
88	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132	874 KB
67	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 bid.g.doubleclick.net googleads4.g.doubleclick.net	325 KB
43	ye-mek.net ye-mek.net — Cisco Umbrella Rank: 414703 cdn.ye-mek.net	645 KB
30	w55c.net i.w55c.net — Cisco Umbrella Rank: 1936 cti.w55c.net — Cisco Umbrella Rank: 3446 ads.w55c.net — Cisco Umbrella Rank: 11402 s.h.w55c.net — Cisco Umbrella Rank: 9496	215 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 32812 ad4m.at assets.ad4m.at	2 MB
25	rubiconproject.com 11 redirects prebid-server.rubiconproject.com — Cisco Umbrella Rank: 811 fastlane.rubiconproject.com — Cisco Umbrella Rank: 469 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10109 pixel.rubiconproject.com — Cisco Umbrella Rank: 315 eus.rubiconproject.com token.rubiconproject.com	38 KB
19	virgul.com static.virgul.com — Cisco Umbrella Rank: 68795 ng.virgul.com — Cisco Umbrella Rank: 62090 ng2.virgul.com — Cisco Umbrella Rank: 67803	231 KB
13	pubmatic.com 2 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 477 image6.pubmatic.com ads.pubmatic.com simage2.pubmatic.com image2.pubmatic.com	27 KB
13	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	3 KB
11	2mdn.net s0.2mdn.net	289 KB
11	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 286 aax.amazon-adsystem.com — Cisco Umbrella Rank: 387 aax-eu.amazon-adsystem.com s.amazon-adsystem.com	65 KB
10	criteo.com 3 redirects bidder.criteo.com — Cisco Umbrella Rank: 723 dis.criteo.com — Cisco Umbrella Rank: 575 gum.criteo.com mug.criteo.com	10 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 835 static.adsafeprotected.com — Cisco Umbrella Rank: 595 dt.adsafeprotected.com	103 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	478 KB
9	4dex.io script.4dex.io — Cisco Umbrella Rank: 1351 mp.4dex.io — Cisco Umbrella Rank: 1975 c.4dex.io	25 KB
8	webgains.com track.webgains.com — Cisco Umbrella Rank: 44502	82 KB
8	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 41405 hal90003.redintelligence.net — Cisco Umbrella Rank: 267248	80 KB
8	mathtag.com 4 redirects tags.mathtag.com — Cisco Umbrella Rank: 4147 pixel.mathtag.com — Cisco Umbrella Rank: 978 sync.mathtag.com — Cisco Umbrella Rank: 482	6 KB
7	bidswitch.net 7 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	3 KB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 373	126 KB
6	adform.net 3 redirects adx.adform.net — Cisco Umbrella Rank: 4394 cm.adform.net — Cisco Umbrella Rank: 1155 c1.adform.net — Cisco Umbrella Rank: 562	3 KB
5	webgains.io analytics.webgains.io api.webgains.io	94 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 306	1 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 141178 static-de.ad4mat.net	8 KB
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 214 acdn.adnxs.com	28 KB
4	programattik.com cpm.programattik.com — Cisco Umbrella Rank: 54660	565 B
4	google.de adservice.google.de — Cisco Umbrella Rank: 9037	940 B
4	windows.net pcloak.blob.core.windows.net	3 KB
3	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 58728 medialead.de — Cisco Umbrella Rank: 58490	1 KB
3	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2889	310 B
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 320 imasdk.googleapis.com — Cisco Umbrella Rank: 437 fonts.googleapis.com — Cisco Umbrella Rank: 35	155 KB
2	de17a.com 2 redirects d5p.de17a.com	562 B
2	awin1.com www.awin1.com	1 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com	1 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 59947	15 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 686	841 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 639	59 KB
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 713	880 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	2 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 154362	6 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 514	2 KB
2	scoota.co 2 redirects r.scoota.co	1 KB
2	hspvst.com t.hspvst.com — Cisco Umbrella Rank: 184932	2 KB
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 597	496 B
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 121400	131 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 1628 feed.pghub.io — Cisco Umbrella Rank: 7466	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	88 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 13287	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	88 KB
2	cloakan.co www.cloakan.co	1 KB
1	simpli.fi um.simpli.fi	610 B
1	crwdcntrl.net sync.crwdcntrl.net	266 B
1	rfihub.com 1 redirects p.rfihub.com	795 B
1	linkedin.com px.ads.linkedin.com	864 B
1	openx.net rtb.openx.net	245 B
1	exactag.com m.exactag.com	1 KB
1	everesttech.net 1 redirects sync-tm.everesttech.net	540 B
1	ad-server.eu ad-server.eu	312 B
1	futalis.de futalis.de — Cisco Umbrella Rank: 248600	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 195628	931 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1040	574 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4221	400 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 344	26 KB
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1373	386 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
0	demdex.net Failed unilever.demdex.net Failed
0	weborama.fr Failed idsync.frontend.weborama.fr Failed
0	brealtime.com Failed biddr.brealtime.com Failed
0	emxdgt.com Failed hb.emxdgt.com Failed
0	addthis.com Failed s7.addthis.com Failed
477	71

	Domain	Requested by
47	tpc.googlesyndication.com	securepubads.g.doubleclick.net b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com tpc.googlesyndication.com ye-mek.net googleads.g.doubleclick.net pagead2.googlesyndication.com s0.2mdn.net
40	cdn.ye-mek.net	ye-mek.net cdn.ye-mek.net
35	cm.g.doubleclick.net	8 redirects b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com googleads.g.doubleclick.net ye-mek.net ads.pubmatic.com
35	pagead2.googlesyndication.com	static.virgul.com pagead2.googlesyndication.com securepubads.g.doubleclick.net b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com tpc.googlesyndication.com pcloak.blob.core.windows.net googleads.g.doubleclick.net fw.adsafeprotected.com www.googletagservices.com ye-mek.net s0.2mdn.net
24	s.h.w55c.net	cti.w55c.net s.h.w55c.net
19	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com pcloak.blob.core.windows.net ye-mek.net www.googletagservices.com
12	assets.ad4m.at	as.ad4m.at
11	s0.2mdn.net	pcloak.blob.core.windows.net s0.2mdn.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com pcloak.blob.core.windows.net googleads.g.doubleclick.net
9	pixel.rubiconproject.com	7 redirects ye-mek.net
9	www.google.com	tpc.googlesyndication.com ye-mek.net b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com googleads.g.doubleclick.net
9	www.googletagservices.com	b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net ye-mek.net
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
8	track.webgains.com	pcloak.blob.core.windows.net as.ad4m.at
8	ng.virgul.com	static.virgul.com ye-mek.net
7	x.bidswitch.net	7 redirects
7	static.virgul.com	ye-mek.net static.virgul.com pcloak.blob.core.windows.net
6	c.4dex.io	pcloak.blob.core.windows.net
6	dt.adsafeprotected.com	ye-mek.net
6	dis.criteo.com	2 redirects b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	cdn.ampproject.org	securepubads.g.doubleclick.net
6	fastlane.rubiconproject.com	static.virgul.com
6	b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	match.adsrvr.org	b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com ye-mek.net static.virgul.com ads.pubmatic.com
4	image2.pubmatic.com	ads.pubmatic.com
4	token.rubiconproject.com	4 redirects
4	aax-eu.amazon-adsystem.com	2 redirects ads.pubmatic.com
4	eus.rubiconproject.com	ye-mek.net eus.rubiconproject.com static.virgul.com
4	sync.mathtag.com	4 redirects
4	hal90003.redintelligence.net	hal9000.redintelligence.net hal90003.redintelligence.net
4	hal9000.redintelligence.net	pcloak.blob.core.windows.net hal90003.redintelligence.net
4	ng2.virgul.com
4	cpm.programattik.com	static.virgul.com
4	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	simage2.pubmatic.com	ads.pubmatic.com
3	s.amazon-adsystem.com	2 redirects
3	image6.pubmatic.com	2 redirects ads.pubmatic.com
3	analytics.webgains.io	track.webgains.com
3	c1.adform.net	3 redirects
3	dclk-match.dotomi.com	b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com googleads.g.doubleclick.net
3	tags.mathtag.com	b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com tags.mathtag.com
3	ib.adnxs.com	static.virgul.com acdn.adnxs.com
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
3	ye-mek.net	www.cloakan.co ye-mek.net
2	d5p.de17a.com	2 redirects
2	ads.pubmatic.com	static.virgul.com ads.pubmatic.com
2	api.webgains.io	analytics.webgains.io
2	www.awin1.com	as.ad4m.at
2	googleads4.g.doubleclick.net	pcloak.blob.core.windows.net
2	static-de.ad4mat.net	as.ad4m.at
2	fonts.gstatic.com	fonts.googleapis.com
2	gum.criteo.com	1 redirects static.criteo.net
2	pr-bh.ybp.yahoo.com	2 redirects
2	cdn.track.production.webgains.team	b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com as.ad4m.at
2	cms.quantserve.com	1 redirects b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
2	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
2	static.criteo.net	static.virgul.com static.criteo.net
2	s.ad.smaato.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	1 redirects hal90003.redintelligence.net
2	sync.1rx.io	2 redirects
2	r.scoota.co	2 redirects
2	fw.adsafeprotected.com	1 redirects pcloak.blob.core.windows.net
2	t.hspvst.com	b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
2	ads.w55c.net	b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
2	cti.w55c.net	b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
2	i.w55c.net	pcloak.blob.core.windows.net
2	adx.adform.net	static.virgul.com
2	ap.lijit.com	static.virgul.com
2	script.4dex.io	static.virgul.com script.4dex.io
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
2	connect.facebook.net	ye-mek.net connect.facebook.net
2	images.dmca.com	ye-mek.net
2	www.googletagmanager.com	ye-mek.net adv.office-partner.de
2	www.cloakan.co	pcloak.blob.core.windows.net
1	um.simpli.fi	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	p.rfihub.com	1 redirects
1	acdn.adnxs.com	static.virgul.com
1	px.ads.linkedin.com	ye-mek.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	m.exactag.com	ye-mek.net
1	mug.criteo.com
1	sync-tm.everesttech.net	1 redirects
1	fonts.googleapis.com	hal90003.redintelligence.net
1	static.adsafeprotected.com	ye-mek.net
1	bid.g.doubleclick.net	ye-mek.net
1	ad-server.eu	b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	futalis.de	hal90003.redintelligence.net
1	adv.office-partner.de	hal90003.redintelligence.net
1	sync.targeting.unrulymedia.com	1 redirects
1	cm.adform.net	googleads.g.doubleclick.net
1	ad.yieldlab.net	googleads.g.doubleclick.net
1	pixel.mathtag.com	tags.mathtag.com
1	beacon-ams3.rubiconproject.com	pcloak.blob.core.windows.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	imasdk.googleapis.com	c1.imgiz.com
1	bidder.criteo.com	static.virgul.com
1	prebid-server.rubiconproject.com	static.virgul.com
1	mp.4dex.io	static.virgul.com
1	hbopenbid.pubmatic.com	static.virgul.com
1	a.teads.tv	static.virgul.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	feed.pghub.io	pghub.io
1	pghub.io	static.virgul.com
1	www.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	ye-mek.net
0	unilever.demdex.net Failed
0	idsync.frontend.weborama.fr Failed	ads.pubmatic.com
0	biddr.brealtime.com Failed	static.virgul.com
0	hb.emxdgt.com Failed	static.virgul.com
0	s7.addthis.com Failed	ye-mek.net
477	117

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
www.ye-mek.net RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-29` - `2023-07-07`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
1099124734.rsc.cdn77.org R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
images.dmca.com R3	`2023-05-13` - `2023-08-11`	3 months	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-09-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-01` - `2023-05-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-27` - `2023-09-09`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.programattik.com GeoTrust RSA CA 2018	`2022-10-25` - `2023-10-25`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-31` - `2023-08-31`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
*.w55c.net Amazon RSA 2048 M02	`2023-02-14` - `2023-07-28`	5 months	crt.sh
ads.w55c.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-06` - `2023-06-07`	a year	crt.sh
*.hspvst.com Gandi Standard SSL CA 2	`2022-12-12` - `2023-12-09`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
redintelligence.net R3	`2023-04-10` - `2023-07-09`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
h.w55c.net R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
adv.office-partner.de R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
pv.medialead.de R3	`2023-04-15` - `2023-07-14`	3 months	crt.sh
*.futalis.de R3	`2023-04-17` - `2023-07-16`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
c.4dex.io GTS CA 1D4	`2023-05-04` - `2023-08-02`	3 months	crt.sh

This page contains 58 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Frame ID: 046FD6829091306DF4C3426E71131DBD
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: B2A65B22D8B37442B89FCB9140FE401A
Requests: 129 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 6E8AE1BC62129703667FD7D3798BFAFF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html
Frame ID: BB9B21CD78DC7CCE8BA618CB84A11C82
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 1FB743677FD67F0F9AABE0B0B7BC32F5
Requests: 1 HTTP requests in this frame

Frame: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 702DEFDE3CCE09C1F9BBE5782F73D75D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847258624&bpp=5&bdt=840&idt=301&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&nras=1&correlator=5811851906216&frm=24&ife=1&pv=2&ga_vid=748265627.1684847258&ga_sid=1684847259&ga_hid=1927810504&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C44785295%2C44788442%2C44792645%2C21065724&oid=2&pvsid=3789854313045214&tmod=1897158465&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.b45torj5ploi&fsb=1&dtd=316
Frame ID: C58E3BD5837AB34F8489692F254D7D3D
Requests: 1 HTTP requests in this frame

Frame: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 490D439CC0D63EEE119B2993475CF233
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A15423F3B7E521E2A59C9116080036D1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED01558AC36D74A517FBB3FEDF745946
Requests: 2 HTTP requests in this frame

Frame: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F4B11ECFB1599A2E780F1EB5C05F1EF2
Requests: 20 HTTP requests in this frame

Frame: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F9F796CCE026CB7A613A003EB716ABD0
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259477&bpp=13&bdt=140&idt=223&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&nras=1&correlator=5769204369885&frm=8&ife=1&pv=2&ga_vid=689039208.1684847260&ga_sid=1684847260&ga_hid=266582515&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074687%2C44785295%2C44788442%2C44792645&oid=2&pvsid=2670633855062853&tmod=866578255&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.yav3w58a37np&fsb=1&dtd=241
Frame ID: 76721EACED4BB2E0A96C760923CC671F
Requests: 1 HTTP requests in this frame

Frame: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6221139FD66180CCB66878951F2A37AA
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259490&bpp=3&bdt=153&idt=245&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5769204369885&frm=8&ife=1&pv=1&ga_vid=689039208.1684847260&ga_sid=1684847260&ga_hid=266582515&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074687%2C44785295%2C44788442%2C44792645&oid=2&pvsid=2670633855062853&tmod=866578255&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.yb857gstqx2r&fsb=1&dtd=250
Frame ID: 3467EBFB4688A0C69E4F4BA0938B95C0
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEFiMGr_7hLH40_v7LIXoZ9BjufSZdw0ftPPhqYrdJkjuFZW3Qgr6eJ7O-mUzA_SRtLE5-E9EbeswIwax2cu-c0nBdRkNo3yHBrsoLKtukzD6Yr7bUUTfgiz9e9Fi1wcmgDZzCH3oZf5Fkp98eBriLmdM7sJmIgfAwaLdDAJX8rFddnkmqD77BHpXlbwemwW9NwZXnhmrldnauQ7vscf5TCQqTZRjZrfqegZb6YXVRTRkKsMdRlTj9Tpk1Ijn_aVBB7VqrOi384h-qx6yaQzmGmDpRZ3c763maWj9kgviREvA4UnJ1wMV3JC_bCpOUmz9wIu10WjaMUTzV9Ocr&sai=AMfl-YTQz7z0QT7NZJm07O4LVl2NZFclaUkkK3viBtNbJHAYIpkEQx_5yeo-2U4RHaK6WHrOkhJOWD6LFlTAbhWHZ-wScPtCGtoRUQnmp46kmpS1_Qwki10lXvUdQKBvJQ&sig=Cg0ArKJSzDfzHVPgsroGEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DEE2F5473A0769926A9AF91AC7746C34
Requests: 31 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305152039000/amp4ads-v0.mjs
Frame ID: AE7FE86AF6D6C99B51CB42EFFB3985E1
Requests: 31 HTTP requests in this frame

Frame: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A55B4D01E9271AD302CFD18E46A07EFB
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYicia3gEwAQ&v=APEucNV7WXCDQaCU8GEOFPjHi8ZrptQlXlAZYhLomfzppvCJ3wso9m9JDhc09pzMgqyIJoev_YXJQY_OO_KontkRkUsh_mTWXhYAek0GjE5ViIe0l60gA6JgCIHTwaYa4cGeSkAyXbC91DSABKHhN6XeF-8NUhqPvjt3EvGpuhATck6B8ycG7ts
Frame ID: CDE1E53EE0DE2E76CB6930AFD7DBE72F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FD7EB6B5842051D141A971659841427A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 99529DA4D4C1510E65103FA865185150
Requests: 9 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 4E1141D508F24ECE407029552AAC99A0
Requests: 2 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=15561500089055600951395012333003&gdpr=1&gdpr_consent=li
Frame ID: 4D0827356CC325199310DCCD2099AF52
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2744357715
Frame ID: 0CDE9C7622E36644BEC71CD4D29C0F4E
Requests: 2 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=15561500089055600951395012333003&a=5331974d
Frame ID: 18C5EAC124DAB97579D0EBC8AEF40410
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407278883&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259993&bpp=3&bdt=227&idt=277&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&nras=1&correlator=8711561595327&frm=8&ife=1&pv=2&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.9o6b3e7y7u9u&fsb=1&dtd=297
Frame ID: 4B12FAEEB96564AD1E7308C535EB1285
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A52F9FF148EE3054817962A5409399EE
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 9180F4A9B5C2510BD5A6209DD99CF5DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421
Frame ID: B6D6CD52AEE5DF69E6B9102C763F0E37
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hcv8jfekfq3n88w1qmk9zb0x0tgjcvf45nz9v5btx0esmvk0yqh5czgqhs6g1qkttpmrnr1ycv143sh390syds1266mmdfyj3jhxawgw249f8bxcpef9h3xbx81x8k4b1y7jt21qt0ny7xwxsq57y0wkq5tpdmtrg0egrjv0e54hk7qfq15zwfjmz4hbks4he2cs98pec5bw1c7102g7nvx9c84ybf5q0kn7cfc3f0n31cnx2v1n09ysmbxh718jg3sv1h7zc4y1ytpjajcqxgkd4zv8s1njxc2nghjzas44gw48z8p99mxmngvfyn6hvhz0dqe6pgwtar8nzd9h2vyarck8e5wh3b17qc8yexkrm2tymxt67nsbv7qf85d7v8tjdarb22g5c3vafvezvhqz4a5nnpbnb1pvv8c20a35t3qb7kwmyvjsqtyzavhgh9yz3mjq8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: 39F84D8F20B81F34A6F9CF642E18B6C5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DF680E3509EA61D91C99FE4C17BD0D97
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 890C3158F3002D0393953717BCBBB994
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: 1BF795B83DC4383C392FFA8EDC90AA99
Requests: 2 HTTP requests in this frame

Frame: blob://https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/7aacf1e6-5364-44d6-8212-4d9265f59ab8
Frame ID: 9D3978007472C7F6AF0E271AA716C4CA
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 19FE125AE7190BABDF56B3C3B8D77DFF
Requests: 1 HTTP requests in this frame

Frame: blob://https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/3b745d63-ddca-4ed6-82ef-44226ef83b7a
Frame ID: E13FC09FA395D7CC18E89D28E9A51D1E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 7BC1A96E91E6A03E0431AA56557BCA48
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4797436206633363095/index.html?e=69&leftOffset=0&topOffset=0&c=cEoSXymOzt&t=1&renderingType=2&ev=01_250
Frame ID: DFC31A33AC8F7AF49E749A62386BF8F9
Requests: 12 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g29k1hzex85r2vd4qg2z2satxq9fqd4hc22qw1wa3pryynjf241p49ypsecbad8x7j4jnkq497yp55vv391sbjn8bn76qvprcd4e893qnwa71vn084c4hh3txw8858acdkkfd0hgymjg9tfg64y0zzfnwt2mqvfadz02g7fqbzd73na8k1v88y5h3w2p11m9xp5erybpg602109fz1ttk3sjrrx3195b8tdkd8s9g3wsmxpeyy9h44rw2ypmcw39tdmba7b5646p0s17wngdbah70eg2bwn9w5et6vkcfxvxwvjkg3gmm6mhh2s51vazyrcvffqw3qjr7yzfztwnb7y5ckwq78j5zw0y6y8wrtkwqrfy4j2nvteaa8cre40nnmk2mkfphy8v7cycn6ea42s6qdwysbrjq1q6zt704dq9ncf66nqfnrj7rfh5wrzz6249jbc5w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%26client%3Dca-pub-6593523210010154%26adurl%3D
Frame ID: 48D1B8CFE099FBC8313EAE40E17AA2B6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EC9E1381BBBF614E8532341BBA7480B0
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=6e77395cb04b75581f168ff8c29bcb9d%2F10868366338898707073&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847261356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h87em78pq8etmsqz56g608nsx288k73dq9d03z9qeqfzp97pz1nw0pzyds09zypma2wk6tyr7a4qc6ctcc25j07drveqzhkj923nqtnmgkrdaefp6779wez7kw600nb9ed7q3fs68aknj3rnz3sjhfn1jcrt1m4s7hht7q32rqx3y14p8zcqbat0ww2n58ve5kjhv8ejh2smddksx3fpwmf65f3w1j3mqnatwhd8cmm034nxs2xwy3q35jj8r1mewv7qr52xr4cba8hbc8rqhwfg8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Frame ID: 5F7280BF5E0FA0E3391640727884967B
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4FB89BE0BF39B404C58C9518952F6969
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE23986D4CE459EA1E2E3F73A16BB982
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F22E653E0965BC1A891545B2657D21FF
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Frame ID: A976F4ABFBE770B485D95EEB6D459EDB
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
Frame ID: 97F03D4EC2202C0350EBDE7375D7EAFE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1576F7FB66851DC3902A8AD41AB8036C
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13442375
Frame ID: 0BFC0E4CA6BDBB6FC5E1124C444C2F43
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Frame ID: BF5BF38050D175A0E5D2F37E7D7756A3
Requests: 11 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 9F48DAB14BF86D0422CAAE7CAE779DD0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BB5037927413D9F5A93146D16D4335F1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 57D7C79908002308671023C704FFD442
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 638E7C45771D5A977C5D80256614DAFE
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3507646c-ba9b-4301-aef2-a4ebce43877f&gdpr=0&gdpr_consent=
Frame ID: 8B8E6DAF6FEDBE7176F111C33EB68F8D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525823901651
Frame ID: 81EEA05A13B320F43966128040945F5F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 202EF40A2C596DB530619D502824F8BE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8646449758055021492
Frame ID: 268143DC0FC30054A20C2D54339E7D43
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D21B8716-F544-4723-B05B-390D61FB0702&redir=true&gdpr=0&gdpr_consent=
Frame ID: 8E3DF8822C4A9F2987E125E179261EA8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

477
Requests

89 %
HTTPS

38 %
IPv6

71
Domains

117
Subdomains

95
IPs

13
Countries

6701 kB
Transfer

13487 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEAuKdh2T0evQtE8MR35nnG0&google_cver=1

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEFoHx8drBdd_guXMK_86ChI&google_cver=1&adform_v=1

Request Chain 229

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJ2w90EBqFbP02CWft2UyZo&google_cver=1&google_push=ATf1kGMjKSQ3JD8eZcQBTYNGiSvg64XmmosjOpMb-tK0G7fUq6p8nQRKgfRVcvKzpv1iFthVyf5prLz3IpdS-P6SKBU7wQSMmzAK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=NQdkbLqbQwGu8qTrzkOHfw&google_push=ATf1kGMjKSQ3JD8eZcQBTYNGiSvg64XmmosjOpMb-tK0G7fUq6p8nQRKgfRVcvKzpv1iFthVyf5prLz3IpdS-P6SKBU7wQSMmzAK

Request Chain 230

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEtgI3DCzUjbJoqjpEiNFS4&google_cver=1&google_push=ATf1kGMxWMAlYZ7s7OP0Nya_NIhdKrBqFonGYSsm3zaajVasBZIYJYt65qdzdnkUuSY7si6tAuNPhboWVsq3h0p53Z30qmvszyt3 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEtgI3DCzUjbJoqjpEiNFS4&google_cver=1&google_push=ATf1kGMxWMAlYZ7s7OP0Nya_NIhdKrBqFonGYSsm3zaajVasBZIYJYt65qdzdnkUuSY7si6tAuNPhboWVsq3h0p53Z30qmvszyt3 HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=32596f40-645d-40ac-a8ea-62df78517b9a&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOCuybqgan_tIq0Qn-rjbzR3GqQWkMko-GKxC8BjuPGYE-AbpJwnxHJ0tU4NDREnFIVkl51UjkdsH6oDrm-0SpTxrY1vgDkpDgkr2sPBAia1CNNLsvJENO80i0f4_KyX7IxU7hNodBOP7i0KUKUKRko97w&google_hm=m28ck1DOTMGlMuvE2dUkbw==

Request Chain 232

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENuTeFAWgClerBSLWaiv1jI&google_cver=1&google_push=ATf1kGN_xyGFdYtHF5dAO5yeeIhitjt1sGow57c9wGC3SCcOeTT6lYWfsD9dzNSkcPOXVJPv3dungUfCM4GKyVAhlIJirk2aejvl HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENuTeFAWgClerBSLWaiv1jI&google_cver=1&google_push=ATf1kGN_xyGFdYtHF5dAO5yeeIhitjt1sGow57c9wGC3SCcOeTT6lYWfsD9dzNSkcPOXVJPv3dungUfCM4GKyVAhlIJirk2aejvl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk4MDE1NTI3MDY0MTY5NzYz&google_push=ATf1kGN_xyGFdYtHF5dAO5yeeIhitjt1sGow57c9wGC3SCcOeTT6lYWfsD9dzNSkcPOXVJPv3dungUfCM4GKyVAhlIJirk2aejvl

Request Chain 233

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGz6whgvy4GfmMDUvkrM5KY&google_cver=1&google_push=ATf1kGPBce738G94a2Df25bKInUg8-2l_i5uFBunuB9mjQJBeo-jSfVlf6F37xuv7Gz6S6CMALaqEBYGGqCOVRvI1F1C8M-LnoMe HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=ATf1kGPBce738G94a2Df25bKInUg8-2l_i5uFBunuB9mjQJBeo-jSfVlf6F37xuv7Gz6S6CMALaqEBYGGqCOVRvI1F1C8M-LnoMe

Request Chain 234

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJI8uDTCIoFyD33ORrXmi_g&google_cver=1&google_push=ATf1kGOGp0romDGsjeCg1ehG-YMGxp93lFFRsDEIK-_6H9JmfwWQE8Un4r6S2sSte9r8PrZ_rtHuDsN4c8ypLDTSpuvRN7sBdITV HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGOGp0romDGsjeCg1ehG-YMGxp93lFFRsDEIK-_6H9JmfwWQE8Un4r6S2sSte9r8PrZ_rtHuDsN4c8ypLDTSpuvRN7sBdITV&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1684847260279 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-eb139c6c-b774-4d87-950b-2a3793942c6d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGOGp0romDGsjeCg1ehG-YMGxp93lFFRsDEIK-_6H9JmfwWQE8Un4r6S2sSte9r8PrZ_rtHuDsN4c8ypLDTSpuvRN7sBdITV%26google_hm%3DA-sTnGy3dE2HlQsqN5OULG0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGOGp0romDGsjeCg1ehG-YMGxp93lFFRsDEIK-_6H9JmfwWQE8Un4r6S2sSte9r8PrZ_rtHuDsN4c8ypLDTSpuvRN7sBdITV&google_hm=A-sTnGy3dE2HlQsqN5OULG0

Request Chain 238

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=15561500089055600951395012333003&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2744357715

Request Chain 241

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=15561500089055600951395012333003&gdpr=1&gdpr_consent=li HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=15561500089055600951395012333003&gdpr=1&gdpr_consent=li HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 245

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHqFwE0xQwbB9qJYQgEWyxI&google_cver=1&google_push=ATf1kGNygWxYZB66nkVRxgCGjVoz7RfughS12hYL4l10WECIcdvh2xPKCUQQprmNAReaCjUFxMOzmJv4DrUssjJvnKkin6Wn3ZcN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=ATf1kGNygWxYZB66nkVRxgCGjVoz7RfughS12hYL4l10WECIcdvh2xPKCUQQprmNAReaCjUFxMOzmJv4DrUssjJvnKkin6Wn3ZcN

Request Chain 246

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE--mreT81qJ2hdUOVUa5Bg&google_cver=1&google_push=ATf1kGN0GCwV3TTr1UHiAGtMqFSH4L28DbpLZtb8zELoRxi74IdpE0oLXAydraqtg3pbQeG_7jWXkFeBm6H-bgJJtvLXo852DJOY HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEE--mreT81qJ2hdUOVUa5Bg&google_push=ATf1kGN0GCwV3TTr1UHiAGtMqFSH4L28DbpLZtb8zELoRxi74IdpE0oLXAydraqtg3pbQeG_7jWXkFeBm6H-bgJJtvLXo852DJOY&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE--mreT81qJ2hdUOVUa5Bg&google_hm=ZGy6nE-Ye17gdau6GWFZIAAADKAAAAIB&google_nid=index&google_push=ATf1kGN0GCwV3TTr1UHiAGtMqFSH4L28DbpLZtb8zELoRxi74IdpE0oLXAydraqtg3pbQeG_7jWXkFeBm6H-bgJJtvLXo852DJOY

Request Chain 247

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELFibEghm1I55q9MdkUd89Y&google_cver=1&google_push=ATf1kGNea8L43IQ7XeNap_lBEY16bOa9IB3ZU1sUvNhPEB_iaR1XxnYp_PG7qPeeyQ7zsO98l63pWsa9AlSJRwKVx03Uvm2L5-Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNea8L43IQ7XeNap_lBEY16bOa9IB3ZU1sUvNhPEB_iaR1XxnYp_PG7qPeeyQ7zsO98l63pWsa9AlSJRwKVx03Uvm2L5-Y

Request Chain 248

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECGokHhxYl5ayvlsfTEYVGs&google_cver=1&google_push=ATf1kGN41SwHF_Nto9AY0Mz1-xzAqOJRhHfjvAdDCWS3CcrlER-piUVJooBR9dnxVym9er_vzb5sIDrLLyQsoafaY4muYJMpLOgn HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECGokHhxYl5ayvlsfTEYVGs&google_cver=1&google_push=ATf1kGN41SwHF_Nto9AY0Mz1-xzAqOJRhHfjvAdDCWS3CcrlER-piUVJooBR9dnxVym9er_vzb5sIDrLLyQsoafaY4muYJMpLOgn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=9b6f1c93-50ce-4cc1-a532-ebc4d9d5246f&%%GOOGLE_PUSH_PAIR%%

Request Chain 261

https://fw.adsafeprotected.com/rfw/bgd/1352960/69587979/xbbe/creative/adj?p=APEucNVqL6oAgioxGD8L0DyOT5YPZmBp5eyf8WrkQ25ro_9dx29sOtw&d=CokBAKAmf-Ax032E6sWhAuve125y9Pz5NRQdxn6oqLNoOWcBZcWBDlLqcCiaGkPAm7JziWz-nxX9-UqSCC3EncQeHBjxCDBpSKt-iIljbPritxo3Ma3fF7eq3rKqYR8ROujr3K93Tuz2ssBZnkV8KMo7B6O-c8SQOktafKBxrPfs2Pa15L00rhsOeKYSuQ4AoCZ_4Gyvb39cs1sAjEFuEz-pxZcdXLJJKFV8rhQy-zlZE0YT9AExIyRjndXcgc41oUi4mxLSqpx1g1WbwDF0IGsGyis63eKwkBgT2Xu1-3-tuKIaialG-Ed7P5XthjpSA_VRKaPHD3Zh_41JQbpZ7JKj2DXUSxZUumAUDN8fItj6hBUuuBVCcdWQTBSl60bomcy0dMhXMtwkbPJugj0rFby1CiW02jji6ha20BoUlMbO2MuOPZXCa5LjoE0axEgv5caFFpcwknYtj6T6odJUal7peQG4rRIipjKJtOQ9Zfj1oObOcYE-chpkeGmTC3O8ve2yV0arVRSx1xcpZo-Ha5C97gA-BTkGuweXjzSaG8f7qHjhsKAhzzNIXoKVQA-bOX70DPdqwnZlCfhQgI8eHq_SFsD394fdNPfnxRE7Lwj_8ApzHRuRCDTv2Vks7tlxUv_iLtou4INQ8Y6XXFJrXyGaPi9Ch55JIcp8LEaYLQolzFg-yVXKDUh_TKoylWAyShw_gSeqtiAXrhXMDKhNEpNPbNWlulGFF5IbaV5GyTH1jKb3TPfXIaXH8i-PzSbAzO3OyK7_zYk2xHhvQp_RLWBdL6EOLiWwl-rmLozJG-amxx9bX2w7TvXrxBowDMqUjRKXb_QVZIcfeLpFmQDe7nfHJiLrXkOsYPFVwAPMTyY1hHmKFgtr6KHPZ2fAyh7Cs94gLgC1SiPspIY_6hXQQaqJrWOkbjdOwu7wThsat1ax4onJwnNMhsEhVFN2HUR2tlnMlawXJZMTNHZlJRJ5U2WWTbxnZUTOJOKfnb5HY5lueA28ayandeuJ5BUe6w8iCzw06WdGIqH2i1lHcG3kJjR5eb1hc-XUOyces7lL03UOnRCGp14xce5QsNre-M27IddnevYXqpis5legeQKfP9weE71KKn40MDSeHN0i2tM4qU51mMS2cQzKnoLh44UllwPoi8AZP-IqxuVrP3-CsJsCH1cCi8Fp05ikgfTJVMD0TmYB0mDAW1qq6iNyNmEtvhlzbRrmFNmESoKKUYkIJweEFE5LsRME_anD38XuvhkuGR_KerqivGwonPn3-6Ifg-2EOqcloCD7SMAyxnYD_wElNpwcwr5dQZnUs5rIl--LPsemuwZOxFvkOnRAb1AD65pn4iNDrRDRUCxjxUN7KgqWV8z95Lmc4w_WnNuuQ-P26Y1YXg3GODvpRDrmnVMjLJZ-2LVCuuhdyHUhylvJTI9wd-R1p5b5bAJ6KiKrtZ9SYInoEruaS8Q6-lHg6deF3GUhzOYGfxcvCeAmTIsyYIOXjBpEBdN6c-tX96v7uAo0cUQOwlSMJXhhysAtOpd-d4W-lZCS7XOZsYb5-1oGt2z5d4aL0SUR82FCbU6d0ro-f6F4drzZqAoBmMdBL1bMi2uX8TiaNa-OqoG1bdAg-2fFu5Pi-Yek6xofnm-f8f2Ac-Uc1PNLidIp905-u9c7OfNPSE2MTfQgZou_0zZjU0bYX8TnG3s57LAniQMWf2JIz8uG3B6Il2vOF-klgZtI0VvuX5pMVZqyP27C38ipmEam6bI4hbh5RIAvol3BuDrehHikW9YsU1bY0_3OEShaMS2HMpvwGmYgNpNR-OptUumgvjgQVhxYUuuqydhrDc_CCCfOaekWeJCrmg5COfZoqJGyPdTsoLuTQiuKRpGZMTJqv08aqJ91dy4Uwn0p-cIQJg5OF625ZzxU_JQP3EQSq6QwXyUURdjhX1dYLwzn3wVa3-6xwtvHz_pFPTkWFg_wDEOauXXrP7tNOJs8Uo_3Jd_toLQMAvp8Td_IY1UkkDkBQMNOREshWi13wXPBHpYjCIP-M2bf3UhPXU3Gb2uClpStoCkxdwpd423MgeZ_gwWAbGNHT8-vzdYcgj_73chs9PGydJbgk-J3nTGOGK8Tq5K8jRay0uen3BrvXWPZPquG_HC3-TgzvpeSzCOkSGHAumWr5QQ9LPRJPJVxgV_xsRALuB93TYQBqsR1nOq5UNaMVr7L8iBN8UHmb8XqtsLuFCATC1FbpDsT3uqaH_7P6WzvKHEWNz1NFYsfjKl0Or_29G4wDuh7pdBjeDkxYF0NDrZV1BARwI-5z2P2wWJc6ybWPA0f2v4j1iiMgVa4O9NgE8tKPxWO3KetUHdvbkzFqrekFo_etdZHO6XOC6_ZUE8wIkpa872R66LShkv9ksGLt-j9oX2Sim22TBGHbveh6IHmm_phI8-ezim9ehh9e2RixodDukUDfbjjKu61yNA9JzbwLRtza9odVktD9Go-dfDTnQd76nrnifjvnCG5Cu0Dn8PKCHeY8XJf6G_JrE4DeT1i4jBGl2yikS87vmWoL9iiKixqEvL07XlGj1Mqj6NkJkAsDcbq_ZuEPWUoG6HHnydYnvVkFmnP2wJmN885zBpsxqfOwRBvtYMpcvxvHnb5-ToME7uPp7OCAcNePXT_b5KVKv6OGjgIBBIyAHKBCIORuqxTEtqxNcnhx84-hM4c4aeFh_gn50k8yrE701Fq__3RUXozwITEgsV2790YAWAB&bundleId=&ias_dspID=3&ias_campId=1010578566&ias_pubId=13760&ias_chanId=8&ias_placementId=19682516548&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j9btiaEiQXm_AGeDHzK5BE&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=bedf&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&adsafe_type=c&adsafe_jsinfo=,id:4df471b4-a785-8b40-3a3b-b98672ddcaf2,c:druVV7,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5cf46fd95f-wbpjr,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tF5loTL+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C117%7C1181%7C1182%7C1183%7C1184%7C1185%7C1191%7C11a1%7C11b*.1352960-69587979%7C11b1%7C11c%7C11d1,idMap:11b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:48,oid:cbd24d07-f96a-11ed-a0d2-0e46021e0a85,v:19.8.411,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVqL6oAgioxGD8L0DyOT5YPZmBp5eyf8WrkQ25ro_9dx29sOtw&d=CokBAKAmf-Ax032E6sWhAuve125y9Pz5NRQdxn6oqLNoOWcBZcWBDlLqcCiaGkPAm7JziWz-nxX9-UqSCC3EncQeHBjxCDBpSKt-iIljbPritxo3Ma3fF7eq3rKqYR8ROujr3K93Tuz2ssBZnkV8KMo7B6O-c8SQOktafKBxrPfs2Pa15L00rhsOeKYSuQ4AoCZ_4Gyvb39cs1sAjEFuEz-pxZcdXLJJKFV8rhQy-zlZE0YT9AExIyRjndXcgc41oUi4mxLSqpx1g1WbwDF0IGsGyis63eKwkBgT2Xu1-3-tuKIaialG-Ed7P5XthjpSA_VRKaPHD3Zh_41JQbpZ7JKj2DXUSxZUumAUDN8fItj6hBUuuBVCcdWQTBSl60bomcy0dMhXMtwkbPJugj0rFby1CiW02jji6ha20BoUlMbO2MuOPZXCa5LjoE0axEgv5caFFpcwknYtj6T6odJUal7peQG4rRIipjKJtOQ9Zfj1oObOcYE-chpkeGmTC3O8ve2yV0arVRSx1xcpZo-Ha5C97gA-BTkGuweXjzSaG8f7qHjhsKAhzzNIXoKVQA-bOX70DPdqwnZlCfhQgI8eHq_SFsD394fdNPfnxRE7Lwj_8ApzHRuRCDTv2Vks7tlxUv_iLtou4INQ8Y6XXFJrXyGaPi9Ch55JIcp8LEaYLQolzFg-yVXKDUh_TKoylWAyShw_gSeqtiAXrhXMDKhNEpNPbNWlulGFF5IbaV5GyTH1jKb3TPfXIaXH8i-PzSbAzO3OyK7_zYk2xHhvQp_RLWBdL6EOLiWwl-rmLozJG-amxx9bX2w7TvXrxBowDMqUjRKXb_QVZIcfeLpFmQDe7nfHJiLrXkOsYPFVwAPMTyY1hHmKFgtr6KHPZ2fAyh7Cs94gLgC1SiPspIY_6hXQQaqJrWOkbjdOwu7wThsat1ax4onJwnNMhsEhVFN2HUR2tlnMlawXJZMTNHZlJRJ5U2WWTbxnZUTOJOKfnb5HY5lueA28ayandeuJ5BUe6w8iCzw06WdGIqH2i1lHcG3kJjR5eb1hc-XUOyces7lL03UOnRCGp14xce5QsNre-M27IddnevYXqpis5legeQKfP9weE71KKn40MDSeHN0i2tM4qU51mMS2cQzKnoLh44UllwPoi8AZP-IqxuVrP3-CsJsCH1cCi8Fp05ikgfTJVMD0TmYB0mDAW1qq6iNyNmEtvhlzbRrmFNmESoKKUYkIJweEFE5LsRME_anD38XuvhkuGR_KerqivGwonPn3-6Ifg-2EOqcloCD7SMAyxnYD_wElNpwcwr5dQZnUs5rIl--LPsemuwZOxFvkOnRAb1AD65pn4iNDrRDRUCxjxUN7KgqWV8z95Lmc4w_WnNuuQ-P26Y1YXg3GODvpRDrmnVMjLJZ-2LVCuuhdyHUhylvJTI9wd-R1p5b5bAJ6KiKrtZ9SYInoEruaS8Q6-lHg6deF3GUhzOYGfxcvCeAmTIsyYIOXjBpEBdN6c-tX96v7uAo0cUQOwlSMJXhhysAtOpd-d4W-lZCS7XOZsYb5-1oGt2z5d4aL0SUR82FCbU6d0ro-f6F4drzZqAoBmMdBL1bMi2uX8TiaNa-OqoG1bdAg-2fFu5Pi-Yek6xofnm-f8f2Ac-Uc1PNLidIp905-u9c7OfNPSE2MTfQgZou_0zZjU0bYX8TnG3s57LAniQMWf2JIz8uG3B6Il2vOF-klgZtI0VvuX5pMVZqyP27C38ipmEam6bI4hbh5RIAvol3BuDrehHikW9YsU1bY0_3OEShaMS2HMpvwGmYgNpNR-OptUumgvjgQVhxYUuuqydhrDc_CCCfOaekWeJCrmg5COfZoqJGyPdTsoLuTQiuKRpGZMTJqv08aqJ91dy4Uwn0p-cIQJg5OF625ZzxU_JQP3EQSq6QwXyUURdjhX1dYLwzn3wVa3-6xwtvHz_pFPTkWFg_wDEOauXXrP7tNOJs8Uo_3Jd_toLQMAvp8Td_IY1UkkDkBQMNOREshWi13wXPBHpYjCIP-M2bf3UhPXU3Gb2uClpStoCkxdwpd423MgeZ_gwWAbGNHT8-vzdYcgj_73chs9PGydJbgk-J3nTGOGK8Tq5K8jRay0uen3BrvXWPZPquG_HC3-TgzvpeSzCOkSGHAumWr5QQ9LPRJPJVxgV_xsRALuB93TYQBqsR1nOq5UNaMVr7L8iBN8UHmb8XqtsLuFCATC1FbpDsT3uqaH_7P6WzvKHEWNz1NFYsfjKl0Or_29G4wDuh7pdBjeDkxYF0NDrZV1BARwI-5z2P2wWJc6ybWPA0f2v4j1iiMgVa4O9NgE8tKPxWO3KetUHdvbkzFqrekFo_etdZHO6XOC6_ZUE8wIkpa872R66LShkv9ksGLt-j9oX2Sim22TBGHbveh6IHmm_phI8-ezim9ehh9e2RixodDukUDfbjjKu61yNA9JzbwLRtza9odVktD9Go-dfDTnQd76nrnifjvnCG5Cu0Dn8PKCHeY8XJf6G_JrE4DeT1i4jBGl2yikS87vmWoL9iiKixqEvL07XlGj1Mqj6NkJkAsDcbq_ZuEPWUoG6HHnydYnvVkFmnP2wJmN885zBpsxqfOwRBvtYMpcvxvHnb5-ToME7uPp7OCAcNePXT_b5KVKv6OGjgIBBIyAHKBCIORuqxTEtqxNcnhx84-hM4c4aeFh_gn50k8yrE701Fq__3RUXozwITEgsV2790YAWAB&bundleId=

Request Chain 285

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMfWZGezWzfH5jGvGKzyy1I&google_cver=1&google_push=ATf1kGPpFFVSoVxzV4oWnmBd0u8aECcutZQemC0DvrlsNnngS_x4bFsAlOB90nS-pcvMwlwmQqsEyVaIL3p2Vgplyh_hcDXmm7Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMfWZGezWzfH5jGvGKzyy1I&google_push=ATf1kGPpFFVSoVxzV4oWnmBd0u8aECcutZQemC0DvrlsNnngS_x4bFsAlOB90nS-pcvMwlwmQqsEyVaIL3p2Vgplyh_hcDXmm7Q

Request Chain 287

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGhmD51sGyuo4_z_qDFvUVs&google_cver=1&google_push=ATf1kGNvk4eikAZwOK3Ea1ScqYRiDH1qWpoS9TDiXMwRJhvX76hqzUVXMNAOoSAr_2Tu5GQIx4XA68jOGDtiytAZYKQoKR-inO3o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNvk4eikAZwOK3Ea1ScqYRiDH1qWpoS9TDiXMwRJhvX76hqzUVXMNAOoSAr_2Tu5GQIx4XA68jOGDtiytAZYKQoKR-inO3o&google_hm=m28ck1DOTMGlMuvE2dUkbw==

Request Chain 289

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ-1aELp86sIqOkmSGkvWeg&google_cver=1&google_push=ATf1kGOmXZ914j9CUijo69v-qRTdnxDUkO7tj7q0EGGeSHQm6QTliASmLnA-fqSAO5m-OK5aOo7QWgGWJCeub0rPkCbYuIKngUl5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=ATf1kGOmXZ914j9CUijo69v-qRTdnxDUkO7tj7q0EGGeSHQm6QTliASmLnA-fqSAO5m-OK5aOo7QWgGWJCeub0rPkCbYuIKngUl5

Request Chain 290

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGlDk3Bxs5-vELvu2PhawBs&google_cver=1&google_push=ATf1kGOKNu3-PQjbhD14HV673YICR8_KmvSYX7YGRA8fPBcyWVae8Tc-_31hawOVKZAv81l-Q_fXD7SGEcrlOFtwolU19Ur1X2gl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOKNu3-PQjbhD14HV673YICR8_KmvSYX7YGRA8fPBcyWVae8Tc-_31hawOVKZAv81l-Q_fXD7SGEcrlOFtwolU19Ur1X2gl

Request Chain 299

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEihMo52wNPasxBk_Z-yi1Q&google_cver=1&google_push=ATf1kGM35Cp1NZPITm-R_XuJBo_sONsRXgGidovut8KrL2gNw4-DSimgi8i6AYOprben4GNNLfFNlh7TX-FooYSy8Z5EyCTnF4M2D6bMitPxlNWNqJ-wVfTnNaqiTz_5NH4nZBZ0Z13PfoYr3fBb3Be9SQtksg HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGM35Cp1NZPITm-R_XuJBo_sONsRXgGidovut8KrL2gNw4-DSimgi8i6AYOprben4GNNLfFNlh7TX-FooYSy8Z5EyCTnF4M2D6bMitPxlNWNqJ-wVfTnNaqiTz_5NH4nZBZ0Z13PfoYr3fBb3Be9SQtksg&google_hm=CBvkPIROCZYw9gxaaKvvPg

Request Chain 301

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBZfJbZShCyxAGnt_PyuWl0&google_cver=1&google_push=ATf1kGN4dMSzJ52ANIgUUr5W2UNA7rmBhqpUaDrWo0e56F5TZopCJx-fD_fKXQfYni0KlNSxch5PAB1Pf0q7O3qSGTs5u2l9OoqcYY6F5aS7G7msQh06hDMg4ogMPLvLb2Lry1i3x6XWZqJVYOz0Lk4dJOlBtA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=NQdkbLqbQwGu8qTrzkOHfw&google_push=ATf1kGN4dMSzJ52ANIgUUr5W2UNA7rmBhqpUaDrWo0e56F5TZopCJx-fD_fKXQfYni0KlNSxch5PAB1Pf0q7O3qSGTs5u2l9OoqcYY6F5aS7G7msQh06hDMg4ogMPLvLb2Lry1i3x6XWZqJVYOz0Lk4dJOlBtA

Request Chain 302

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELMg9fNGkLxOpmA_3of46SM&google_cver=1&google_push=ATf1kGOCuybqgan_tIq0Qn-rjbzR3GqQWkMko-GKxC8BjuPGYE-AbpJwnxHJ0tU4NDREnFIVkl51UjkdsH6oDrm-0SpTxrY1vgDkpDgkr2sPBAia1CNNLsvJENO80i0f4_KyX7IxU7hNodBOP7i0KUKUKRko97w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOCuybqgan_tIq0Qn-rjbzR3GqQWkMko-GKxC8BjuPGYE-AbpJwnxHJ0tU4NDREnFIVkl51UjkdsH6oDrm-0SpTxrY1vgDkpDgkr2sPBAia1CNNLsvJENO80i0f4_KyX7IxU7hNodBOP7i0KUKUKRko97w&google_hm=m28ck1DOTMGlMuvE2dUkbw==

Request Chain 303

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKFbSFnghgFWDRfNqMBrNyA&google_cver=1&google_push=ATf1kGPmm8o9-l7NlhqEgXFHc4I0Al_EXO-dVKpo7QkAtrx4ewx0EAkbz6bR2-VhIWzuDyucq9amX240facBG8HV7iCAufO0dorPlF36iGJtALv8aRSMukDAr1ViLgu29pcswxjHrqsnElaB4Lddi9-VqesuAQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPmm8o9-l7NlhqEgXFHc4I0Al_EXO-dVKpo7QkAtrx4ewx0EAkbz6bR2-VhIWzuDyucq9amX240facBG8HV7iCAufO0dorPlF36iGJtALv8aRSMukDAr1ViLgu29pcswxjHrqsnElaB4Lddi9-VqesuAQ&google_hm=eS1PcGx5a19KRTJwR3I4ODVVOFlXeWtCR3RxMFVMeWViYX5B

Request Chain 316

https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=SyL_v3xCVW9hS0ROdWphMklnLzNTQ1RVcGV0eXZKVmhCeXJ6ekJFSEVhenpzY3lKNVU0K3NEcjhYbmZmVUJkOXh6TEt1aEVucDhDSm5Vb3NFSDlXNCtjbXF1elpXeFIyMWViTnVmbWdhSk1SSjRqNllpQzFZemQ4MTdubnZuMmlKSm9lRW1uWXM5d25CSnY4WnJKSUxqMG51NE1mejJpMEY1cVZZdHo2aDNGZ3hqaUFqTEFOYVg1QjhYaVhpcWtOSlFyU1JqZVc3anAvbzhhNDRQNzhQcCtXeVp0Z1M1MkVYNW5aR0xDcld4ejBmQmFGY29qL2dJdFBRWkdrVStXWW1xVGFUazN5Zm05am9NY09nVVNVMzlWMEQrd0YySDFPVFNmdlY4SVJkd21KeVhQWT18&cppv=2

Request Chain 353

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFI4o-weKr022DkkSIia6Xg&google_cver=1&google_push=ATf1kGOj9cYrd3uBHba_ACr0lN6Lm5smNDiF8y7DWrO6AfkRmVJP_Zy1Ln-AguhMlyAwSBs3MC4aLZ9jLFo-CJc7b8ID-k95osQ6NT8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=NQdkbLqbQwGu8qTrzkOHfw&google_push=ATf1kGOj9cYrd3uBHba_ACr0lN6Lm5smNDiF8y7DWrO6AfkRmVJP_Zy1Ln-AguhMlyAwSBs3MC4aLZ9jLFo-CJc7b8ID-k95osQ6NT8

Request Chain 354

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEG7quD94saO6X6qIwADkt_Y&google_cver=1&google_push=ATf1kGNCTpMajFY8ZHtKSd2BYWwLmAS0eeidE0GGfHFfyDvQNibDuJ6L61dA_VoxoINxlPJmFfCJozrUuW4948sty1vvznvauFCLGlE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-suziR9ndY6sSbxYJhf9XEy--IYnJx97Hmi58jA&google_push=PUSH_DATA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Request Chain 356

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIK8CiJEz3vsJ_U1ops6sEg&google_cver=1&google_push=ATf1kGMiib1V5oNioBXZAvUjuwnbBZ72UF5_azpcnBf-kwIaqmpcnb2HoxwfpOwHKohf2hQFrbQGnsck-MyaCmTxXIaGcQR8Pu5zfQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIK8CiJEz3vsJ_U1ops6sEg&google_cver=1&google_push=ATf1kGMiib1V5oNioBXZAvUjuwnbBZ72UF5_azpcnBf-kwIaqmpcnb2HoxwfpOwHKohf2hQFrbQGnsck-MyaCmTxXIaGcQR8Pu5zfQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0huHFvVERyOwWzkNYfsHAg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMiib1V5oNioBXZAvUjuwnbBZ72UF5_azpcnBf-kwIaqmpcnb2HoxwfpOwHKohf2hQFrbQGnsck-MyaCmTxXIaGcQR8Pu5zfQ

Request Chain 357

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHqFwE0xQwbB9qJYQgEWyxI&google_cver=1&google_push=ATf1kGNynd_yTUFGVvFhj9NqQ8LGqufEdEW5kV64zRGdbHEmtCgg10jmKrhqzIP_B_xjBspp4OXdHfC3yZEEuJnwqNXEHPgzDZiv7ns HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=ATf1kGNynd_yTUFGVvFhj9NqQ8LGqufEdEW5kV64zRGdbHEmtCgg10jmKrhqzIP_B_xjBspp4OXdHfC3yZEEuJnwqNXEHPgzDZiv7ns

Request Chain 376

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FTI6OIlSR9mul6xzTT8vXQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FTI6OIlSR9mul6xzTT8vXQ

Request Chain 377

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEkwQUsxOFotNS0yUE9L HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHqFwE0xQwbB9qJYQgEWyxI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=

Request Chain 378

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTFjMTU1NGQ4ZWMwZWIxZGY2MjQwNTdkNTgxOTYzMmQ4YTM2Mjk5Zg

Request Chain 379

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=s0HVN_4LQNiCKZ9qc2kR8w&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=s0HVN_4LQNiCKZ9qc2kR8w

Request Chain 380

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPMOfsyJkWm9neFlN1ztJnw&google_cver=1

Request Chain 381

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI0AK18Z-5-2POK

Request Chain 382

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/5FP01Jk6X310X6Fi9eC2Wg?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uJaLEjdE2oI8giqjZou3OIHQfoPQSb9ounXkvg--~A

Request Chain 450

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3507646c-ba9b-4301-aef2-a4ebce43877f&gdpr=0&gdpr_consent=

Request Chain 451

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525823901651

Request Chain 452

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 453

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8646449758055021492

Request Chain 455

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0huHFvVERyOwWzkNYfsHAg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 457

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1794709408 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D21B8716-F544-4723-B05B-390D61FB0702

Request Chain 458

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=D21B8716-F544-4723-B05B-390D61FB0702 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YWYxMGxGVmF1Q3lSTFdVTkpOUzhQby1Idw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D

Request Chain 459

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDIxQjg3MTYtRjU0NC00NzIzLUIwNUItMzkwRDYxRkIwNzAy&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 460

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEXZzXeQPENj9PLvFHGB8IU&google_cver=1

Request Chain 462

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=398015527064169763

Request Chain 467

https://unilever.demdex.net/event?d_sid=25453995&cs=1684847262852 HTTP 302
https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1684847262852

477 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x6uf5z9e3262.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 407ms
99ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1324
Content-MD5: XPHdOVCmWyxrVVstkB9xGw==
Content-Type: text/html
Date: Tue, 23 May 2023 13:07:36 GMT
ETag: 0x8DB304DFD1C41BC
Last-Modified: Wed, 29 Mar 2023 12:06:12 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: badff61d-101e-0050-6377-8d805d000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 94ms
93ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-request-id: badff6a4-101e-0050-5377-8d805d000000
Date: Tue, 23 May 2023 13:07:36 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 436ms
242ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 23 May 2023 13:07:36 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: badff75d-101e-0050-7277-8d805d000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 193ms
98ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 23 May 2023 13:07:36 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: badff70a-101e-0050-2977-8d805d000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 743 B
681 B 277ms
133ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x6uf5z9e3262
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:37 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 404

GET
H2 200 nv.php Show response
www.cloakan.co/ 232 B
385 B 244ms
128ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:37 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 112

GET
H2 200 / Show response
ye-mek.net/ Frame B2A6 77 KB
77 KB 202ms
57ms Document
text/html 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/
Requested by: Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2b043f45f6c6a1a35643bc6f1c63d78c68d20968e14b2fd48e768e42b2d864c4

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 78550
content-type: text/html; charset=utf-8
date: Tue, 23 May 2023 13:07:36 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame B2A6 90 KB
33 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 15:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 May 2024 15:30:26 GMT

GET
H2 200 yemeknet.js Show response
ye-mek.net/js/ Frame B2A6 10 KB
2 KB 46ms
45ms Script
application/javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/js/yemeknet.js?v=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Tue, 23 May 2023 13:07:37 GMT
content-encoding: br
last-modified: Tue, 20 Aug 2019 13:15:54 GMT
server: Microsoft-IIS/10.0
etag: "0a144655957d51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2179

GET
H2 200 maincss.css
cdn.ye-mek.net/ Frame B2A6 40 KB
12 KB 58ms
11ms Stylesheet
text/css 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ye-mek.net/maincss.css?v=434
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 3037855
x-accel-date: 1681809402
x-77-nzt: AcO1rw7856T/n1ouAA
x-accel-expires: @1713345402
last-modified: Tue, 24 Nov 2020 00:00:32 GMT
server: CDN77-Turbo
etag: W/"5fbc4d20-9e5b"
x-77-nzt-ray: 9083393083f149bc99ba6c64d1f88931
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame B2A6 117 KB
46 KB 135ms
51ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

757e6e1b061b973e0bf34e1443f94c0dd5aabe8ae435ca66655879e563b225b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46556
x-xss-protection: 0
last-modified: Tue, 23 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 May 2023 13:07:37 GMT

GET
H2 200 WebResource.axd Show response
ye-mek.net/ Frame B2A6 23 KB
23 KB 46ms
45ms Script
application/x-javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/WebResource.axd?d=YeedoL8dFzo5gymDuarFXngFaaXpLN8jYlixY-HzMyr_r8lEwXsCQefYQgi2kFzYfrVacpu_9us1eVTBWQamZuI0ynrH9LDfafZF-A5wZF41&t=637811837229275428
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Tue, 23 May 2023 13:07:37 GMT
last-modified: Wed, 23 Feb 2022 00:28:42 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/x-javascript
cache-control: public
content-length: 23063
expires: Sat, 04 May 2024 23:14:43 GMT

GET
H2 200 searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame B2A6 542 B
896 B 8ms
8ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037854
x-accel-date: 1681809403
content-length: 542
x-77-nzt: AcO1rw4ZHc7/nlouAA
x-accel-expires: @1713345403
last-modified: Sat, 22 Oct 2022 20:00:57 GMT
server: CDN77-Turbo
etag: "63544bf9-21e"
x-77-nzt-ray: 9083393083f149bc99ba6c649335be38
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ara.png
cdn.ye-mek.net/App_UI/Img/ Frame B2A6 2 KB
2 KB 11ms
10ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037845
x-accel-date: 1681809412
content-length: 1651
x-77-nzt: AcO1rw4GC2//lVouAA
x-accel-expires: @1713345412
last-modified: Mon, 14 May 2018 22:41:08 GMT
server: CDN77-Turbo
etag: "5afa1084-673"
x-77-nzt-ray: 9083393083f149bc99ba6c642171493a
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ic-baklali-pilav-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame B2A6 17 KB
17 KB 14ms
8ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ic-baklali-pilav-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 81094d7429b2724dd8b5fda43a631235b3bd0f26421a7da4d7b277aaa464f1bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 51301
x-accel-date: 1684795956
content-length: 16951
x-77-nzt: AcO1rw5Z3Z3/ZcgAAA
x-accel-expires: @1716331956
last-modified: Mon, 22 May 2023 22:18:51 GMT
server: CDN77-Turbo
etag: "646bea4b-4237"
x-77-nzt-ray: 9083393083f149bc99ba6c64e1fa803a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ev-yapimi-karadut-surubu-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame B2A6 14 KB
15 KB 15ms
8ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ev-yapimi-karadut-surubu-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 29e170b1a99866e848f5b0ea7f29ca1e30a481dd1ae51c44411a0700b6609da2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 138034
x-accel-date: 1684709223
content-length: 14687
x-77-nzt: AcO1rw6xaXn/MhsCAA
x-accel-expires: @1716245223
last-modified: Sun, 21 May 2023 22:13:56 GMT
server: CDN77-Turbo
etag: "646a97a4-395f"
x-77-nzt-ray: 9083393083f149bc99ba6c6461fb9c3a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 isirgan-otu-kavurmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame B2A6 18 KB
18 KB 19ms
12ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/isirgan-otu-kavurmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ce0da5330728f20b8d550536ffbc9aaebece54338daeacce50a2d30f932b3de0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 229075
x-accel-date: 1684618182
content-length: 18105
x-77-nzt: AcO1rw7CIP7/034DAA
x-accel-expires: @1716154182
last-modified: Sat, 20 May 2023 11:22:32 GMT
server: CDN77-Turbo
etag: "6468ad78-46b9"
x-77-nzt-ray: 9083393083f149bc99ba6c6405a5a33a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-kuzu-sirt-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame B2A6 15 KB
15 KB 20ms
13ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/firinda-kuzu-sirt-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7cb6faffffa513846dd5bd141fe16779c15082515289a027c827d53128bf07bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 315980
x-accel-date: 1684531277
content-length: 15367
x-77-nzt: AcO1rw4DqTr/TNIEAA
x-accel-expires: @1716067277
last-modified: Thu, 18 May 2023 11:54:43 GMT
server: CDN77-Turbo
etag: "64661203-3c07"
x-77-nzt-ray: 9083393083f149bc99ba6c64d818aa3a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 beyti-kebabi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/06/ Frame B2A6 13 KB
14 KB 22ms
15ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/06/beyti-kebabi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 10a53c815898ee13fa3584ffc789a348963965f77264875937a1e7941538c572

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3036244
x-accel-date: 1681811013
content-length: 13533
x-77-nzt: AcO1rw5cxP3/VFQuAA
x-accel-expires: @1713347013
last-modified: Wed, 01 May 2019 23:01:16 GMT
server: CDN77-Turbo
etag: "5cca253c-34dd"
x-77-nzt-ray: 9083393083f149bc99ba6c6484b4b03a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tarhana-koftesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame B2A6 15 KB
15 KB 23ms
16ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/tarhana-koftesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a7bdc5489a06f3c3cc24119a5a76f4d5af38e07c2b7e4e458ce411993eb12e7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037727
x-accel-date: 1681809530
content-length: 15200
x-77-nzt: AcO1rw6iSEL/H1ouAA
x-accel-expires: @1713345530
last-modified: Sun, 16 May 2021 23:23:16 GMT
server: CDN77-Turbo
etag: "60a1a964-3b60"
x-77-nzt-ray: 9083393083f149bc99ba6c64aba4b73a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tas-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/10/ Frame B2A6 11 KB
11 KB 23ms
16ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/10/tas-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3034026
x-accel-date: 1681813231
content-length: 10807
x-77-nzt: AcO1rw6e1Xb/qksuAA
x-accel-expires: @1713349231
last-modified: Wed, 01 May 2019 23:24:41 GMT
server: CDN77-Turbo
etag: "5cca2ab9-2a37"
x-77-nzt-ray: 9083393083f149bc99ba6c64ad9dba3a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firin-posetinde-butun-tavuk-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame B2A6 15 KB
15 KB 23ms
17ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/firin-posetinde-butun-tavuk-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4e454f18b44913721b60327717caa80d346f4e7a9df8af9aff86d5991ae430de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037723
x-accel-date: 1681809534
content-length: 15403
x-77-nzt: AcO1rw4tROD/G1ouAA
x-accel-expires: @1713345534
last-modified: Tue, 29 Dec 2020 23:47:12 GMT
server: CDN77-Turbo
etag: "5febc000-3c2b"
x-77-nzt-ray: 9083393083f149bc99ba6c643e88bd3a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tire-sis-kofte-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame B2A6 16 KB
16 KB 23ms
17ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/tire-sis-kofte-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 89529d02905772e8146d7e1ff9addc92072c23e60bb3dc84b8d61c4e898e93d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037845
x-accel-date: 1681809412
content-length: 16300
x-77-nzt: AcO1rw4EcGv/lVouAA
x-accel-expires: @1713345412
last-modified: Fri, 01 Apr 2022 17:34:02 GMT
server: CDN77-Turbo
etag: "6247378a-3fac"
x-77-nzt-ray: 9083393083f149bc99ba6c649d9bbf3a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 patlican-oturtma-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/07/ Frame B2A6 14 KB
14 KB 23ms
17ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2013/07/patlican-oturtma-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 82b26c270816480cac7ae6e6b713f4aa513bbfa78e68d5b6d2230ba9eb055519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037666
x-accel-date: 1681809591
content-length: 13962
x-77-nzt: AcO1rw6pmqT/4lkuAA
x-accel-expires: @1713345591
last-modified: Wed, 01 May 2019 22:16:19 GMT
server: CDN77-Turbo
etag: "5cca1ab3-368a"
x-77-nzt-ray: 9083393083f149bc99ba6c649aadc23a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 zerde-tatlisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/05/ Frame B2A6 13 KB
13 KB 23ms
17ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/05/zerde-tatlisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 33e40bc50659b2bcf80594852dbf6230bbb328ca25129c99c4b6fe8ec9ed1bfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2411653
x-accel-date: 1682435604
content-length: 13058
x-77-nzt: AcO1rw5Mf1v/hcwkAA
x-accel-expires: @1713971604
last-modified: Wed, 01 May 2019 22:41:35 GMT
server: CDN77-Turbo
etag: "5cca209f-3302"
x-77-nzt-ray: 9083393083f149bc99ba6c64fe43c53a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 para-para-corbasi-resimli-yemek-tarifi(24).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/02/ Frame B2A6 12 KB
13 KB 24ms
18ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/02/para-para-corbasi-resimli-yemek-tarifi(24).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b358220e5b27c2715f2afcdc4c02c448766bb9d81b959f877a0026aaf60c6f86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3035690
x-accel-date: 1681811567
content-length: 12508
x-77-nzt: AcO1rw5OOGn/KlIuAA
x-accel-expires: @1713347567
last-modified: Wed, 01 May 2019 22:36:35 GMT
server: CDN77-Turbo
etag: "5cca1f73-30dc"
x-77-nzt-ray: 9083393083f149bc99ba6c64275cc73a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-kuzu-kol-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame B2A6 16 KB
16 KB 24ms
18ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/firinda-kuzu-kol-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 04768856c079a1aca293eb1fa81842cb300eacd20fc15f92126c9477ccc72209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037794
x-accel-date: 1681809463
content-length: 16164
x-77-nzt: AcO1rw6oHL//YlouAA
x-accel-expires: @1713345463
last-modified: Mon, 06 Mar 2023 21:22:25 GMT
server: CDN77-Turbo
etag: "64065991-3f24"
x-77-nzt-ray: 9083393083f149bc99ba6c649028ca3a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mantar-soslu-kofte-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame B2A6 14 KB
15 KB 24ms
18ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/mantar-soslu-kofte-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 63b3428dab8c9858bfec0fdd1766207549e01494b99c89a230937546c926592d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037082
x-accel-date: 1681810175
content-length: 14751
x-77-nzt: AcO1rw69nuP/mlcuAA
x-accel-expires: @1713346175
last-modified: Thu, 21 Apr 2022 11:59:00 GMT
server: CDN77-Turbo
etag: "62614704-399f"
x-77-nzt-ray: 9083393083f149bc99ba6c642ecfcc3a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 belen-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame B2A6 17 KB
17 KB 24ms
18ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/belen-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5a890b96bb00fd6a96f4b5e43fa646fb4b331d9c55b88bf6ca5dafd2bf1bf184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037489
x-accel-date: 1681809768
content-length: 17356
x-77-nzt: AcO1rw6CtC7/MVkuAA
x-accel-expires: @1713345768
last-modified: Wed, 13 May 2020 21:44:39 GMT
server: CDN77-Turbo
etag: "5ebc6a47-43cc"
x-77-nzt-ray: 9083393083f149bc99ba6c6482c7cf3a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kc4b1ymalc4b1-kibrit-kebabc4b1-resimli-yemek-tarifi-20.jpg
cdn.ye-mek.net/App_UI/Img/out/270/2012/09/ Frame B2A6 14 KB
14 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2012/09/kc4b1ymalc4b1-kibrit-kebabc4b1-resimli-yemek-tarifi-20.jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: dacdec6aa88bb9571d309c295248ee5b202de625eba8aaa232f863ad9ba9fed5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3034042
x-accel-date: 1681813215
content-length: 14293
x-77-nzt: AcO1rw7Ax1j/uksuAA
x-accel-expires: @1713349215
last-modified: Wed, 01 May 2019 22:05:06 GMT
server: CDN77-Turbo
etag: "5cca1812-37d5"
x-77-nzt-ray: 9083393083f149bc99ba6c645e48d23a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuk-gogsu-kizartmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/07/ Frame B2A6 15 KB
16 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/07/tavuk-gogsu-kizartmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e8f206722d43879dc706b4270e95add2fb8ff20785b9ff7c2bf2bab8f4012435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037697
x-accel-date: 1681809560
content-length: 15544
x-77-nzt: AcO1rw6oxvP/AVouAA
x-accel-expires: @1713345560
last-modified: Thu, 08 Jul 2021 13:19:59 GMT
server: CDN77-Turbo
etag: "60e6fb7f-3cb8"
x-77-nzt-ray: 9083393083f149bc99ba6c647352d43a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-sebze-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame B2A6 15 KB
15 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/tavuklu-sebze-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 64dc9ea43e2df38645b1ce45127d61be13dd790dadba8d2c5f47c136edf34027

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037238
x-accel-date: 1681810019
content-length: 15161
x-77-nzt: AcO1rw59gCL/NlguAA
x-accel-expires: @1713346019
last-modified: Fri, 08 Apr 2022 22:58:57 GMT
server: CDN77-Turbo
etag: "6250be31-3b39"
x-77-nzt-ray: 9083393083f149bc99ba6c642b30d73a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tencerede-tavuk-pirzola-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/02/ Frame B2A6 13 KB
13 KB 24ms
19ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/02/tencerede-tavuk-pirzola-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9aa15f3d270011a0d81029fc96091ebec29d9cd93a32ffb12eda6e0db7649665

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037710
x-accel-date: 1681809547
content-length: 13004
x-77-nzt: AcO1rw4xuU7/DlouAA
x-accel-expires: @1713345547
last-modified: Sun, 21 Feb 2021 23:47:08 GMT
server: CDN77-Turbo
etag: "6032f0fc-32cc"
x-77-nzt-ray: 9083393083f149bc99ba6c649a21da3a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuk-midye-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/07/ Frame B2A6 11 KB
12 KB 24ms
20ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/07/tavuk-midye-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 30bf458f10efd6425384a778db3797a4a3e045d9062684d32dd854e55af146b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3034406
x-accel-date: 1681812851
content-length: 11515
x-77-nzt: AcO1rw5HnRP/Jk0uAA
x-accel-expires: @1713348851
last-modified: Wed, 01 May 2019 23:01:48 GMT
server: CDN77-Turbo
etag: "5cca255c-2cfb"
x-77-nzt-ray: 9083393083f149bc99ba6c641a5ddc3a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-sebzeli-soslu-mantar-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/11/ Frame B2A6 15 KB
16 KB 24ms
20ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/11/firinda-sebzeli-soslu-mantar-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2462e5a8d5e5f8b077679a4d7b5bcddbffe78e367f77247eb270c4b2da03ec74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037742
x-accel-date: 1681809515
content-length: 15538
x-77-nzt: AcO1rw7oB0D/LlouAA
x-accel-expires: @1713345515
last-modified: Mon, 22 Nov 2021 21:41:31 GMT
server: CDN77-Turbo
etag: "619c0e8b-3cb2"
x-77-nzt-ray: 9083393083f149bc99ba6c64f23cdf3a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mantar-mezesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/07/ Frame B2A6 15 KB
15 KB 24ms
20ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/07/mantar-mezesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3347be53ad1c9f1152c3df6639ac74b233cd6ec91e15b859f7f5683d2abac6d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037300
x-accel-date: 1681809957
content-length: 15144
x-77-nzt: AcO1rw51b3f/dFguAA
x-accel-expires: @1713345957
last-modified: Sat, 16 Jul 2022 22:21:12 GMT
server: CDN77-Turbo
etag: "62d339d8-3b28"
x-77-nzt-ray: 9083393083f149bc99ba6c6401cce13a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 karnabahar-pane-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame B2A6 15 KB
15 KB 24ms
20ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/karnabahar-pane-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 91fd3655c06bd0003e2c01a9d1b4d40ac9e1ef07fa8369baa7942bb435c2c082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 800384
x-accel-date: 1684046873
content-length: 14918
x-77-nzt: AcO1rw6MkaT/gDYMAA
x-accel-expires: @1715582873
last-modified: Sat, 05 Dec 2020 00:31:32 GMT
server: CDN77-Turbo
etag: "5fcad4e4-3a46"
x-77-nzt-ray: 9083393083f149bc99ba6c648ea7e43a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-kremali-mantarli-pirasa-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/12/ Frame B2A6 10 KB
11 KB 25ms
20ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/12/firinda-kremali-mantarli-pirasa-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: de1f5d1b2a64b34a33a3981dbd472b724437aad046625207654e4d2759c30d0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3036745
x-accel-date: 1681810512
content-length: 10442
x-77-nzt: AcO1rw4Ag1n/SVYuAA
x-accel-expires: @1713346512
last-modified: Sun, 15 Dec 2019 22:16:23 GMT
server: CDN77-Turbo
etag: "5df6b0b7-28ca"
x-77-nzt-ray: 9083393083f149bc99ba6c6428d1e63a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-lebeniye-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/03/ Frame B2A6 16 KB
16 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/03/tavuklu-lebeniye-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: bfdd52bd476486ec1e766b590b0249780df4ac4015a8c8db99e1ed59a1c23539

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037813
x-accel-date: 1681809444
content-length: 16258
x-77-nzt: AcO1rw7PH/3/dVouAA
x-accel-expires: @1713345444
last-modified: Wed, 09 Mar 2022 23:08:34 GMT
server: CDN77-Turbo
etag: "62293372-3f82"
x-77-nzt-ray: 9083393083f149bc99ba6c6451a4e83a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 suleymaniye-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/09/ Frame B2A6 9 KB
10 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/09/suleymaniye-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a4a0c11a8a2ab6d690d760fa20b53c03ea59a06825be78f8374a094ce9a9101a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3029140
x-accel-date: 1681818117
content-length: 9395
x-77-nzt: AcO1rw7YVbj/lDguAA
x-accel-expires: @1713354117
last-modified: Sun, 01 Sep 2019 21:03:44 GMT
server: CDN77-Turbo
etag: "5d6c3230-24b3"
x-77-nzt-ray: 9083393083f149bc99ba6c648089ea3a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 yogurtlu-misir-unu-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/12/ Frame B2A6 11 KB
11 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/12/yogurtlu-misir-unu-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f417034e954f35355ab26de74d5f0345e87815c5b5ca8e3963be6fb4377c78bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 2404874
x-accel-date: 1682442383
content-length: 11301
x-77-nzt: AcO1rw4NpMX/CrIkAA
x-accel-expires: @1713978383
last-modified: Sun, 05 Dec 2021 23:24:36 GMT
server: CDN77-Turbo
etag: "61ad4a34-2c25"
x-77-nzt-ray: 9083393083f149bc99ba6c641e4bec3a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tel-sehriyeli-yogurt-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/04/ Frame B2A6 14 KB
14 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/04/tel-sehriyeli-yogurt-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2c0307d6e9a5254bd97f653c7648e87136a570479be849645a83c1fd0be03b88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3036842
x-accel-date: 1681810415
content-length: 13896
x-77-nzt: AcO1rw4wTaT/qlYuAA
x-accel-expires: @1713346415
last-modified: Wed, 01 May 2019 23:32:39 GMT
server: CDN77-Turbo
etag: "5cca2c97-3648"
x-77-nzt-ray: 9083393083f149bc99ba6c64bef6ef3a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sade-un-helvasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/02/ Frame B2A6 9 KB
10 KB 25ms
21ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/02/sade-un-helvasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: cb70a0b5ac2b1a8d8e5f0e0b91b99d95723392847800eb91f42673794ce38e5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3031641
x-accel-date: 1681815616
content-length: 9502
x-77-nzt: AcO1rw6yP5v/WUIuAA
x-accel-expires: @1713351616
last-modified: Wed, 12 Feb 2020 21:37:39 GMT
server: CDN77-Turbo
etag: "5e447023-251e"
x-77-nzt-ray: 9083393083f149bc99ba6c64bffcf13a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 klasik-sekerpare-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/04/ Frame B2A6 14 KB
15 KB 25ms
22ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/04/klasik-sekerpare-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e2b92d7a9eed78471dd021e9ec6e163a0f3544dc221a439e979f3c7e83412f5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037826
x-accel-date: 1681809431
content-length: 14596
x-77-nzt: AcO1rw5ZUCT/glouAA
x-accel-expires: @1713345431
last-modified: Sat, 17 Apr 2021 23:31:47 GMT
server: CDN77-Turbo
etag: "607b6fe3-3904"
x-77-nzt-ray: 9083393083f149bc99ba6c64adf9f33a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kremali-tavuk-gogsu-tatlisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/09/ Frame B2A6 13 KB
13 KB 25ms
22ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/09/kremali-tavuk-gogsu-tatlisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1a66c16a6d4bd230c6e1190801244ce28cf2909aa2cda44f93c635445b46fde2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3036470
x-accel-date: 1681810787
content-length: 13049
x-77-nzt: AcO1rw56+Nj/NlUuAA
x-accel-expires: @1713346787
last-modified: Mon, 20 Sep 2021 20:43:17 GMT
server: CDN77-Turbo
etag: "6148f265-32f9"
x-77-nzt-ray: 9083393083f149bc99ba6c643913f63a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 vanilyali-kek-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/10/ Frame B2A6 10 KB
10 KB 25ms
22ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/10/vanilyali-kek-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6217d2a337f448a38f2bfa32e48b9baa9947e8ca5032d05df46df2ba137c6310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3027206
x-accel-date: 1681820051
content-length: 9936
x-77-nzt: AcO1rw6Z7n//BjEuAA
x-accel-expires: @1713356051
last-modified: Wed, 01 May 2019 23:40:02 GMT
server: CDN77-Turbo
etag: "5cca2e52-26d0"
x-77-nzt-ray: 9083393083f149bc99ba6c64b5a4fe3a
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 patatesli-borek-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/10/ Frame B2A6 11 KB
11 KB 26ms
22ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/10/patatesli-borek-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 07a3c65714194e782e500abca00ce765fcf09ba22fb5ed80e44d4e6c51bb43cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037702
x-accel-date: 1681809555
content-length: 11107
x-77-nzt: AcO1rw4f4eH/BlouAA
x-accel-expires: @1713345555
last-modified: Wed, 01 May 2019 23:24:59 GMT
server: CDN77-Turbo
etag: "5cca2acb-2b63"
x-77-nzt-ray: 9083393083f149bc99ba6c642d81013b
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tava-coregi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/02/ Frame B2A6 16 KB
16 KB 26ms
23ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/02/tava-coregi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 524bc0f73ac13548aed7d682fbab5ba006c98304fdf61bd3238a55343d7bd0a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3031457
x-accel-date: 1681815800
content-length: 16469
x-77-nzt: AcO1rw5Es+7/oUEuAA
x-accel-expires: @1713351800
last-modified: Mon, 15 Feb 2021 22:26:50 GMT
server: CDN77-Turbo
etag: "602af52a-4055"
x-77-nzt-ray: 9083393083f149bc99ba6c644db5033b
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kasik-dokmesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/03/ Frame B2A6 13 KB
14 KB 26ms
23ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/03/kasik-dokmesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ab53c5062416b4a13b575a1b4e9a171c16ad5c2ab758fa7eb88b7d1ecaedfce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3036504
x-accel-date: 1681810753
content-length: 13817
x-77-nzt: AcO1rw5RHPL/WFUuAA
x-accel-expires: @1713346753
last-modified: Wed, 01 May 2019 22:56:07 GMT
server: CDN77-Turbo
etag: "5cca2407-35f9"
x-77-nzt-ray: 9083393083f149bc99ba6c6498da053b
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sahine-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/02/ Frame B2A6 16 KB
17 KB 26ms
23ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/02/sahine-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d98024e61787e1bdd709f051b35af56fad581b55527b74b00717435db4489828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037826
x-accel-date: 1681809431
content-length: 16575
x-77-nzt: AcO1rw4TZ0D/glouAA
x-accel-expires: @1713345431
last-modified: Fri, 25 Feb 2022 21:40:05 GMT
server: CDN77-Turbo
etag: "62194cb5-40bf"
x-77-nzt-ray: 9083393083f149bc99ba6c643518083b
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 _dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame B2A6 5 KB
6 KB 62ms
16ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "8ae3cdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1684847258.cds322.am5.hn,1684847258.cds292.am5.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length: 5605

GET addthis_widget.js
s7.addthis.com/js/300/ Frame B2A6 0
0

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ Frame B2A6 465 B
585 B 63ms
18ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1684847258.cds322.am5.hn,1684847258.cds214.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ Frame B2A6 74 KB
26 KB 316ms
48ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19500
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a0847b5e0373e2fd011803f2dc04baa326f849fe2b2684b4e89cb11122cb5b17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: gzip
last-modified: Thu, 18 May 2023 15:23:45 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame B2A6 3 KB
3 KB 67ms
19ms Script
application/x-javascript 2a03:2880:f03d:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03d:1c:face:b00c:0:3 Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

89fbfdc9926f79ac1e3527e1b5eeebe62a443f1244296087449eafc4b0be792c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 13:07:38 GMT
content-md5: CHJZorbn2FD5q/5CLIu2eQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: uLTUIWgkOJ8+YQ87LX00fj1jImFIjpgXwAmlwOYLnfIezVdaeaa0Mnd+YM2Tov9PSlrYAUZpmCZoZKpvZ+jGVw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 5e794b57d653fdfdb333dc34894f9399
cross-origin-opener-policy: same-origin-allow-popups
etag: "509142436325bce941b01bef08590e45"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 23 May 2023 13:23:39 GMT

GET
H2 200 sprite_3.png
cdn.ye-mek.net/grafik/ Frame B2A6 21 KB
21 KB 23ms
22ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by: Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ye-mek.net/maincss.css?v=434
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 May 2023 13:07:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3037855
x-accel-date: 1681809402
content-length: 21525
x-77-nzt: AcO1rw6ziwf/n1ouAA
x-accel-expires: @1713345402
last-modified: Mon, 14 May 2018 20:55:05 GMT
server: CDN77-Turbo
etag: "5af9f7a9-5415"
x-77-nzt-ray: 9083393083f149bc99ba6c64caca0a3b
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame B2A6 51 KB
21 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 13:04:56 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 162
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 23 May 2023 15:04:56 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame B2A6 301 KB
85 KB 40ms
20ms Script
application/x-javascript 2a03:2880:f03d:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=87590e14166fd438079c425365025cea

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f03d:1c:face:b00c:0:3 Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc7a3e7ad7342d2bfbf658ecdb37d64611ee2b553790659c12f6df591e19783e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 May 2023 13:07:38 GMT
content-md5: am1sGI7Yi8GIDzplWMhHdA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87270
x-fb-rlafr: 0
x-fb-debug: d5unOM3IhGfA3ShcIUQKJnAjrezglJ5RkKocI2s38aLgmlaKzerpnvrOugInJ3mscJff8QydLACI9nv1Ih/fwQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: a168ea20c0df7bf65fadeacd478098f5
cross-origin-opener-policy: same-origin-allow-popups
etag: "e3c2cfaf163b1856beb07747148394ce"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 22 May 2024 11:23:30 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B2A6 76 KB
25 KB 212ms
112ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8f1bdd5272683bf18ab8e581418378f8aa2acde0708f118e284e657f2fee9f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25332
x-xss-protection: 0
server: cafe
etag: 677 / 19500 / 31074711 / config-hash: 17264376816506353205
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:38 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame B2A6 120 B
306 B 46ms
45ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19500
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame 6E8A 891 B
1 KB 46ms
45ms Document
text/html 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19500
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Tue, 23 May 2023 13:07:38 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B2A6 136 KB
47 KB 181ms
92ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7deda926b42a833cd5c9aa9248a8b15dd75310e0d5de8cc589106ca16e2a4b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47466
x-xss-protection: 0
server: cafe
etag: 1081078411547068023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:38 GMT

GET
H2 200 prebid7.38.0.js Show response
static.virgul.com/theme/mockups/outside/ Frame B2A6 489 KB
182 KB 51ms
50ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19500
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:56:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame B2A6 228 KB
56 KB 46ms
9ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 12:44:21 GMT
content-encoding: gzip
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 19:17:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 1397
x-amz-server-side-encryption: AES256
etag: W/"d18b57a80b57082ffb531a2e077b3016"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: HgWDMBiLvCPb2ba4liOPd0UuCb84IjRR5yWQa3LoW9QP3SGlF1PaJw==

GET
H2 200 pageview Show response
ng.virgul.com/ Frame B2A6 33 KB
5 KB 142ms
74ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1684847258370&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.808851047560023
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19500
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2730348f2c48ff25337b976205880af8d8666d21bf2a4d4a5b0a626e3e82eef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/fallback/ Frame B2A6 12 KB
2 KB 91ms
90ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19500
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19500
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 58712a4f1909f78e6b3cb7b01dfbb8e2952037880985e4fc91ccf08d37a7bd84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: gzip
last-modified: Sun, 14 May 2023 21:52:48 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 hb Show response
ng.virgul.com/ Frame B2A6 49 KB
5 KB 127ms
70ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=468013
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19500
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d14570de01f41088f29d7e31e3ba877e5acca14b0c9a236f5dff03ea7c22f071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame B2A6 0
307 B 9ms
7ms XHR
text/plain 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:08:16 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 17962
x-cache: Hit from cloudfront
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: c8vL2D0cyXYMGDli9AKMvW0IUzIlwM0JTA9EKw41mnl-O85oiqTXFg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame B2A6 6 KB
3 KB 24ms
8ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding: gzip
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
date: Tue, 23 May 2023 01:31:42 GMT
x-amz-cf-pop: FRA56-P3
age: 41757
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 11 May 2023 21:16:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: SVQLxocBrmNpBvhatF7QojWKJshPFAzWNWPdLXWhEetnDEQ-NzLn_Q==

GET
H2 200 empowerwebplayer3.js Show response
static.virgul.com/theme/mockups/outside/ Frame B2A6 9 KB
3 KB 46ms
46ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 09:38:48 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/sites/ Frame B2A6 11 KB
5 KB 46ms
45ms Script
application/javascript 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=468013
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19500
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 09:08:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ Frame B2A6 17 KB
5 KB 65ms
15ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 12:38:46 GMT
content-encoding: gzip
age: 1732
x-guploader-uploadid: ADPycdvtlLrkR9PoX22doEQXvKwj-2wHnTCvNvFdh52l0X33UVQ5E6-xNnsC8qi0HD3HPl2OjGSlinH_-k1MBz4427wQJOb1KS70
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
last-modified: Fri, 20 Jan 2023 18:31:19 GMT
server: UploadServer
etag: "b3517e216253857ea8c4209cb84004df"
vary: Accept-Encoding
x-goog-generation: 1674239479122517
x-goog-hash: crc32c=rClt4g==, md5=s1F+IWJThX6oxCCcuEAE3w==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 4955
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ Frame B2A6 0
209 B 46ms
46ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1684847258553&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnet6dd915f7-1765-4a38-ab22-8cad630ef3ae&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.10473181786567731
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Tue, 23 May 2023 13:07:38 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ Frame B2A6 7 KB
3 KB 218ms
46ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19500
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Tue, 30 May 2023 13:07:38 GMT

GET
H2 200 zoneview
ng.virgul.com/ Frame B2A6 0
209 B 45ms
45ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1684847258610&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnet6dd915f7-1765-4a38-ab22-8cad630ef3ae&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.9197437966567901
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Tue, 23 May 2023 13:07:38 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/ Frame B2A6 354 KB
120 KB 178ms
101ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84c4f1f2363fc3d05a1e537a1722779c596132beb9ae8efb260f34f8ef0441a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122588
x-xss-protection: 0
server: cafe
etag: 5373179907333717738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/ Frame BB9B 10 KB
5 KB 116ms
35ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51185
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 22:54:33 GMT
etag: 15057649708203361565
expires: Mon, 05 Jun 2023 22:54:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/ Frame B2A6 407 KB
126 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e82579c7719e508e943bb982cbe82945941dbdc5e67b2f3364e37a55b276296d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 15:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77434
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128505
x-xss-protection: 0
server: cafe
etag: 9552717522506389512
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 21 May 2024 15:37:04 GMT

GET
H2 200 tag Show response
feed.pghub.io/ Frame 1FB7 13 B
257 B 73ms
24ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Tue, 23 May 2023 13:07:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame B2A6 483 B
1 KB 39ms
14ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:38 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1272083
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxwldWGcI0jwi5ZuW6IpOukxO1muY3bXGc6%2FU6%2FRlyRQCwsZ18yOhwER1lvhp4pbsxIxwoi2BsJKUfdRNmamMuh%2B9pvQBQsj6BB%2FvRbLrB1ZLpUVqlhVTxy%2BELiOEnM74%2BiRIJmQmA5n9juC"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7cbd85e7be205c8c-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame B2A6 23 B
460 B 108ms
42ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=wzYAbdlAHkoOf&cb=0&ws=1600x1200&v=23.517.1921&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: BXBMT3KW1QV5AKXNSJKQ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: IC-9yEitq8HCPOlHI9PZgELaJ9nBfbkKxJK3sCOKqam0wt7fXkN0lw==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B2A6 107 B
531 B 138ms
48ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B2A6 107 B
456 B 130ms
45ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B2A6 26 KB
11 KB 440ms
440ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3789854313045214&correlator=170998775630080&eid=31074711%2C31074694%2C21065724&output=ldjh&gdfp_req=1&vrg=202305170101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684847258370%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6dd915f7-1765-4a38-ab22-8cad630ef3ae%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6dd915f717654a38ab228cad630ef3ae&sc=1&cdm=ye-mek.net&abxe=1&dt=1684847258832&lmt=1684847258&dlt=1684847257784&idt=997&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=mz0opmhlorop&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=748265627.1684847258&ga_sid=1684847259&ga_hid=1927810504&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f201487298790e63e7ff28bf18bd82165566ba06888175da563a8d807583210c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11258
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425583957
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 702D 6 KB
3 KB 146ms
46ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:38 GMT
expires: Wed, 22 May 2024 13:07:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST /
hb.emxdgt.com/ Frame B2A6 0
0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame B2A6 94 B
496 B 301ms
229ms XHR
application/json 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.38.0
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 483b400373b3af8be0e4cee37ff70880c32bb677111ed4ef0aebc48bdecec839

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 May 2023 13:07:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ye-mek.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame B2A6 0
527 B 151ms
84ms XHR
text/plain 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 hb Show response
cpm.programattik.com/ Frame B2A6 0
142 B 181ms
55ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=43&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame B2A6 0
141 B 181ms
56ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=45&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame B2A6 0
141 B 181ms
57ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=44&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame B2A6 0
141 B 180ms
56ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=80&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 200 bid-request Show response
a.teads.tv/hb/ Frame B2A6 16 B
386 B 77ms
42ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Tue, 23 May 2023 13:07:38 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame B2A6 0
112 B 130ms
75ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
date: Tue, 23 May 2023 13:07:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 prebid Show response
mp.4dex.io/ Frame B2A6 0
281 B 61ms
34ms XHR
text/plain 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:38 GMT
x-err: Parsing the Prebid Request. adrequest and manager domains do not match
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7cbd85e82f8704a3-FRA
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame B2A6 173 B
399 B 77ms
8ms XHR
application/json 18.195.127.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.127.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-127-74.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 7958f900b01ef0db20857bbe50a8d2379d0a0b18710590790c3ccb93a2c7913e

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: gzip
x-prebid: pbs-java/1.119.0
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B2A6 416 B
740 B 211ms
145ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862172&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2dde52e4-5cb0-428f-a0d9-f4ca9582eaac%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&tk_flint=pbjs_lite_v7.38.0&x_source.tid=f9072149-0b3c-4fc9-af69-e88d108933db&l_pb_bid_id=393e2b8517ceb0c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7198294204728146
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 66744148e77cf7303bef8402297081cfb2f7f1ac09a4fb925033788bdd839903

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 416
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B2A6 410 B
733 B 218ms
152ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862174&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2dde52e4-5cb0-428f-a0d9-f4ca9582eaac%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&tk_flint=pbjs_lite_v7.38.0&x_source.tid=7d8dc3bf-6557-4fa1-8b6c-6bbd43fde2de&l_pb_bid_id=409fa4dbc8ae95e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3588433522752372
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f839ccaa446b2e89f94bf57432fccdd0a80567a922a675d3e1e8b5df7bf51c32

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 410
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B2A6 404 B
728 B 312ms
246ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746578&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C55%2C57&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2dde52e4-5cb0-428f-a0d9-f4ca9582eaac%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead&tk_flint=pbjs_lite_v7.38.0&x_source.tid=2cfbe8fe-0d38-4777-adcb-4b92fed4b9c9&l_pb_bid_id=41a9d48810b70c5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6001180979559628
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a80a6c4beb37438a58ada9cd421910de21a7b2f25bf4dd4f9f832a2eec22dec2

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 404
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B2A6 20 KB
8 KB 192ms
126ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746730&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2dde52e4-5cb0-428f-a0d9-f4ca9582eaac%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=15223560-2da3-4aca-af90-deb8d8e502af&l_pb_bid_id=42f4ac6785b85e9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.871474756577127
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 283438aa556a7bee4241a6c661494b7bbae7a51bfff99e0b98ae2f50f77eeb9d

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B2A6 397 B
945 B 173ms
108ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746580&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2dde52e4-5cb0-428f-a0d9-f4ca9582eaac%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=feaa38fa-5a85-45b7-8d78-ddc61f8e972f&l_pb_bid_id=4397bde1958a41&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.03623858839162053
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ac7fa1320a147bde224992b1a2c774099b5c3b792e79005c9166df51a2385109

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 397
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B2A6 408 B
732 B 233ms
168ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862158&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2dde52e4-5cb0-428f-a0d9-f4ca9582eaac%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&tk_flint=pbjs_lite_v7.38.0&x_source.tid=2e7d5778-7a9d-47f1-a557-eb7cac7c6d99&l_pb_bid_id=45f533fd03189be&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6952480560389294
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ca6e4e847dc5da840624f7e36eaebfa2f6d0d9cdfcb36289eb64920c2882e2b6

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 408
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B2A6 17 KB
9 KB 137ms
102ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

22d32014cd99a893e2366edb61e0d37ed0f26ce8d055d901c10ce00fbae5db62

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 May 2023 13:07:39 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.186; 185.213.155.186; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0e34adeb-5f7b-4b1d-b5b6-c7491b821818
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B2A6 360 B
1 KB 145ms
110ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

cf85ed394419b4d73db99d3e12e261fcd4d3feb39d48ed86e78b665bbdfd46ed

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:07:39 GMT
AN-X-Request-Uuid: 15dc9da8-e340-4321-9833-adfa251ab0a4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.186; 185.213.155.186; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 360
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame B2A6 0
528 B 121ms
80ms XHR
text/plain 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame B2A6 0
212 B 68ms
20ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.38.0&cb=71074844025&lsavail=0

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://ye-mek.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B2A6 361 KB
121 KB 142ms
53ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123025
x-xss-protection: 0
expires: Tue, 23 May 2023 13:07:39 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ Frame B2A6 399 KB
128 KB 51ms
51ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=5/23/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19500
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e183dfed35d6921278c39359a5d34fbb9dfaaf4f990ec6d210a7217a95e897db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:38 GMT
content-encoding: gzip
last-modified: Mon, 06 Mar 2023 16:42:16 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Tue, 30 May 2023 13:07:38 GMT

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C58E 603 B
218 B 72ms
70ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847258624&bpp=5&bdt=840&idt=301&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&nras=1&correlator=5811851906216&frm=24&ife=1&pv=2&ga_vid=748265627.1684847258&ga_sid=1684847259&ga_hid=1927810504&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C44785295%2C44788442%2C44792645%2C21065724&oid=2&pvsid=3789854313045214&tmod=1897158465&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.b45torj5ploi&fsb=1&dtd=316

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame B2A6 74 KB
23 KB 32ms
16ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:38 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1589696
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkwrgtwCgV0eVZKgvBxh1JREMMXMmqCMNmYPMXKlHUrg5YvplmUl%2FfRYK1GgNdh4%2Fm2JUPaktpAkR70zSh8C69U9WFeY6GmfYpiwIN4sUnrOSIuJS9f6gWBEL1LEh24q62B8I4Mrhcvy67A5"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7cbd85e87b7b3a8e-FRA

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B2A6 15 KB
11 KB 90ms
89ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3eb69a87896380246c640c0b6f2f7259be4dcb40ed50a793a594af4a2bb3eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11319
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B2A6 107 B
165 B 48ms
47ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B2A6 107 B
165 B 50ms
49ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B2A6 34 KB
14 KB 434ms
434ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3789854313045214&correlator=719035476638471&eid=31074711%2C31074694%2C21065724&output=ldjh&gdfp_req=1&vrg=202305170101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=3&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684847258370%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6dd915f7-1765-4a38-ab22-8cad630ef3ae%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6dd915f717654a38ab228cad630ef3ae&sc=1&cdm=ye-mek.net&abxe=1&dt=1684847259228&lmt=1684847259&dlt=1684847257784&idt=997&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=28knhw3s9a4w&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=748265627.1684847258&ga_sid=1684847259&ga_hid=1927810504&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1313e91ff827eb081ee37cd251edef99ffcf27f6cf39e1e3e043f74b1b1c6eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14281
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B2A6 33 KB
14 KB 408ms
407ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3789854313045214&correlator=2418757103426638&eid=31074711%2C31074694%2C21065724&output=ldjh&gdfp_req=1&vrg=202305170101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=4&adks=3299242717&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.03%26hb_adid%3D683a465bf7c6fc1%26hb_bidder%3Dappnexus%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.03%26hb_adid_appnexus%3D683a465bf7c6fc1%26hb_bidder_appnexus%3Dappnexus%26hg_pb%3D0.03&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684847258370%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6dd915f7-1765-4a38-ab22-8cad630ef3ae%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6dd915f717654a38ab228cad630ef3ae&sc=1&cdm=ye-mek.net&abxe=1&dt=1684847259232&lmt=1684847259&dlt=1684847257784&idt=997&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=gkupkdh9j0j5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&ga_vid=748265627.1684847258&ga_sid=1684847259&ga_hid=1927810504&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

438aa1288e7398f815ee02d062efbb9b50b844ae45937d7902129365c9323265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14323
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B2A6 205 KB
25 KB 488ms
487ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3789854313045214&correlator=1382916477967707&eid=31074711%2C31074694%2C21065724&output=ldjh&gdfp_req=1&vrg=202305170101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160%7C640x205&fluid=height&ifi=5&adks=3050045420&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684847258370%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6dd915f7-1765-4a38-ab22-8cad630ef3ae%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6dd915f717654a38ab228cad630ef3ae&sc=1&cdm=ye-mek.net&abxe=1&dt=1684847259237&lmt=1684847259&dlt=1684847257784&idt=997&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=rjk7rwl3gh1j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=996x0&msz=996x0&fws=388&ohw=1600&ga_vid=748265627.1684847258&ga_sid=1684847259&ga_hid=1927810504&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc614b0c55fb5711aa91b04d777f3bb300630a44deebefccc5b7922e83af3f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25758
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B2A6 26 KB
11 KB 417ms
416ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3789854313045214&correlator=4067353962366485&eid=31074711%2C31074694%2C21065724&output=ldjh&gdfp_req=1&vrg=202305170101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=6&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684847258370%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6dd915f7-1765-4a38-ab22-8cad630ef3ae%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6dd915f717654a38ab228cad630ef3ae&sc=1&cdm=ye-mek.net&abxe=1&dt=1684847259240&lmt=1684847259&dlt=1684847257784&idt=997&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=cam2zblsjrjo&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=748265627.1684847258&ga_sid=1684847259&ga_hid=1927810504&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

462bda8ffe5412adbba17d34c21752af91d794cdccb87468518324a8706656b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11343
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425583957
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B2A6 35 KB
14 KB 506ms
506ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3789854313045214&correlator=4044679847398316&eid=31074711%2C31074694%2C21065724&output=ldjh&gdfp_req=1&vrg=202305170101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684847258370%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6dd915f7-1765-4a38-ab22-8cad630ef3ae%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6dd915f717654a38ab228cad630ef3ae&sc=1&cdm=ye-mek.net&abxe=1&dt=1684847259244&lmt=1684847259&dlt=1684847257784&idt=997&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=xjme1xr39kua&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=748265627.1684847258&ga_sid=1684847259&ga_hid=1927810504&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81a3460c4b2496641d1ac4cc26a9f25232d0700ee0b655697a42312e9cc10a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14396
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B2A6 27 KB
11 KB 453ms
453ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3789854313045214&correlator=3994176177446537&eid=31074711%2C31074694%2C21065724&output=ldjh&gdfp_req=1&vrg=202305170101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=8&adks=3203893797&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D7.50%26hb_adid%3D70fdabb1df81b81%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D160x600%26hb_pb_rubicon%3D7.50%26hb_adid_rubicon%3D70fdabb1df81b81%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D7.50&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1684847258370%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet6dd915f7-1765-4a38-ab22-8cad630ef3ae%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet6dd915f717654a38ab228cad630ef3ae&sc=1&cdm=ye-mek.net&abxe=1&dt=1684847259248&lmt=1684847259&dlt=1684847257784&idt=997&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=go7pp7jqbbd1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&ga_vid=748265627.1684847258&ga_sid=1684847259&ga_hid=1927810504&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6500239272b1e3f137d07643753494abaf647508439d46e913a13ae1ff71e4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11573
x-xss-protection: 0
google-lineitem-id: 5615628399
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339352911
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B2A6 17 KB
7 KB 123ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 May 2023 13:07:39 GMT

GET
H2 200 container.html Show response
b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 490D 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:38 GMT
expires: Wed, 22 May 2024 13:07:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 490D 24 KB
7 KB 48ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 22 May 2024 08:18:28 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 490D 135 KB
46 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26fb6b33b177499c9dc0768736678057a822f562013e410612b5bb38ff676c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Origin: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47301
x-xss-protection: 0
server: cafe
etag: 14986397544341709591
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 490D 171 KB
54 KB 146ms
61ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 490D 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspfSCiZXG73PYJSRVcdizbdlbRM_aUZlvULNCdlCB7z6HwzsfLyGilEzcXf9VbZZdLiJPyy_YrBEgJrvQn7QL8Ylkt5J3fIpY4JZPad8VGresc2Wza7Z87XWIho3FAi2EI9W1ppa_-IK4fqHwrYITl5ea8CYGYd2ejV1Ch7WTdRJtqTDxDBq7Jne3MOTARtg7NfyL882befMhxEGuyJNdxpAGPCXFaWT5OWUMICVuPuhcw8Kfzjk1J5Rr4PfVBtwI_NZ5Tm6jrhrDnce1hMu4TDOheYv66mP84rS23ELYnC7Rg2hZKMHxvTsDgFI2M-fTf7Bc85iPfiYkkH74BmTH_le_7nSOaw86PCa0W_hSL05Gp3r4&sai=AMfl-YQdYzZTBCOp8ONN_p74w235vXD7jPHolXT8ugSPBTvVdeDaKC3iCUR3Ml6nN_KXgtWcF0iGw2LISW4VlQs2zJEFvePnWCTJqVu-uGVGlx0&sig=Cg0ArKJSzNYrekHTF0D7EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 13:07:39 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A154 13 KB
5 KB 37ms
35ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 12:41:35 GMT
expires: Wed, 22 May 2024 12:41:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ED01 783 B
1 KB 139ms
55ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

871a6421aa0ef3b17b0877a996b95050114f377207299c42af3e90558c291676

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GLy6pYhowuLQexdANm018Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-GLy6pYhowuLQexdANm018Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:39 GMT
expires: Tue, 23 May 2023 13:07:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 5ed7638be4b07a92411bbffe
ng2.virgul.com/tck/imp/ Frame B2A6 0
209 B 189ms
45ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7638be4b07a92411bbffe?g=1&t=gb&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1684847258370&userId=vnet6dd915f7-1765-4a38-ab22-8cad630ef3ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Tue, 23 May 2023 13:07:39 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame A154 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 10:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 10:58:14 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/ Frame 490D 354 KB
120 KB 109ms
109ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b40b0d2a61d2af1d18dabc2f77beb9261387d82e173cc62403a4aba239ca603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122582
x-xss-protection: 0
server: cafe
etag: 1800580817418637939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:39 GMT

GET
DATA 200
OK truncated
/ Frame 490D 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af69caab91c23c7d73d5e5fd91f10ce2e7268dd9653ae3efe7d863734de79f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ED01 0
0 71ms
71ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305170101&jk=3789854313045214&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A154 0
10 B 38ms
37ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UjLnfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 container.html Show response
b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F4B1 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:38 GMT
expires: Wed, 22 May 2024 13:07:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F9F7 6 KB
3 KB 38ms
38ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:38 GMT
expires: Wed, 22 May 2024 13:07:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 490D 107 B
122 B 44ms
44ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 490D 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7672 0
16 B 288ms
288ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259477&bpp=13&bdt=140&idt=223&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&nras=1&correlator=5769204369885&frm=8&ife=1&pv=2&ga_vid=689039208.1684847260&ga_sid=1684847260&ga_hid=266582515&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074687%2C44785295%2C44788442%2C44792645&oid=2&pvsid=2670633855062853&tmod=866578255&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.yav3w58a37np&fsb=1&dtd=241

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6221 6 KB
3 KB 42ms
42ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:38 GMT
expires: Wed, 22 May 2024 13:07:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3467 31 KB
13 KB 541ms
540ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259490&bpp=3&bdt=153&idt=245&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5769204369885&frm=8&ife=1&pv=1&ga_vid=689039208.1684847260&ga_sid=1684847260&ga_hid=266582515&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074687%2C44785295%2C44788442%2C44792645&oid=2&pvsid=2670633855062853&tmod=866578255&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.yb857gstqx2r&fsb=1&dtd=250

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c1c334f01349d40b520a38ba0c550437b4560905ab64ea68ba63f6f11d82831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13095
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DEE2 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEFiMGr_7hLH40_v7LIXoZ9BjufSZdw0ftPPhqYrdJkjuFZW3Qgr6eJ7O-mUzA_SRtLE5-E9EbeswIwax2cu-c0nBdRkNo3yHBrsoLKtukzD6Yr7bUUTfgiz9e9Fi1wcmgDZzCH3oZf5Fkp98eBriLmdM7sJmIgfAwaLdDAJX8rFddnkmqD77BHpXlbwemwW9NwZXnhmrldnauQ7vscf5TCQqTZRjZrfqegZb6YXVRTRkKsMdRlTj9Tpk1Ijn_aVBB7VqrOi384h-qx6yaQzmGmDpRZ3c763maWj9kgviREvA4UnJ1wMV3JC_bCpOUmz9wIu10WjaMUTzV9Ocr&sai=AMfl-YTQz7z0QT7NZJm07O4LVl2NZFclaUkkK3viBtNbJHAYIpkEQx_5yeo-2U4RHaK6WHrOkhJOWD6LFlTAbhWHZ-wScPtCGtoRUQnmp46kmpS1_Qwki10lXvUdQKBvJQ&sig=Cg0ArKJSzDfzHVPgsroGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame DEE2 26 KB
26 KB 33ms
7ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 May 2023 13:07:39 GMT
x-content-type-options: nosniff
age: 360
x-jsd-version: 1.15.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26200
x-served-by: cache-fra-eddf8230078-FRA
x-jsd-version-type: version
etag: W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DEE2 171 KB
53 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:39 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305152039000/ Frame AE7F 222 KB
61 KB 197ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305152039000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28f1451571c809f080980e5679bebad6b9b10a4d93233b37a991380d1e7d6828

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 May 2023 17:49:51 GMT
age: 69468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61839
x-xss-protection: 0
server: sffe
etag: "c5e753c238beacad"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 May 2024 17:49:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305152039000/v0/ Frame AE7F 15 KB
5 KB 267ms
110ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305152039000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cede5e6b2d0201be197cfb96a9aeb4c5c95bd5749785a3e5473610e267f5de4f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 May 2023 17:49:51 GMT
age: 69468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5257
x-xss-protection: 0
server: sffe
etag: "6147d0c60b11b4b1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 May 2024 17:49:51 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305152039000/v0/ Frame AE7F 94 KB
28 KB 268ms
111ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305152039000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213b087a5427c3b7e3a7d3acb2e179c6d43503c3f148e69edb8babb71dee622b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 May 2023 17:49:51 GMT
age: 69468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28959
x-xss-protection: 0
server: sffe
etag: "e8b37e49415a2d9f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 May 2024 17:49:51 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012305152039000/v0/ Frame AE7F 72 KB
16 KB 295ms
139ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305152039000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee80116349c8478b75d60df694847bf80de257887725bb2558b3e321375d102

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 May 2023 17:49:51 GMT
age: 69468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16681
x-xss-protection: 0
server: sffe
etag: "41516e2b8eb71ac1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 May 2024 17:49:51 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305152039000/v0/ Frame AE7F 5 KB
2 KB 288ms
132ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305152039000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6ba320adc868a92d71a8d20e0354206b22dafff65a7d4550f3bc6a08e9fd952

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 May 2023 17:49:51 GMT
age: 69468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1899
x-xss-protection: 0
server: sffe
etag: "de1853be803cb92a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 May 2024 17:49:51 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305152039000/v0/ Frame AE7F 40 KB
13 KB 289ms
133ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305152039000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45aa8d5ea20712aff96d0f962875a64a3798e9d409b8a962ac6462357779f0e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 May 2023 17:49:51 GMT
age: 69468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12945
x-xss-protection: 0
server: sffe
etag: "6b8dcbc7470d864f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 May 2024 17:49:51 GMT

GET
DATA 200
OK truncated
/ Frame AE7F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0556d83d00bc5c2a831f93f289f6699f7539e6fdb28f4a99d0a3a3b8ab65450c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame AE7F 3 KB
3 KB 43ms
40ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 19:49:55 GMT
x-content-type-options: nosniff
server: cafe
age: 62264
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3057
x-xss-protection: 0
expires: Tue, 23 May 2023 19:49:55 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame AE7F 344 B
368 B 41ms
37ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 04:00:50 GMT
x-content-type-options: nosniff
server: cafe
age: 32809
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 24 May 2023 04:00:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AE7F 0
0 51ms
45ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrM-pS0KaiXzxzdtUQJ5YsC21zr_IKIqTGvZQQJM7tR6Edu1UhBAoKIFrDMOd9fP41lJptzGiZeRMpOpELATmHf0Xzow
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AE7F 0
0 85ms
81ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2sg5m7psZIuYFPKO1fAP1YKJKILElcBwsOfjh84R2tkeEAEgwLKCa2CV4pCCoAegAYvg98EoyAEJqQIHJX04ch-yPuACAKgDAcgDCKoEhwJP0AjyVmg8MEBgos2HUtkv2V8TpymBytnkMSowcmlJPm852BdBHO26KIID5o_ETrTOLxWoA9_e3ez2fX_AklJNB9y7Hsqzf7cEwfcKCTCx_JSm5nnw8rMPnOSZBuNLzk3MKj5vVlWKsvyDJPIkbvKUkvuIsi9hkmjeBB232UJbOfhURzAr8wcX0a2VULdMDfEKGkT-BgWdOHN-WAwymulh-vy1zfZ2QbFTPE8jCiJkv2JMuviN9bM5gNT60N0-DLXwCv2fVyHZZNidNBfOIUdLQ2qvltmLBuRgUZ_5rowtwDJWouogg42LZAMgWIFxAJeBnoF6CfBpeOJyhV49ncbuHmzlk2YacMAE__j_k6gE4AQBoAYugAeLmMihA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJjaAtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgPICwHYEwPQFQGAFwGyFx4KHAgAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBjqwW0&sigh=feYyNPiEBO8&uach_m=[UACH]&cid=CAQSOwBygQiDSUxscNi9R6L6ZRwCpIhXKhCs44fSJjqR0Btb4GFLtCAvdYYelKa6XDARTtpdipgwlL7SDfE-GAE&template_id=419
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 300x250_ZN_Range_motiv_01.jpg
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 12 KB
12 KB 77ms
73ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_motiv_01.jpg

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d64c6d0f3aee8e256b9cfc4c1bb44e4daf20b50e8103038c5ab9aed27a5b5185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 06:23:23 GMT
x-content-type-options: nosniff
age: 283456
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12556
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 06:23:23 GMT

GET
H3 200 300x250_ZN_Range_motiv_02.jpg
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 11 KB
12 KB 57ms
53ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_motiv_02.jpg

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969ec3de890b69420b346cf069cf0fdd08a58828a83ce3dbea20c866c8c52536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:06:54 GMT
x-content-type-options: nosniff
age: 374445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11755
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 May 2024 05:06:54 GMT

GET
H3 200 300x250_ZN_Range_motiv_03.jpg
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 13 KB
13 KB 46ms
42ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_motiv_03.jpg

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bea79c8339103eb65c3c78986da954cef36ed141b02034e10314f572628fb729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:35:43 GMT
x-content-type-options: nosniff
age: 225116
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13051
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 22:35:43 GMT

GET
H3 200 300x250_ZN_Range_paper.jpg
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 6 KB
6 KB 100ms
96ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_paper.jpg

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

849ba610d536297df4d56f5aec64fce464d4166c11b1d2d30a6e00ad23570afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 10:21:44 GMT
x-content-type-options: nosniff
age: 355555
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6254
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 May 2024 10:21:44 GMT

GET
H3 200 300x250_ZN_Range_overlay_02.png
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 472 B
499 B 89ms
85ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_overlay_02.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8652e27002bee7a3bbf2bea8cd73cbd19b134f00bda6528640ddd5c98826bdd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:03:45 GMT
x-content-type-options: nosniff
age: 227034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 472
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 22:03:45 GMT

GET
H3 200 300x250_ZN_Range_overlay_01.png
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 787 B
816 B 90ms
86ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_overlay_01.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4bc923d5eba3e5804d9362ed9994e8f0b612ad8186fff426afa91860319c4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:03:45 GMT
x-content-type-options: nosniff
age: 227034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 787
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 22:03:45 GMT

GET
H3 200 300x250_ZN_Range_text_01_01.png
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 644 B
674 B 97ms
93ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_text_01_01.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a791bddf64e032cc49941dc2eba79c1346ba37b32d4be9acc63abb2643cc422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 20:44:11 GMT
x-content-type-options: nosniff
age: 491008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 644
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 May 2024 20:44:11 GMT

GET
H3 200 300x250_ZN_Range_text_01_02.png
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 486 B
516 B 95ms
92ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_text_01_02.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a272f5ad880412d2337908257f33241b65a6d0bbff745bf3752b1d66e0781514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:58:46 GMT
x-content-type-options: nosniff
age: 223733
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 486
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 22:58:46 GMT

GET
H3 200 300x250_ZN_Range_text_01_03.png
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 763 B
793 B 102ms
98ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_text_01_03.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cbe00cc7557498845d55c1c32df378da128743b06bb6bc9b2af2af142beb5bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:58:46 GMT
x-content-type-options: nosniff
age: 223733
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 763
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 22:58:46 GMT

GET
H3 200 300x250_ZN_Range_text_02_01_01.png
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 1 KB
1 KB 91ms
87ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_text_02_01_01.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd79e4c8d7ffdd71d8790cb804978f011cac067718f363cdeda887e34947b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:03:45 GMT
x-content-type-options: nosniff
age: 227034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1410
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 22:03:45 GMT

GET
H3 200 300x250_ZN_Range_text_02_02_01.png
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 218 B
246 B 89ms
85ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_text_02_02_01.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d64cbbee56a7ac4037731942f74e80bc6f7044c6c9e5667dc8ac15fd0c8ef08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:20:06 GMT
x-content-type-options: nosniff
age: 485253
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 218
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 May 2024 22:20:06 GMT

GET
H3 200 300x250_ZN_Range_text_02_01_02.png
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 2 KB
2 KB 90ms
86ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_text_02_01_02.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fd6a726662c515878453612def3bab16559fb6bb33b1ebaf50708a311952401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:03:45 GMT
x-content-type-options: nosniff
age: 227034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1561
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 22:03:45 GMT

GET
H3 200 300x250_ZN_Range_PS_01.png
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 7 KB
7 KB 106ms
103ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_PS_01.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7068eeade96f50e60559ce657a5f220dbb11de37f1db2f449c5417fe679d885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 22:20:06 GMT
x-content-type-options: nosniff
age: 485253
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7141
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 May 2024 22:20:06 GMT

GET
H3 200 300x250_ZN_Range_PS_03.png
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 6 KB
6 KB 104ms
100ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_PS_03.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24c7796f3b3c9b051f952a478d7a5df944d83ff0ad7efb64130dd7af275c439c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:03:45 GMT
x-content-type-options: nosniff
age: 227034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6466
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 22:03:45 GMT

GET
H3 200 300x250_ZN_Range_PS_02.png
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 8 KB
8 KB 111ms
108ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_PS_02.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6510df06a5fc59708e70510ef5b649004ae66f6c497741d58dabb223b5aef9f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:14:27 GMT
x-content-type-options: nosniff
age: 226392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8563
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 22:14:27 GMT

GET
H3 200 300x250_ZN_Range_stoerer_01_01.png
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 481 B
515 B 116ms
112ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_stoerer_01_01.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fd76ea1aecdb515ce204d1d197f7cca3373f2cf12c1d844a22ac4bc697d2a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:03:45 GMT
x-content-type-options: nosniff
age: 227034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 481
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 22:03:45 GMT

GET
H3 200 300x250_ZN_Range_stoerer_01_02.png
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 759 B
794 B 118ms
114ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_stoerer_01_02.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c274d3c8508b96ddeb7a0f570316486d5fa96da90cdf758e33e55e2e6ef09102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:03:45 GMT
x-content-type-options: nosniff
age: 227034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 759
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 22:03:45 GMT

GET
H3 200 300x250_ZN_Range_stoerer_01_03.png
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 813 B
847 B 117ms
113ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_Range_stoerer_01_03.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

280de5c42a75c9865c1bc0cb75c22c790ab35d98c1d06256a0656d1fabdc3212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:03:45 GMT
x-content-type-options: nosniff
age: 227034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 813
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 22:03:45 GMT

GET
H3 200 300x250_ZN_CI_logo.png
tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/ Frame AE7F 310 B
345 B 119ms
115ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1127099419693903220/Zentis_Manieren_Range_300x250_CAD/assets/300x250_ZN_CI_logo.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e76432c7710cb02ca0d891c67a2faa7d68040e1e1885ba68906233577d65a68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 20:18:20 GMT
x-content-type-options: nosniff
age: 319759
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 310
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:15:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 May 2024 20:18:20 GMT

GET
H3 200 container.html Show response
b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A55B 6 KB
3 KB 38ms
38ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305170101/pubads_impl.js?cb=31074711

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:38 GMT
expires: Wed, 22 May 2024 13:07:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F4B1 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaLeMm7psZNSVFLO71fAP9a6q2AjPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgSNAk_Qdj9cs1d6YHp--hVeTfsWZI49IYJ646eAZPeBvHflhgGdLWRbhHZrf9oG-Pvyb5bV-e_1N3_QNYlYE8dInMfpr3ZqBXi9nj4kYtlLoLmjDfYIn5EvUluqIau9IEgLN09jnhCC0_oIOBkoQ5XBCdYBdswEM0MVVfUnz4yjaohQO2IBRwakcVygmEhXOSGljdxP2oF7fZsYSafm3Y48go70OP5T4HpswsZcJDWKuJ3kbFoEXSsrElMShIW3oopPe4ifxBFOuyUKHBQBvvelpl-Bd6s9nQjiraWGS9CbcQC_UlL17O9_UEz9KOcJRDsSiX7Da88UWMscyR7ZjqFqYUyEVtfGflNJMtRuqMdo4AQBgAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=dyb0hgClH4k&uach_m=[UACH]&cid=CAQSOwBygQiD0WvZewovCAeyf09d2QkieKoCCEUmgVh6NFdVeGLQN4CXOuAjKYNsOGOxUYHQbXgiYxh5tVyYGAE&tpd=AGWhJmuFTDMia3Vst_JdJp-ZKKFVl0L8r27IM5uuX_-WaU28fU4zeOEySpJpKoSP2Zch5t1wPOucl8HzHg68rnUawNw8ebkBw__-qz-Ns3cvE9SaCCg0bqnGnBpni1w0umX64MB5tfYLVln_aJjkTGwNUDYlSBZFaOmLhVXK-IIldZgVMjz8hueJuQeFwN9GhE8-Voww47leBA98MZOgAgdy4Bbx2e1AJOg8AnkyBxky-x0N9LPXnWTPjHI8q3qwc_T5W73pQaTlQCe8Z4mWdKdElI0dTJNH2d89uPdMOmxIcw5bFdxmHjxEsoZF_XnEIWaHh2bcwSmX0v0eD5CixHVVKS1WX9f45H-_n-XZl9Lnj95uXVTvFCHg0occdByFTAsnSz44_t9D0jSb6b4I8GvANj2yytAxF8veFQfyK5kjwlcwuMKpjESqvpQtFgs42tGUFtwH392M84RQ76qeFa7ObG8qmL4G7OE8uaNe04NIINLks3SbX35vI0vH-JOt09AHDuTylqNsuPD8gOleP-DFy5_n5xTFEhv9gxe1rxpQ2Z-uhXculdjFb4cU9rpspAZMtUowi-5hB6DH_6tANeMCihurR4Hj4DFsbAA5f6HsrwP1JxEkuoPE6_xOArasOaOO0gWKejtfrZS0mi8uRMGxI413G7qvHoDmk7WHUVqXGlK5UWlDUnV6b7rro5q2jDU5r72OWdA84jonkLCG3IHmD47VUg4a2Dwar3rol9riZfM5ynfNS3uPvSeUdDaWb01Lk_z0he1uzcfSXL3ZjpOW9oiy6usiPt4DTOCOGU8yRDbLgSlSlPqWJomAUay-CE9bxsfXxemLY81uywYJkHYK6-7H-wvGMoYKNx2Nf5mrwn1AJGMfRwMzQqa9vh7lY5sXxOcJAfCV16nikT5zqReQLJUCDnWh7CvzAJip8mBIinVup6sFdRboUUlFUBcQ3BtcxaPWMkk54pNzr28g9ZnndRkbiD7dc54uxYN3SNeJfWBAWxp6aeMZuy_Z2KEckg_HJ39s-hUeiV7yngjsgDhHjzdtGdfJC8o1fyzCLxNF2MixOXt6RNCy5G13cW4RdbpLbkdV7rAXqRQ5dLgxzH8ojYC4gh6qm6q21JMLtPy55A
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame F4B1 3 KB
2 KB 73ms
34ms Script
application/x-javascript 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXprM1lXUXpaR1l0TURabFl5MDROVGhpTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY2MTg4Nzk3NzczMjc1OTM2My82NjIyMzI0LzQ1NjIzMDYvNC9ESFNDM3Nsb1NycWg5enJyUjFEdTU3SFhVeEIzZG1lNGZGV3pRU2lxbm5rLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY2MTg4Nzk3NzczMjc1OTM2My96cmgvMC8zNzEvNjMvOTk5LzE2Mi8yYTAzOjFiMjA6Njo6LzAuMDAwLzE2ODQ4NDcyNTkvMTY4NDg1OTg1OS80L3B1Yi03OTgzNjUxMjU3ODM4MjgyLw/y3R7bTm9Mjk00E6lWzKVwGk2UK4&nodeid=3814&group=zrh&auctionid=661887977732759363&pbs_auctionid=661887977732759363&shardkey=661887977732759363&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.59&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_AAUm7psZNSVFLO71fAP9a6q2AjPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgSQAk_Qdj9cs1d6YHp--hVeTfsWZI49IYJ646eAZPeBvHflhgGdLWRbhHZrf9oG-Pvyb5bV-e_1N3_QNYlYE8dInMfpr3ZqBXi9nj4kYtlLoLmjDfYIn5EvUluqIau9IEgLN09jnhCC0_oIOBkoQ5XBCdYBdswEM0MVVfUnz4yjaohQO2IBRwakcVygmEhXOSGljdxP2oF7fZsYSafm3Y48go70OP5T4HpswsZcJDWKuJ3kbFoEXSsrElMShIW3oopPe4ifxBFOuyUKHBQBvvelpl-Bd6s9nQjiraWGS9CbcQC_UlL17O9_UA7_CXWl-J8VBNqLwBdU9zsB3RRlhI9ygPFEFng8301lKnr3FMDlwMso4AQBgAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04zIkCI3rE5u4OXgPbOTuw3t9YIA%26client%3Dca-pub-7983651257838282%26adurl%3D
Requested by: Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.388.2 /
Resource Hash: f33ab5f2e3eb62a05a0916751f424e6c0ebbbc92aa16f518090e121fb085d8b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:39 GMT
x-mm-nodeid: 3814
Content-Encoding: gzip
x-mm-bid-request-time: 1684847259
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Tue, 23 May 2023 13:07:39 GMT
Server: MMBD/3.388.2
x-mm-latency: 1 (1)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: zrh-router-x25, zrh-bidder-x78
x-mm-lag: 0
Expires: Tue, 23 May 2023 13:07:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame F4B1 3 KB
1 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 10:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 10:58:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame F4B1 19 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:56:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F4B1 0
0 47ms
46ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6uSIam9EK9a7nC3WpyUCvgTaAI99N7oiYrk1sJV4wMF26N3LGN7wRSUOekDMVf1pkBq4PWWmibTVcvkTBZPjH2MLTJA
Requested by: Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F4B1 24 KB
6 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 22 May 2024 08:18:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4B1 171 KB
53 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:39 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F9F7 24 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 22 May 2024 08:18:28 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F9F7 135 KB
46 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cd3bc1f0399dd34a7e2652b1e831bbeaa6ca3ce85b5ae818a6d6f65cf96c8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Origin: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47301
x-xss-protection: 0
server: cafe
etag: 2417119966457097848
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9F7 171 KB
53 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:39 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6221 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CpCzhm7psZP3aFPrI1fAP-tiW6Ai6iLSPXJzX7u6pCMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgSdAk_QU3hzkeyUzn-w8D8cOa2Ap4XbunFClYLKbtuJ8adNC5woo-M8n_t4q81rnYwmqZbzOhml_UKUQyMddITdrIxasCi763bQWxC7P-S7vvGYXjnvypTYquZlF8O5aSzuoV8IZIfDykq8CBf09Tu74AxZ22ojbmiaHsgdsjo74XAJrol1jXrGM8pqWQ5Ja0eyJniCntDr_LIm7q9TN9powrvsGElr9ycBE0TUxS4nihQGdt9lVsQPWsXVHE1til25QpN2KjZMJ7dnmzMAbUtU-B8UhAZOVfjo9QqSK6I6V89WFqZx0XcGa8pQFUqPIukTR1Y2NJIvSI1uOWmIsgqjbC6SYTNRhTuVDUCbzVeIDIXXO2Jp6WILsRs9yrYxhOAEAYAG0cmll-ullpXrAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=n94hItT9cYM&uach_m=[UACH]&cid=CAQSOwBygQiDFdqQZ3ptx4OWinCZ17FUQ1iRIiKIgJGWsLK2Ff0CAm4KlouOnTjVWo-FHdn50gq0qT5ubUZ4GAE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H/1.1 200 a.gif Show response
i.w55c.net/ Frame 6221 42 B
582 B 56ms
10ms Fetch
image/gif 3.64.145.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=REQyQUM3QTgxRTU1OTcxQUI1QURDMTJBQkU2QTkyRkR8R0ZmNzQ2SVJRY3wxNjg0ODQ3MjU5NDU2fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfC0xODY4ODAxMTIyX0VYfDQwODg1fHx8fC4wUHxVU0Q&ei=GOOGLE&wp_exchange=ZGy6mwAFLX0IFWR6AAWseo1w_YOR1GF2CjYtGw&ac=WFMwUE56aXZTMTpYU1pHTkNKTWpzfDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCOCMwLjY4Nzc4Njh8SUFCOC04IzAuNDcwODAyMDR8SUFCOC05IzAuMDc5Nzc2NjV8SUFCOC03IzAuMDY5Nzc2NjU&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=ye-mek.net&s=https%3A%2F%2Fye-mek.net&ts=1684847259458&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-HE&rnd=3437914103233039&epid=R0wxNTIyMg&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1jYU9UR0ZnRw&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=0&euid=Q0FFU0VONXJMSF8tUWZkT1JZeHJReE9IZmw0&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=TDmkteXevwzLUbmEjbzRUQ&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEN5rLH_-QfdORYxrQxOHfl4&spidu=GOOGLE&pidu=15222&hmpvu=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.145.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-145-154.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-777-g304ac51#rel-ec2-master i-085c90e762a864cb4@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:07:39 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-777-g304ac51#rel-ec2-master i-085c90e762a864cb4@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame 6221 5 KB
3 KB 76ms
7ms Script
text/javascript 192.229.233.53
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRzobPsLhV&btid=REQyQUM3QTgxRTU1OTcxQUI1QURDMTJBQkU2QTkyRkR8R0ZmNzQ2SVJRY3wxNjg0ODQ3MjU5NDU2fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfC0xODY4ODAxMTIyX0VYfDQwODg1fHx8fC4wUHxVU0Q&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEN5rLH_-QfdORYxrQxOHfl4&spidu=GOOGLE&pidu=15222&hmpvu=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.53 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) /

Resource Hash

6a88e0d82ba2998038cc86adc47bfb48d21e6114e18d97f0ecd05f5df519a95f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000; includeSubDomains
last-modified: Wed, 23 Feb 2022 16:57:18 GMT
server: ECS (frb/67DF)
age: 504454
etag: "3321997696"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: no-cache, must-revalidate
accept-ranges: bytes
content-length: 2391
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 XassetrGVaWW53.png
ads.w55c.net/t/d/ Frame 6221 43 KB
44 KB 77ms
8ms Image
image/png 2600:9000:2491:5800:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.w55c.net/t/d/XassetrGVaWW53.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=REQyQUM3QTgxRTU1OTcxQUI1QURDMTJBQkU2QTkyRkR8R0ZmNzQ2SVJRY3wxNjg0ODQ3MjU5NDU2fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfC0xODY4ODAxMTIyX0VYfDQwODg1fHx8fC4wUHxVU0Q&ei=GOOGLE&ac=WFMwUE56aXZTMTpYU1pHTkNKTWpzfDB8MHxFVVI7&js=0&ob=0&ccw=SUFCOCMwLjY4Nzc4Njh8SUFCOC04IzAuNDcwODAyMDR8SUFCOC05IzAuMDc5Nzc2NjV8SUFCOC03IzAuMDY5Nzc2NjU&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fye-mek.net&ts=1684847259458&c=DE&r=G-HE&epid=R0wxNTIyMg&mi=d2Vi&wp_exchange=NWP

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:5800:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

96e22a33f827f042ac4b239c21f468a17c87545df3f6b90e100d3a91b253a1e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: 77muH8mujF9NEC9ipS.55iMMWqUaEtvK
date: Tue, 23 May 2023 07:10:51 GMT
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: FRA56-P7
age: 21408
x-amz-server-side-encryption: AES256
x-amz-meta-width: 728
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 44534
x-amz-meta-height: 90
content-length: 44534
last-modified: Wed, 03 May 2023 17:26:36 GMT
server: AmazonS3
etag: "ccf751b21647e448aa5dadd8c05f5ac6"
vary: Accept-Encoding
content-type: image/png
cache-control: must-revalidate
accept-ranges: bytes
x-amz-cf-id: aRiExpXIcUVyN41ZLa36L8a_Nn2RhOCxDnKanOHayWZDECT0r7n6Qg==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame 6221 95 B
920 B 152ms
36ms Image
image/png 154.58.197.185
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=3437914103233039
Requested by: Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 , United States, ASN174 (COGENT-174, US),
Reverse DNS: staticip-hv4m185.hispavista.com
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:39 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Fri, 20 May 2033 13:07:39 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 6221 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 10:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 10:58:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 6221 19 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:56:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6221 0
0 48ms
46ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2EswG3idog3Xdx5v28gPa4nRRzMIPefGPjlWN24MHAHAn5EIsv4pgEyhWJAI67bjORWCaUPNvEKTO5LTcWxU6wh-J9g
Requested by: Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6221 24 KB
6 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 22 May 2024 08:18:28 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6221 171 KB
53 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:39 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CDE1 261 B
122 B 84ms
78ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYicia3gEwAQ&v=APEucNV7WXCDQaCU8GEOFPjHi8ZrptQlXlAZYhLomfzppvCJ3wso9m9JDhc09pzMgqyIJoev_YXJQY_OO_KontkRkUsh_mTWXhYAek0GjE5ViIe0l60gA6JgCIHTwaYa4cGeSkAyXbC91DSABKHhN6XeF-8NUhqPvjt3EvGpuhATck6B8ycG7ts

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DEE2 78 KB
27 KB 132ms
128ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DEE2 42 B
63 B 78ms
72ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CsdSF8x11J4VzZppLvqEqeT5qHtpdR5vAGT5zpWloYC_6P2bx9kya2VNNbS5yHvAHo9H1Sc20iDVAj-kNFgyaPjpWlgmBK_xuWlTSiYNe4-lIgsds

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DEE2 0
20 B 78ms
72ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1006406856720700683&x=8&ct=76

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1352960/69587979/xbbe/creative/ Frame DEE2 250 KB
76 KB 110ms
29ms Script
application/javascript 52.17.198.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1352960/69587979/xbbe/creative/adj?p=APEucNVqL6oAgioxGD8L0DyOT5YPZmBp5eyf8WrkQ25ro_9dx29sOtw&d=CokBAKAmf-Ax032E6sWhAuve125y9Pz5NRQdxn6oqLNoOWcBZcWBDlLqcCiaGkPAm7JziWz-nxX9-UqSCC3EncQeHBjxCDBpSKt-iIljbPritxo3Ma3fF7eq3rKqYR8ROujr3K93Tuz2ssBZnkV8KMo7B6O-c8SQOktafKBxrPfs2Pa15L00rhsOeKYSuQ4AoCZ_4Gyvb39cs1sAjEFuEz-pxZcdXLJJKFV8rhQy-zlZE0YT9AExIyRjndXcgc41oUi4mxLSqpx1g1WbwDF0IGsGyis63eKwkBgT2Xu1-3-tuKIaialG-Ed7P5XthjpSA_VRKaPHD3Zh_41JQbpZ7JKj2DXUSxZUumAUDN8fItj6hBUuuBVCcdWQTBSl60bomcy0dMhXMtwkbPJugj0rFby1CiW02jji6ha20BoUlMbO2MuOPZXCa5LjoE0axEgv5caFFpcwknYtj6T6odJUal7peQG4rRIipjKJtOQ9Zfj1oObOcYE-chpkeGmTC3O8ve2yV0arVRSx1xcpZo-Ha5C97gA-BTkGuweXjzSaG8f7qHjhsKAhzzNIXoKVQA-bOX70DPdqwnZlCfhQgI8eHq_SFsD394fdNPfnxRE7Lwj_8ApzHRuRCDTv2Vks7tlxUv_iLtou4INQ8Y6XXFJrXyGaPi9Ch55JIcp8LEaYLQolzFg-yVXKDUh_TKoylWAyShw_gSeqtiAXrhXMDKhNEpNPbNWlulGFF5IbaV5GyTH1jKb3TPfXIaXH8i-PzSbAzO3OyK7_zYk2xHhvQp_RLWBdL6EOLiWwl-rmLozJG-amxx9bX2w7TvXrxBowDMqUjRKXb_QVZIcfeLpFmQDe7nfHJiLrXkOsYPFVwAPMTyY1hHmKFgtr6KHPZ2fAyh7Cs94gLgC1SiPspIY_6hXQQaqJrWOkbjdOwu7wThsat1ax4onJwnNMhsEhVFN2HUR2tlnMlawXJZMTNHZlJRJ5U2WWTbxnZUTOJOKfnb5HY5lueA28ayandeuJ5BUe6w8iCzw06WdGIqH2i1lHcG3kJjR5eb1hc-XUOyces7lL03UOnRCGp14xce5QsNre-M27IddnevYXqpis5legeQKfP9weE71KKn40MDSeHN0i2tM4qU51mMS2cQzKnoLh44UllwPoi8AZP-IqxuVrP3-CsJsCH1cCi8Fp05ikgfTJVMD0TmYB0mDAW1qq6iNyNmEtvhlzbRrmFNmESoKKUYkIJweEFE5LsRME_anD38XuvhkuGR_KerqivGwonPn3-6Ifg-2EOqcloCD7SMAyxnYD_wElNpwcwr5dQZnUs5rIl--LPsemuwZOxFvkOnRAb1AD65pn4iNDrRDRUCxjxUN7KgqWV8z95Lmc4w_WnNuuQ-P26Y1YXg3GODvpRDrmnVMjLJZ-2LVCuuhdyHUhylvJTI9wd-R1p5b5bAJ6KiKrtZ9SYInoEruaS8Q6-lHg6deF3GUhzOYGfxcvCeAmTIsyYIOXjBpEBdN6c-tX96v7uAo0cUQOwlSMJXhhysAtOpd-d4W-lZCS7XOZsYb5-1oGt2z5d4aL0SUR82FCbU6d0ro-f6F4drzZqAoBmMdBL1bMi2uX8TiaNa-OqoG1bdAg-2fFu5Pi-Yek6xofnm-f8f2Ac-Uc1PNLidIp905-u9c7OfNPSE2MTfQgZou_0zZjU0bYX8TnG3s57LAniQMWf2JIz8uG3B6Il2vOF-klgZtI0VvuX5pMVZqyP27C38ipmEam6bI4hbh5RIAvol3BuDrehHikW9YsU1bY0_3OEShaMS2HMpvwGmYgNpNR-OptUumgvjgQVhxYUuuqydhrDc_CCCfOaekWeJCrmg5COfZoqJGyPdTsoLuTQiuKRpGZMTJqv08aqJ91dy4Uwn0p-cIQJg5OF625ZzxU_JQP3EQSq6QwXyUURdjhX1dYLwzn3wVa3-6xwtvHz_pFPTkWFg_wDEOauXXrP7tNOJs8Uo_3Jd_toLQMAvp8Td_IY1UkkDkBQMNOREshWi13wXPBHpYjCIP-M2bf3UhPXU3Gb2uClpStoCkxdwpd423MgeZ_gwWAbGNHT8-vzdYcgj_73chs9PGydJbgk-J3nTGOGK8Tq5K8jRay0uen3BrvXWPZPquG_HC3-TgzvpeSzCOkSGHAumWr5QQ9LPRJPJVxgV_xsRALuB93TYQBqsR1nOq5UNaMVr7L8iBN8UHmb8XqtsLuFCATC1FbpDsT3uqaH_7P6WzvKHEWNz1NFYsfjKl0Or_29G4wDuh7pdBjeDkxYF0NDrZV1BARwI-5z2P2wWJc6ybWPA0f2v4j1iiMgVa4O9NgE8tKPxWO3KetUHdvbkzFqrekFo_etdZHO6XOC6_ZUE8wIkpa872R66LShkv9ksGLt-j9oX2Sim22TBGHbveh6IHmm_phI8-ezim9ehh9e2RixodDukUDfbjjKu61yNA9JzbwLRtza9odVktD9Go-dfDTnQd76nrnifjvnCG5Cu0Dn8PKCHeY8XJf6G_JrE4DeT1i4jBGl2yikS87vmWoL9iiKixqEvL07XlGj1Mqj6NkJkAsDcbq_ZuEPWUoG6HHnydYnvVkFmnP2wJmN885zBpsxqfOwRBvtYMpcvxvHnb5-ToME7uPp7OCAcNePXT_b5KVKv6OGjgIBBIyAHKBCIORuqxTEtqxNcnhx84-hM4c4aeFh_gn50k8yrE701Fq__3RUXozwITEgsV2790YAWAB&bundleId=&ias_dspID=3&ias_campId=1010578566&ias_pubId=13760&ias_chanId=8&ias_placementId=19682516548&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j9btiaEiQXm_AGeDHzK5BE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.198.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-198-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d2cf600195ec60caa0033acdc2453fc2189fc6714f4d3d2845ce87fe2552a937

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 be7242db-d8dc-4f51-a5f2-68877ab82f7e
beacon-ams3.rubiconproject.com/beacon/d/ Frame DEE2 43 B
227 B 84ms
15ms Image
image/avif 2602:803:c003:200::47
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/be7242db-d8dc-4f51-a5f2-68877ab82f7e?oo=0&accountId=13760&siteId=333016&zoneId=1746730&sizeId=9&e=6A1E40E384DA563B2C4CB499A5ADCA2E94CF769B16716D99761FA64C544F7FAFD8D96A6512A3D8D2A4BCAE74751B3FB7B8B520C669668569BE9253C952820278A675F889E61816FAA2092253E258CDDAC2E7E3D2CA8D32AF4B4AEB2501EE71D96114793302B5F06351B1D7FFAB7C5C6ADDE9F7EEE56D700FF50EA256AAD29356F1CA1D67F7645BF222684043C0C719123BDB6B34213C276878149918C8BC53849E6BEFAB3B203247F67D95523EEB7436981CB3F7E0F3B26742584CA04B63589D

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::47 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A55B 0
0 86ms
80ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CtJNom7psZITMFeXNxgOZipqgDrqItI9cnNfu7qkIwI23ARABIABgleKQgqAHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwGqBJ8CT9CiZPTej4Nep_b65993XDDKbOtLC7w1zsgQAiEOJiBkmj6Y9Z2_PSGAQVySU7ggEh13CUZTLC_SsNYsX2vCtDhCzBFGaITaPbC28WABYpQATAS9fNVioR-i4-pyVqU3cZdxzRRqiiuJdwT2_GT92UlpWwwEJ-rJEueJgIV5JEmK8L06udCfMC4xf2qumh41DHWeLZfyIS48K0JYjn0x3Tma0hrQgrv1j5swaodpj22r2DlYuZ2cm_gSFHKayaH_72UE5ktczlsURSfP0LFsBjVdX2sm525IZ49sliNpnRMBKJrYEt_jlu8jWPh9oNcRQDkLIOObaoBcIib-yCfXWjec31nf9CjQ3HG5vMRrWvK5IZCnW6sGK6Uq53uHrgzgBAGABtHJpZfrpZaV6wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc5ODM2NTEyNTc4MzgyODIY6sFt&sigh=zU9Dm0GP-sU&uach_m=[UACH]&cid=CAQSOwBygQiD4NGHEQEpaMZxyVcz8tuVFPyn0P3ysVkDiRMO6VUEQCjYlnbrXNPIVcOrzTmtn6dqaB9uY2t8GAE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H/1.1 200 a.gif Show response
i.w55c.net/ Frame A55B 42 B
582 B 38ms
9ms Fetch
image/gif 3.64.145.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=NDZDRjdDMzE0Nzg3RDQxMUMyRjE2MzJEQjcyRDY2RjN8R0ZKNHJWMjY3OHwxNjg0ODQ3MjU5NDk4fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDExMTg2MzUyNjVfRVh8NDA5NDl8fHx8LjBQfFVTRA&ei=GOOGLE&wp_exchange=ZGy6mwAFZgQKcablAAaFGXYXHKQEaQ5u5J_p8Q&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCOCMwLjY4Nzc4Njh8SUFCOC04IzAuNDcwODAyMDR8SUFCOC05IzAuMDc5Nzc2NjV8SUFCOC03IzAuMDY5Nzc2NjU&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=ye-mek.net&s=https%3A%2F%2Fye-mek.net&ts=1684847259502&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-HE&rnd=5210340285509295&epid=R0wxNTIyMg&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1jYU9UR0ZnRw&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=0&euid=Q0FFU0VPZHNTaVZSUmMySng0UVRzUHdmVVFZ&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=SQUAgn9zXjFTD37kNtKK2A&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEOdsSiVRRc2Jx4QTsPwfUQY&spidu=GOOGLE&pidu=15222&hmpvu=398374e8-5faf-4290-9894-ef180fe047bf&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.145.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-145-154.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:07:38 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame A55B 5 KB
2 KB 62ms
11ms Script
text/javascript 192.229.233.53
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRzobPsLhV&btid=NDZDRjdDMzE0Nzg3RDQxMUMyRjE2MzJEQjcyRDY2RjN8R0ZKNHJWMjY3OHwxNjg0ODQ3MjU5NDk4fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDExMTg2MzUyNjVfRVh8NDA5NDl8fHx8LjBQfFVTRA&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEOdsSiVRRc2Jx4QTsPwfUQY&spidu=GOOGLE&pidu=15222&hmpvu=398374e8-5faf-4290-9894-ef180fe047bf&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.53 Granada Hills, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67DF) /

Resource Hash

6a88e0d82ba2998038cc86adc47bfb48d21e6114e18d97f0ecd05f5df519a95f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000; includeSubDomains
last-modified: Wed, 23 Feb 2022 16:57:18 GMT
server: ECS (frb/67DF)
age: 504454
etag: "3321997696"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: no-cache, must-revalidate
accept-ranges: bytes
content-length: 2391
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 XassetrGVaWW53.png
ads.w55c.net/t/d/ Frame A55B 43 KB
44 KB 66ms
15ms Image
image/png 2600:9000:2491:5800:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.w55c.net/t/d/XassetrGVaWW53.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=NDZDRjdDMzE0Nzg3RDQxMUMyRjE2MzJEQjcyRDY2RjN8R0ZKNHJWMjY3OHwxNjg0ODQ3MjU5NDk4fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDExMTg2MzUyNjVfRVh8NDA5NDl8fHx8LjBQfFVTRA&ei=GOOGLE&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCOCMwLjY4Nzc4Njh8SUFCOC04IzAuNDcwODAyMDR8SUFCOC05IzAuMDc5Nzc2NjV8SUFCOC03IzAuMDY5Nzc2NjU&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fye-mek.net&ts=1684847259502&c=DE&r=G-HE&epid=R0wxNTIyMg&mi=d2Vi&wp_exchange=NWP

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:5800:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

96e22a33f827f042ac4b239c21f468a17c87545df3f6b90e100d3a91b253a1e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: 77muH8mujF9NEC9ipS.55iMMWqUaEtvK
date: Tue, 23 May 2023 07:10:51 GMT
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: FRA56-P7
age: 21408
x-amz-server-side-encryption: AES256
x-amz-meta-width: 728
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 44534
x-amz-meta-height: 90
content-length: 44534
last-modified: Wed, 03 May 2023 17:26:36 GMT
server: AmazonS3
etag: "ccf751b21647e448aa5dadd8c05f5ac6"
vary: Accept-Encoding
content-type: image/png
cache-control: must-revalidate
accept-ranges: bytes
x-amz-cf-id: PgoobmiBxwloOcKj_cZubexzAVHgAg6_AXN6mLOzrQssLdQK5-Izkw==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame A55B 95 B
920 B 156ms
41ms Image
image/png 154.58.197.185
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=5210340285509295
Requested by: Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 , United States, ASN174 (COGENT-174, US),
Reverse DNS: staticip-hv4m185.hispavista.com
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:39 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Fri, 20 May 2033 13:07:39 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame A55B 3 KB
1 KB 45ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 10:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 10:58:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame A55B 19 KB
8 KB 46ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:56:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A55B 0
0 51ms
45ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxYLrzBCEOGf_nWji0bX6xakp18n5-9uZF6Xichf6N1vRsnRLV9toch-aGoDUSLLyDIjKzIFLxV9dcLrg4vj7gsKzY_Q
Requested by: Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A55B 24 KB
6 KB 48ms
42ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 08:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 22 May 2024 08:18:28 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A55B 171 KB
53 KB 95ms
90ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:39 GMT

GET
H/1.1 200
OK k2vt83281pvm Show response
hal9000.redintelligence.net/zone/ Frame F4B1 10 KB
4 KB 55ms
12ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/k2vt83281pvm?subid=&gdpr=1&gdpr_consent=li&rnd=661887977732759363&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DPno9EGFWa76HB2IWh5JYKA%26exch_seat%3D20035004448%26mt_aid%3D661887977732759363%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3507646c-ba9b-4301-aef2-a4ebce43877f%26mt_cid%3D3507646c-ba9b-4301-aef2-a4ebce43877f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_AAUm7psZNSVFLO71fAP9a6q2AjPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgSQAk_Qdj9cs1d6YHp--hVeTfsWZI49IYJ646eAZPeBvHflhgGdLWRbhHZrf9oG-Pvyb5bV-e_1N3_QNYlYE8dInMfpr3ZqBXi9nj4kYtlLoLmjDfYIn5EvUluqIau9IEgLN09jnhCC0_oIOBkoQ5XBCdYBdswEM0MVVfUnz4yjaohQO2IBRwakcVygmEhXOSGljdxP2oF7fZsYSafm3Y48go70OP5T4HpswsZcJDWKuJ3kbFoEXSsrElMShIW3oopPe4ifxBFOuyUKHBQBvvelpl-Bd6s9nQjiraWGS9CbcQC_UlL17O9_UA7_CXWl-J8VBNqLwBdU9zsB3RRlhI9ygPFEFng8301lKnr3FMDlwMso4AQBgAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_04zIkCI3rE5u4OXgPbOTuw3t9YIA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 1255571b23bc5e9c900000b4181bcaf7653353ef6ea0f7c9b8084761b8eb9278

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:39 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3466
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame F4B1 49 B
329 B 46ms
15ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=661887977732759363&node_id=3814&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXprM1lXUXpaR1l0TURabFl5MDROVGhpTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY2MTg4Nzk3NzczMjc1OTM2My82NjIyMzI0LzQ1NjIzMDYvNC9ESFNDM3Nsb1NycWg5enJyUjFEdTU3SFhVeEIzZG1lNGZGV3pRU2lxbm5rLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY2MTg4Nzk3NzczMjc1OTM2My96cmgvMC8zNzEvNjMvOTk5LzE2Mi8yYTAzOjFiMjA6Njo6LzAuMDAwLzE2ODQ4NDcyNTkvMTY4NDg1OTg1OS80L3B1Yi03OTgzNjUxMjU3ODM4MjgyLw/y3R7bTm9Mjk00E6lWzKVwGk2UK4&nodeid=3814&group=zrh&auctionid=661887977732759363&pbs_auctionid=661887977732759363&shardkey=661887977732759363&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.59&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_AAUm7psZNSVFLO71fAP9a6q2AjPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgSQAk_Qdj9cs1d6YHp--hVeTfsWZI49IYJ646eAZPeBvHflhgGdLWRbhHZrf9oG-Pvyb5bV-e_1N3_QNYlYE8dInMfpr3ZqBXi9nj4kYtlLoLmjDfYIn5EvUluqIau9IEgLN09jnhCC0_oIOBkoQ5XBCdYBdswEM0MVVfUnz4yjaohQO2IBRwakcVygmEhXOSGljdxP2oF7fZsYSafm3Y48go70OP5T4HpswsZcJDWKuJ3kbFoEXSsrElMShIW3oopPe4ifxBFOuyUKHBQBvvelpl-Bd6s9nQjiraWGS9CbcQC_UlL17O9_UA7_CXWl-J8VBNqLwBdU9zsB3RRlhI9ygPFEFng8301lKnr3FMDlwMso4AQBgAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04zIkCI3rE5u4OXgPbOTuw3t9YIA%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.388.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:39 GMT
Server: MMBD/3.388.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x64, zrh-bidder-x78
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 23 May 2023 13:07:38 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame F4B1 43 B
415 B 72ms
25ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=661887977732759363&v3=651871&v4=4562306&v5=6622324&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXprM1lXUXpaR1l0TURabFl5MDROVGhpTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY2MTg4Nzk3NzczMjc1OTM2My82NjIyMzI0LzQ1NjIzMDYvNC9ESFNDM3Nsb1NycWg5enJyUjFEdTU3SFhVeEIzZG1lNGZGV3pRU2lxbm5rLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY2MTg4Nzk3NzczMjc1OTM2My96cmgvMC8zNzEvNjMvOTk5LzE2Mi8yYTAzOjFiMjA6Njo6LzAuMDAwLzE2ODQ4NDcyNTkvMTY4NDg1OTg1OS80L3B1Yi03OTgzNjUxMjU3ODM4MjgyLw/y3R7bTm9Mjk00E6lWzKVwGk2UK4&nodeid=3814&group=zrh&auctionid=661887977732759363&pbs_auctionid=661887977732759363&shardkey=661887977732759363&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.59&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_AAUm7psZNSVFLO71fAP9a6q2AjPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgSQAk_Qdj9cs1d6YHp--hVeTfsWZI49IYJ646eAZPeBvHflhgGdLWRbhHZrf9oG-Pvyb5bV-e_1N3_QNYlYE8dInMfpr3ZqBXi9nj4kYtlLoLmjDfYIn5EvUluqIau9IEgLN09jnhCC0_oIOBkoQ5XBCdYBdswEM0MVVfUnz4yjaohQO2IBRwakcVygmEhXOSGljdxP2oF7fZsYSafm3Y48go70OP5T4HpswsZcJDWKuJ3kbFoEXSsrElMShIW3oopPe4ifxBFOuyUKHBQBvvelpl-Bd6s9nQjiraWGS9CbcQC_UlL17O9_UA7_CXWl-J8VBNqLwBdU9zsB3RRlhI9ygPFEFng8301lKnr3FMDlwMso4AQBgAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04zIkCI3rE5u4OXgPbOTuw3t9YIA%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 851 9bd98ae master zrh-pixel-x9 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:39 GMT
Server: MT3 851 9bd98ae master zrh-pixel-x9 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 23 May 2023 13:07:38 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame F4B1 49 B
329 B 47ms
17ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=661887977732759363&st=4562306&time=1684847259&nodeid=3814
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWXprM1lXUXpaR1l0TURabFl5MDROVGhpTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY2MTg4Nzk3NzczMjc1OTM2My82NjIyMzI0LzQ1NjIzMDYvNC9ESFNDM3Nsb1NycWg5enJyUjFEdTU3SFhVeEIzZG1lNGZGV3pRU2lxbm5rLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY2MTg4Nzk3NzczMjc1OTM2My96cmgvMC8zNzEvNjMvOTk5LzE2Mi8yYTAzOjFiMjA6Njo6LzAuMDAwLzE2ODQ4NDcyNTkvMTY4NDg1OTg1OS80L3B1Yi03OTgzNjUxMjU3ODM4MjgyLw/y3R7bTm9Mjk00E6lWzKVwGk2UK4&nodeid=3814&group=zrh&auctionid=661887977732759363&pbs_auctionid=661887977732759363&shardkey=661887977732759363&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.59&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_AAUm7psZNSVFLO71fAP9a6q2AjPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgSQAk_Qdj9cs1d6YHp--hVeTfsWZI49IYJ646eAZPeBvHflhgGdLWRbhHZrf9oG-Pvyb5bV-e_1N3_QNYlYE8dInMfpr3ZqBXi9nj4kYtlLoLmjDfYIn5EvUluqIau9IEgLN09jnhCC0_oIOBkoQ5XBCdYBdswEM0MVVfUnz4yjaohQO2IBRwakcVygmEhXOSGljdxP2oF7fZsYSafm3Y48go70OP5T4HpswsZcJDWKuJ3kbFoEXSsrElMShIW3oopPe4ifxBFOuyUKHBQBvvelpl-Bd6s9nQjiraWGS9CbcQC_UlL17O9_UA7_CXWl-J8VBNqLwBdU9zsB3RRlhI9ygPFEFng8301lKnr3FMDlwMso4AQBgAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_04zIkCI3rE5u4OXgPbOTuw3t9YIA%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.388.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:39 GMT
Server: MMBD/3.388.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x78, zrh-bidder-x78
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 23 May 2023 13:07:38 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F9F7 0
0 85ms
83ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8TSG8GZObeMp2x1MnEolMk8UymcxXJ-S1QZtQCxJJPyoqrq9Dgj4cs7e3eQq4l5BH391uMyzbKHgULjsHq1Ts_kE36VtQyr1nqC3zA0AtRnmdm3EtWd8KgZOai3X6QZBALZwcB4Do2dEFBJbEJ3XNISbJpVPvXApFCUz97GVnNI7USTi1ysw3RFG4qN1_pLXV_BGdnDGod28bDhFDqGDyyTGmSAj1oCnaDSU8G-twH_SBW3IQ3BPIpaa-PE-MbCgzS8Sw0kpSmC-jCOAElTN8zi6rxEmTUrXzy9ZkcQYY9FwBg35WOi1Gvg_RSSbZhnd1fsu7zXiFR2Azh3fw3f0RtafbSoaS3V3MBHLoHYKJfqf4PgM&sai=AMfl-YTeIFyjJMjQWaaXArRDBhct-78KdGhRad3F7c6a3t9lLVoF4Pe-HSsGAPSoY5MGKweEDispFhppqWuWAyqzU5UmuCD_DuEt_SlXoeIUge-4R3mxIKK1KXiUQT6dWw&sig=Cg0ArKJSzPzZAX3VD3KNEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F9F7 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01eaf56b886e74da86df78a5c7601b51cc8c47f7090dcba5ae94aa94960c9534

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame CDE1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEAuKdh2T0evQtE8MR35nnG0&google_cver=1

0
400 B

149ms
91ms

Image
text/plain

23.209.16.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEAuKdh2T0evQtE8MR35nnG0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYicia3gEwAQ&v=APEucNV7WXCDQaCU8GEOFPjHi8ZrptQlXlAZYhLomfzppvCJ3wso9m9JDhc09pzMgqyIJoev_YXJQY_OO_KontkRkUsh_mTWXhYAek0GjE5ViIe0l60gA6JgCIHTwaYa4cGeSkAyXbC91DSABKHhN6XeF-8NUhqPvjt3EvGpuhATck6B8ycG7ts
Protocol: HTTP/1.1
Server: 23.209.16.125 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-16-125.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:07:40 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 22 May 2023 13:07:40 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEAuKdh2T0evQtE8MR35nnG0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame CDE1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEFoHx8drBdd_guXMK_86ChI&google_cver=1&adform_v=1

43 B
163 B

70ms
21ms

Image
image/gif

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEFoHx8drBdd_guXMK_86ChI&google_cver=1&adform_v=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYicia3gEwAQ&v=APEucNV7WXCDQaCU8GEOFPjHi8ZrptQlXlAZYhLomfzppvCJ3wso9m9JDhc09pzMgqyIJoev_YXJQY_OO_KontkRkUsh_mTWXhYAek0GjE5ViIe0l60gA6JgCIHTwaYa4cGeSkAyXbC91DSABKHhN6XeF-8NUhqPvjt3EvGpuhATck6B8ycG7ts
Protocol: H2
Server: 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
last-modified: Wed, 11 Oct 2017 13:39:07 GMT
server: nginx
accept-ranges: bytes
etag: "59de1efb-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEFoHx8drBdd_guXMK_86ChI&google_cver=1&adform_v=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK analytics.js Show response
s.h.w55c.net/2/948461/ Frame 6221 6 KB
3 KB 166ms
29ms Script
text/javascript 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE&pp=15222&ti=&pv=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8

Requested by

Host: cti.w55c.net
URL: https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRzobPsLhV&btid=REQyQUM3QTgxRTU1OTcxQUI1QURDMTJBQkU2QTkyRkR8R0ZmNzQ2SVJRY3wxNjg0ODQ3MjU5NDU2fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfC0xODY4ODAxMTIyX0VYfDQwODg1fHx8fC4wUHxVU0Q&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEN5rLH_-QfdORYxrQxOHfl4&spidu=GOOGLE&pidu=15222&hmpvu=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-133-238.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4f6d7dfda0b7d79932ef6764a0fa33df2f75751807df541416af20df4a0dca3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:07:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2877
Expires: 0

GET
H/1.1 200
OK analytics.js Show response
s.h.w55c.net/2/948461/ Frame A55B 6 KB
3 KB 167ms
30ms Script
text/javascript 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE&pp=15222&ti=&pv=398374e8-5faf-4290-9894-ef180fe047bf&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8

Requested by

Host: cti.w55c.net
URL: https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRzobPsLhV&btid=NDZDRjdDMzE0Nzg3RDQxMUMyRjE2MzJEQjcyRDY2RjN8R0ZKNHJWMjY3OHwxNjg0ODQ3MjU5NDk4fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDExMTg2MzUyNjVfRVh8NDA5NDl8fHx8LjBQfFVTRA&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEOdsSiVRRc2Jx4QTsPwfUQY&spidu=GOOGLE&pidu=15222&hmpvu=398374e8-5faf-4290-9894-ef180fe047bf&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-133-238.eu-west-1.compute.amazonaws.com

Software

Resource Hash

55592eb1d316bcfe139203029a57b5ee4e62815281f0034a760bc26a3ad43d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:07:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2872
Expires: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/ Frame F9F7 354 KB
120 KB 111ms
110ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f1598fe2c1a3446919fc63c7acaf254062ad8dd18ebd4f82a006df240e89724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122582
x-xss-protection: 0
server: cafe
etag: 1479698720531344979
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:40 GMT

GET
H/1.1 200
OK request.php Show response
hal90003.redintelligence.net/ Frame F4B1 3 KB
2 KB 124ms
70ms Script
application/x-javascript 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=14446d8189&subid=&uid=633ecff411a3db95&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DPno9EGFWa76HB2IWh5JYKA%26exch_seat%3D20035004448%26mt_aid%3D661887977732759363%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3507646c-ba9b-4301-aef2-a4ebce43877f%26mt_cid%3D3507646c-ba9b-4301-aef2-a4ebce43877f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_AAUm7psZNSVFLO71fAP9a6q2AjPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgSQAk_Qdj9cs1d6YHp--hVeTfsWZI49IYJ646eAZPeBvHflhgGdLWRbhHZrf9oG-Pvyb5bV-e_1N3_QNYlYE8dInMfpr3ZqBXi9nj4kYtlLoLmjDfYIn5EvUluqIau9IEgLN09jnhCC0_oIOBkoQ5XBCdYBdswEM0MVVfUnz4yjaohQO2IBRwakcVygmEhXOSGljdxP2oF7fZsYSafm3Y48go70OP5T4HpswsZcJDWKuJ3kbFoEXSsrElMShIW3oopPe4ifxBFOuyUKHBQBvvelpl-Bd6s9nQjiraWGS9CbcQC_UlL17O9_UA7_CXWl-J8VBNqLwBdU9zsB3RRlhI9ygPFEFng8301lKnr3FMDlwMso4AQBgAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_04zIkCI3rE5u4OXgPbOTuw3t9YIA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fb7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=7080333811168&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/k2vt83281pvm?subid=&gdpr=1&gdpr_consent=li&rnd=661887977732759363&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DPno9EGFWa76HB2IWh5JYKA%26exch_seat%3D20035004448%26mt_aid%3D661887977732759363%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3507646c-ba9b-4301-aef2-a4ebce43877f%26mt_cid%3D3507646c-ba9b-4301-aef2-a4ebce43877f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_AAUm7psZNSVFLO71fAP9a6q2AjPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgSQAk_Qdj9cs1d6YHp--hVeTfsWZI49IYJ646eAZPeBvHflhgGdLWRbhHZrf9oG-Pvyb5bV-e_1N3_QNYlYE8dInMfpr3ZqBXi9nj4kYtlLoLmjDfYIn5EvUluqIau9IEgLN09jnhCC0_oIOBkoQ5XBCdYBdswEM0MVVfUnz4yjaohQO2IBRwakcVygmEhXOSGljdxP2oF7fZsYSafm3Y48go70OP5T4HpswsZcJDWKuJ3kbFoEXSsrElMShIW3oopPe4ifxBFOuyUKHBQBvvelpl-Bd6s9nQjiraWGS9CbcQC_UlL17O9_UA7_CXWl-J8VBNqLwBdU9zsB3RRlhI9ygPFEFng8301lKnr3FMDlwMso4AQBgAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_04zIkCI3rE5u4OXgPbOTuw3t9YIA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3a527933c9136ddef89280ef38201adb15247ebc6bfedc0e2ece46867914544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:07:40 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 15561500089055600951395012333003
Connection: close
Content-Length: 1101
Expires: Tue, 23 May 2023 14:07:40 +0200

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FD7E 1 KB
643 B 42ms
38ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 10:33:36 GMT
etag: 48472445140208031
expires: Wed, 24 May 2023 10:33:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6221 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc2760150f05cdc7be23406859aad48288beb4c7a9782b505500551d2e51dfc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9952 1 KB
643 B 39ms
37ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 10:33:36 GMT
etag: 48472445140208031
expires: Wed, 24 May 2023 10:33:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A55B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b517d56d42eaae0c6e18100fbd3c738f17160a88a5a305329ea2560ad0697ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DEE2 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4042162531056&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DEE2 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4042162531056&version=m202301230201&ct=76&x=8&cor=1006406856720700700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DEE2 17 KB
12 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLhw1A1ce1yDCwsIg9366znNOM3XCCp8SgjWnz8mHMlC9xGkqbO58YqGGkutmMlSmeEtfhYTXuADVV2PXmC5hcFD6fYyS6rh01SgbgiM-vPKRf8Re7WI7SdOih7pYLDcOG9BJQQ3NG30zL758fSzyGIwXQwOmpCSQMbcIr-xiPcIKuA9c&cry=1&dbm_d=AKAmf-BdFA1nTBv-uVjAzEqSuiZcWruHVZl_mZ3q7BaYfXme3hzk7l8uRV-sBUYDZivh_mgXhx_fL5I22fkhlON27mBHl-oCEUZzKC6BXtkhU0I0w3NpMKwXmjMFNZzZpNjVlvwwxAfsHKFXMSMBYZf6tu1CzsCQAVcCb7EpGB6KrFbLhyqlZ7Hu7RcZwn21ujtTgFnX5FBocDOl7avBMVn96_um1rTgasnAH83Ba6-Ly8o5JFw8K0IW-2urot88REZORztHMSIBRwBgTITKzHOBtJdxbBuKJBM2TsNMDF0CXB_yuoY_MAwdQHP7PL-QHA7U2vfM7soQBuI9ME733SkSV6KJxRqyJsCv1U-O38nuVjvZH7PAM7CRBgNX95NTT7hRDsoSBtbWDIWWaa-CIVpI7y1m9nu59D5YTZWeMvdCN5OTIS7Xqhq-ylEZxZQb5Q75UnfbXabQmijE75qnNMb8RyKVMmygKptqkWWazhfnVeEmGkmgKNi9HH3LMB14OJGd7nhpFwYo8NyDqGZTsuvw_TuoULB2xLWeH_6Jm9CoXQ3ry2xhqY-QTzCe_pupdYOS9ivYzgNDc2zWHDo_THeqUX42h1dkR1pzjj4mehs_aZWG9cu5-q5i373795wo6cCo9bZ465BB3kgk5845mfgh4zM-S-QH4W53hDo6vgMHpqD0wYEfj_eFWDHUGcnA2PbIL9l1xBNn9XHwBHK8ntHVcO7CdbMJOra5pTBzwhsi9x55u94npOCFYUYuGfCnXGwCfmnDKxniKVxQ3Tb7irReEN1k7NzM7uKbAmtw9WN6VqKB9eWtmxAviBaK2ATPdTiJjf_L0kQNeO3N_Ob9zsmJrDUDPfSNWlXWaKCRWF07DSG-3eDtjqwZIyPtyaODGeZWk140z7QD1XjqUFb04qdXIBqhMkxbUIPmg2pNvkebcaACkH38lKtowlsxT9q_mXeaPxrokghe5AZC5_GI2HtIOmLSXeOrT0AyRbOFEVKqeV-tN6U3-ESl7zKDjmZHAJAzn4PH0FzqvGYGfGNHW1RGlRkc65ZgL3vEvQEDJCfxzTIUKnW3oba80SlW9gs5D35U-GiyHXJ8we4cPAS5NbHM_047fU7X2Mw7ZPzButqJlUBau9SMXNnOH-wwCy2VaNYkvy8kev2Etf0RhmPRMUQXFMwMNHxSbPYMCb8Hq4V5rbf9XYWWOLM4bS2yRsDlKVGoG27Gp8YB8HJauWm41_HfMl0bt0pQOu7pqVV0ShJOmIB-WMn6zU-wZTnd4-Aud-EHvEXbP11LvVhsyr585R6AYtPCncvR5QZ1TagrOX0U9pgYveBb8rINqirPizd0HNQxk46zdK5vOmNC9k_SHc9OIoNMaPHO7_7kbRv3K4CDwGX-Isykxt_jMpLBGCDw1XJ14Sdvf-A_w-2IOnwwuZ347qC3fydSNcWrsUxgxlD9MuPiA9KKW3w3Br4ByQBH5qhxdwXGl7jH4IVqAvcHTIjr1VRW95PYH1KW52YfTYXSv8__Vp8vPCmCJhXpOEX92KGF-bTctcU9cyYJYtD622WMbpCpXmyWmBZYBr7Ex9AD6HF2jVFhvbv2dEBGaOn9igsl5lbQ2nL5QPkydfOxhz9QJDTi1orQTuk3zp0-xnboiTg4QIuQUkZE6NRhi9jfMsEHfFA2Uu670q3fBJLVIwKk95eJGAEHPKRunsnN8XdnVhm40W8z8PIbORUYB3PQXoftUerq5e-HEQlt4Z0PpEtSkpw9_owKKWaW0OJMcGyGxLHxhJpx0wVLAhSemfvIbTbxXNOsPFoqGKQ5urOmKsMy-eUj-VmHFJnW75Sv_IU-7aqqppLhZTc_ir0snfaq9JNdxtgrBBEXyNZ9CYGiv0QNmmCALIsOsmGn_trfk6-yihLf_iw9njqiNjhR9bYMfgBsRmPXUlXtmwCSPXZda_Jnkb7TVrKrOCY4n1EUgRIk7aNIe5b9t0WZn811d4A-Z3HPp4iB6WjRomWiZGrgWvoStir5ES1WE1EjLY5OyHx2VH3NTb8Pl_vCjexXPS1XR-Qm3CZeDjKZfO2OVNDgzYV-ONqugw9N0H-kRB7KJrP87AYXSDYsKsrnvkO5a70efY60yU_3hup6LOuOJvXxwaWUW8_UnkfAnasNXKVV1GTiXicBAQij3WIZOyMDgoFD5FwLNl0oBMUNrmdrA42OZwhC3PdmwO_1SGxTQ8y9by0Hc_a8zo6bVKgKWcePNeyywF_iaHTdLqre9UNxXfsKEYf6aZSeieFGFzGRaREBDjx_IXaSIqrpQ_oCiZx4651eOdl7WRxXcCVT97G-EGsKR6pOoLD49p0QoNfzea9vUdxoLzwnR-zwbK6KlqM4cChkZshcb3B2Ny68MfRfqWJOPYij9-TfH-jyQ9MTR5KJ87iMFzclZAAhldKb1IsRMDScc4jilA3h4NYsXquRb-1pkz_6ZeyeC6anAL0pQNw7MBXQ_pALQB_nfgTMZUOA_7fwzRJmqsSq4YoSUWnEvjjwZiuxzBt4Q9qRmsYd_hnDt4b6mHGYFJuK2f7GnTWlc91dfZBRsdybKG8N3MmqxiexNqa5X8bVJ969wmsmj35Q1cho-YL3Hnh5UDQxLQmka_gyedsUH-12E4B-cMx3MltBZ4wmFpz3kClsNkjNopp5nupsR9SfwXC-klu-mGHsnb6OzYa1eCUGpzn6xUEMNSnQxHMH0wQYAK-dsZR2oQwWV_YA4Oo6sZD6P9Fmtk-OVknvMAz7zbTKHVtu5XXsTCDnoTFTygLds86xvNUov1thwF2UBpC_Yfc_0dXF3DlrkvU-bsbFtAdy2b9lBzIxAnBEEX-HSQDjPtVq7UOY8bJjNAYyHYzKkqiKY9-Fkz1iOsBfAVQU4IFtp9uB&pr=8%3AFC591CAEA1A37F1E&cid=CAQSMgBygQiDkbqsUxLasTXJ4cfOPoTOHOGnhYf4J-dJPMqxO9NRav_90VF6M8CExILFdu_dGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=1006406856720700700&adk=1499032284&idt=144&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c9dee4608395b5a185e7de95a28ae62d2c5376bbaa28b6edd88a5895abc29bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12446
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame FD7E 0
104 B 136ms
66ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELwE6IUhHZjLqwv6lLs3M7c&google_cver=1&google_push=ATf1kGMunFnv-JrgAafdDSfqYNZ2h98GZTMDEF3ueI_MLixhvm16Lhjrd22xim0nNHNrsNYrcO0fzVpNS-DtNm9hHq9FeDqguRTr
Requested by: Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD7E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJ2w90EBqFbP02CWft2UyZo&google_cver=1&google_push=ATf1kGMjKSQ3JD8eZcQBTYNGiSvg64XmmosjOpMb-tK0G7fUq6p8nQRKgfRVcvKzpv1iFthVyf5prLz3IpdS-P6S...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=NQdkbLqbQwGu8qTrzkOHfw&google_push=ATf1kGMjKSQ3JD8eZcQBTYNGiSvg64XmmosjOpMb-tK0G7fUq6p8nQRKgfRVcvKzpv1iFthVyf5prLz3IpdS-P6SKBU7wQSM...

170 B
188 B

57ms
56ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=NQdkbLqbQwGu8qTrzkOHfw&google_push=ATf1kGMjKSQ3JD8eZcQBTYNGiSvg64XmmosjOpMb-tK0G7fUq6p8nQRKgfRVcvKzpv1iFthVyf5prLz3IpdS-P6SKBU7wQSMmzAK

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 23 May 2023 13:07:40 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x33 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=NQdkbLqbQwGu8qTrzkOHfw&google_push=ATf1kGMjKSQ3JD8eZcQBTYNGiSvg64XmmosjOpMb-tK0G7fUq6p8nQRKgfRVcvKzpv1iFthVyf5prLz3IpdS-P6SKBU7wQSMmzAK
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 23 May 2023 13:07:39 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD7E
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEtgI3DCzUjbJoqjpEiNFS4&google_cver=1&google_push=ATf1kGMxWMAlYZ7s7OP0Nya_NIhdKrBqFonGYSsm3zaajVasBZIYJYt65qdzdnkUuSY7si6tAuNPhboWVsq3h0p53Z30...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEtgI3DCzUjbJoqjpEiNFS4&google_cver=1&google_push=ATf1kGMxWMAlYZ7s7OP0Nya_NIhdKrBqFonGYSsm3zaajVasBZIYJYt65qdzdnkUuSY7si6tAuNPhboWVsq3h0...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=32596f40-645d-40ac-a8ea-62df78517b9a&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOCuybqgan_tIq0Qn-rjbzR3GqQWkMko-GKxC8BjuPGYE-AbpJwnxHJ0tU4NDREnFIVkl51UjkdsH6oDrm-0SpTxrY1vgDkpDgkr2sPBAia1CNNLsvJENO80i0f4_KyX7...

170 B
188 B

52ms
51ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOCuybqgan_tIq0Qn-rjbzR3GqQWkMko-GKxC8BjuPGYE-AbpJwnxHJ0tU4NDREnFIVkl51UjkdsH6oDrm-0SpTxrY1vgDkpDgkr2sPBAia1CNNLsvJENO80i0f4_KyX7IxU7hNodBOP7i0KUKUKRko97w&google_hm=m28ck1DOTMGlMuvE2dUkbw==

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOCuybqgan_tIq0Qn-rjbzR3GqQWkMko-GKxC8BjuPGYE-AbpJwnxHJ0tU4NDREnFIVkl51UjkdsH6oDrm-0SpTxrY1vgDkpDgkr2sPBAia1CNNLsvJENO80i0f4_KyX7IxU7hNodBOP7i0KUKUKRko97w&google_hm=m28ck1DOTMGlMuvE2dUkbw==
date: Tue, 23 May 2023 13:07:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame FD7E 43 B
363 B 56ms
16ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEC7G7hp4LROw-hkdg2nvOoQ&google_cver=1&google_push=ATf1kGN8s1w4WrcZcftPBIa9-Ph45n7ATOC_5QdjgA7gyvhfY-8bCpfCbG6FXa1I4Z5VgbMuBEBokC8Els-Rg7UYwclyHRAyRDcL

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 209049
expires: Tue, 23 May 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD7E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENuTeFAWgClerBSLWaiv1jI&google_cver=1&google_push=ATf1kGN_xyGFdYtHF5dAO5yeeIhitjt1sGow57c9wGC3SCcOeTT6lYWfsD9dzNSkcPOXVJPv3dungUfC...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENuTeFAWgClerBSLWaiv1jI&google_cver=1&google_push=ATf1kGN_xyGFdYtHF5dAO5yeeIhitjt1sGow57c9wGC3SCcOeTT6lYWfsD9dzNSkcPOXVJPv3du...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk4MDE1NTI3MDY0MTY5NzYz&google_push=ATf1kGN_xyGFdYtHF5dAO5yeeIhitjt1sGow57c9wGC3SCcOeTT6lYWfsD9dzNSkcPOXVJPv3dungUfC...

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk4MDE1NTI3MDY0MTY5NzYz&google_push=ATf1kGN_xyGFdYtHF5dAO5yeeIhitjt1sGow57c9wGC3SCcOeTT6lYWfsD9dzNSkcPOXVJPv3dungUfCM4GKyVAhlIJirk2aejvl

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk4MDE1NTI3MDY0MTY5NzYz&google_push=ATf1kGN_xyGFdYtHF5dAO5yeeIhitjt1sGow57c9wGC3SCcOeTT6lYWfsD9dzNSkcPOXVJPv3dungUfCM4GKyVAhlIJirk2aejvl
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD7E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGz6whgvy4GfmMDUvkrM5KY&google_cver=1&google_push=ATf1kGPBce738G94a2Df25bKInUg8-2l_i5uFBunuB9mjQJBeo-jSfVlf6F37xuv7Gz6S6CMALa...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=ATf1kGPBce738G94a2Df25bKInUg8-2l_i5uFBunuB9mjQJBeo-jSfVlf6F37xuv7Gz6S6CMALaqEBYGGqCOVRvI1F1C8M-LnoMe

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=ATf1kGPBce738G94a2Df25bKInUg8-2l_i5uFBunuB9mjQJBeo-jSfVlf6F37xuv7Gz6S6CMALaqEBYGGqCOVRvI1F1C8M-LnoMe

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=ATf1kGPBce738G94a2Df25bKInUg8-2l_i5uFBunuB9mjQJBeo-jSfVlf6F37xuv7Gz6S6CMALaqEBYGGqCOVRvI1F1C8M-LnoMe
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD7E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGOGp0romDGsjeCg1ehG-YMGxp93lFFRsDEIK-_6H9JmfwWQE8Un4r6S2sSte9r8PrZ_rtHuDsN4c8ypLDTSpuvRN7sBdITV&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-eb139c6c-b774-4d87-950b-2a3793942c6d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGOGp0romDGsjeCg1ehG-...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGOGp0romDGsjeCg1ehG-YMGxp93lFFRsDEIK-_6H9JmfwWQE8Un4r6S2sSte9r8PrZ_rtHuDsN4c8ypLDTSpuvRN7sBdITV&google_hm=A-sTnGy3dE2HlQsqN5OULG0

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGOGp0romDGsjeCg1ehG-YMGxp93lFFRsDEIK-_6H9JmfwWQE8Un4r6S2sSte9r8PrZ_rtHuDsN4c8ypLDTSpuvRN7sBdITV&google_hm=A-sTnGy3dE2HlQsqN5OULG0

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGOGp0romDGsjeCg1ehG-YMGxp93lFFRsDEIK-_6H9JmfwWQE8Un4r6S2sSte9r8PrZ_rtHuDsN4c8ypLDTSpuvRN7sBdITV&google_hm=A-sTnGy3dE2HlQsqN5OULG0
date: Tue, 23 May 2023 13:07:40 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXeb139c6cb7744d87950b2a3793942c6d003
content-type: text/html

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FD7E 0
50 B 48ms
47ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J95a7G-rFJkj2jZ1YOdZ3exS7hm0cXaCArcEQ0ZfS_8CsoefoPt9uYKh7ero0mMs_-Ue5b

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 / Show response
adv.office-partner.de/ Frame 4E11 930 B
931 B 49ms
6ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=14446d8189&subid=&uid=633ecff411a3db95&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DPno9EGFWa76HB2IWh5JYKA%26exch_seat%3D20035004448%26mt_aid%3D661887977732759363%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3507646c-ba9b-4301-aef2-a4ebce43877f%26mt_cid%3D3507646c-ba9b-4301-aef2-a4ebce43877f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_AAUm7psZNSVFLO71fAP9a6q2AjPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgSQAk_Qdj9cs1d6YHp--hVeTfsWZI49IYJ646eAZPeBvHflhgGdLWRbhHZrf9oG-Pvyb5bV-e_1N3_QNYlYE8dInMfpr3ZqBXi9nj4kYtlLoLmjDfYIn5EvUluqIau9IEgLN09jnhCC0_oIOBkoQ5XBCdYBdswEM0MVVfUnz4yjaohQO2IBRwakcVygmEhXOSGljdxP2oF7fZsYSafm3Y48go70OP5T4HpswsZcJDWKuJ3kbFoEXSsrElMShIW3oopPe4ifxBFOuyUKHBQBvvelpl-Bd6s9nQjiraWGS9CbcQC_UlL17O9_UA7_CXWl-J8VBNqLwBdU9zsB3RRlhI9ygPFEFng8301lKnr3FMDlwMso4AQBgAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_04zIkCI3rE5u4OXgPbOTuw3t9YIA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fb7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=7080333811168&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Tue, 23 May 2023 13:07:40 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Tue, 30 May 2023 13:07:40 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame 4D08 208 B
575 B 184ms
101ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=15561500089055600951395012333003&gdpr=1&gdpr_consent=li

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=14446d8189&subid=&uid=633ecff411a3db95&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DPno9EGFWa76HB2IWh5JYKA%26exch_seat%3D20035004448%26mt_aid%3D661887977732759363%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3507646c-ba9b-4301-aef2-a4ebce43877f%26mt_cid%3D3507646c-ba9b-4301-aef2-a4ebce43877f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_AAUm7psZNSVFLO71fAP9a6q2AjPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgSQAk_Qdj9cs1d6YHp--hVeTfsWZI49IYJ646eAZPeBvHflhgGdLWRbhHZrf9oG-Pvyb5bV-e_1N3_QNYlYE8dInMfpr3ZqBXi9nj4kYtlLoLmjDfYIn5EvUluqIau9IEgLN09jnhCC0_oIOBkoQ5XBCdYBdswEM0MVVfUnz4yjaohQO2IBRwakcVygmEhXOSGljdxP2oF7fZsYSafm3Y48go70OP5T4HpswsZcJDWKuJ3kbFoEXSsrElMShIW3oopPe4ifxBFOuyUKHBQBvvelpl-Bd6s9nQjiraWGS9CbcQC_UlL17O9_UA7_CXWl-J8VBNqLwBdU9zsB3RRlhI9ygPFEFng8301lKnr3FMDlwMso4AQBgAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_04zIkCI3rE5u4OXgPbOTuw3t9YIA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fb7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=7080333811168&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e1490cf313d37ceb7160fdb0f5b19a5f59cb9c259bc84999a96bba736824658d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 208
Content-Type: application/javascript; charset=utf-8
Date: Tue, 23 May 2023 13:07:40 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: B9D59BBA:9124_91EFC182:01BB_646CBA9C_DB95D55:6DD8

GET
H2

200

htlp Show response
futalis.de/ Frame 0CDE
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=15561500089055600951395012333003&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2744357715

350 B
401 B

61ms
20ms

Document
text/html

49.12.22.42
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2744357715
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=14446d8189&subid=&uid=633ecff411a3db95&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DPno9EGFWa76HB2IWh5JYKA%26exch_seat%3D20035004448%26mt_aid%3D661887977732759363%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3507646c-ba9b-4301-aef2-a4ebce43877f%26mt_cid%3D3507646c-ba9b-4301-aef2-a4ebce43877f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_AAUm7psZNSVFLO71fAP9a6q2AjPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgSQAk_Qdj9cs1d6YHp--hVeTfsWZI49IYJ646eAZPeBvHflhgGdLWRbhHZrf9oG-Pvyb5bV-e_1N3_QNYlYE8dInMfpr3ZqBXi9nj4kYtlLoLmjDfYIn5EvUluqIau9IEgLN09jnhCC0_oIOBkoQ5XBCdYBdswEM0MVVfUnz4yjaohQO2IBRwakcVygmEhXOSGljdxP2oF7fZsYSafm3Y48go70OP5T4HpswsZcJDWKuJ3kbFoEXSsrElMShIW3oopPe4ifxBFOuyUKHBQBvvelpl-Bd6s9nQjiraWGS9CbcQC_UlL17O9_UA7_CXWl-J8VBNqLwBdU9zsB3RRlhI9ygPFEFng8301lKnr3FMDlwMso4AQBgAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_04zIkCI3rE5u4OXgPbOTuw3t9YIA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fb7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=7080333811168&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-3.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 23 May 2023 13:07:40 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2744357715
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame F4B1 2 KB
2 KB 124ms
54ms Script
text/html 18.133.36.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=15561500089055600951395012333003&nw=1
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.36.104 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 1f461b2da22d1f60b766a23e9fbc8736ae23ec81c2caa40410cedcdd2bf6b99d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
last-modified: Tue, 23 May 2023 13:07:40 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 23 May 2023 13:08:40 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90003.redintelligence.net/ Frame 18C5 7 KB
2 KB 34ms
12ms Document
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request_content.php?s=15561500089055600951395012333003&a=5331974d
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=14446d8189&subid=&uid=633ecff411a3db95&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DPno9EGFWa76HB2IWh5JYKA%26exch_seat%3D20035004448%26mt_aid%3D661887977732759363%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3507646c-ba9b-4301-aef2-a4ebce43877f%26mt_cid%3D3507646c-ba9b-4301-aef2-a4ebce43877f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_AAUm7psZNSVFLO71fAP9a6q2AjPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgSQAk_Qdj9cs1d6YHp--hVeTfsWZI49IYJ646eAZPeBvHflhgGdLWRbhHZrf9oG-Pvyb5bV-e_1N3_QNYlYE8dInMfpr3ZqBXi9nj4kYtlLoLmjDfYIn5EvUluqIau9IEgLN09jnhCC0_oIOBkoQ5XBCdYBdswEM0MVVfUnz4yjaohQO2IBRwakcVygmEhXOSGljdxP2oF7fZsYSafm3Y48go70OP5T4HpswsZcJDWKuJ3kbFoEXSsrElMShIW3oopPe4ifxBFOuyUKHBQBvvelpl-Bd6s9nQjiraWGS9CbcQC_UlL17O9_UA7_CXWl-J8VBNqLwBdU9zsB3RRlhI9ygPFEFng8301lKnr3FMDlwMso4AQBgAaqm6rjrtqSk7sBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_04zIkCI3rE5u4OXgPbOTuw3t9YIA%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fb7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=7080333811168&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 35acf11535bd52990555f28aa70d7c6ca1715a7501b1a6c95ef7a56c16b365cc

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2041
Content-Type: text/html; charset=utf-8
Date: Tue, 23 May 2023 13:07:40 GMT
Expires: Tue, 23 May 2023 14:07:40 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame F4B1
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=15561500089055600951395012333003&gdpr=1&gdpr_consent=li
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=15561500089055600951395012333003&gdpr=1&gdpr_consent=li
https://ad-server.eu/wm/pb/native.png

68 B
312 B

169ms
28ms

Image
image/png

54.76.176.197

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Server: 54.76.176.197 -, , ASN (),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:09:37 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Tue, 23 May 2023 13:07:40 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BBA:9124_91EFC182:01BB_646CBA9C_DB95D65:6DD8
X-IPLB-Instance: 40027
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 9952 0
103 B 115ms
67ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKRrb_J3ZqSd4M0VhCk3bIs&google_cver=1&google_push=ATf1kGPZrfrseVJzc8642Fi2PblWuo5ptaeI7-R1tISL6407kIKKQRSxT5mS8eXj4V_wRp9UZvJFIoZW7eyNuXd0nYo3RjhfVaAK
Requested by: Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9952 70 B
265 B 101ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEL3bSqXITyDf8xvHHErfFNA&google_cver=1&google_push=ATf1kGM95ZzEKx6-cq6MaVh7EMM1e7ZNKXYpmc4Tzff87tU1SKHCwq0JmOEm8mbkfstWnfKyW-7gHmDQNA8BudhbRwHOK31jDfyZ
Requested by: Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 9952 43 B
362 B 35ms
17ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEG7quD94saO6X6qIwADkt_Y&google_cver=1&google_push=ATf1kGO3ufucJUWbOKMnPcTLhOco9YmQHVK3k9CseoU2SPak3UXYuxM-KV0W-sSZyaSn65S3PWyhxpM7Bi5Wegd_DZnbjfLQK3lp

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 305831
expires: Tue, 23 May 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9952
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHqFwE0xQwbB9qJYQgEWyxI&google_cver=1&google_push=ATf1kGNygWxYZB66nkVRxgCGjVoz7RfughS12hYL4l10WECIcdvh2xPKCUQQprmNAReaCjUFxMO...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=ATf1kGNygWxYZB66nkVRxgCGjVoz7RfughS12hYL4l10WECIcdvh2xPKCUQQprmNAReaCjUFxMOzmJv4DrUssjJvnKkin6Wn3ZcN

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=ATf1kGNygWxYZB66nkVRxgCGjVoz7RfughS12hYL4l10WECIcdvh2xPKCUQQprmNAReaCjUFxMOzmJv4DrUssjJvnKkin6Wn3ZcN

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=ATf1kGNygWxYZB66nkVRxgCGjVoz7RfughS12hYL4l10WECIcdvh2xPKCUQQprmNAReaCjUFxMOzmJv4DrUssjJvnKkin6Wn3ZcN
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9952
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE--mreT81qJ2hdUOVUa5Bg&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEE--mreT81qJ2hdUOVUa5Bg&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE--mreT81qJ2hdUOVUa5Bg&google_hm=ZGy6nE-Ye17gdau6GWFZIAAADKAAAAIB&google_nid=index&google_push=ATf1kGN0GCwV3TTr1UHiAGtMqFSH4L28DbpLZ...

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE--mreT81qJ2hdUOVUa5Bg&google_hm=ZGy6nE-Ye17gdau6GWFZIAAADKAAAAIB&google_nid=index&google_push=ATf1kGN0GCwV3TTr1UHiAGtMqFSH4L28DbpLZtb8zELoRxi74IdpE0oLXAydraqtg3pbQeG_7jWXkFeBm6H-bgJJtvLXo852DJOY

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:07:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE--mreT81qJ2hdUOVUa5Bg&google_hm=ZGy6nE-Ye17gdau6GWFZIAAADKAAAAIB&google_nid=index&google_push=ATf1kGN0GCwV3TTr1UHiAGtMqFSH4L28DbpLZtb8zELoRxi74IdpE0oLXAydraqtg3pbQeG_7jWXkFeBm6H-bgJJtvLXo852DJOY
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9952
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELFibEghm1I55q9MdkUd89Y&google_cver=1&google_push=ATf1kGNea8L43IQ7XeNap_lBEY16bOa9IB3ZU1sUvNhPEB_iaR1XxnYp_PG7qPeeyQ7zsO98l63pWsa9AlSJRwKV...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNea8L43IQ7XeNap_lBEY16bOa9IB3ZU1sUvNhPEB_iaR1XxnYp_PG7qPeeyQ7zsO98l63pWsa9AlSJRwKVx03Uvm2L5-Y

170 B
188 B

55ms
55ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNea8L43IQ7XeNap_lBEY16bOa9IB3ZU1sUvNhPEB_iaR1XxnYp_PG7qPeeyQ7zsO98l63pWsa9AlSJRwKVx03Uvm2L5-Y

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 23 May 2023 13:07:40 GMT
via: 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNea8L43IQ7XeNap_lBEY16bOa9IB3ZU1sUvNhPEB_iaR1XxnYp_PG7qPeeyQ7zsO98l63pWsa9AlSJRwKVx03Uvm2L5-Y
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: MHrsQp9fT0IJRJQm1Se7KYj6Tc6EZGACzwMi4SMBrC97HswTi5nxcw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9952
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECGokHhxY...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECG...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=9b6f1c93-50ce-4cc1-a532-ebc4d9d5246f&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

54ms
52ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=9b6f1c93-50ce-4cc1-a532-ebc4d9d5246f&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=9b6f1c93-50ce-4cc1-a532-ebc4d9d5246f&%%GOOGLE_PUSH_PAIR%%
date: Tue, 23 May 2023 13:07:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9952 0
49 B 47ms
45ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K6Zw_TzpyVINl_itrnem9DmCWywKhWvby7mCEZKm0RjRLewnTXxgLfJNwWkXnM9LpSdvzRDQ

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/ Frame 6221 0
145 B 114ms
28ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/postback?oz_pl=1&dt=9484611597092707615000&pd=avt&pp=15222&md=1&ui=&ap=&ti=&pv=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&to=3&si=&dm=728x90&gt=DE&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE&pi=XRzobPsLhV&ac=Xmwo1n97Q8&de=2&ci=948461&psv=2.93.0&_x=1
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE&pp=15222&ti=&pv=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:39 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.h.w55c.net/2/2.93.0/ Frame 6221 178 KB
56 KB 30ms
30ms Script
text/javascript 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.h.w55c.net/2/2.93.0/main.js

Requested by

Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE&pp=15222&ti=&pv=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-133-238.eu-west-1.compute.amazonaws.com

Software

Resource Hash

cd70de795f5250b1b8c9672459d978fcdfc496f16273554bf6676bcc3714ecee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 56381
Expires: Fri, 29 Jan 2055 14:34:36 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame F9F7 107 B
122 B 45ms
44ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F9F7 107 B
122 B 48ms
46ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4B12 0
16 B 248ms
243ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407278883&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259993&bpp=3&bdt=227&idt=277&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&nras=1&correlator=8711561595327&frm=8&ife=1&pv=2&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.9o6b3e7y7u9u&fsb=1&dtd=297

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/ Frame A55B 0
145 B 110ms
28ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/postback?oz_pl=1&ui=&ap=&to=3&de=2&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8&sr=GOOGLE&pp=15222&ti=&md=1&si=&pd=avt&pv=398374e8-5faf-4290-9894-ef180fe047bf&dm=728x90&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&psv=2.93.0&_x=1
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE&pp=15222&ti=&pv=398374e8-5faf-4290-9894-ef180fe047bf&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:39 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.h.w55c.net/2/2.93.0/ Frame A55B 178 KB
56 KB 33ms
29ms Script
text/javascript 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.h.w55c.net/2/2.93.0/main.js

Requested by

Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE&pp=15222&ti=&pv=398374e8-5faf-4290-9894-ef180fe047bf&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-133-238.eu-west-1.compute.amazonaws.com

Software

Resource Hash

cd70de795f5250b1b8c9672459d978fcdfc496f16273554bf6676bcc3714ecee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 56381
Expires: Fri, 29 Jan 2055 14:34:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B2A6 0
0 77ms
74ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305170101&jk=3789854313045214&bg=!ycqlyp7NAAZ8_aWmXP07ADkAdvg8Wt_zn-aTMfxibm9bONqsXmyB0q8wjOWHWrblfwiunR6wASbi1He8KnOfrp_glZLNKWxuRo4CAAAAfVIAAAADaAEHCgB0vPMfVa0qTBos9OF8G58UohN8OMUIa4mL4s7mNLOBAsQvjD1nFEfOdBsR2JIwaGVIPWzF-gvRehqSLV4VenzjiOONk8a9kG79WICYMFwUz9zjVBdNAGXxrvFz0ErLT0IgasxsqB-JhcO_j3qRpcx4tjbEZMWZAtLFHjtiBQIa8nZKC2ixleWWEoc5d0fe0gdk4bkLCWOjBCKZZ1QYZoiS0an_ETh80RmEq7aIP1ACKI-6ArqnlsSipamYGqpFbyZPk_RzSIJ6tdPAUZk3uGwvOXMvucjTV7MyyP5sdFb2nahyoXWWrX1qbsb_1mOQD2yo-t_VQAneyxByZPGiGB3U9nYa3vxInmQlQ8mh1QwsMQjwM5kUn6LEdrW8bDVCUAXANXMfHB7zVXdpyj7DozynOa7Td0XMrMBewCFN-lEBFK2P4EAoR9PmKB4Huheag8YfDeRnp1F0Jt_kBsOKjsJcMMweUSbXLl3Ks474ZikBPqNxQfPo14XqT4BhfZ-ZP5rfIaE-2f7ruvzOY7XYP4HfFdf1vL2Es8MKm7V3awajD31LW9Og2lRldw6rvxB4YpbM4PI9lXul1lH0A1_ew-MXePoipPL9dn5meEK2J0Ay5BhZhbbt0WjyS-Dmkns4uKiKGBa0xEq5Vf9fz8HOC8P_OvPOywEcbyPbEppxfaDHqqvtMV0ih8O_hWD6Y4-K-meSQRU0s_-11ELjg9yyEcdY8k_8_KPIQlCRA7_zNfCGlH5nTfuyGcsGUbk8QK-2d6aIhD_2raxNjcCVgx-6sAn_mOslMGJDqHrABfZaIMCSyDL0ybnnaHbqXK4GVMLo2EfonekLLWrzXJXucj11P5ACMP7uamxsV4sCdFAYhlbAjrndQFOB9pdsvGkwmHoW0moTsdlxURIX26H9z0WN2WXF-hzZsJ6Xt9au3hIlRQLywMavp26VvbAiQKBda4-tqa7u1YxharPXH0MBMzD06QjUAWzNTH515CXI2zsPPZonKfbx7GphB7u_CRa87A1IxSyvDiboi32zLnZ6r9EDUsQBZXVPTPDwfa18bLIdFaORhJ_KP6eUZtZWEtlH4getXanUdxlVzNaDYxLyU1_xhSGekG7GWqMtRmgOKQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A52F 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 10:33:36 GMT
etag: 48472445140208031
expires: Wed, 24 May 2023 10:33:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F4B1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b33e9a217e518dcaaa801ea33acf7f50671fc4105ae38ed3d57c9467ed7fcb5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DEE2 41 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLhw1A1ce1yDCwsIg9366znNOM3XCCp8SgjWnz8mHMlC9xGkqbO58YqGGkutmMlSmeEtfhYTXuADVV2PXmC5hcFD6fYyS6rh01SgbgiM-vPKRf8Re7WI7SdOih7pYLDcOG9BJQQ3NG30zL758fSzyGIwXQwOmpCSQMbcIr-xiPcIKuA9c&cry=1&dbm_d=AKAmf-BdFA1nTBv-uVjAzEqSuiZcWruHVZl_mZ3q7BaYfXme3hzk7l8uRV-sBUYDZivh_mgXhx_fL5I22fkhlON27mBHl-oCEUZzKC6BXtkhU0I0w3NpMKwXmjMFNZzZpNjVlvwwxAfsHKFXMSMBYZf6tu1CzsCQAVcCb7EpGB6KrFbLhyqlZ7Hu7RcZwn21ujtTgFnX5FBocDOl7avBMVn96_um1rTgasnAH83Ba6-Ly8o5JFw8K0IW-2urot88REZORztHMSIBRwBgTITKzHOBtJdxbBuKJBM2TsNMDF0CXB_yuoY_MAwdQHP7PL-QHA7U2vfM7soQBuI9ME733SkSV6KJxRqyJsCv1U-O38nuVjvZH7PAM7CRBgNX95NTT7hRDsoSBtbWDIWWaa-CIVpI7y1m9nu59D5YTZWeMvdCN5OTIS7Xqhq-ylEZxZQb5Q75UnfbXabQmijE75qnNMb8RyKVMmygKptqkWWazhfnVeEmGkmgKNi9HH3LMB14OJGd7nhpFwYo8NyDqGZTsuvw_TuoULB2xLWeH_6Jm9CoXQ3ry2xhqY-QTzCe_pupdYOS9ivYzgNDc2zWHDo_THeqUX42h1dkR1pzjj4mehs_aZWG9cu5-q5i373795wo6cCo9bZ465BB3kgk5845mfgh4zM-S-QH4W53hDo6vgMHpqD0wYEfj_eFWDHUGcnA2PbIL9l1xBNn9XHwBHK8ntHVcO7CdbMJOra5pTBzwhsi9x55u94npOCFYUYuGfCnXGwCfmnDKxniKVxQ3Tb7irReEN1k7NzM7uKbAmtw9WN6VqKB9eWtmxAviBaK2ATPdTiJjf_L0kQNeO3N_Ob9zsmJrDUDPfSNWlXWaKCRWF07DSG-3eDtjqwZIyPtyaODGeZWk140z7QD1XjqUFb04qdXIBqhMkxbUIPmg2pNvkebcaACkH38lKtowlsxT9q_mXeaPxrokghe5AZC5_GI2HtIOmLSXeOrT0AyRbOFEVKqeV-tN6U3-ESl7zKDjmZHAJAzn4PH0FzqvGYGfGNHW1RGlRkc65ZgL3vEvQEDJCfxzTIUKnW3oba80SlW9gs5D35U-GiyHXJ8we4cPAS5NbHM_047fU7X2Mw7ZPzButqJlUBau9SMXNnOH-wwCy2VaNYkvy8kev2Etf0RhmPRMUQXFMwMNHxSbPYMCb8Hq4V5rbf9XYWWOLM4bS2yRsDlKVGoG27Gp8YB8HJauWm41_HfMl0bt0pQOu7pqVV0ShJOmIB-WMn6zU-wZTnd4-Aud-EHvEXbP11LvVhsyr585R6AYtPCncvR5QZ1TagrOX0U9pgYveBb8rINqirPizd0HNQxk46zdK5vOmNC9k_SHc9OIoNMaPHO7_7kbRv3K4CDwGX-Isykxt_jMpLBGCDw1XJ14Sdvf-A_w-2IOnwwuZ347qC3fydSNcWrsUxgxlD9MuPiA9KKW3w3Br4ByQBH5qhxdwXGl7jH4IVqAvcHTIjr1VRW95PYH1KW52YfTYXSv8__Vp8vPCmCJhXpOEX92KGF-bTctcU9cyYJYtD622WMbpCpXmyWmBZYBr7Ex9AD6HF2jVFhvbv2dEBGaOn9igsl5lbQ2nL5QPkydfOxhz9QJDTi1orQTuk3zp0-xnboiTg4QIuQUkZE6NRhi9jfMsEHfFA2Uu670q3fBJLVIwKk95eJGAEHPKRunsnN8XdnVhm40W8z8PIbORUYB3PQXoftUerq5e-HEQlt4Z0PpEtSkpw9_owKKWaW0OJMcGyGxLHxhJpx0wVLAhSemfvIbTbxXNOsPFoqGKQ5urOmKsMy-eUj-VmHFJnW75Sv_IU-7aqqppLhZTc_ir0snfaq9JNdxtgrBBEXyNZ9CYGiv0QNmmCALIsOsmGn_trfk6-yihLf_iw9njqiNjhR9bYMfgBsRmPXUlXtmwCSPXZda_Jnkb7TVrKrOCY4n1EUgRIk7aNIe5b9t0WZn811d4A-Z3HPp4iB6WjRomWiZGrgWvoStir5ES1WE1EjLY5OyHx2VH3NTb8Pl_vCjexXPS1XR-Qm3CZeDjKZfO2OVNDgzYV-ONqugw9N0H-kRB7KJrP87AYXSDYsKsrnvkO5a70efY60yU_3hup6LOuOJvXxwaWUW8_UnkfAnasNXKVV1GTiXicBAQij3WIZOyMDgoFD5FwLNl0oBMUNrmdrA42OZwhC3PdmwO_1SGxTQ8y9by0Hc_a8zo6bVKgKWcePNeyywF_iaHTdLqre9UNxXfsKEYf6aZSeieFGFzGRaREBDjx_IXaSIqrpQ_oCiZx4651eOdl7WRxXcCVT97G-EGsKR6pOoLD49p0QoNfzea9vUdxoLzwnR-zwbK6KlqM4cChkZshcb3B2Ny68MfRfqWJOPYij9-TfH-jyQ9MTR5KJ87iMFzclZAAhldKb1IsRMDScc4jilA3h4NYsXquRb-1pkz_6ZeyeC6anAL0pQNw7MBXQ_pALQB_nfgTMZUOA_7fwzRJmqsSq4YoSUWnEvjjwZiuxzBt4Q9qRmsYd_hnDt4b6mHGYFJuK2f7GnTWlc91dfZBRsdybKG8N3MmqxiexNqa5X8bVJ969wmsmj35Q1cho-YL3Hnh5UDQxLQmka_gyedsUH-12E4B-cMx3MltBZ4wmFpz3kClsNkjNopp5nupsR9SfwXC-klu-mGHsnb6OzYa1eCUGpzn6xUEMNSnQxHMH0wQYAK-dsZR2oQwWV_YA4Oo6sZD6P9Fmtk-OVknvMAz7zbTKHVtu5XXsTCDnoTFTygLds86xvNUov1thwF2UBpC_Yfc_0dXF3DlrkvU-bsbFtAdy2b9lBzIxAnBEEX-HSQDjPtVq7UOY8bJjNAYyHYzKkqiKY9-Fkz1iOsBfAVQU4IFtp9uB&pr=8%3AFC591CAEA1A37F1E&cid=CAQSMgBygQiDkbqsUxLasTXJ4cfOPoTOHOGnhYf4J-dJPMqxO9NRav_90VF6M8CExILFdu_dGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=1006406856720700700&adk=1499032284&idt=144&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19687
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 07:39:33 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame DEE2
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1352960/69587979/xbbe/creative/adj?p=APEucNVqL6oAgioxGD8L0DyOT5YPZmBp5eyf8WrkQ25ro_9dx29sOtw&d=CokBAKAmf-Ax032E6sWhAuve125y9Pz5NRQdxn6oqLNoOWcBZcWBDlLqcCiaGkP...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVqL6oAgioxGD8L0DyOT5YPZmBp5eyf8WrkQ25ro_9dx29sOtw&d=CokBAKAmf-Ax032E6sWhAuve125y9Pz5NRQdxn6oqLNoOWcBZcWBDlLqcCiaGkPAm7JziWz-nxX9-UqSCC3EncQeH...

74 KB
24 KB

108ms
54ms

Script
text/javascript

64.233.166.154

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVqL6oAgioxGD8L0DyOT5YPZmBp5eyf8WrkQ25ro_9dx29sOtw&d=CokBAKAmf-Ax032E6sWhAuve125y9Pz5NRQdxn6oqLNoOWcBZcWBDlLqcCiaGkPAm7JziWz-nxX9-UqSCC3EncQeHBjxCDBpSKt-iIljbPritxo3Ma3fF7eq3rKqYR8ROujr3K93Tuz2ssBZnkV8KMo7B6O-c8SQOktafKBxrPfs2Pa15L00rhsOeKYSuQ4AoCZ_4Gyvb39cs1sAjEFuEz-pxZcdXLJJKFV8rhQy-zlZE0YT9AExIyRjndXcgc41oUi4mxLSqpx1g1WbwDF0IGsGyis63eKwkBgT2Xu1-3-tuKIaialG-Ed7P5XthjpSA_VRKaPHD3Zh_41JQbpZ7JKj2DXUSxZUumAUDN8fItj6hBUuuBVCcdWQTBSl60bomcy0dMhXMtwkbPJugj0rFby1CiW02jji6ha20BoUlMbO2MuOPZXCa5LjoE0axEgv5caFFpcwknYtj6T6odJUal7peQG4rRIipjKJtOQ9Zfj1oObOcYE-chpkeGmTC3O8ve2yV0arVRSx1xcpZo-Ha5C97gA-BTkGuweXjzSaG8f7qHjhsKAhzzNIXoKVQA-bOX70DPdqwnZlCfhQgI8eHq_SFsD394fdNPfnxRE7Lwj_8ApzHRuRCDTv2Vks7tlxUv_iLtou4INQ8Y6XXFJrXyGaPi9Ch55JIcp8LEaYLQolzFg-yVXKDUh_TKoylWAyShw_gSeqtiAXrhXMDKhNEpNPbNWlulGFF5IbaV5GyTH1jKb3TPfXIaXH8i-PzSbAzO3OyK7_zYk2xHhvQp_RLWBdL6EOLiWwl-rmLozJG-amxx9bX2w7TvXrxBowDMqUjRKXb_QVZIcfeLpFmQDe7nfHJiLrXkOsYPFVwAPMTyY1hHmKFgtr6KHPZ2fAyh7Cs94gLgC1SiPspIY_6hXQQaqJrWOkbjdOwu7wThsat1ax4onJwnNMhsEhVFN2HUR2tlnMlawXJZMTNHZlJRJ5U2WWTbxnZUTOJOKfnb5HY5lueA28ayandeuJ5BUe6w8iCzw06WdGIqH2i1lHcG3kJjR5eb1hc-XUOyces7lL03UOnRCGp14xce5QsNre-M27IddnevYXqpis5legeQKfP9weE71KKn40MDSeHN0i2tM4qU51mMS2cQzKnoLh44UllwPoi8AZP-IqxuVrP3-CsJsCH1cCi8Fp05ikgfTJVMD0TmYB0mDAW1qq6iNyNmEtvhlzbRrmFNmESoKKUYkIJweEFE5LsRME_anD38XuvhkuGR_KerqivGwonPn3-6Ifg-2EOqcloCD7SMAyxnYD_wElNpwcwr5dQZnUs5rIl--LPsemuwZOxFvkOnRAb1AD65pn4iNDrRDRUCxjxUN7KgqWV8z95Lmc4w_WnNuuQ-P26Y1YXg3GODvpRDrmnVMjLJZ-2LVCuuhdyHUhylvJTI9wd-R1p5b5bAJ6KiKrtZ9SYInoEruaS8Q6-lHg6deF3GUhzOYGfxcvCeAmTIsyYIOXjBpEBdN6c-tX96v7uAo0cUQOwlSMJXhhysAtOpd-d4W-lZCS7XOZsYb5-1oGt2z5d4aL0SUR82FCbU6d0ro-f6F4drzZqAoBmMdBL1bMi2uX8TiaNa-OqoG1bdAg-2fFu5Pi-Yek6xofnm-f8f2Ac-Uc1PNLidIp905-u9c7OfNPSE2MTfQgZou_0zZjU0bYX8TnG3s57LAniQMWf2JIz8uG3B6Il2vOF-klgZtI0VvuX5pMVZqyP27C38ipmEam6bI4hbh5RIAvol3BuDrehHikW9YsU1bY0_3OEShaMS2HMpvwGmYgNpNR-OptUumgvjgQVhxYUuuqydhrDc_CCCfOaekWeJCrmg5COfZoqJGyPdTsoLuTQiuKRpGZMTJqv08aqJ91dy4Uwn0p-cIQJg5OF625ZzxU_JQP3EQSq6QwXyUURdjhX1dYLwzn3wVa3-6xwtvHz_pFPTkWFg_wDEOauXXrP7tNOJs8Uo_3Jd_toLQMAvp8Td_IY1UkkDkBQMNOREshWi13wXPBHpYjCIP-M2bf3UhPXU3Gb2uClpStoCkxdwpd423MgeZ_gwWAbGNHT8-vzdYcgj_73chs9PGydJbgk-J3nTGOGK8Tq5K8jRay0uen3BrvXWPZPquG_HC3-TgzvpeSzCOkSGHAumWr5QQ9LPRJPJVxgV_xsRALuB93TYQBqsR1nOq5UNaMVr7L8iBN8UHmb8XqtsLuFCATC1FbpDsT3uqaH_7P6WzvKHEWNz1NFYsfjKl0Or_29G4wDuh7pdBjeDkxYF0NDrZV1BARwI-5z2P2wWJc6ybWPA0f2v4j1iiMgVa4O9NgE8tKPxWO3KetUHdvbkzFqrekFo_etdZHO6XOC6_ZUE8wIkpa872R66LShkv9ksGLt-j9oX2Sim22TBGHbveh6IHmm_phI8-ezim9ehh9e2RixodDukUDfbjjKu61yNA9JzbwLRtza9odVktD9Go-dfDTnQd76nrnifjvnCG5Cu0Dn8PKCHeY8XJf6G_JrE4DeT1i4jBGl2yikS87vmWoL9iiKixqEvL07XlGj1Mqj6NkJkAsDcbq_ZuEPWUoG6HHnydYnvVkFmnP2wJmN885zBpsxqfOwRBvtYMpcvxvHnb5-ToME7uPp7OCAcNePXT_b5KVKv6OGjgIBBIyAHKBCIORuqxTEtqxNcnhx84-hM4c4aeFh_gn50k8yrE701Fq__3RUXozwITEgsV2790YAWAB&bundleId=

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

64.233.166.154 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

395b4c705d56bbe8a2b839cd854b0960d56ca3a63b9495c2be10a5cae3208042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24604
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: nginx
x-server-name: app11.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVqL6oAgioxGD8L0DyOT5YPZmBp5eyf8WrkQ25ro_9dx29sOtw&d=CokBAKAmf-Ax032E6sWhAuve125y9Pz5NRQdxn6oqLNoOWcBZcWBDlLqcCiaGkPAm7JziWz-nxX9-UqSCC3EncQeHBjxCDBpSKt-iIljbPritxo3Ma3fF7eq3rKqYR8ROujr3K93Tuz2ssBZnkV8KMo7B6O-c8SQOktafKBxrPfs2Pa15L00rhsOeKYSuQ4AoCZ_4Gyvb39cs1sAjEFuEz-pxZcdXLJJKFV8rhQy-zlZE0YT9AExIyRjndXcgc41oUi4mxLSqpx1g1WbwDF0IGsGyis63eKwkBgT2Xu1-3-tuKIaialG-Ed7P5XthjpSA_VRKaPHD3Zh_41JQbpZ7JKj2DXUSxZUumAUDN8fItj6hBUuuBVCcdWQTBSl60bomcy0dMhXMtwkbPJugj0rFby1CiW02jji6ha20BoUlMbO2MuOPZXCa5LjoE0axEgv5caFFpcwknYtj6T6odJUal7peQG4rRIipjKJtOQ9Zfj1oObOcYE-chpkeGmTC3O8ve2yV0arVRSx1xcpZo-Ha5C97gA-BTkGuweXjzSaG8f7qHjhsKAhzzNIXoKVQA-bOX70DPdqwnZlCfhQgI8eHq_SFsD394fdNPfnxRE7Lwj_8ApzHRuRCDTv2Vks7tlxUv_iLtou4INQ8Y6XXFJrXyGaPi9Ch55JIcp8LEaYLQolzFg-yVXKDUh_TKoylWAyShw_gSeqtiAXrhXMDKhNEpNPbNWlulGFF5IbaV5GyTH1jKb3TPfXIaXH8i-PzSbAzO3OyK7_zYk2xHhvQp_RLWBdL6EOLiWwl-rmLozJG-amxx9bX2w7TvXrxBowDMqUjRKXb_QVZIcfeLpFmQDe7nfHJiLrXkOsYPFVwAPMTyY1hHmKFgtr6KHPZ2fAyh7Cs94gLgC1SiPspIY_6hXQQaqJrWOkbjdOwu7wThsat1ax4onJwnNMhsEhVFN2HUR2tlnMlawXJZMTNHZlJRJ5U2WWTbxnZUTOJOKfnb5HY5lueA28ayandeuJ5BUe6w8iCzw06WdGIqH2i1lHcG3kJjR5eb1hc-XUOyces7lL03UOnRCGp14xce5QsNre-M27IddnevYXqpis5legeQKfP9weE71KKn40MDSeHN0i2tM4qU51mMS2cQzKnoLh44UllwPoi8AZP-IqxuVrP3-CsJsCH1cCi8Fp05ikgfTJVMD0TmYB0mDAW1qq6iNyNmEtvhlzbRrmFNmESoKKUYkIJweEFE5LsRME_anD38XuvhkuGR_KerqivGwonPn3-6Ifg-2EOqcloCD7SMAyxnYD_wElNpwcwr5dQZnUs5rIl--LPsemuwZOxFvkOnRAb1AD65pn4iNDrRDRUCxjxUN7KgqWV8z95Lmc4w_WnNuuQ-P26Y1YXg3GODvpRDrmnVMjLJZ-2LVCuuhdyHUhylvJTI9wd-R1p5b5bAJ6KiKrtZ9SYInoEruaS8Q6-lHg6deF3GUhzOYGfxcvCeAmTIsyYIOXjBpEBdN6c-tX96v7uAo0cUQOwlSMJXhhysAtOpd-d4W-lZCS7XOZsYb5-1oGt2z5d4aL0SUR82FCbU6d0ro-f6F4drzZqAoBmMdBL1bMi2uX8TiaNa-OqoG1bdAg-2fFu5Pi-Yek6xofnm-f8f2Ac-Uc1PNLidIp905-u9c7OfNPSE2MTfQgZou_0zZjU0bYX8TnG3s57LAniQMWf2JIz8uG3B6Il2vOF-klgZtI0VvuX5pMVZqyP27C38ipmEam6bI4hbh5RIAvol3BuDrehHikW9YsU1bY0_3OEShaMS2HMpvwGmYgNpNR-OptUumgvjgQVhxYUuuqydhrDc_CCCfOaekWeJCrmg5COfZoqJGyPdTsoLuTQiuKRpGZMTJqv08aqJ91dy4Uwn0p-cIQJg5OF625ZzxU_JQP3EQSq6QwXyUURdjhX1dYLwzn3wVa3-6xwtvHz_pFPTkWFg_wDEOauXXrP7tNOJs8Uo_3Jd_toLQMAvp8Td_IY1UkkDkBQMNOREshWi13wXPBHpYjCIP-M2bf3UhPXU3Gb2uClpStoCkxdwpd423MgeZ_gwWAbGNHT8-vzdYcgj_73chs9PGydJbgk-J3nTGOGK8Tq5K8jRay0uen3BrvXWPZPquG_HC3-TgzvpeSzCOkSGHAumWr5QQ9LPRJPJVxgV_xsRALuB93TYQBqsR1nOq5UNaMVr7L8iBN8UHmb8XqtsLuFCATC1FbpDsT3uqaH_7P6WzvKHEWNz1NFYsfjKl0Or_29G4wDuh7pdBjeDkxYF0NDrZV1BARwI-5z2P2wWJc6ybWPA0f2v4j1iiMgVa4O9NgE8tKPxWO3KetUHdvbkzFqrekFo_etdZHO6XOC6_ZUE8wIkpa872R66LShkv9ksGLt-j9oX2Sim22TBGHbveh6IHmm_phI8-ezim9ehh9e2RixodDukUDfbjjKu61yNA9JzbwLRtza9odVktD9Go-dfDTnQd76nrnifjvnCG5Cu0Dn8PKCHeY8XJf6G_JrE4DeT1i4jBGl2yikS87vmWoL9iiKixqEvL07XlGj1Mqj6NkJkAsDcbq_ZuEPWUoG6HHnydYnvVkFmnP2wJmN885zBpsxqfOwRBvtYMpcvxvHnb5-ToME7uPp7OCAcNePXT_b5KVKv6OGjgIBBIyAHKBCIORuqxTEtqxNcnhx84-hM4c4aeFh_gn50k8yrE701Fq__3RUXozwITEgsV2790YAWAB&bundleId=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 9180 91 KB
23 KB 34ms
8ms Script
application/javascript 2600:9000:223f:3400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 21072684
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: FdcSC-Zo92l1S2euhDjtMahxPsDcufVpzMKorkgC2w6Wv01Yt5yjow==

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B6D6 33 KB
14 KB 717ms
717ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

359f23df7c8acb0d22b1053fc19d1b0181a75b85de2042b85cca04e6e91bc29f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14388
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 18C5 5 KB
1 KB 163ms
79ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=15561500089055600951395012333003&a=5331974d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30ece5ac4e330eb0d7d2f0ff3096f914def5a156abfd9f6f0352d03bcf40311b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 May 2023 13:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 May 2023 12:40:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 May 2023 13:07:40 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 18C5 25 KB
25 KB 34ms
12ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=15561500089055600951395012333003&a=5331974d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 5253870120f44ad95c0996dda017c7621fc2d7ad9e47d9de57df17653bf8737c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:40 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 25830
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 18C5 27 KB
27 KB 35ms
13ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=15561500089055600951395012333003&a=5331974d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 419df8031f8b14498b97f32dd843f5c179082c0d015ea26f3d58df68dc9a96ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:40 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 27134
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 18C5 20 KB
20 KB 36ms
13ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=15561500089055600951395012333003&a=5331974d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: d6787c18b1915b6202e777c32d1fccff5b7449272245141764fd75a636b30264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:40 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 20629
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 3467 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259490&bpp=3&bdt=153&idt=245&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5769204369885&frm=8&ife=1&pv=1&ga_vid=689039208.1684847260&ga_sid=1684847260&ga_hid=266582515&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074687%2C44785295%2C44788442%2C44792645&oid=2&pvsid=2670633855062853&tmod=866578255&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.yb857gstqx2r&fsb=1&dtd=250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 10:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 10:58:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 3467 19 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54677
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:56:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3467 0
0 46ms
46ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKeuEtj7qB5PhEMnL1jNkQvir8wNlhvcfYu1F9uvIU1_R0iayXWIAc3wCVlnsZyMGfbelZa6iitJKbJzno6ayqL36d-A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259490&bpp=3&bdt=153&idt=245&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5769204369885&frm=8&ife=1&pv=1&ga_vid=689039208.1684847260&ga_sid=1684847260&ga_hid=266582515&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074687%2C44785295%2C44788442%2C44792645&oid=2&pvsid=2670633855062853&tmod=866578255&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.yb857gstqx2r&fsb=1&dtd=250
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3467 171 KB
53 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DEE2 0
0 155ms
78ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8v52vQi_6WcWonzcEO66pv8pG5LQJrPwYzKTVfci4jl6dEt_9Vpx3wM1hHiUtAFUxvdSlFIeSyVT1oFrrFdrTX1K-VgI_Xx_qORP7LLacwnqgF5K0C9MBcrTGo4M-pMjhZb9xc4wzaK1UBFloLXsmKQSADM9BO80IO_cqFl5clX_fCilKb60KpxjbV4d9mtLPEbpqpxvHOl6VBWXCKNDRcTc_g2blLuf6M0_djQ-7F0gGSONENryMWEkS1t9OpyZUCO8Isket8uh0kIgGkPjxrASQ9rLm4KOyi2HD2xY6Ff3if1A9Q9uyVsSEaaaLtVebVTrUUGPXy7ANdbps0Ss&sai=AMfl-YS05blcwYtCRvKDmMyN_5-kF9kkPEkHcm_tVmIBptiB9-xGFsg3wqiS-y2fNzQs-9RFYwL1h0llO5FwWruvfnQK_79Ya6XwSDuCLr_wHWNfDch3K6a_j9kCeZAkNw&sig=Cg0ArKJSzPtEsba8TlzMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 13:07:40 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 0CDE 5 KB
5 KB 10ms
10ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2744357715
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DEE2 43 B
216 B 364ms
107ms Image
image/gif 2600:1f18:1aca:4281:13ee:cc81:4828:61d9

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=4df471b4-a785-8b40-3a3b-b98672ddcaf2&tv=%7Bc:druVXr,pingTime:-3,time:192,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:47%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:192,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:47,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B185~0%5D,as:%5B185~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tF5loTL+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C117%7C1181%7C1182%7C1183%7C1184%7C1185%7C1191%7C11a1%7C11b*.1352960-69587979%7C11b1%7C11c%7C11d1,idMap:11b*,rmeas:1,rend:0,renddet:IMG.us,siq:49%7D&br=c
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:13ee:cc81:4828:61d9 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DEE2 43 B
215 B 363ms
110ms Image
image/gif 2600:1f18:1aca:4281:13ee:cc81:4828:61d9

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=4df471b4-a785-8b40-3a3b-b98672ddcaf2&tv=%7Bc:druVXt,pingTime:-6,time:194,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:194,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:47,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B187~0%5D,as:%5B187~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tF5loTL+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C117%7C1181%7C1182%7C1183%7C1184%7C1185%7C1191%7C11a1%7C11b*.1352960-69587979%7C11b1%7C11c%7C11d1,idMap:11b*,rmeas:1,rend:0,renddet:IMG.us,siq:49%7D&tpiLookup=ao:pcloak.blob.core.windows.net*%2Cye-mek.net*&br=c
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:13ee:cc81:4828:61d9 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame B2A6 0
209 B 46ms
45ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1684847258370&userId=vnet6dd915f7-1765-4a38-ab22-8cad630ef3ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Tue, 23 May 2023 13:07:40 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ Frame B2A6 89 KB
29 KB 59ms
28ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 24 May 2023 13:07:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3467 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfrE0m7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEsgFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoV2q4aC6RaauhEwd7Y1A9EpPdzkmQ6wpHXuxQ509grtR8FPxpvCugAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02NTkzNTIzMjEwMDEwMTU0GAA&sigh=JFTMzFewh7g&uach_m=[UACH]&cid=CAQSKQBygQiD4qjuy54NIwJivqR37QHSMkqODOJGm6iNOBaM8iUe-gl8l_QgGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259490&bpp=3&bdt=153&idt=245&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5769204369885&frm=8&ife=1&pv=1&ga_vid=689039208.1684847260&ga_sid=1684847260&ga_hid=266582515&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074687%2C44785295%2C44788442%2C44792645&oid=2&pvsid=2670633855062853&tmod=866578255&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.yb857gstqx2r&fsb=1&dtd=250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 May 2023 13:07:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 3467 0
0 71ms
21ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g2wjhgxh6866h7xac56acc17jk06w6z32jgmfbahg39b5y0ehseseg5zg1f9vfbsee59h74k709m5vb9qaxwzyps580q6pxebnksrcwhjb47wwyb8zyjvyq581pr5jvzm9qkcm61wx3tbhv0j59v92bae03brdahkrs7a0520gz2pc04614ewz923fmjdy8qj8dp9vmhzkx15t5xtmmcjs8cbjw4nxf81g7s2w24w95sw0nb1yzt7ng0md3cdb1sr2849vjc61dh4s0wzf9zsv9mx1qvrj64t4bwsbt79t74xmjazzzz7bp75967m7vvx8sn89qb9sfzn509251b0w08mqj7z8tebfpa8aerabaegntx2cyskzh1wen4cngy28hjxntvz9dhn2t&b=ZGy6mwAMzsgGrRByAAW1fFuRDY0Uqvlu5Jtorg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259490&bpp=3&bdt=153&idt=245&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5769204369885&frm=8&ife=1&pv=1&ga_vid=689039208.1684847260&ga_sid=1684847260&ga_hid=266582515&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074687%2C44785295%2C44788442%2C44792645&oid=2&pvsid=2670633855062853&tmod=866578255&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.yb857gstqx2r&fsb=1&dtd=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 May 2023 13:07:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 39F8 2 KB
2 KB 100ms
53ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hcv8jfekfq3n88w1qmk9zb0x0tgjcvf45nz9v5btx0esmvk0yqh5czgqhs6g1qkttpmrnr1ycv143sh390syds1266mmdfyj3jhxawgw249f8bxcpef9h3xbx81x8k4b1y7jt21qt0ny7xwxsq57y0wkq5tpdmtrg0egrjv0e54hk7qfq15zwfjmz4hbks4he2cs98pec5bw1c7102g7nvx9c84ybf5q0kn7cfc3f0n31cnx2v1n09ysmbxh718jg3sv1h7zc4y1ytpjajcqxgkd4zv8s1njxc2nghjzas44gw48z8p99mxmngvfyn6hvhz0dqe6pgwtar8nzd9h2vyarck8e5wh3b17qc8yexkrm2tymxt67nsbv7qf85d7v8tjdarb22g5c3vafvezvhqz4a5nnpbnb1pvv8c20a35t3qb7kwmyvjsqtyzavhgh9yz3mjq8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%26client%3Dca-pub-6593523210010154%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7ed390da978ff7128396440a5f660cff4c994f10a7e00837d4fe8582e00b3a7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7cbd85f2a8e118b3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:40 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DF68 1 KB
643 B 38ms
37ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 10:33:36 GMT
etag: 48472445140208031
expires: Wed, 24 May 2023 10:33:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 4E11 110 KB
42 KB 49ms
47ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72abcc472362ec78cc673f34210927537087f087edda8db1471f8ead6de1edfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43068
x-xss-protection: 0
last-modified: Tue, 23 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 May 2023 13:07:40 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DEE2 43 B
215 B 289ms
111ms Image
image/gif 2600:1f18:1aca:4281:13ee:cc81:4828:61d9

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=4df471b4-a785-8b40-3a3b-b98672ddcaf2&tv=%7Bc:druVYH,pingTime:-2,time:270,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:585,beZ:586,mfA:588,cmA:589,inA:590,inZ:594,prA:594,prZ:627,si:633,poA:634,poZ:657,cmZ:657,mfZ:657,loA:778,loZ:781,ltA:855,ltZ:855%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:47%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:271,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:47,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B264~0%5D,as:%5B264~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tF5loTL+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C117%7C1181%7C1182%7C1183%7C1184%7C1185%7C1191%7C11a1%7C11b*.1352960-69587979%7C11b1%7C11c%7C11d1,idMap:11b*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:49,sinceFw:220,readyFired:false%7D&br=c
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:13ee:cc81:4828:61d9 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dpixel
cms.quantserve.com/ Frame A52F 35 B
464 B 48ms
11ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM_lqdH3VKXdM7DuYJSHBdA&google_cver=1&google_push=ATf1kGM4Iqe6pNn2zSHpIvSwGwYxSbYW7eDz6j5_1ftj-FA1vIkMy4KmSCgBgx-RWBWCAWLPiOGysZNrJgXh71b-6o7AuTDAsiU

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A52F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMfWZGezWzfH5jGvGKzyy1I&google_push=ATf1kGPpFFVSoVxzV4oWnmBd0u8aECcutZQemC0DvrlsNnngS_x4bFsAlO...

170 B
188 B

56ms
56ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMfWZGezWzfH5jGvGKzyy1I&google_push=ATf1kGPpFFVSoVxzV4oWnmBd0u8aECcutZQemC0DvrlsNnngS_x4bFsAlOB90nS-pcvMwlwmQqsEyVaIL3p2Vgplyh_hcDXmm7Q

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230090-FRA
pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1684847261.664081,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMfWZGezWzfH5jGvGKzyy1I&google_push=ATf1kGPpFFVSoVxzV4oWnmBd0u8aECcutZQemC0DvrlsNnngS_x4bFsAlOB90nS-pcvMwlwmQqsEyVaIL3p2Vgplyh_hcDXmm7Q
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame A52F 70 B
264 B 46ms
42ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIMmmH36cszMdKROnDaNlLQ&google_cver=1&google_push=ATf1kGMsw_8eIvmluRagPF2WbS7O4vACdJJHWmZI3zO1mivuePTbkAo1ogLd1Vy3Nten4Ch_mcL4XZiN2J36LAqRQqBrtDsJwQaj
Requested by: Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A52F
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGhmD51sGyuo4_z_qDFvUVs&google_cver=1&google_push=ATf1kGNvk4eikAZwOK3Ea1ScqYRiDH1qWpoS9TDiXMwRJhvX76hqzUVXMNAOoSAr_2Tu5GQIx4XA68jOGDtiytAZYKQo...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNvk4eikAZwOK3Ea1ScqYRiDH1qWpoS9TDiXMwRJhvX76hqzUVXMNAOoSAr_2Tu5GQIx4XA68jOGDtiytAZYKQoKR-inO3o&google_hm=m28ck1DOTMGlMuvE2dUkbw==

170 B
188 B

63ms
61ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNvk4eikAZwOK3Ea1ScqYRiDH1qWpoS9TDiXMwRJhvX76hqzUVXMNAOoSAr_2Tu5GQIx4XA68jOGDtiytAZYKQoKR-inO3o&google_hm=m28ck1DOTMGlMuvE2dUkbw==

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNvk4eikAZwOK3Ea1ScqYRiDH1qWpoS9TDiXMwRJhvX76hqzUVXMNAOoSAr_2Tu5GQIx4XA68jOGDtiytAZYKQoKR-inO3o&google_hm=m28ck1DOTMGlMuvE2dUkbw==
date: Tue, 23 May 2023 13:07:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame A52F 43 B
362 B 21ms
18ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEJRdJJY_ogYG6HWvv_mFh9o&google_cver=1&google_push=ATf1kGPSMk6fvJyr3VIYcc6lZVNEa_QgsvmNxecaeMrPD3RkuzEjnvw7ejZ9fr1dYJvHw3K62wBjcYkwcqnbecS8i4AsLCGy10Vs

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:39 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 213097
expires: Tue, 23 May 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A52F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ-1aELp86sIqOkmSGkvWeg&google_cver=1&google_push=ATf1kGOmXZ914j9CUijo69v-qRTdnxDUkO7tj7q0EGGeSHQm6QTliASmLnA-fqSAO5m-OK5aOo7...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=ATf1kGOmXZ914j9CUijo69v-qRTdnxDUkO7tj7q0EGGeSHQm6QTliASmLnA-fqSAO5m-OK5aOo7QWgGWJCeub0rPkCbYuIKngUl5

170 B
188 B

57ms
55ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=ATf1kGOmXZ914j9CUijo69v-qRTdnxDUkO7tj7q0EGGeSHQm6QTliASmLnA-fqSAO5m-OK5aOo7QWgGWJCeub0rPkCbYuIKngUl5

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=ATf1kGOmXZ914j9CUijo69v-qRTdnxDUkO7tj7q0EGGeSHQm6QTliASmLnA-fqSAO5m-OK5aOo7QWgGWJCeub0rPkCbYuIKngUl5
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A52F
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGlDk3Bxs5-vELvu2PhawBs&google_cver=1&google_push=ATf1kGOKNu3-PQjbhD14HV673YICR8_KmvSYX7YGRA8fPBcyWVae8Tc-_31hawOVKZAv81l-Q_fXD7SGEcrlOFtw...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOKNu3-PQjbhD14HV673YICR8_KmvSYX7YGRA8fPBcyWVae8Tc-_31hawOVKZAv81l-Q_fXD7SGEcrlOFtwolU19Ur1X2gl

170 B
188 B

63ms
61ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOKNu3-PQjbhD14HV673YICR8_KmvSYX7YGRA8fPBcyWVae8Tc-_31hawOVKZAv81l-Q_fXD7SGEcrlOFtwolU19Ur1X2gl

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 23 May 2023 13:07:40 GMT
via: 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOKNu3-PQjbhD14HV673YICR8_KmvSYX7YGRA8fPBcyWVae8Tc-_31hawOVKZAv81l-Q_fXD7SGEcrlOFtwolU19Ur1X2gl
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: uHs3eQhOqbvZUYYbf10ofL0KhQ9gTFxyxYZeUW5XwIRkoWdntPYwbA==

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A52F 0
12 B 54ms
51ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ln3sJ7fuZxrmlyAXtNzaO_pwg3vetl5ddOhZnJMpm6m8cpChr8HeeAUK7jZQDyF1C04EIH

Requested by

Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame F4B1 85 KB
31 KB 53ms
14ms Script
text/javascript 18.66.147.98

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=15561500089055600951395012333003&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 15:16:19 GMT
content-encoding: gzip
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 78682
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 197ISun7OHNStpmCvHowHkcrcz-D48yg6dkoGSFqXzC8fyTYuDqsFA==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame F4B1 85 B
437 B 42ms
10ms Image
image/gif 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1684847560&Signature=drKm9VDk01iSWWZJRPlhv11EDyejEJ3TjPRUGG99ej2ENNthyHlfvT6XT7g0-k3snQ3K6jVMtpEJyEx27frOLqDB-VhkyJlZnmiYJsNftsrkG07TrWmi9LnbTtZVqybQEx~Ax3N9ETouswjCa95jasJ8eCuPnLzIm5PU8VanfuVgbumxkNpikCI99MsISdXiX1TORTdDYOTUzVghwtng8bBdZkjrskMVQ3cDwYiZ48yg0x3iSsoE0K5d1naFPeiXL6jlX01mIaX30r~Hzwof7ycCY1h7x6HQZrGsGyTaP2Nt0D~LT6J1wk0hQVfJ8G5AN0ONRbiSQh-rPKB4OEtNjw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
URL: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 23 May 2023 03:12:08 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 35736
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: guswCpCvDunh-iLFB6fRLzEqWfYDH1gTfktCBNQ2jBj8OAFXAFlygg==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 890C 22 KB
8 KB 44ms
41ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 354679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 10:36:21 GMT
expires: Sat, 18 May 2024 10:36:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame 18C5 0
150 B 42ms
12ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=15561500089055600951395012333003&a=19f59ec9&vb=m
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=15561500089055600951395012333003&a=5331974d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=15561500089055600951395012333003&a=5331974d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:40 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 39F8 103 KB
13 KB 33ms
29ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hcv8jfekfq3n88w1qmk9zb0x0tgjcvf45nz9v5btx0esmvk0yqh5czgqhs6g1qkttpmrnr1ycv143sh390syds1266mmdfyj3jhxawgw249f8bxcpef9h3xbx81x8k4b1y7jt21qt0ny7xwxsq57y0wkq5tpdmtrg0egrjv0e54hk7qfq15zwfjmz4hbks4he2cs98pec5bw1c7102g7nvx9c84ybf5q0kn7cfc3f0n31cnx2v1n09ysmbxh718jg3sv1h7zc4y1ytpjajcqxgkd4zv8s1njxc2nghjzas44gw48z8p99mxmngvfyn6hvhz0dqe6pgwtar8nzd9h2vyarck8e5wh3b17qc8yexkrm2tymxt67nsbv7qf85d7v8tjdarb22g5c3vafvezvhqz4a5nnpbnb1pvv8c20a35t3qb7kwmyvjsqtyzavhgh9yz3mjq8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hcv8jfekfq3n88w1qmk9zb0x0tgjcvf45nz9v5btx0esmvk0yqh5czgqhs6g1qkttpmrnr1ycv143sh390syds1266mmdfyj3jhxawgw249f8bxcpef9h3xbx81x8k4b1y7jt21qt0ny7xwxsq57y0wkq5tpdmtrg0egrjv0e54hk7qfq15zwfjmz4hbks4he2cs98pec5bw1c7102g7nvx9c84ybf5q0kn7cfc3f0n31cnx2v1n09ysmbxh718jg3sv1h7zc4y1ytpjajcqxgkd4zv8s1njxc2nghjzas44gw48z8p99mxmngvfyn6hvhz0dqe6pgwtar8nzd9h2vyarck8e5wh3b17qc8yexkrm2tymxt67nsbv7qf85d7v8tjdarb22g5c3vafvezvhqz4a5nnpbnb1pvv8c20a35t3qb7kwmyvjsqtyzavhgh9yz3mjq8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 1074933
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svP%2BfVYOupj5G3oMqV2GqmNVt2kzlMkiZ7UFJkIJH%2BbFkfvBHdmU%2BMzpRALbxKOLxwZp%2BP1Bnil94m%2FpkKc0Qyt2BINNuE9pmyxD8nkaFULE1LvsidPvCiXqpXyVMdkawF5xbOxUsyM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7cbd85f3498418b3-FRA
expires: Tue, 23 May 2023 14:07:40 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 39F8 25 KB
10 KB 37ms
25ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hcv8jfekfq3n88w1qmk9zb0x0tgjcvf45nz9v5btx0esmvk0yqh5czgqhs6g1qkttpmrnr1ycv143sh390syds1266mmdfyj3jhxawgw249f8bxcpef9h3xbx81x8k4b1y7jt21qt0ny7xwxsq57y0wkq5tpdmtrg0egrjv0e54hk7qfq15zwfjmz4hbks4he2cs98pec5bw1c7102g7nvx9c84ybf5q0kn7cfc3f0n31cnx2v1n09ysmbxh718jg3sv1h7zc4y1ytpjajcqxgkd4zv8s1njxc2nghjzas44gw48z8p99mxmngvfyn6hvhz0dqe6pgwtar8nzd9h2vyarck8e5wh3b17qc8yexkrm2tymxt67nsbv7qf85d7v8tjdarb22g5c3vafvezvhqz4a5nnpbnb1pvv8c20a35t3qb7kwmyvjsqtyzavhgh9yz3mjq8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 602508
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6EA7THxQqB4dILJaZIMclSxq4gyiX7Eut0f8QWvpECRIudCByRrLQGcTEXb9CZv7CYzCrd66dlq%2FLNZsjGYvUushnjsbtFIScgA1KNfqW1VswUokvxAsnK20ViCegqGP0XTkTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7cbd85f3598a18b3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 09 May 2023 13:46:06 GMT

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/ Frame 6221 0
145 B 29ms
29ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/postback?oz_pl=1&dt=9484611597092707615000&pd=avt&pp=15222&md=1&ui=&ap=&ti=&pv=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&to=3&si=&dm=728x90&gt=DE&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE&pi=XRzobPsLhV&ac=Xmwo1n97Q8&de=2&ci=948461&psv=2.93.0&_x=1
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE&pp=15222&ti=&pv=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:39 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF68
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEihMo52wNPasxBk_Z-yi1Q&google_cver=1&google_push=ATf1kGM35Cp1NZPITm-R_XuJBo_sONsRXgGidovut8KrL2gNw4-DSimgi8...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGM35Cp1NZPITm-R_XuJBo_sONsRXgGidovut8KrL2gNw4-DSimgi8i6AYOprben4GNNLfFNlh7TX-FooYSy8Z5EyCTnF4M2D6bMitPxlNWNqJ-wVfTnNaq...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGM35Cp1NZPITm-R_XuJBo_sONsRXgGidovut8KrL2gNw4-DSimgi8i6AYOprben4GNNLfFNlh7TX-FooYSy8Z5EyCTnF4M2D6bMitPxlNWNqJ-wVfTnNaqiTz_5NH4nZBZ0Z13PfoYr3fBb3Be9SQtksg&google_hm=CBvkPIROCZYw9gxaaKvvPg

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGM35Cp1NZPITm-R_XuJBo_sONsRXgGidovut8KrL2gNw4-DSimgi8i6AYOprben4GNNLfFNlh7TX-FooYSy8Z5EyCTnF4M2D6bMitPxlNWNqJ-wVfTnNaqiTz_5NH4nZBZ0Z13PfoYr3fBb3Be9SQtksg&google_hm=CBvkPIROCZYw9gxaaKvvPg
pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame DF68 0
103 B 15ms
14ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAXgZTmwTfFMgXRhiDq9Xgc&google_cver=1&google_push=ATf1kGMEG56AYdQjaL4JsWM7R1MPmy8Q2oOBXaAv2c-5pR-nmzltXXPvt76Y2_gF6m5B90BCakiS320OrXzcyLzINVnqxHJFqWMDmTgQQmdA2ka6T5ibj4m6MN51aBwssaiR3qBCypG8pQZgBnm6v1aX0dP2oNQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259490&bpp=3&bdt=153&idt=245&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5769204369885&frm=8&ife=1&pv=1&ga_vid=689039208.1684847260&ga_sid=1684847260&ga_hid=266582515&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31074687%2C44785295%2C44788442%2C44792645&oid=2&pvsid=2670633855062853&tmod=866578255&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.yb857gstqx2r&fsb=1&dtd=250
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF68
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBZfJbZShCyxAGnt_PyuWl0&google_cver=1&google_push=ATf1kGN4dMSzJ52ANIgUUr5W2UNA7rmBhqpUaDrWo0e56F5TZopCJx-fD_fKXQfYni0KlNSxch5PAB1Pf0q7O3qS...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=NQdkbLqbQwGu8qTrzkOHfw&google_push=ATf1kGN4dMSzJ52ANIgUUr5W2UNA7rmBhqpUaDrWo0e56F5TZopCJx-fD_fKXQfYni0KlNSxch5PAB1Pf0q7O3qSGTs5u2l9...

170 B
188 B

58ms
57ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=NQdkbLqbQwGu8qTrzkOHfw&google_push=ATf1kGN4dMSzJ52ANIgUUr5W2UNA7rmBhqpUaDrWo0e56F5TZopCJx-fD_fKXQfYni0KlNSxch5PAB1Pf0q7O3qSGTs5u2l9OoqcYY6F5aS7G7msQh06hDMg4ogMPLvLb2Lry1i3x6XWZqJVYOz0Lk4dJOlBtA

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 23 May 2023 13:07:40 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x28 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=NQdkbLqbQwGu8qTrzkOHfw&google_push=ATf1kGN4dMSzJ52ANIgUUr5W2UNA7rmBhqpUaDrWo0e56F5TZopCJx-fD_fKXQfYni0KlNSxch5PAB1Pf0q7O3qSGTs5u2l9OoqcYY6F5aS7G7msQh06hDMg4ogMPLvLb2Lry1i3x6XWZqJVYOz0Lk4dJOlBtA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 23 May 2023 13:07:39 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF68
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELMg9fNGkLxOpmA_3of46SM&google_cver=1&google_push=ATf1kGOCuybqgan_tIq0Qn-rjbzR3GqQWkMko-GKxC8BjuPGYE-AbpJwnxHJ0tU4NDREnFIVkl51UjkdsH6oDrm-0SpT...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOCuybqgan_tIq0Qn-rjbzR3GqQWkMko-GKxC8BjuPGYE-AbpJwnxHJ0tU4NDREnFIVkl51UjkdsH6oDrm-0SpTxrY1vgDkpDgkr2sPBAia1CNNLsvJENO80i0f4_KyX7...

170 B
188 B

55ms
55ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOCuybqgan_tIq0Qn-rjbzR3GqQWkMko-GKxC8BjuPGYE-AbpJwnxHJ0tU4NDREnFIVkl51UjkdsH6oDrm-0SpTxrY1vgDkpDgkr2sPBAia1CNNLsvJENO80i0f4_KyX7IxU7hNodBOP7i0KUKUKRko97w&google_hm=m28ck1DOTMGlMuvE2dUkbw==
date: Tue, 23 May 2023 13:07:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF68
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKFbSFnghgFWDRfNqMBrNyA&google_cver=1&google_push=ATf1kGPmm8o9-l7NlhqEgXFHc4I0Al_EXO-dVKpo7QkAtrx4ewx0EAkbz6bR2-VhIWzuDyucq9amX240facBG8HV7iCAufO...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPmm8o9-l7NlhqEgXFHc4I0Al_EXO-dVKpo7QkAtrx4ewx0EAkbz6bR2-VhIWzuDyucq9amX240facBG8HV7iCAufO0dorPlF36iGJtALv8aRSMukDAr1ViLgu29pcsw...

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPmm8o9-l7NlhqEgXFHc4I0Al_EXO-dVKpo7QkAtrx4ewx0EAkbz6bR2-VhIWzuDyucq9amX240facBG8HV7iCAufO0dorPlF36iGJtALv8aRSMukDAr1ViLgu29pcswxjHrqsnElaB4Lddi9-VqesuAQ&google_hm=eS1PcGx5a19KRTJwR3I4ODVVOFlXeWtCR3RxMFVMeWViYX5B

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 23 May 2023 13:07:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPmm8o9-l7NlhqEgXFHc4I0Al_EXO-dVKpo7QkAtrx4ewx0EAkbz6bR2-VhIWzuDyucq9amX240facBG8HV7iCAufO0dorPlF36iGJtALv8aRSMukDAr1ViLgu29pcswxjHrqsnElaB4Lddi9-VqesuAQ&google_hm=eS1PcGx5a19KRTJwR3I4ODVVOFlXeWtCR3RxMFVMeWViYX5B
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DF68 0
12 B 49ms
48ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L8Gw7rBCAbily5JyxIxHq6jNa8NTU6DY9wx9bHuStEEy5xFXLZchUg3kA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/ Frame A55B 0
145 B 29ms
28ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/postback?oz_pl=1&ui=&ap=&to=3&de=2&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8&sr=GOOGLE&pp=15222&ti=&md=1&si=&pd=avt&pv=398374e8-5faf-4290-9894-ef180fe047bf&dm=728x90&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&psv=2.93.0&_x=1
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE&pp=15222&ti=&pv=398374e8-5faf-4290-9894-ef180fe047bf&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:39 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1BF7 15 KB
6 KB 51ms
17ms Document
text/html 2a02:2638:d::d

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:40 GMT
server: Kestrel
server-processing-duration-in-ticks: 385823
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame B2A6 89 KB
29 KB 58ms
28ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 24 May 2023 13:07:40 GMT

GET
DATA 200
OK truncated
/ Frame 3467 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 659c34ea7f0afef2ae27487c55e6ed8e3fe2921de57617d61452e04f74dd6baf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 18C5 13 KB
13 KB 115ms
35ms Font
font/woff2 2a00:1450:4001:828::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90003.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 06:23:49 GMT
x-content-type-options: nosniff
age: 283431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 06:23:49 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 18C5 13 KB
13 KB 122ms
42ms Font
font/woff2 2a00:1450:4001:828::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90003.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 04:00:36 GMT
x-content-type-options: nosniff
age: 378424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 May 2024 04:00:36 GMT

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/ Frame 6221 0
145 B 29ms
29ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/postback?dt=9484611597092707615000&pd=avt&pp=15222&md=1&ui=&ap=&ti=&pv=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&to=3&si=&dm=728x90&gt=DE&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE&pi=XRzobPsLhV&ac=Xmwo1n97Q8&de=2&ci=948461&sid=AgRLuPwREAd4RXj7&oz_sc=676a1bfab3a42278b08ce6e4&oz_df=1684847260719&oz_l=237&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:39 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/ Frame A55B 0
145 B 28ms
28ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/postback?ui=&ap=&to=3&de=2&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8&sr=GOOGLE&pp=15222&ti=&md=1&si=&pd=avt&pv=398374e8-5faf-4290-9894-ef180fe047bf&dm=728x90&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&sid=AgRLuP0EEAfkkmp0&oz_sc=7ef3d3dd4d7eb15e1c6fbb98&oz_df=1684847260748&oz_l=237&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:39 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame DEE2 170 KB
59 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:827::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 May 2023 07:18:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/ Frame DEE2 11 KB
4 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1352960/69587979/xbbe/creative/adj?p=APEucNVqL6oAgioxGD8L0DyOT5YPZmBp5eyf8WrkQ25ro_9dx29sOtw&d=CokBAKAmf-Ax032E6sWhAuve125y9Pz5NRQdxn6oqLNoOWcBZcWBDlLqcCiaGkPAm7JziWz-nxX9-UqSCC3EncQeHBjxCDBpSKt-iIljbPritxo3Ma3fF7eq3rKqYR8ROujr3K93Tuz2ssBZnkV8KMo7B6O-c8SQOktafKBxrPfs2Pa15L00rhsOeKYSuQ4AoCZ_4Gyvb39cs1sAjEFuEz-pxZcdXLJJKFV8rhQy-zlZE0YT9AExIyRjndXcgc41oUi4mxLSqpx1g1WbwDF0IGsGyis63eKwkBgT2Xu1-3-tuKIaialG-Ed7P5XthjpSA_VRKaPHD3Zh_41JQbpZ7JKj2DXUSxZUumAUDN8fItj6hBUuuBVCcdWQTBSl60bomcy0dMhXMtwkbPJugj0rFby1CiW02jji6ha20BoUlMbO2MuOPZXCa5LjoE0axEgv5caFFpcwknYtj6T6odJUal7peQG4rRIipjKJtOQ9Zfj1oObOcYE-chpkeGmTC3O8ve2yV0arVRSx1xcpZo-Ha5C97gA-BTkGuweXjzSaG8f7qHjhsKAhzzNIXoKVQA-bOX70DPdqwnZlCfhQgI8eHq_SFsD394fdNPfnxRE7Lwj_8ApzHRuRCDTv2Vks7tlxUv_iLtou4INQ8Y6XXFJrXyGaPi9Ch55JIcp8LEaYLQolzFg-yVXKDUh_TKoylWAyShw_gSeqtiAXrhXMDKhNEpNPbNWlulGFF5IbaV5GyTH1jKb3TPfXIaXH8i-PzSbAzO3OyK7_zYk2xHhvQp_RLWBdL6EOLiWwl-rmLozJG-amxx9bX2w7TvXrxBowDMqUjRKXb_QVZIcfeLpFmQDe7nfHJiLrXkOsYPFVwAPMTyY1hHmKFgtr6KHPZ2fAyh7Cs94gLgC1SiPspIY_6hXQQaqJrWOkbjdOwu7wThsat1ax4onJwnNMhsEhVFN2HUR2tlnMlawXJZMTNHZlJRJ5U2WWTbxnZUTOJOKfnb5HY5lueA28ayandeuJ5BUe6w8iCzw06WdGIqH2i1lHcG3kJjR5eb1hc-XUOyces7lL03UOnRCGp14xce5QsNre-M27IddnevYXqpis5legeQKfP9weE71KKn40MDSeHN0i2tM4qU51mMS2cQzKnoLh44UllwPoi8AZP-IqxuVrP3-CsJsCH1cCi8Fp05ikgfTJVMD0TmYB0mDAW1qq6iNyNmEtvhlzbRrmFNmESoKKUYkIJweEFE5LsRME_anD38XuvhkuGR_KerqivGwonPn3-6Ifg-2EOqcloCD7SMAyxnYD_wElNpwcwr5dQZnUs5rIl--LPsemuwZOxFvkOnRAb1AD65pn4iNDrRDRUCxjxUN7KgqWV8z95Lmc4w_WnNuuQ-P26Y1YXg3GODvpRDrmnVMjLJZ-2LVCuuhdyHUhylvJTI9wd-R1p5b5bAJ6KiKrtZ9SYInoEruaS8Q6-lHg6deF3GUhzOYGfxcvCeAmTIsyYIOXjBpEBdN6c-tX96v7uAo0cUQOwlSMJXhhysAtOpd-d4W-lZCS7XOZsYb5-1oGt2z5d4aL0SUR82FCbU6d0ro-f6F4drzZqAoBmMdBL1bMi2uX8TiaNa-OqoG1bdAg-2fFu5Pi-Yek6xofnm-f8f2Ac-Uc1PNLidIp905-u9c7OfNPSE2MTfQgZou_0zZjU0bYX8TnG3s57LAniQMWf2JIz8uG3B6Il2vOF-klgZtI0VvuX5pMVZqyP27C38ipmEam6bI4hbh5RIAvol3BuDrehHikW9YsU1bY0_3OEShaMS2HMpvwGmYgNpNR-OptUumgvjgQVhxYUuuqydhrDc_CCCfOaekWeJCrmg5COfZoqJGyPdTsoLuTQiuKRpGZMTJqv08aqJ91dy4Uwn0p-cIQJg5OF625ZzxU_JQP3EQSq6QwXyUURdjhX1dYLwzn3wVa3-6xwtvHz_pFPTkWFg_wDEOauXXrP7tNOJs8Uo_3Jd_toLQMAvp8Td_IY1UkkDkBQMNOREshWi13wXPBHpYjCIP-M2bf3UhPXU3Gb2uClpStoCkxdwpd423MgeZ_gwWAbGNHT8-vzdYcgj_73chs9PGydJbgk-J3nTGOGK8Tq5K8jRay0uen3BrvXWPZPquG_HC3-TgzvpeSzCOkSGHAumWr5QQ9LPRJPJVxgV_xsRALuB93TYQBqsR1nOq5UNaMVr7L8iBN8UHmb8XqtsLuFCATC1FbpDsT3uqaH_7P6WzvKHEWNz1NFYsfjKl0Or_29G4wDuh7pdBjeDkxYF0NDrZV1BARwI-5z2P2wWJc6ybWPA0f2v4j1iiMgVa4O9NgE8tKPxWO3KetUHdvbkzFqrekFo_etdZHO6XOC6_ZUE8wIkpa872R66LShkv9ksGLt-j9oX2Sim22TBGHbveh6IHmm_phI8-ezim9ehh9e2RixodDukUDfbjjKu61yNA9JzbwLRtza9odVktD9Go-dfDTnQd76nrnifjvnCG5Cu0Dn8PKCHeY8XJf6G_JrE4DeT1i4jBGl2yikS87vmWoL9iiKixqEvL07XlGj1Mqj6NkJkAsDcbq_ZuEPWUoG6HHnydYnvVkFmnP2wJmN885zBpsxqfOwRBvtYMpcvxvHnb5-ToME7uPp7OCAcNePXT_b5KVKv6OGjgIBBIyAHKBCIORuqxTEtqxNcnhx84-hM4c4aeFh_gn50k8yrE701Fq__3RUXozwITEgsV2790YAWAB&bundleId=&ias_dspID=3&ias_campId=1010578566&ias_pubId=13760&ias_chanId=8&ias_placementId=19682516548&bidurl=https://ye-mek.net/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j9btiaEiQXm_AGeDHzK5BE&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fye-mek.net%2F&adsafe_type=bedf&adsafe_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&adsafe_type=c&adsafe_jsinfo=,id:4df471b4-a785-8b40-3a3b-b98672ddcaf2,c:druVV7,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5cf46fd95f-wbpjr,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tF5loTL+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C117%7C1181%7C1182%7C1183%7C1184%7C1185%7C1191%7C11a1%7C11b*.1352960-69587979%7C11b1%7C11c%7C11d1,idMap:11b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:48,oid:cbd24d07-f96a-11ed-a0d2-0e46021e0a85,v:19.8.411,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:53:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54878
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:53:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame DEE2 28 KB
11 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 22:03:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11001
x-xss-protection: 0
server: cafe
etag: 16383942900985251592
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 22:03:24 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1BF7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=SyL_v3xCVW9hS0ROdWphMklnLzNTQ1RVcGV0eXZKVmhCeXJ6ekJFSEVhenpzY3lKNVU0K3NEcjhYbmZmVUJkOXh6TEt1aEVucDhDSm5Vb3NFSDlXNCtjbXF1elpXeFIyMWViTnVmbWdhSk1SSjRqNllpQzFZemQ4MTdubn...

433 B
653 B

356ms
17ms

Fetch
application/json

178.250.7.13

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=SyL_v3xCVW9hS0ROdWphMklnLzNTQ1RVcGV0eXZKVmhCeXJ6ekJFSEVhenpzY3lKNVU0K3NEcjhYbmZmVUJkOXh6TEt1aEVucDhDSm5Vb3NFSDlXNCtjbXF1elpXeFIyMWViTnVmbWdhSk1SSjRqNllpQzFZemQ4MTdubnZuMmlKSm9lRW1uWXM5d25CSnY4WnJKSUxqMG51NE1mejJpMEY1cVZZdHo2aDNGZ3hqaUFqTEFOYVg1QjhYaVhpcWtOSlFyU1JqZVc3anAvbzhhNDRQNzhQcCtXeVp0Z1M1MkVYNW5aR0xDcld4ejBmQmFGY29qL2dJdFBRWkdrVStXWW1xVGFUazN5Zm05am9NY09nVVNVMzlWMEQrd0YySDFPVFNmdlY4SVJkd21KeVhQWT18&cppv=2

Protocol

Server

178.250.7.13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

00c795e53a1da94d03f6c88687d4e83d4f7c5a8329c924cc303977bb8a387d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1540550
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=SyL_v3xCVW9hS0ROdWphMklnLzNTQ1RVcGV0eXZKVmhCeXJ6ekJFSEVhenpzY3lKNVU0K3NEcjhYbmZmVUJkOXh6TEt1aEVucDhDSm5Vb3NFSDlXNCtjbXF1elpXeFIyMWViTnVmbWdhSk1SSjRqNllpQzFZemQ4MTdubnZuMmlKSm9lRW1uWXM5d25CSnY4WnJKSUxqMG51NE1mejJpMEY1cVZZdHo2aDNGZ3hqaUFqTEFOYVg1QjhYaVhpcWtOSlFyU1JqZVc3anAvbzhhNDRQNzhQcCtXeVp0Z1M1MkVYNW5aR0xDcld4ejBmQmFGY29qL2dJdFBRWkdrVStXWW1xVGFUazN5Zm05am9NY09nVVNVMzlWMEQrd0YySDFPVFNmdlY4SVJkd21KeVhQWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 350162
content-length: 0
expires: 0

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame 890C 37 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 10:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 10:58:14 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 39F8 3 KB
4 KB 50ms
21ms Image
image/png 2606:4700:20::681a:71b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2022
x-guploader-uploadid: ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peQkoM1g%2FNios6mcTQb546mvmhPi8zSay%2FxQAvAnDSW%2Fpp9WtAfm7%2Fi7OfF0BVb46R3jJ4u8fFgA4RUdcDHnDBdQDApywcxxCqCvMZdTmyLGgESIhSY0zvDCwLxyL6%2Bsc5LX9k3d3%2Be1zbCNq9WUXvrl"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7cbd85f51a2037e0-FRA
expires: Tue, 23 May 2023 13:33:58 GMT

GET
BLOB 200
OK 7aacf1e6-5364-44d6-8212-4d9265f59ab8
https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/ Frame 9D39 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/7aacf1e6-5364-44d6-8212-4d9265f59ab8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/ Frame A55B 0
145 B 29ms
29ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/postback?ui=&ap=&to=3&de=2&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8&sr=GOOGLE&pp=15222&ti=&md=1&si=&pd=avt&pv=398374e8-5faf-4290-9894-ef180fe047bf&dm=728x90&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&sid=AgRLuP0EEAfkkmp0&oz_sc=7ef3d3dd4d7eb15e1c6fbb98&oz_df=1684847260932&oz_l=4337&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:40 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/ Frame 6221 0
145 B 29ms
29ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/postback?dt=9484611597092707615000&pd=avt&pp=15222&md=1&ui=&ap=&ti=&pv=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&to=3&si=&dm=728x90&gt=DE&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE&pi=XRzobPsLhV&ac=Xmwo1n97Q8&de=2&ci=948461&sid=AgRLuPwREAd4RXj7&oz_sc=676a1bfab3a42278b08ce6e4&oz_df=1684847260933&oz_l=4337&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:40 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 frame.html Show response
ad4m.at/ Frame 19FE 2 KB
1 KB 18ms
18ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2225399
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7cbd85f528abbb37-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 23 May 2023 13:07:40 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sH6ZDC%2BGRR%2FrQjfYneab4VOkG8%2FwY%2BDvirdK%2BZtdr9HgyZBoP5LBHy78JshFtT3h%2BKtsaril484TygkzJt8QDA4Hzk0wRcOBnoMmCh9PA5L5iuAYyiatNiqCma7CuGbkqVo2kfQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
BLOB 200
OK 3b745d63-ddca-4ed6-82ef-44226ef83b7a
https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/ Frame E13F 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/3b745d63-ddca-4ed6-82ef-44226ef83b7a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DEE2 43 B
215 B 108ms
108ms Image
image/gif 2600:1f18:1aca:4281:13ee:cc81:4828:61d9

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=4df471b4-a785-8b40-3a3b-b98672ddcaf2&tv=%7Bc:druW5L,pingTime:-10,time:708,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi4xMjYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684847261037%7C%7C7369d23627b1f7d7988c4033766b8393%7C%7Ce680db45f58fb4c44533cfaed40b3e29%7C%7Cc5e6331698a28c5ac7d412ee33cebeef%7C%7C2a0d724d771a511c0e39e3b7a3b06803%7C%7Ce10e9def6a3fc3f9e53b012744c155cb%7C%7C9a742bd88fac256dba640c33a55f61d8%7C%7C47eff1ebb1d4d6a4d00ff1952d62e59c%7C%7C1663701684%7D
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:13ee:cc81:4828:61d9 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:41 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7BC1 281 B
554 B 56ms
7ms Document
text/html 23.201.255.110

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 May 2023 13:07:41 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DEE2 171 KB
53 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:41 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 490D 0
0 76ms
75ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHkmXJIqEg60COdNVtJ7UMQJ65TLR3fE0awt80nLop1rsgs2J2MwgIrK-xvy10o2sjxAHkwgSB3TBqb_N7bqJx3_N3aJAtK6QLdClAHO9e3FpogpCnfwxkh5Uksef3ooUofeWisSmBSIwcosptsmI7Xd7wmj2BAKeOePhelTW4T7yRB5NLiKY_hsHJBOjJpUGBfV2Mo8CT9UqfAbmTvRYjo_5eYe3xB8UZ6sd8EnVD1KzK7PDmq36TaPj6mwwe6BIXZx5yfj3YrED5KbrBNexhbD2cVfihDmI37bkHbztoCWZkxAdn8Ep9G1DqloFcVYr4CIlYOuDs2eolMQMk8jJBG-6NFFGlPMQtD5MCodneQcebWFLLZw&sai=AMfl-YTKdp4W7Ptt5drOAO-jCfRhREQQrZxhVgxMX-7e7RHK2lzdcIYaRXbdjHYn56i-TUA2wJrNWVdqKAym3Jz8VlHtKAyj3O8fTCqKYubomGg&sig=Cg0ArKJSzKnqJqDarHfWEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 13:07:41 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 490D 15 KB
11 KB 84ms
84ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230518&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

545e04a0150f50e8ef7822e74db802e661a82c5868c6eb08920ce7b723f3c4ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11374
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4797436206633363095/ Frame DFC3 1 KB
765 B 116ms
43ms Document
text/html 2a00:1450:4001:827::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4797436206633363095/index.html?e=69&leftOffset=0&topOffset=0&c=cEoSXymOzt&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a5b788385293df1407acc0ddf9b8357262517a098c1e0af6c9e3a272bbfcb82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 737
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:41 GMT
expires: Wed, 22 May 2024 13:07:41 GMT
last-modified: Thu, 27 Apr 2023 13:45:36 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DEE2 0
0 272ms
73ms Fetch
image/gif 142.250.186.66

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdrzPVT91-14eNc16WKJ-djqud6s3kFfSC5aF76Egrhw0rJA5kFLp6TQckVx2IHX9vqjUokpDjaq8KIP6vffLynguMYRT1gCEhcv8_ndYoNkx4cY64mzED4JFHH7Chr6L6kipZNyKf64MC7-SQp3QOZvf6pKb0wbq6Kj5V4VGI6p4&sai=AMfl-YRMP2r25aInqo6vHHXSfDhIP4ISwoun8f3X8FkJbG_4dgXYU5COIwdDP-C9vRRvy9OG_X_3AWNUxR2wQUcB-9sr_a1PhcAhWKP3aF1FIKAtka7ziuiNB4uiV9KtEUDxWN6T&sig=Cg0ArKJSzH7TI4cQr5GLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=241&cbvp=1&cstd=230&cisv=r20230518.26056&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 13:07:41 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame DEE2 43 B
1 KB 228ms
19ms Image
image/gif 213.202.235.8

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26966436&extCr=180661613&extPm=357115747&gdpr_consent=&gdpr=

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.8 -, , ASN (),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Tue, 23 May 2023 13:07:40 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Di, 23 Mai 2023 01:07:41 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1119
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/ Frame 6221 0
145 B 30ms
29ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/postback?dt=9484611597092707615000&pd=avt&pp=15222&md=1&ui=&ap=&ti=&pv=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&to=3&si=&dm=728x90&gt=DE&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE&pi=XRzobPsLhV&ac=Xmwo1n97Q8&de=2&ci=948461&sid=AgRLuPwREAd4RXj7&oz_sc=676a1bfab3a42278b08ce6e4&oz_df=1684847261123&oz_l=492&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:40 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/ Frame A55B 0
145 B 29ms
28ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/postback?ui=&ap=&to=3&de=2&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8&sr=GOOGLE&pp=15222&ti=&md=1&si=&pd=avt&pv=398374e8-5faf-4290-9894-ef180fe047bf&dm=728x90&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&sid=AgRLuP0EEAfkkmp0&oz_sc=7ef3d3dd4d7eb15e1c6fbb98&oz_df=1684847261128&oz_l=492&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:40 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A55B 42 B
64 B 70ms
69ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYk4RRbAJDR9IJQ07cd0QAP6oNHmcgqx_09DgIuQznklk7VsrHfl2WiWedqHAmrPg7NZ5G2UPMK4HV8_iMvn3nvgrJ&sig=Cg0ArKJSzOMHoImdtorjEAE&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230522&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684847259805&rpt=317&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 39F8 1 KB
2 KB 38ms
38ms XHR
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 497dbb1d174ef1c33621082e3e561ef27857ecbfd2dbab70214d83fda04b494b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vk3jVuOEjsh3WPZYG9Xl4dVskT7nwo1SjnKcr65kHKY3z7laiy8HSvqntvEY21D8upHkiRRB%2FEpPXs5R%2FKDnkx7QQQlXA3BTeAw%2FvC5I243vEXTECUrqAO%2FCThezn1i0V7%2BuSjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7cbd85f78eac1cb9-FRA
x-backend-server: aa-reachservice-group-europe-west1-n6pb
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 890C 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEe8cnLpsZLSgCpn83gPVx7LIAQAAAAA4AeAEAg&bg=!OzilOGzNAAZ8_aWmXP07ADkAdvg8WlNB-WHM9WjBjel6S93BwfyDWWAJEGDtIp5a2qNx4mf4uPTCZNLqX0HbXH75z9PILS6AQZ4CAAAAiFIAAAAEaAEHmQLefvqHnHwyLnleneWsQNjMA2dbfRzQD86GTR2OaqbCdmgMoe8uOnfO5eEW7w6pWFvoKoF2FdwKD83YEi4ude1TRzIrgR9jrhNQzTTyzm5tXjiwUb84eEN5NqZe5QbHTwMSWJllJHD_RLlbjrjHMd5QOtS3MaVTqLNEQj1BVlNfvI3irpnrmFByfi9Qucv_FmBRjlaZy23Vy-PjKHsGAdT2NYGiPM08d6ji5p3SL0hw58Yc4OmxYl8ZtfyhfkASI7D0UAcNvYedXV2I19RIW4erytamtICsoNnFLCGmwjFUSG-cZfuLHQVLrikU2QYVlOF3zTtPnz4CDeJVYEY1VN-rpBbuVzTRAT2HOlc5mYBQKdDDHs7jjQ2bOVvS_zwx4fa100uVuhJQ5SyoxGw7hMO7yxWQ6vAU9LQWkBM4AIqKNUSm3_AP2dObrYlfSaQCNwA8Az0O3F6r6vbAN-mNEeS_2-i3wE-dwFGjkLmjanYivtBD983c48fsyLspk9sWqe2xzlPiTluWulvdu3g4G3bNkyk-ii1vR25i5E4HnpShXNGr41i0L4-HkUGb-IfMP9cK8dxcCqzweQLmftLYsJmohzSGczu2EPHfBdrK3CgI96uYkb0_ZEQ0BC1eNBOCbACqieQZig8RWmaQMDwzneLingqEYTWFeC1di1SbIOHmILXWG4g8lM63bCWx5Y5aBLKl6LTSBBVRdKK0rB9bXGzfU4ntzs1EXLGjRR65yJY9kNVsOBOlyo0Hay4tZWsMiN6Jy6RmmQ_9R9fkGj4RWn-pXN5R7aVL2olcyjXprFwwjRaqB3Ze2lHZgi5KSXFkn-dte38fuEPQyRayvzft3r36V9ZE-AS5LvKJiNs6A5g_AOspz1eImyAjJM7UMwogAvSo-9XB95dVhD6ObTtvggB1rikDSalLmU7taQUY4nEOFlgcKWDOEs0RfmsEfpv1IEuK8eaigLZk5ef7eik5GH8

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame B2A6 0
209 B 46ms
46ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1684847258370&userId=vnet6dd915f7-1765-4a38-ab22-8cad630ef3ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Tue, 23 May 2023 13:07:41 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 209ms
46ms Preflight
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cbd85f73e421cb9-FRA
content-length: 24
content-type: text/plain
date: Tue, 23 May 2023 13:07:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xymWMcqWn%2BAvKY1RT4HjdAB2CWabJzAflZrKJMQsA32bLn51wlY21ALQfn8H12ZSp4lK9CLY648N5nKz6hBexxMthqaAGIsMl2HYlQFYUMV%2Feln30Qf%2FXdW%2FDfGJ%2FPw2G6igFo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-n6pb

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame B6D6 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 10:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 10:58:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame B6D6 19 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 21:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:56:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B6D6 0
0 46ms
45ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWFw6S04DkQZZp-GLVzKkKKmyVj8zjSrDu4bGSxSfSKIEGosIAIXwmXo7AJKZymu18I7nA0gzAjBPibEfWQMUJ9ahJgA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B6D6 171 KB
53 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 13:07:41 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 490D 17 KB
6 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 May 2023 13:07:41 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 48D1 2 KB
2 KB 29ms
29ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g29k1hzex85r2vd4qg2z2satxq9fqd4hc22qw1wa3pryynjf241p49ypsecbad8x7j4jnkq497yp55vv391sbjn8bn76qvprcd4e893qnwa71vn084c4hh3txw8858acdkkfd0hgymjg9tfg64y0zzfnwt2mqvfadz02g7fqbzd73na8k1v88y5h3w2p11m9xp5erybpg602109fz1ttk3sjrrx3195b8tdkd8s9g3wsmxpeyy9h44rw2ypmcw39tdmba7b5646p0s17wngdbah70eg2bwn9w5et6vkcfxvxwvjkg3gmm6mhh2s51vazyrcvffqw3qjr7yzfztwnb7y5ckwq78j5zw0y6y8wrtkwqrfy4j2nvteaa8cre40nnmk2mkfphy8v7cycn6ea42s6qdwysbrjq1q6zt704dq9ncf66nqfnrj7rfh5wrzz6249jbc5w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%26client%3Dca-pub-6593523210010154%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e69106324df152a12ca30bbcace2ea0329260a312cd16f7562eceb0e39dbe21

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7cbd85f76b39bb37-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:41 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EC9E 1 KB
643 B 38ms
37ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 10:33:36 GMT
etag: 48472445140208031
expires: Wed, 24 May 2023 10:33:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/ Frame 6221 0
145 B 31ms
31ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/postback?dt=9484611597092707615000&pd=avt&pp=15222&md=1&ui=&ap=&ti=&pv=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&to=3&si=&dm=728x90&gt=DE&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE&pi=XRzobPsLhV&ac=Xmwo1n97Q8&de=2&ci=948461&sid=AgRLuPwREAd4RXj7&oz_sc=676a1bfab3a42278b08ce6e4&oz_df=1684847261345&oz_l=3225&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:40 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
DATA 200
OK truncated
/ Frame DEE2 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9660fca55635a055a48ba52a8a49341e5585d42caf77fd7b495adaa1bf288259

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/ Frame A55B 0
145 B 29ms
29ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/postback?ui=&ap=&to=3&de=2&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8&sr=GOOGLE&pp=15222&ti=&md=1&si=&pd=avt&pv=398374e8-5faf-4290-9894-ef180fe047bf&dm=728x90&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&sid=AgRLuP0EEAfkkmp0&oz_sc=7ef3d3dd4d7eb15e1c6fbb98&oz_df=1684847261352&oz_l=3224&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:40 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7BC1 34 KB
10 KB 18ms
18ms Script
text/html 23.201.255.110

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a7019f1fd3a656f5f264b240d972f15817bc5290d8ccecd04f02d44d19d13c36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 May 2023 23:40:20 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37949
Connection: keep-alive
Content-Length: 10084
Expires: Tue, 23 May 2023 23:40:10 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 48D1 103 KB
13 KB 20ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g29k1hzex85r2vd4qg2z2satxq9fqd4hc22qw1wa3pryynjf241p49ypsecbad8x7j4jnkq497yp55vv391sbjn8bn76qvprcd4e893qnwa71vn084c4hh3txw8858acdkkfd0hgymjg9tfg64y0zzfnwt2mqvfadz02g7fqbzd73na8k1v88y5h3w2p11m9xp5erybpg602109fz1ttk3sjrrx3195b8tdkd8s9g3wsmxpeyy9h44rw2ypmcw39tdmba7b5646p0s17wngdbah70eg2bwn9w5et6vkcfxvxwvjkg3gmm6mhh2s51vazyrcvffqw3qjr7yzfztwnb7y5ckwq78j5zw0y6y8wrtkwqrfy4j2nvteaa8cre40nnmk2mkfphy8v7cycn6ea42s6qdwysbrjq1q6zt704dq9ncf66nqfnrj7rfh5wrzz6249jbc5w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g29k1hzex85r2vd4qg2z2satxq9fqd4hc22qw1wa3pryynjf241p49ypsecbad8x7j4jnkq497yp55vv391sbjn8bn76qvprcd4e893qnwa71vn084c4hh3txw8858acdkkfd0hgymjg9tfg64y0zzfnwt2mqvfadz02g7fqbzd73na8k1v88y5h3w2p11m9xp5erybpg602109fz1ttk3sjrrx3195b8tdkd8s9g3wsmxpeyy9h44rw2ypmcw39tdmba7b5646p0s17wngdbah70eg2bwn9w5et6vkcfxvxwvjkg3gmm6mhh2s51vazyrcvffqw3qjr7yzfztwnb7y5ckwq78j5zw0y6y8wrtkwqrfy4j2nvteaa8cre40nnmk2mkfphy8v7cycn6ea42s6qdwysbrjq1q6zt704dq9ncf66nqfnrj7rfh5wrzz6249jbc5w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%26client%3Dca-pub-6593523210010154%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 77303
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7y83AnGpu1KZpyPOlwcx%2BL1StJ%2FWOSbYQCaaFtJ7cfgCA2BPi6lxIo40kJpAF1PnCQyJDLQnaXBCr8vTrCVdSwEBjxSfm3bhv0OdJWSf586F%2F%2FhoKeLA8JBMZVgVJ%2BnelS9weDefGDU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7cbd85f79b78bb37-FRA
expires: Tue, 23 May 2023 14:07:41 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 48D1 25 KB
10 KB 27ms
26ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g29k1hzex85r2vd4qg2z2satxq9fqd4hc22qw1wa3pryynjf241p49ypsecbad8x7j4jnkq497yp55vv391sbjn8bn76qvprcd4e893qnwa71vn084c4hh3txw8858acdkkfd0hgymjg9tfg64y0zzfnwt2mqvfadz02g7fqbzd73na8k1v88y5h3w2p11m9xp5erybpg602109fz1ttk3sjrrx3195b8tdkd8s9g3wsmxpeyy9h44rw2ypmcw39tdmba7b5646p0s17wngdbah70eg2bwn9w5et6vkcfxvxwvjkg3gmm6mhh2s51vazyrcvffqw3qjr7yzfztwnb7y5ckwq78j5zw0y6y8wrtkwqrfy4j2nvteaa8cre40nnmk2mkfphy8v7cycn6ea42s6qdwysbrjq1q6zt704dq9ncf66nqfnrj7rfh5wrzz6249jbc5w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 410502
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlahktmOKL8wwpx4Dyx%2Bhi7I9yc1%2F6Cf6nzAeHjjHeimONq6GheEUam9nnbaX1EW5nB7yjrBb%2BrxzTvrVpzXQw5kRUxXqjZGZXOozTzDGTlNoLmKNtpyeuHeXLw2rJdu2JsUkgI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7cbd85f79b79bb37-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 May 2023 13:46:07 GMT

GET
DATA 200
OK truncated
/ Frame B6D6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1953327e8c5bf3a05a19144f978c9ac2007d78e10b17dbb2d289e8b3e9aefd96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC9E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFI4o-weKr022DkkSIia6Xg&google_cver=1&google_push=ATf1kGOj9cYrd3uBHba_ACr0lN6Lm5smNDiF8y7DWrO6AfkRmVJP_Zy1Ln-AguhMlyAwSBs3MC4aLZ9jLFo-CJc7...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=NQdkbLqbQwGu8qTrzkOHfw&google_push=ATf1kGOj9cYrd3uBHba_ACr0lN6Lm5smNDiF8y7DWrO6AfkRmVJP_Zy1Ln-AguhMlyAwSBs3MC4aLZ9jLFo-CJc7b8ID-k95...

170 B
188 B

58ms
58ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=NQdkbLqbQwGu8qTrzkOHfw&google_push=ATf1kGOj9cYrd3uBHba_ACr0lN6Lm5smNDiF8y7DWrO6AfkRmVJP_Zy1Ln-AguhMlyAwSBs3MC4aLZ9jLFo-CJc7b8ID-k95osQ6NT8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 23 May 2023 13:07:41 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x28 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=NQdkbLqbQwGu8qTrzkOHfw&google_push=ATf1kGOj9cYrd3uBHba_ACr0lN6Lm5smNDiF8y7DWrO6AfkRmVJP_Zy1Ln-AguhMlyAwSBs3MC4aLZ9jLFo-CJc7b8ID-k95osQ6NT8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 23 May 2023 13:07:40 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame EC9E
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-suziR9ndY6sSbxYJhf9XEy--IYnJx97Hmi58jA&google_push=PUSH_DATA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

43 B
369 B

17ms
16ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 113682
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame EC9E 43 B
245 B 56ms
19ms Image
image/gif 35.227.252.103

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEM5BjoEApC-GMyHhx6B-HzA&google_cver=1&google_push=ATf1kGMFJ_0uWxkKIoVMUxyK78-58VyGFCI7kuIoK2zQCFcs-4AVA305GehFT8XWldv6goG_cfzmWgghlYfhrEVJkNf7WfFxVKLlg_Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:41 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC9E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0huHFvVERyOwWzkNYfsHAg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

59ms
57ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0huHFvVERyOwWzkNYfsHAg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMiib1V5oNioBXZAvUjuwnbBZ72UF5_azpcnBf-kwIaqmpcnb2HoxwfpOwHKohf2hQFrbQGnsck-MyaCmTxXIaGcQR8Pu5zfQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0huHFvVERyOwWzkNYfsHAg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMiib1V5oNioBXZAvUjuwnbBZ72UF5_azpcnBf-kwIaqmpcnb2HoxwfpOwHKohf2hQFrbQGnsck-MyaCmTxXIaGcQR8Pu5zfQ
date: Tue, 23 May 2023 13:07:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC9E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHqFwE0xQwbB9qJYQgEWyxI&google_cver=1&google_push=ATf1kGNynd_yTUFGVvFhj9NqQ8LGqufEdEW5kV64zRGdbHEmtCgg10jmKrhqzIP_B_xjBspp4OX...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=ATf1kGNynd_yTUFGVvFhj9NqQ8LGqufEdEW5kV64zRGdbHEmtCgg10jmKrhqzIP_B_xjBspp4OXdHfC3yZEEuJnwqNXEHPgzDZiv7ns

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=ATf1kGNynd_yTUFGVvFhj9NqQ8LGqufEdEW5kV64zRGdbHEmtCgg10jmKrhqzIP_B_xjBspp4OXdHfC3yZEEuJnwqNXEHPgzDZiv7ns

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=ATf1kGNynd_yTUFGVvFhj9NqQ8LGqufEdEW5kV64zRGdbHEmtCgg10jmKrhqzIP_B_xjBspp4OXdHfC3yZEEuJnwqNXEHPgzDZiv7ns
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EC9E 0
12 B 48ms
46ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J_Msadg2Y6DOHHXJtdzV16dmy8C85uYNO14axtcAKP-Y7yTM7ujJOc4eQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 5F72 10 KB
4 KB 33ms
32ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=6e77395cb04b75581f168ff8c29bcb9d%2F10868366338898707073&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847261356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h87em78pq8etmsqz56g608nsx288k73dq9d03z9qeqfzp97pz1nw0pzyds09zypma2wk6tyr7a4qc6ctcc25j07drveqzhkj923nqtnmgkrdaefp6779wez7kw600nb9ed7q3fs68aknj3rnz3sjhfn1jcrt1m4s7hht7q32rqx3y14p8zcqbat0ww2n58ve5kjhv8ejh2smddksx3fpwmf65f3w1j3mqnatwhd8cmm034nxs2xwy3q35jj8r1mewv7qr52xr4cba8hbc8rqhwfg8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00dbe508ace1d5bb95d18d393d9dc700f6c2e26cb5a112ae0943c23e7e8e3578

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hcv8jfekfq3n88w1qmk9zb0x0tgjcvf45nz9v5btx0esmvk0yqh5czgqhs6g1qkttpmrnr1ycv143sh390syds1266mmdfyj3jhxawgw249f8bxcpef9h3xbx81x8k4b1y7jt21qt0ny7xwxsq57y0wkq5tpdmtrg0egrjv0e54hk7qfq15zwfjmz4hbks4he2cs98pec5bw1c7102g7nvx9c84ybf5q0kn7cfc3f0n31cnx2v1n09ysmbxh718jg3sv1h7zc4y1ytpjajcqxgkd4zv8s1njxc2nghjzas44gw48z8p99mxmngvfyn6hvhz0dqe6pgwtar8nzd9h2vyarck8e5wh3b17qc8yexkrm2tymxt67nsbv7qf85d7v8tjdarb22g5c3vafvezvhqz4a5nnpbnb1pvv8c20a35t3qb7kwmyvjsqtyzavhgh9yz3mjq8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%26client%3Dca-pub-6593523210010154%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7cbd85f7ebd4bb37-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:41 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F4B1 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGT46YFNRoz9A99olgBBhTF6LrlSPkT-cEIaSH-ofNC-UsTnUxZTVMpuukBPxv7hG4Rd9rSnPhPRZJTyG0xwUXNljw&sig=Cg0ArKJSzMTVnqTlJ5UMEAE&id=lidar2&mcvt=1160&p=0,0,600,160&mtos=1160,1160,1160,1160,1160&tos=1160,0,0,0,0&v=20230522&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3299242717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684847259666&rpt=657&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4FB8 13 KB
5 KB 39ms
37ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1566
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 12:41:35 GMT
expires: Wed, 22 May 2024 12:41:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BE23 783 B
536 B 51ms
50ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

89d04ad1203af4b2ab06cfce9711134e5a49da250ae1486e54608e29e072998d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_3MerqvBBFJ7mbT97j8JiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-_3MerqvBBFJ7mbT97j8JiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:41 GMT
expires: Tue, 23 May 2023 13:07:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame DFC3 113 KB
38 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:827::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4797436206633363095/index.html?e=69&leftOffset=0&topOffset=0&c=cEoSXymOzt&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4797436206633363095/index.html?e=69&leftOffset=0&topOffset=0&c=cEoSXymOzt&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 May 2023 13:07:41 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame DFC3 118 KB
40 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:827::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4797436206633363095/index.html?e=69&leftOffset=0&topOffset=0&c=cEoSXymOzt&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4797436206633363095/index.html?e=69&leftOffset=0&topOffset=0&c=cEoSXymOzt&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20935
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 May 2023 07:18:46 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 5F72 103 KB
13 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=6e77395cb04b75581f168ff8c29bcb9d%2F10868366338898707073&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847261356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h87em78pq8etmsqz56g608nsx288k73dq9d03z9qeqfzp97pz1nw0pzyds09zypma2wk6tyr7a4qc6ctcc25j07drveqzhkj923nqtnmgkrdaefp6779wez7kw600nb9ed7q3fs68aknj3rnz3sjhfn1jcrt1m4s7hht7q32rqx3y14p8zcqbat0ww2n58ve5kjhv8ejh2smddksx3fpwmf65f3w1j3mqnatwhd8cmm034nxs2xwy3q35jj8r1mewv7qr52xr4cba8hbc8rqhwfg8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=6e77395cb04b75581f168ff8c29bcb9d%2F10868366338898707073&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847261356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h87em78pq8etmsqz56g608nsx288k73dq9d03z9qeqfzp97pz1nw0pzyds09zypma2wk6tyr7a4qc6ctcc25j07drveqzhkj923nqtnmgkrdaefp6779wez7kw600nb9ed7q3fs68aknj3rnz3sjhfn1jcrt1m4s7hht7q32rqx3y14p8zcqbat0ww2n58ve5kjhv8ejh2smddksx3fpwmf65f3w1j3mqnatwhd8cmm034nxs2xwy3q35jj8r1mewv7qr52xr4cba8hbc8rqhwfg8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 77303
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImFEtZ3kmpszvz9gK9BApPjim3cRsMfhpMCWt09iVZE4DlrOoPcl0FqsVJrfnddeOiOmCRDfsNRLn8K2%2FlhXEkOmaFAmQAxk3JyK%2BWOb%2FgHCv%2F3B3qQb5N2ZFRatl2whwRtzBOj8Tzs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7cbd85f91d13bb37-FRA
expires: Tue, 23 May 2023 14:07:41 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 5F72 5 KB
5 KB 42ms
24ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=6e77395cb04b75581f168ff8c29bcb9d%2F10868366338898707073&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847261356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h87em78pq8etmsqz56g608nsx288k73dq9d03z9qeqfzp97pz1nw0pzyds09zypma2wk6tyr7a4qc6ctcc25j07drveqzhkj923nqtnmgkrdaefp6779wez7kw600nb9ed7q3fs68aknj3rnz3sjhfn1jcrt1m4s7hht7q32rqx3y14p8zcqbat0ww2n58ve5kjhv8ejh2smddksx3fpwmf65f3w1j3mqnatwhd8cmm034nxs2xwy3q35jj8r1mewv7qr52xr4cba8hbc8rqhwfg8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2354951
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0%2BFcaNxGLC8VoHRS5mGaCh70OsM9nbNL%2F%2FtXJH130xnnen1rBD5bg7YzamI7gRZtM9zrH7F59pDljXBzNsgB%2B45R6UlP7E9NKeThDuGlbj5MDdRQiCIjpdBHMRjDKXSgFqsEY7gP69ap0Df"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7cbd85f928e618b3-FRA
expires: Wed, 24 May 2023 13:07:41 GMT

GET
H3 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 5F72 54 KB
55 KB 19ms
19ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=6e77395cb04b75581f168ff8c29bcb9d%2F10868366338898707073&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847261356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h87em78pq8etmsqz56g608nsx288k73dq9d03z9qeqfzp97pz1nw0pzyds09zypma2wk6tyr7a4qc6ctcc25j07drveqzhkj923nqtnmgkrdaefp6779wez7kw600nb9ed7q3fs68aknj3rnz3sjhfn1jcrt1m4s7hht7q32rqx3y14p8zcqbat0ww2n58ve5kjhv8ejh2smddksx3fpwmf65f3w1j3mqnatwhd8cmm034nxs2xwy3q35jj8r1mewv7qr52xr4cba8hbc8rqhwfg8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 285654
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55786
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wv5gpTbRdemxVLmaNiuNEJQAMbHTvWh24s%2B3nIuoZuD5jNR5O8YnP6Sc%2BR%2B%2Bq2wBqleXFuFqH7y57jNVbdScg9qUkD8Q8xf1Gr5uQp26D06l3bF7sNKsfhI5OLJ%2BWMZHaUF179jZeNPsEM6A"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7cbd85f9ee29bb37-FRA
expires: Wed, 24 May 2023 13:07:41 GMT

GET
H3 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 5F72 2 KB
3 KB 17ms
15ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=6e77395cb04b75581f168ff8c29bcb9d%2F10868366338898707073&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847261356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h87em78pq8etmsqz56g608nsx288k73dq9d03z9qeqfzp97pz1nw0pzyds09zypma2wk6tyr7a4qc6ctcc25j07drveqzhkj923nqtnmgkrdaefp6779wez7kw600nb9ed7q3fs68aknj3rnz3sjhfn1jcrt1m4s7hht7q32rqx3y14p8zcqbat0ww2n58ve5kjhv8ejh2smddksx3fpwmf65f3w1j3mqnatwhd8cmm034nxs2xwy3q35jj8r1mewv7qr52xr4cba8hbc8rqhwfg8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1272305
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxM9gcW9z4H8MpOfn6Kp828jpvtA7o%2B5WHNeV0bjwGfU6Pi6qQUK6BFwtJXXMgtdoRduDi3Nu%2BsjYA1Zw3N05nJ2owlJrsd2K80qks%2FgqFofXM%2BZhETWRHyR85bBBkNDyavrLYbvbZzb42v7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7cbd85f9ee2bbb37-FRA
expires: Wed, 24 May 2023 13:07:41 GMT

GET
H3 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 5F72 496 KB
497 KB 29ms
28ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=6e77395cb04b75581f168ff8c29bcb9d%2F10868366338898707073&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847261356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h87em78pq8etmsqz56g608nsx288k73dq9d03z9qeqfzp97pz1nw0pzyds09zypma2wk6tyr7a4qc6ctcc25j07drveqzhkj923nqtnmgkrdaefp6779wez7kw600nb9ed7q3fs68aknj3rnz3sjhfn1jcrt1m4s7hht7q32rqx3y14p8zcqbat0ww2n58ve5kjhv8ejh2smddksx3fpwmf65f3w1j3mqnatwhd8cmm034nxs2xwy3q35jj8r1mewv7qr52xr4cba8hbc8rqhwfg8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e61c4c6f2c0c52c9b5dadb303f0db1128715c2e8819a50b1d24c6d7089fbebb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2133989
cf-polished: origSize=563367, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 508355
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpwFbBi3PhD4ltmdLVFgsJkxPG9nF1mzxST17fA1zz0l4ghpTgAEhPhtIqLKQHfxca3fP46yCBBkvXuq1VlEPGRhb9Lc%2FeaobC60nPTn4FyZQwmtwHCCBoZ%2Fday7HPiirpEdplFWykXcQbrs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7cbd85f9ee2ebb37-FRA
expires: Wed, 24 May 2023 13:07:41 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 5F72 43 B
704 B 143ms
82ms Image
image/gif 104.103.93.163

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=6e77395cb04b75581f168ff8c29bcb9d%2F10868366338898707073&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847261356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h87em78pq8etmsqz56g608nsx288k73dq9d03z9qeqfzp97pz1nw0pzyds09zypma2wk6tyr7a4qc6ctcc25j07drveqzhkj923nqtnmgkrdaefp6779wez7kw600nb9ed7q3fs68aknj3rnz3sjhfn1jcrt1m4s7hht7q32rqx3y14p8zcqbat0ww2n58ve5kjhv8ejh2smddksx3fpwmf65f3w1j3mqnatwhd8cmm034nxs2xwy3q35jj8r1mewv7qr52xr4cba8hbc8rqhwfg8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.103.93.163 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:07:41 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 5F72 36 KB
36 KB 52ms
51ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=6e77395cb04b75581f168ff8c29bcb9d%2F10868366338898707073&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847261356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h87em78pq8etmsqz56g608nsx288k73dq9d03z9qeqfzp97pz1nw0pzyds09zypma2wk6tyr7a4qc6ctcc25j07drveqzhkj923nqtnmgkrdaefp6779wez7kw600nb9ed7q3fs68aknj3rnz3sjhfn1jcrt1m4s7hht7q32rqx3y14p8zcqbat0ww2n58ve5kjhv8ejh2smddksx3fpwmf65f3w1j3mqnatwhd8cmm034nxs2xwy3q35jj8r1mewv7qr52xr4cba8hbc8rqhwfg8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2187532
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8dQb%2F9Z8BEY69cVn21Bq9pnq9a5o%2BRw4w0H7kX90bf2bRpSqIw2jS2kZC%2BBENTUGC9WCNeJ2%2FyQU40d9pgxWqUt1ZDzThdJQ0%2B43fYoIWaCArsiGNMZkxjzzVWCJNQrzVe8bdacEWpMEwqb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7cbd85f9ee2fbb37-FRA
expires: Wed, 24 May 2023 13:07:41 GMT

GET
H3 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 5F72 28 KB
29 KB 22ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=6e77395cb04b75581f168ff8c29bcb9d%2F10868366338898707073&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847261356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h87em78pq8etmsqz56g608nsx288k73dq9d03z9qeqfzp97pz1nw0pzyds09zypma2wk6tyr7a4qc6ctcc25j07drveqzhkj923nqtnmgkrdaefp6779wez7kw600nb9ed7q3fs68aknj3rnz3sjhfn1jcrt1m4s7hht7q32rqx3y14p8zcqbat0ww2n58ve5kjhv8ejh2smddksx3fpwmf65f3w1j3mqnatwhd8cmm034nxs2xwy3q35jj8r1mewv7qr52xr4cba8hbc8rqhwfg8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1092670
cf-polished: qual=85, origFmt=jpeg, origSize=133780
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28740
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PIg0fjTbP0Xk9esbjhOVZwoeRGuHdXu6reI205AKF4RPPqOnYjt7sKW4W8NkaFQ7%2FPqxZsIkwQIWuo3pua7jOt29AIs4vEtfPWbnykSxyNL8pfAFI8vLhojeHzGz9sr7I099Ks0vjl091YV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7cbd85f9ee30bb37-FRA
expires: Wed, 24 May 2023 13:07:41 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 5F72 43 B
704 B 139ms
78ms Image
image/gif 104.103.93.163

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.103.93.163 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:07:41 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DEE2 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumfqU8I-KFgCynf_IWvabXKCbnJ7rpy4yZomv_P2duxeREP_rdoaAvbe70FRDrEgXKv8yo9aqU6aHETDzbOfajPhEu1PURDE-tZTG9BQNKIwGGBh3S&sig=Cg0ArKJSzDn-VhoJuBZbEAE&id=lidar2&mcvt=1113&p=0,0,600,160&mtos=1113,1113,1113,1113,1113&tos=1113,0,0,0,0&v=20230522&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3203893797&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684847259745&rpt=744&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 7BC1 70 B
264 B 42ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 23 May 2023 13:07:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7BC1
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FTI6OIlSR9mul6xzTT8vXQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FTI6OIlSR9mul6xzTT8vXQ

43 B
479 B

45ms
44ms

Image
image/gif

67.220.228.202

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FTI6OIlSR9mul6xzTT8vXQ

Protocol

HTTP/1.1

Server

67.220.228.202 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:07:42 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 30RPMZV13YA9VQM3SJA3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FTI6OIlSR9mul6xzTT8vXQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7BC1
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEkwQUsxOFotNS0yUE9L
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHqFwE0xQwbB9qJYQgEWyxI&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkwQUsxOFotNS0yUE9L&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7BC1
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTFjMTU1NGQ4ZWMwZWIxZGY2MjQwNTdkNTgxOTYzMmQ4YTM2Mjk5Zg

170 B
188 B

54ms
54ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTFjMTU1NGQ4ZWMwZWIxZGY2MjQwNTdkNTgxOTYzMmQ4YTM2Mjk5Zg

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTFjMTU1NGQ4ZWMwZWIxZGY2MjQwNTdkNTgxOTYzMmQ4YTM2Mjk5Zg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7BC1
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=s0HVN_4LQNiCKZ9qc2kR8w&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=s0HVN_4LQNiCKZ9qc2kR8w

43 B
479 B

116ms
116ms

Image
image/gif

52.46.143.56

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=s0HVN_4LQNiCKZ9qc2kR8w

Protocol

HTTP/1.1

Server

52.46.143.56 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:07:42 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AFKAWQ10JY8RFCN7HWWA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=s0HVN_4LQNiCKZ9qc2kR8w
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7BC1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPMOfsyJkWm9neFlN1ztJnw&google_cver=1

0
239 B

10ms
10ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPMOfsyJkWm9neFlN1ztJnw&google_cver=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPMOfsyJkWm9neFlN1ztJnw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 7BC1
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI0AK18Z-5-2POK

0
864 B

153ms
115ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI0AK18Z-5-2POK
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8F2B1971F9D7444EA1EE73645556A4A9 Ref B: FRAEDGE2021 Ref C: 2023-05-23T13:07:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX8XBKMTCyAe/Crh++WSQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI0AK18Z-5-2POK
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7BC1
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/5FP01Jk6X310X6Fi9eC2Wg?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uJaLEjdE2oI8giqjZou3OIHQfoPQSb9ounXkvg--~A

0
239 B

13ms
13ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uJaLEjdE2oI8giqjZou3OIHQfoPQSb9ounXkvg--~A
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 23 May 2023 13:07:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uJaLEjdE2oI8giqjZou3OIHQfoPQSb9ounXkvg--~A
content-length: 0

GET
H2 200 5ed7638be4b07a92411bbffe
ng.virgul.com/tck/i_vb2/ Frame B2A6 0
209 B 46ms
45ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed7638be4b07a92411bbffe?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1684847261714&userId=vnet6dd915f7-1765-4a38-ab22-8cad630ef3ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Tue, 23 May 2023 13:07:41 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame B2A6 0
209 B 47ms
46ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1684847261714&userId=vnet6dd915f7-1765-4a38-ab22-8cad630ef3ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Tue, 23 May 2023 13:07:41 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame B2A6 0
209 B 47ms
46ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1684847261714&userId=vnet6dd915f7-1765-4a38-ab22-8cad630ef3ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Tue, 23 May 2023 13:07:41 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame B2A6 0
209 B 47ms
47ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1684847261714&userId=vnet6dd915f7-1765-4a38-ab22-8cad630ef3ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Tue, 23 May 2023 13:07:41 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/ Frame 6221 0
145 B 29ms
28ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/postback?dt=9484611597092707615000&pd=avt&pp=15222&md=1&ui=&ap=&ti=&pv=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&to=3&si=&dm=728x90&gt=DE&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE&pi=XRzobPsLhV&ac=Xmwo1n97Q8&de=2&ci=948461&sid=AgRLuPwREAd4RXj7&oz_sc=676a1bfab3a42278b08ce6e4&oz_df=1684847261621&oz_l=11&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:40 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame 18C5 0
150 B 38ms
15ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=15561500089055600951395012333003&a=19f59ec9&vb=v
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=15561500089055600951395012333003&a=5331974d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=15561500089055600951395012333003&a=5331974d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:41 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 48D1 3 KB
4 KB 24ms
24ms Image
image/png 2606:4700:20::681a:71b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2023
x-guploader-uploadid: ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcnHiFnL%2F3gG8lezM4nDyt42jTIAZVcJbzvQJ%2Fx0PmYz7PFn9oTYD%2FS7sGkyRNk4CzbK8Q2EVG6Pp4H5qmfKRu%2FVP3fv6MXucF1gl%2F5mk1Amp0fE5r8WLMXd0a%2FN9S%2BAZ3B3%2Bk%2F3Vp00ewqRdGdoQz1q"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7cbd85fa792a37e0-FRA
expires: Tue, 23 May 2023 13:33:58 GMT

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/ Frame A55B 0
145 B 30ms
29ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/postback?ui=&ap=&to=3&de=2&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8&sr=GOOGLE&pp=15222&ti=&md=1&si=&pd=avt&pv=398374e8-5faf-4290-9894-ef180fe047bf&dm=728x90&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&sid=AgRLuP0EEAfkkmp0&oz_sc=7ef3d3dd4d7eb15e1c6fbb98&oz_df=1684847261718&oz_l=11&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:40 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame AE7F 42 B
64 B 84ms
83ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVsvc_6xauwAm5zUiEIWPBjCf_4KwpbGtMt2f_tKmEzo5wPd0itcrO-5PFxDL6yLq9R1oETZbEjY_UnmSbHHf-lpdEX5l3-D8sDm6sjDn4hOyo17gQa7TMKne_QwR6DQJcZtHG3eQXMxHPJxAaKj2YmQbAU4JpnXHTCgB6i3Y3vQrvNtIr4PzEyNJEp7Cjq0zP5-FeYfv0w3hxaC6wXBqzeGHdI94K3mcC5a2TlWgbkFGZ4kNbPqSDOSPlxhaKGOUjAMqCkoA72xPo_mjLP8eUfPPgTaBLXTqcWaa2AaKyTh1fFc4RNYUhpWqjbPMVLQpUUyYxFq1HRPMas6f-rKxRZHpeU0mBCT6h0Hp5lVbFefU0-xWKlKlgPTtcV03HlgejGHNJolh8RsVzBJE2_jsilzMAhHDPYj_4G0SRiotZ6fRRBwPlN3b75P-bjqW4VyKwGkwRHt6SrN6UTN1HLAKURFz5gPIphoGxjKoUzgCov_WZ7x0FaoZDk3NnhgvfwTfi733mO-D8dp2vsqxU_aIJqKDaeWO4NDem8UbxkLD42QkAXAJUpOHRsJBRsycOecBfChF5y7bxFXTy_QVz92Jmu6GaVB6xXqsothZgodBXsa7eexztef-no_ir0lOvb_BCttOo3Gl6aEilLcnoh40j2UhVfKM6hyYBjqO5YDBXpNtE8DYyGq8YzFbdHLLWqwy2teBz54rBGGILs-9r_vBseNMEgarEs11VombZ67BOJm5o51ugVpMwdBnh9I_KvO55KqzVxJYFeGQ09lnyc2GPFZNK0XvAImWs9S6rhSby1THQVSeXv-K5ZBk-7MFbfJXo3nyxiLkcswRGxU3WfJuZ9Y93lWZDkzNOk1PidsAwtVTIsmujdJtrQXoUYuVhjiEhc1n7dnP2XMtPUsIX-lwm5xfg2okSw2BFlp-X8H4s1W9MfnbayOI8jAs5hyKxLFbTGGVdh-YeMaVlAJ79nRzDSc_a0d9_pJqCe33GBKYamhjB8pdkMczA7VnBsYhBleVXYm_qHEPyfe-zlhupq_Znb6r8sRjudKyDO-fnk1EsEZ1adhC13TLroDs-ipXSUA5qXOW4Sx7kLNqX5LAl_CC1LHMBVAEOcyVvQ76RiucG_X_ThyJ8cALVPjwPoVSBpw&sai=AMfl-YTqzfwy1qFGZcNU4ywgcNI6KWugpkriTl_aEebtmARl_1o76HFTtmGOdFLaPpcdqqubmGlqP550cpenqxQO08wealpq_gNGU23Yo1G9zqukN6Y37JMP-1-qW2sV2yayTYliE6SJmnJi&sig=Cg0ArKJSzLzNxSZyP2jYEAE&cid=CAQSOwBygQiDSUxscNi9R6L6ZRwCpIhXKhCs44fSJjqR0Btb4GFLtCAvdYYelKa6XDARTtpdipgwlL7SDfE-GAE&id=ampim&o=0,251&d=300,250&ss=1600,1200&bs=300,250&mcvt=1143&mtos=0,0,1143,1143,1143&tos=0,0,1143,0,0&tfs=818&tls=1961&g=100&h=100&tt=1961&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 5F72 2 KB
2 KB 69ms
68ms Script
text/html 18.133.36.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hr3mjk8pd9d99rqzxjfj87p9mratn7a6cd5c7g7cgdd1vvjc74ttt55bs0hbf4b9hmkxead70870za08trj4st6ahxfczb0rjs6vbmk8r4ensjxhcpsz29djgcmm52b0pp1awxnjh5zbg3vh1v2r9610sn4w85xweqezb87htdkdyjfvmeeejtrnds9g7kh1hq699et48jhw6xy24jfzewwzmtd5b4z6d4nc5mjdqdv7rb1pj9fv47wf9vpyr8mv7n7p%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h87em78pq8etmsqz56g608nsx288k73dq9d03z9qeqfzp97pz1nw0pzyds09zypma2wk6tyr7a4qc6ctcc25j07drveqzhkj923nqtnmgkrdaefp6779wez7kw600nb9ed7q3fs68aknj3rnz3sjhfn1jcrt1m4s7hht7q32rqx3y14p8zcqbat0ww2n58ve5kjhv8ejh2smddksx3fpwmf65f3w1j3mqnatwhd8cmm034nxs2xwy3q35jj8r1mewv7qr52xr4cba8hbc8rqhwfg8%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=6e77395cb04b75581f168ff8c29bcb9d%2F10868366338898707073&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847261356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h87em78pq8etmsqz56g608nsx288k73dq9d03z9qeqfzp97pz1nw0pzyds09zypma2wk6tyr7a4qc6ctcc25j07drveqzhkj923nqtnmgkrdaefp6779wez7kw600nb9ed7q3fs68aknj3rnz3sjhfn1jcrt1m4s7hht7q32rqx3y14p8zcqbat0ww2n58ve5kjhv8ejh2smddksx3fpwmf65f3w1j3mqnatwhd8cmm034nxs2xwy3q35jj8r1mewv7qr52xr4cba8hbc8rqhwfg8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.36.104 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: ee605c7ed94698190dc6e723324e61de26f688de6b1baabaa92741ac4b6b7bd1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
last-modified: Tue, 23 May 2023 13:07:41 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 23 May 2023 13:08:41 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame F22E 2 KB
1 KB 16ms
16ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2225400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7cbd85faef72bb37-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 23 May 2023 13:07:41 GMT
expires: Thu, 30 Mar 2023 21:56:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky1ZPrcsaUC%2Fxd5qePJmeuICJ99Ol61ZLwwS9Zek%2F4kJkJnFzDJlaQyeCwW7x0C%2FsUQhACPNXc%2FbScz0abTQdJYAJ5jdWPfNSjEYQefHvpPgspt6Scr2ho%2B45olOOAO8Xs21UvA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BE23 0
0 72ms
72ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230518&jk=2670633855062853&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DEE2 0
0 74ms
73ms Fetch
image/gif 142.250.186.66

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdrzPVT91-14eNc16WKJ-djqud6s3kFfSC5aF76Egrhw0rJA5kFLp6TQckVx2IHX9vqjUokpDjaq8KIP6vffLynguMYRT1gCEhcv8_ndYoNkx4cY64mzED4JFHH7Chr6L6kipZNyKf64MC7-SQp3QOZvf6pKb0wbq6Kj5V4VGI6p4&sai=AMfl-YRMP2r25aInqo6vHHXSfDhIP4ISwoun8f3X8FkJbG_4dgXYU5COIwdDP-C9vRRvy9OG_X_3AWNUxR2wQUcB-9sr_a1PhcAhWKP3aF1FIKAtka7ziuiNB4uiV9KtEUDxWN6T&sig=Cg0ArKJSzH7TI4cQr5GLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1071&vt=11&dtpt=830&dett=3&cstd=230&cisv=r20230518.26056&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 13:07:41 GMT

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame 4FB8 37 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 10:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 10:58:14 GMT

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/ Frame 6221 0
145 B 29ms
28ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/postback?dt=9484611597092707615000&pd=avt&pp=15222&md=1&ui=&ap=&ti=&pv=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&to=3&si=&dm=728x90&gt=DE&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE&pi=XRzobPsLhV&ac=Xmwo1n97Q8&de=2&ci=948461&sid=AgRLuPwREAd4RXj7&oz_sc=676a1bfab3a42278b08ce6e4&oz_df=1684847261942&oz_l=72&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:41 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/ Frame A55B 0
145 B 29ms
29ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/postback?ui=&ap=&to=3&de=2&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8&sr=GOOGLE&pp=15222&ti=&md=1&si=&pd=avt&pv=398374e8-5faf-4290-9894-ef180fe047bf&dm=728x90&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&sid=AgRLuP0EEAfkkmp0&oz_sc=7ef3d3dd4d7eb15e1c6fbb98&oz_df=1684847261945&oz_l=72&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:41 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B6D6 0
19 B 83ms
83ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1_i0nLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgSyAU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxTrspZWenMcFRXEzkT6Zm9FUFSZ7H4XiYFn1us4w4JvaTe4Xydu-ABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02NTkzNTIzMjEwMDEwMTU0GAA&sigh=rBNONIPE6YE&uach_m=[UACH]&cid=CAQSKQBygQiDH4o5SBRiv35_0EI0BDkUbeDY5Er9cmreYRadK2F9NvoDO8V0GAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 May 2023 13:07:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame B6D6 0
39 B 23ms
21ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gfz7sxn32825qq8pjf63z4dsk34shws9py81hbg6ej3qwzjv3z9smjtqgxs719kmmm965xqf9ef58tzp78j1f31jsq8e9241xfbd5pzt0vp7ywkgk9fyj8p9mc3eqr833srf3tbd6jm5s07kfgx1bcw0pzezwfvx5f334tr3e429zda9wzyhnhkrcvp2nw07n94myct514nv4n2k6g8tpvmdv0ppmybxx8x299vah6q5rb78rw5bwext8xbkg21xzfm2z1d6eg517c2vjenw87kg248b63d0s5echdejex9c09t1r7857d6pje7dha7z7s270f5b93wgncyn91kqtk7fpjrh6gvmaaywsbaxfehdw3qzc3c6zzhtn0qsgkaqar5jj2b8nrjsvjv&b=ZGy6nAAH8EMGrTKTAABjaL9RTqFA8IZ2a20KMA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198785760&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847259997&bpp=1&bdt=230&idt=416&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8711561595327&frm=8&ife=1&pv=1&ga_vid=1108371822.1684847260&ga_sid=1684847260&ga_hid=1084501217&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2235656947&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759926%2C44759875%2C31074734%2C44772269%2C44788442%2C44792645&oid=2&pvsid=485784724367629&tmod=1301419390&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.hqt66kr92usw&fsb=1&dtd=421
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 May 2023 13:07:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame DFC3 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4797436206633363095/index.html?e=69&leftOffset=0&topOffset=0&c=cEoSXymOzt&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4797436206633363095/index.html?e=69&leftOffset=0&topOffset=0&c=cEoSXymOzt&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1100
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:07:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 May 2023 13:19:31 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DFC3 7 KB
6 KB 77ms
77ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de21297dee089ae5c4499999a0317499fe09b6388a181dfaa8f554169052b306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5709
x-xss-protection: 0

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 5F72 85 KB
31 KB 9ms
6ms Script
text/javascript 18.66.147.98

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hr3mjk8pd9d99rqzxjfj87p9mratn7a6cd5c7g7cgdd1vvjc74ttt55bs0hbf4b9hmkxead70870za08trj4st6ahxfczb0rjs6vbmk8r4ensjxhcpsz29djgcmm52b0pp1awxnjh5zbg3vh1v2r9610sn4w85xweqezb87htdkdyjfvmeeejtrnds9g7kh1hq699et48jhw6xy24jfzewwzmtd5b4z6d4nc5mjdqdv7rb1pj9fv47wf9vpyr8mv7n7p%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h87em78pq8etmsqz56g608nsx288k73dq9d03z9qeqfzp97pz1nw0pzyds09zypma2wk6tyr7a4qc6ctcc25j07drveqzhkj923nqtnmgkrdaefp6779wez7kw600nb9ed7q3fs68aknj3rnz3sjhfn1jcrt1m4s7hht7q32rqx3y14p8zcqbat0ww2n58ve5kjhv8ejh2smddksx3fpwmf65f3w1j3mqnatwhd8cmm034nxs2xwy3q35jj8r1mewv7qr52xr4cba8hbc8rqhwfg8%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 15:16:19 GMT
content-encoding: gzip
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 78683
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: SieYZUWcyYfdMG8TrLC_0Mr4exIvTEETjiQDwx6xRbGtRsST0J41-Q==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 5F72 15 KB
15 KB 11ms
9ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1684847561&Signature=PdnDjjUKcJXH4RYyrwcP~rP9QLQXyNEx7QxjZtC5eI3fLNd7Uw0ywKflnqF~alBYT7bKb~6pVVLHMRELJtnrToLkr1amambrQYAGWXOhcx59WlOvovFptkQc~MSrygwodY5EqjHl8EYz-Z4t0C1OTYH8l9Mk2Yma~XgAEy6yl448WUBzG8-0aYidWlyzgPMH48YH28bX4EApEXy76VWQ-Lb1sWUENeTeUIEMmPgMkRfZa5hA0QFqnUd7pxH0Yl6bC2i47bf0DXlYGrNMc4xSJz1BqymZMRG2PudVhFcmQIoR9oNn37FblAr3Jzg0XmioNTXbJ~HmVNi0bMMX-Jf4AA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=6e77395cb04b75581f168ff8c29bcb9d%2F10868366338898707073&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847261356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h87em78pq8etmsqz56g608nsx288k73dq9d03z9qeqfzp97pz1nw0pzyds09zypma2wk6tyr7a4qc6ctcc25j07drveqzhkj923nqtnmgkrdaefp6779wez7kw600nb9ed7q3fs68aknj3rnz3sjhfn1jcrt1m4s7hht7q32rqx3y14p8zcqbat0ww2n58ve5kjhv8ejh2smddksx3fpwmf65f3w1j3mqnatwhd8cmm034nxs2xwy3q35jj8r1mewv7qr52xr4cba8hbc8rqhwfg8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 22 May 2023 15:12:12 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 78931
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: bYG1UzFYJoSfA2J29RnMBYk5OTJwJ8MXxZovMedBmF7ein6-RWYqkg==

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame F4B1 16 B
232 B 67ms
65ms Fetch
application/json 13.42.73.17

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.42.73.17 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 68ms
18ms Preflight 13.42.73.17

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.73.17 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 23 May 2023 13:07:42 GMT
server: nginx

POST
H3 200 rs Show response
ad4m.at/ Frame 48D1 1 KB
2 KB 39ms
38ms XHR
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c479db5b17f45b42e5b36de6f61cdd8c5596588cc7b19093861de8c38e4d64e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GMG3s7%2BlV3fsrskbOYFdpH5G3ZqUQ2S8%2BVjdeOLCoK91usxzUaN60lSohR64kmgXWihIA7C5AykdAOZL%2F9wX3Pf7O8AevgwH7htcai%2Bi3XhYfevA%2FFrHWoqWVlCfzgGCavA4dQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7cbd85fc3c6f1cb9-FRA
x-backend-server: aa-reachservice-group-europe-west1-3zc0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 39ms
38ms Preflight
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cbd85fbfc191cb9-FRA
content-length: 24
content-type: text/plain
date: Tue, 23 May 2023 13:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJT5ebqtOng4Aq27IvHQLEv0xTV6xWZRL2QlBqC%2FQC5PwsqCB45gV0Q8H0zhx%2BpDpdCQwS45KVb7S6rAk6QnZuO%2BNmfoplMJoO1BevXdN45ibI7tRUBuI5QDIgzbyIv9A%2BNJo%2BU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-n6pb

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F9F7 0
0 86ms
86ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulxnS6KIqjoSuMCiPoAOfRi3yYRpI8cvnwohCr7P-ENRjz-0Jk1ytDN0jlWPvdgsSYz92PtaYti9X3b1BVQryUw9I5KisFtvPvcOBnebzLUpwS3gjM4N0EAK0Pf6sNm8wzId7j5wIXsaGMyavqSRAyYtCqhac3z1ELurkCG9fP02xBa-lRvliIQj1B07tZ0CcJOsrZQwUM_uJHC6E91ydB-b5Sf4Kmv4aYg0r8bW_bUL99f1qZGRs68jjPbbkYdyBAI5TiTul-swRu8a9aiDT3RJrZlGPJa09GTzQyOJwdV8_hf05Y_ixVL8j1Qt1hCLNNHG0EOie-pCZqIsjSFBluwri9ujC_vzbeQWPV_LwIIVAS3ecYrg&sai=AMfl-YRLil6w7LBoia-LjI5nGvAQ23gH2npvbUuCCVwQwJZPo30_RFhScgZKjg6n--lZ95uChIi5IlpEurit4RfOJThbBGFZLXLmnNkRoDAHbsVNDsgt7NfH-AvhmbjYBQ&sig=Cg0ArKJSzB89LQ7PZ7Y5EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 May 2023 13:07:42 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F9F7 15 KB
11 KB 86ms
85ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230518&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f813f7d70ec5f5ecdb41c33f047cb72c6a5a1286c308596579ec2792c2b15fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11392
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DFC3 17 KB
6 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 May 2023 13:07:42 GMT

GET
H3 200 160x600_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame DFC3 62 KB
17 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cf035fa0bfc989035b3a60bd3384033c03a80a1ba4103a81d20e0bd053301e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4797436206633363095/index.html?e=69&leftOffset=0&topOffset=0&c=cEoSXymOzt&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17856
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 08:23:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 May 2023 13:16:04 GMT

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/ Frame 6221 0
145 B 29ms
29ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/postback?dt=9484611597092707615000&pd=avt&pp=15222&md=1&ui=&ap=&ti=&pv=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&to=3&si=&dm=728x90&gt=DE&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE&pi=XRzobPsLhV&ac=Xmwo1n97Q8&de=2&ci=948461&sid=AgRLuPwREAd4RXj7&oz_sc=676a1bfab3a42278b08ce6e4&oz_df=1684847262101&oz_l=225&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:41 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/ Frame A55B 0
145 B 29ms
28ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/postback?ui=&ap=&to=3&de=2&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8&sr=GOOGLE&pp=15222&ti=&md=1&si=&pd=avt&pv=398374e8-5faf-4290-9894-ef180fe047bf&dm=728x90&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&sid=AgRLuP0EEAfkkmp0&oz_sc=7ef3d3dd4d7eb15e1c6fbb98&oz_df=1684847262103&oz_l=225&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:41 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DEE2 43 B
215 B 108ms
108ms Image
image/gif 2600:1f18:1aca:4281:13ee:cc81:4828:61d9

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=4df471b4-a785-8b40-3a3b-b98672ddcaf2&tv=%7Bc:druWnh,time:1794,type:e,im:%7Bpci:%7Btdr:1558%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1794,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:47,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1787~0%5D,as:%5B1787~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:141,fm:tF5loTL+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C117%7C1181%7C1182%7C1183%7C1184%7C1185%7C1191%7C11a1%7C11b*.1352960-69587979%7C11b1%7C11c%7C11d1,idMap:11b*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:49,sis:552%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:13ee:cc81:4828:61d9 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:42 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame A976 14 KB
4 KB 34ms
33ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23b95f1f93020f5c445db76a269c2f2a59fb62449466e48e02cd6acf9cdc4c09

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g29k1hzex85r2vd4qg2z2satxq9fqd4hc22qw1wa3pryynjf241p49ypsecbad8x7j4jnkq497yp55vv391sbjn8bn76qvprcd4e893qnwa71vn084c4hh3txw8858acdkkfd0hgymjg9tfg64y0zzfnwt2mqvfadz02g7fqbzd73na8k1v88y5h3w2p11m9xp5erybpg602109fz1ttk3sjrrx3195b8tdkd8s9g3wsmxpeyy9h44rw2ypmcw39tdmba7b5646p0s17wngdbah70eg2bwn9w5et6vkcfxvxwvjkg3gmm6mhh2s51vazyrcvffqw3qjr7yzfztwnb7y5ckwq78j5zw0y6y8wrtkwqrfy4j2nvteaa8cre40nnmk2mkfphy8v7cycn6ea42s6qdwysbrjq1q6zt704dq9ncf66nqfnrj7rfh5wrzz6249jbc5w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%26client%3Dca-pub-6593523210010154%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7cbd85fc79bbbb37-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:42 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame B2A6 0
209 B 59ms
59ms Image
text/plain 185.7.176.222
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1684847258370&userId=vnet6dd915f7-1765-4a38-ab22-8cad630ef3ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Tue, 23 May 2023 13:07:42 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame DFC3 4 KB
2 KB 40ms
40ms XHR
image/svg+xml 2a00:1450:4001:827::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4797436206633363095/index.html?e=69&leftOffset=0&topOffset=0&c=cEoSXymOzt&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 362
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1840
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 11:00:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 May 2023 13:16:40 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame DFC3 5 KB
2 KB 65ms
58ms XHR
image/svg+xml 2a00:1450:4001:827::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4797436206633363095/index.html?e=69&leftOffset=0&topOffset=0&c=cEoSXymOzt&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 12:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 May 2023 13:07:55 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame DFC3 2 KB
1 KB 60ms
58ms XHR
image/svg+xml 2a00:1450:4001:827::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4797436206633363095/index.html?e=69&leftOffset=0&topOffset=0&c=cEoSXymOzt&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 12:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 633
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 May 2023 13:12:09 GMT

GET
H3 200 NH_D_WD_Affinity-Food-Sandwich_160x600.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame DFC3 77 KB
77 KB 61ms
58ms Image
image/jpeg 2a00:1450:4001:827::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_WD_Affinity-Food-Sandwich_160x600.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

76cf880a29db3c11a2a0dc93f4a671ef224fb819bb8e10da95f25a2e456f3144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4797436206633363095/index.html?e=69&leftOffset=0&topOffset=0&c=cEoSXymOzt&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:06:26 GMT
x-content-type-options: nosniff
age: 76
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78675
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:54:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 May 2023 13:21:26 GMT

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame DFC3 50 KB
50 KB 46ms
45ms Font
font/woff2 2a00:1450:4001:827::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4797436206633363095/index.html?e=69&leftOffset=0&topOffset=0&c=cEoSXymOzt&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:03:34 GMT
x-content-type-options: nosniff
age: 248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 May 2023 13:18:34 GMT

GET
H3 200 s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js Show response
pagead2.googlesyndication.com/bg/ Frame 97F0 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 10:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14579
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 10:58:14 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F9F7 17 KB
6 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 May 2023 13:07:42 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame A976 103 KB
13 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 77304
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dEWpNHh0Y82uRzUWEahvxb95e7yEd1Bv0JSiS%2FihH12HUZGbTKEndKwiPsW3N%2FsE29cllsyeo969r8TZbjJkeo3%2Fqj7UOFafUWzsDQP1ClVb4x%2FPYvPzKy4yI5u628H3qYd2QXARYI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7cbd85fcea31bb37-FRA
expires: Tue, 23 May 2023 14:07:42 GMT

GET
H3 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame A976 219 KB
220 KB 22ms
21ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2ae6a18b973d0fbd53cd575408e3720cec1b94418b180ab6b83a82611eb1906

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66835
cf-polished: origSize=233620, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 224653
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80p%2B1BQ6YyrYlb0wSXvyM6tKtmytJsG4vEQcSwAqEG1sP6ZibvHGpKJeqWOyYwwxgPYmZCuleMpHLFrPZz4uAMb%2Bvi711kRk2WQn9Z2WXwL1QISZsurGsnvYMFQRQlndeIvmbraR%2Fu%2Fl4FES"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7cbd85fcea33bb37-FRA
expires: Wed, 24 May 2023 13:07:42 GMT

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame A976 637 KB
637 KB 23ms
18ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61353
cf-polished: origSize=731561, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 651990
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V23xOrzP5yYGLH5EYAaSXvTFVIX8ZzRzlz2PUACS3VASeExWF6D5Y5fHdeDb0gw14akOn%2FDyt9oCeUSxjVT6Eb7HikYh9nOqkfscb%2FFv9F7x%2FmeWPi7fC8oUVkL4Ojexb5Ok34S37MlrwU2P"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7cbd85fd0a5abb37-FRA
expires: Wed, 24 May 2023 13:07:42 GMT

GET
H3 200 A533E7F607EF62FE4723E8DFFC0713F0C73B1B2D9CE8A1C3EC9B01CFC3E94E0E60300B8201CEC78FF7CFB2870EBC0F2255A36A642116E896F244C9C3B760671D
assets.ad4m.at/logo/ Frame A976 12 KB
13 KB 21ms
16ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A533E7F607EF62FE4723E8DFFC0713F0C73B1B2D9CE8A1C3EC9B01CFC3E94E0E60300B8201CEC78FF7CFB2870EBC0F2255A36A642116E896F244C9C3B760671D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e4888cce84b12f519ea6a2123dc8a3e27097a2fec4b8adbe9294dde6af8250a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2187486
cf-polished: origSize=24038, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12371
cf-bgj: imgq:85,h2pri
last-modified: Fri, 18 Nov 2022 09:02:58 GMT
server: cloudflare
etag: "42fdf98ab75c036923270a333e2d19d9"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a85h8py98GhFHbTqE3hs86Rt4KHQKU6BoqnOIUQa9WHZMrId1WsAyh9x8jboGAFkiikO5zWIW1WJTsrjbvxVWy%2F%2B4VRNUh2HJedDBxWiurs4ry83xdncqw%2FRJ5fVlqmIxuD%2FGqVGDfGqZj4b"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7cbd85fd0a5bbb37-FRA
expires: Wed, 24 May 2023 13:07:42 GMT

GET
H3 200 6CE771B21A8636F5C2024451E91C2D0F265D574A33091414717D7A9AD2DD6D650E6B7475ED8B65D4B666B69AB302F6ADFACD07EE68874124BBF350D45D9BAD1D
assets.ad4m.at/product_image/ Frame A976 545 KB
546 KB 36ms
30ms Image
image/png 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/6CE771B21A8636F5C2024451E91C2D0F265D574A33091414717D7A9AD2DD6D650E6B7475ED8B65D4B666B69AB302F6ADFACD07EE68874124BBF350D45D9BAD1D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002f1235c6484b5b45d65e285ac9623a469f9428889d6b7baa1b698593679321

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2189941
cf-polished: origSize=633427, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 558334
cf-bgj: imgq:85,h2pri
last-modified: Fri, 18 Nov 2022 08:58:33 GMT
server: cloudflare
etag: "873e08540c475526df27feecfd1eaf3f"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aU9FnWxKDRIo%2F%2FlIfVDIBT%2B91mytjjx3np%2BLoZgu%2B8EAyOxl8BPjmkEv5r9XHBeCoKgJ8D2Fb2wQ1KmIq9Bc%2BCbDdfdVC1pHTTwCSNIPJ69SXmWyjd0Jd0Xrm9kDHueqInqgnmVa1NxWeiHK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7cbd85fd0a5cbb37-FRA
expires: Wed, 24 May 2023 13:07:42 GMT

GET
H3 200 DD95FF88FA3D93F6F44D3AC31E55B69E88B3B4546FE4BC6F8B33238666415C0B819A6AF1FC78B5EC7D26C7715A6F49E85CEDA62985F3A5877BCD8483DC0580F8
assets.ad4m.at/logo/ Frame A976 17 KB
17 KB 60ms
55ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DD95FF88FA3D93F6F44D3AC31E55B69E88B3B4546FE4BC6F8B33238666415C0B819A6AF1FC78B5EC7D26C7715A6F49E85CEDA62985F3A5877BCD8483DC0580F8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a87ab137847708c417f2fe0e4b40b13045387e5450b590e36569844e7d2749a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 398110
cf-polished: origFmt=png, origSize=29332
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17112
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 May 2020 13:33:22 GMT
server: cloudflare
etag: "122e7322a58f4a1954c70b4a17dfafb3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKhJlrLdMmfeQLNHhxtqQFGHIJVkZ8LFQd%2FPeSAO2U%2FHeBDbwVJ3nSx5N2Ptvggx6rwQaoUy%2BGIQkfUVeN1gD2X5FQyHTrbVYzi60ih8ea9JRJnvtYqZiBfdKs2oTRzqvtROVFHz0CPRxy0i"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7cbd85fd0a5dbb37-FRA
expires: Wed, 24 May 2023 13:07:42 GMT

GET
H3 200 0E5BFA76C26FC73E55AB6D68B83E55550C792CB830C69D31D329CEBDC2E4AB9165A435BB4F9054A5789B03CA381227A36BCB33A334DD00ADA2F66E01950FC2DD
assets.ad4m.at/product_image/ Frame A976 173 KB
174 KB 62ms
57ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/0E5BFA76C26FC73E55AB6D68B83E55550C792CB830C69D31D329CEBDC2E4AB9165A435BB4F9054A5789B03CA381227A36BCB33A334DD00ADA2F66E01950FC2DD
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac6819ddbdc4c3a3845e32f55947158747e75113248edc9644fa65c4ed9934ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1098266
cf-polished: origFmt=png, origSize=270249
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 177346
cf-bgj: imgq:85,h2pri
last-modified: Tue, 13 Oct 2020 11:03:48 GMT
server: cloudflare
etag: "e93e5f11efcf3516506c022b6dda411d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpKsCAwNTCxbc4QpeCoSJEEz12%2FmZNXr5zsItvDWwK3wGrZt%2Btaf19JpqAdHcwx6CeuewzVu%2BKDINv5X4E%2FDRksfCQk3FAyIx9A2ibaAgf%2BFoyDiO6xMhjdHlih2jX7EuqppdUILfIb%2FH2Zj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7cbd85fd1a5ebb37-FRA
expires: Wed, 24 May 2023 13:07:42 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame B2A6 63 B
385 B 40ms
39ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: b9b727249d6d2f31446de5ec8619bc7673fdb94f89367ca010afb4b91367f0d0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ye-mek.net
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Thu, 22 Jun 2023 13:07:42 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1576 281 B
554 B 7ms
7ms Document
text/html 23.201.255.110

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 May 2023 13:07:42 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 0BFC 0
0 23ms
23ms Document
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13442375
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Tue, 23 May 2023 13:07:42 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap6ams1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BF5B 16 KB
6 KB 47ms
8ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=61309
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Tue, 23 May 2023 13:07:42 GMT
expires: Wed, 24 May 2023 06:09:31 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET check.html
biddr.brealtime.com/ Frame 9F48 0
0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BB50 52 KB
17 KB 58ms
13ms Document
text/html 151.101.193.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 24307
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 23 May 2023 13:07:42 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 May 2023 06:21:12 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 4303, 177416
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230066-FRA
X-Timer: S1684847262.293039,VS0,VE0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4FB8 0
12 B 44ms
38ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VubAoA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1576 34 KB
10 KB 13ms
11ms Script
text/html 23.201.255.110

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a7019f1fd3a656f5f264b240d972f15817bc5290d8ccecd04f02d44d19d13c36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 23 May 2023 13:07:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 May 2023 23:40:20 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37948
Connection: keep-alive
Content-Length: 10084
Expires: Tue, 23 May 2023 23:40:10 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame A976 1 KB
2 KB 60ms
57ms Script
text/html 18.133.36.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j5nf7z93mtzzqf8adftyyj3vj4xvb8thhw32ypyfdf59yqk7d4rpdy8beh9enwjq8719ph1aq5m1vbe3b582f6xdbwaas3heh1dy5fwe4y5cm5rmag64yezafprdqaq77ejxq9er2qxhm0y171th2fdhchps2eezeb38qde1wmk5pvwevnaxckke5byfzewpgyz5t84eawafa61a7brhprhm2w7545zxy0h0964zkhgnbttar27fpm9yq4j09g03jr0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.36.104 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e2e3aa4c87654d77e674b99a91eb5735ad0ee66411d5c918c94c26b397282775

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
last-modified: Tue, 23 May 2023 13:07:42 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 23 May 2023 13:08:42 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame A976 1 KB
2 KB 94ms
93ms Script
text/html 18.133.36.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4452068&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gchdf7vr3eedm9h2vz5wf38b9kq52bspzw58xfrqkzymwy0829771njmt5j5agyrwt7swmjwspptw11qynvaqppkrmsgfbcnfy3atxn86f9yw30kcm7kdav4pebe2dmkjj2b3tfesxbhwv59y2rpwxvdr68chhn1r2afr5vx37etts3cqa69d7yxnfgb708pga1n112y5h7gf1x4amvxfa45ae3cdhth8dhf1m16pp7edyqkzag7k61y23r6v5hhs34g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4Eoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.36.104 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 5f6adba85f511fb49b33996fe402d08c8ea82c8fe296a75c6817ab4eea7f28af

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
last-modified: Tue, 23 May 2023 13:07:42 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 23 May 2023 13:08:42 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame A976 1 KB
2 KB 64ms
64ms Script
text/html 18.133.36.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2100065&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gq9r3k8tjx2v3x6bw9gew0801dm91sspw57p7a0z633468t030kv7c8nr5zkj71sbnnfsf8kztcej0z7zff7cmrjhgx12fp0eq0cvn1h4aq5gx47nfr2svy7b841ptstcka9z1n4s2f38ahrvf4ccpwbp3hcygaftkzbyqffe5t96dtnewk4zdd7aa7gf69nemvrhzrdx0nrc5ej3cd654bsmrmkh8x4t2yqt4j34zg3s6gth1ydbk8r1dtenz8g4%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.36.104 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 041ad7a7e444fdce40a367b5890354c0e5ae2af30e5139b83fa70ceda367d8c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
last-modified: Tue, 23 May 2023 13:07:42 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 23 May 2023 13:08:42 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BF5B 3 KB
3 KB 16ms
15ms Script
text/html 185.64.190.78

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33877446&p=159432&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6752b5277552c19d696ad7357381a7adbb507f86ff5dfcfc3b3ee6f563a8df2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 23 May 2023 13:07:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BB50 0
863 B 14ms
13ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 May 2023 13:07:42 GMT
AN-X-Request-Uuid: 7449dd6e-5b5e-4b22-b99d-41ecf0e98c11
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.186; 185.213.155.186; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 57D7 13 KB
5 KB 41ms
38ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 12:41:35 GMT
expires: Wed, 22 May 2024 12:41:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 638E 783 B
535 B 54ms
51ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

02ea415bf9fd2102d6a1f293e00d07ab0f1803a1e79fe42f27910dfec15425bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hvhJX_uv2SJxO8_ZhmWv7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-hvhJX_uv2SJxO8_ZhmWv7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:42 GMT
expires: Tue, 23 May 2023 13:07:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame A976 85 KB
31 KB 8ms
8ms Script
text/javascript 18.66.147.98

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j5nf7z93mtzzqf8adftyyj3vj4xvb8thhw32ypyfdf59yqk7d4rpdy8beh9enwjq8719ph1aq5m1vbe3b582f6xdbwaas3heh1dy5fwe4y5cm5rmag64yezafprdqaq77ejxq9er2qxhm0y171th2fdhchps2eezeb38qde1wmk5pvwevnaxckke5byfzewpgyz5t84eawafa61a7brhprhm2w7545zxy0h0964zkhgnbttar27fpm9yq4j09g03jr0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%252526client%25253Dca-pub-6593523210010154%252526adurl%25253D&clickref=oneidP6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 15:16:19 GMT
content-encoding: gzip
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 78684
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: adaJ4B_41zwd7RJ6F3fmIeRtDCzMOkmwPARiF9mUtqVIaLyEhOylKQ==

GET
H2 200 link.html
track.webgains.com/ Frame A976 48 KB
49 KB 61ms
60ms Image
image/gif 18.133.36.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.36.104 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
last-modified: Tue, 23 May 2023 13:07:42 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 23 May 2023 13:08:42 GMT

GET
H2 200 link.html
track.webgains.com/ Frame A976 0
0 77ms
76ms Image
image/gif 18.133.36.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=2100065
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.36.104 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8B8E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3507646c-ba9b-4301-aef2-a4ebce43877f&gdpr=0&gdpr_consent=

42 B
404 B

84ms
16ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3507646c-ba9b-4301-aef2-a4ebce43877f&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 23 May 2023 13:07:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Tue, 23 May 2023 13:07:42 GMT
Expires: Tue, 23 May 2023 13:07:41 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 851 9bd98ae master cdg-pixel-x35 config_version:"unknown"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3507646c-ba9b-4301-aef2-a4ebce43877f&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 81EE
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525823901651

42 B
423 B

84ms
14ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525823901651
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 23 May 2023 13:07:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Tue, 23 May 2023 13:07:42 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329525823901651
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 202E
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
245 B

83ms
15ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 23 May 2023 13:07:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 13:07:41 GMT
expires: Tue, 23 May 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 743025
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 2681
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8646449758055021492

42 B
195 B

75ms
15ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8646449758055021492
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 23 May 2023 13:07:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8646449758055021492
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1 200
OK dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 8E3D 43 B
855 B 128ms
124ms Document
image/gif 67.220.228.202

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D21B8716-F544-4723-B05B-390D61FB0702&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.202 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 23 May 2023 13:07:42 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: BMP5DJYKC76N311CBWPC

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BF5B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0huHFvVERyOwWzkNYfsHAg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

13ms
7ms

Image
text/html

23.35.236.201

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=61309
accept-ranges: bytes
content-length: 5554
expires: Wed, 24 May 2023 06:09:31 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame BF5B 49 B
266 B 111ms
29ms Image
image/gif 54.194.111.53

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D21B8716-F544-4723-B05B-390D61FB0702&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.111.53 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.186
content-length: 49
expires: 0

GET

ids
idsync.frontend.weborama.fr/ Frame BF5B
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1794709408
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D21B8716-F544-4723-B05B-390D61FB0702

0
0

GET

pixel
cm.g.doubleclick.net/ Frame BF5B
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=D21B8716-F544-4723-B05B-390D61FB0702
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YWYxMGxGVmF1Q3lSTFdVTkpOUzhQby1Idw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...

0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BF5B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDIxQjg3MTYtRjU0NC00NzIzLUIwNUItMzkwRDYxRkIwNzAy&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

20ms
15ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 23 May 2023 13:07:41 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BF5B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEXZzXeQPENj9PLvFHGB8IU&google_cver=1

42 B
384 B

21ms
16ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEXZzXeQPENj9PLvFHGB8IU&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 23 May 2023 13:07:42 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEXZzXeQPENj9PLvFHGB8IU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame BF5B 43 B
610 B 71ms
17ms Image
image/gif 35.204.158.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 22 May 2023 13:07:42 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame BF5B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=398015527064169763

42 B
241 B

16ms
16ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=398015527064169763
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 23 May 2023 13:07:42 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=398015527064169763
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame BF5B 70 B
264 B 36ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 23 May 2023 13:07:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 link.html
track.webgains.com/ Frame A976 24 KB
24 KB 81ms
77ms Image
image/gif 18.133.36.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4Eoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wglinkid=4452068
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.36.104 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: c7bc8098c1b013492c04c1f333e56d3980945b0882c7f57441bf0688362eef29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
last-modified: Tue, 23 May 2023 13:07:42 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 23 May 2023 13:08:42 GMT

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/ Frame 6221 0
145 B 29ms
28ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/postback?dt=9484611597092707615000&pd=avt&pp=15222&md=1&ui=&ap=&ti=&pv=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&to=3&si=&dm=728x90&gt=DE&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE&pi=XRzobPsLhV&ac=Xmwo1n97Q8&de=2&ci=948461&sid=AgRLuPwREAd4RXj7&oz_sc=676a1bfab3a42278b08ce6e4&oz_df=1684847262518&oz_l=180&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:41 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/ Frame A55B 0
145 B 29ms
29ms XHR
text/plain 52.212.133.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/postback?ui=&ap=&to=3&de=2&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8&sr=GOOGLE&pp=15222&ti=&md=1&si=&pd=avt&pv=398374e8-5faf-4290-9894-ef180fe047bf&dm=728x90&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&sid=AgRLuP0EEAfkkmp0&oz_sc=7ef3d3dd4d7eb15e1c6fbb98&oz_df=1684847262526&oz_l=208&cv=3
Requested by: Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.133.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-133-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 23 May 2023 13:07:41 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET

firstevent
unilever.demdex.net/ Frame B2A6
Redirect Chain

https://unilever.demdex.net/event?d_sid=25453995&cs=1684847262852
https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1684847262852

0
0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DEE2 43 B
215 B 123ms
121ms Image
image/gif 2600:1f18:1aca:4281:13ee:cc81:4828:61d9

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=4df471b4-a785-8b40-3a3b-b98672ddcaf2&tv=%7Bc:druWz4,pingTime:0,time:2525,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:47%7D,%7Bpiv:100,vs:i,r:,t:2524%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:2524,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:47,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2518~0,0~100%5D,as:%5B2518~160.600%5D%7D%7D,%7Bsl:i,t:2524,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2518~0,0~100%5D,as:%5B2518~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:146,fm:tF5loTL+111%7C112%7C113%7C114%7C115%7C1161%7C1162%7C117%7C1181%7C1182%7C1183%7C1184%7C1185%7C1191%7C11a1%7C11b*.1352960-69587979%7C11b1%7C11c%7C11d1,idMap:11b*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:49,sis:552%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:13ee:cc81:4828:61d9 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:42 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 204 avw.gif Show response
c.4dex.io/ Frame B2A6 0
254 B 74ms
19ms XHR
text/plain 35.241.34.106

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&evt=vsbl_actvw&pv_id=4fa4b1ac-4b66-4d66-b143-5c8ad275a2ec&adu_el_id=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&v=0&tz_off=0&js_late=1&js_ts=&size=160x600&pbjs_sizes=160x600%2C120x600%2C300x600%2C300x800%2C300x250%2C120x240%2C160x800&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=3056&pg_durat=4879&pg_paused=0&pg_exp=4879&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=1290&clk_time=&reset=0&adsrv_adu_exp=1757&navs_ts=1684847257475&trgr_ts=1684847259675&init_ts=1684847259676&start_ts=1684847259676&reset_ts=&vsbl_ts=1684847260931&adsrv_vsbl_ts=1684847262086&auct_id=1d67fc27-6fd9-4086-b6fe-69fd694712fb&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_left_tower&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=2414810363&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=160x600&adgjsv=1.16.2
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

POST
H2 204 avw.gif Show response
c.4dex.io/ Frame B2A6 0
44 B 64ms
26ms XHR
text/plain 35.241.34.106

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&evt=start&pv_id=4fa4b1ac-4b66-4d66-b143-5c8ad275a2ec&adu_el_id=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&v=0&tz_off=0&js_late=1&js_ts=&size=728x90&pbjs_sizes=728x90%2C468x60&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=0&pg_durat=4880&pg_paused=0&pg_exp=4880&vsbl=0&adsrv_vsbl=0&adsrv_att_delta=0&clk_time=&reset=0&adsrv_adu_exp=0&navs_ts=1684847257475&trgr_ts=1684847259688&init_ts=1684847259688&start_ts=1684847259688&reset_ts=&vsbl_ts=&adsrv_vsbl_ts=&auct_id=1d67fc27-6fd9-4086-b6fe-69fd694712fb&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_kategori_sayfalari_728x90_repeating&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=3155472641&adsrv_crea_id=138425583957&adsrv_empty=0&adsrv_lnitem_id=6241543851&adsrv_size=728x90&adgjsv=1.16.2
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

POST
H2 204 avw.gif Show response
c.4dex.io/ Frame B2A6 0
44 B 58ms
20ms XHR
text/plain 35.241.34.106

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&evt=start&pv_id=4fa4b1ac-4b66-4d66-b143-5c8ad275a2ec&adu_el_id=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&v=0&tz_off=0&js_late=1&js_ts=&size=728x90&pbjs_sizes=728x90%2C468x60&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=0&pg_durat=4881&pg_paused=0&pg_exp=4881&vsbl=0&adsrv_vsbl=0&adsrv_att_delta=0&clk_time=&reset=0&adsrv_adu_exp=0&navs_ts=1684847257475&trgr_ts=1684847259733&init_ts=1684847259733&start_ts=1684847259734&reset_ts=&vsbl_ts=&adsrv_vsbl_ts=&auct_id=1d67fc27-6fd9-4086-b6fe-69fd694712fb&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_kategori_sayfalari_728x90_2&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=2414810363&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=728x90&adgjsv=1.16.2
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

POST
H2 204 avw.gif Show response
c.4dex.io/ Frame B2A6 0
44 B 58ms
20ms XHR
text/plain 35.241.34.106

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&evt=vsbl&pv_id=4fa4b1ac-4b66-4d66-b143-5c8ad275a2ec&adu_el_id=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&v=0&tz_off=0&js_late=1&js_ts=&size=160x600&pbjs_sizes=160x600%2C120x600%2C300x600%2C300x800%2C300x250%2C120x240%2C160x800&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=2872&pg_durat=4882&pg_paused=0&pg_exp=4882&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-149&clk_time=&reset=1&adsrv_adu_exp=0&navs_ts=1684847257475&trgr_ts=1684847259756&init_ts=1684847259756&start_ts=1684847259756&reset_ts=1684847259917&vsbl_ts=1684847261141&adsrv_vsbl_ts=1684847260870&auct_id=1d67fc27-6fd9-4086-b6fe-69fd694712fb&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_right_tower&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4837683725&adsrv_cmpgn_id=2819855254&adsrv_crea_id=138339352911&adsrv_empty=0&adsrv_lnitem_id=5615628399&adsrv_size=88x31&adgjsv=1.16.2
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

POST
H2 204 avw.gif Show response
c.4dex.io/ Frame B2A6 0
44 B 19ms
18ms XHR
text/plain 35.241.34.106

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead&evt=vsbl&pv_id=4fa4b1ac-4b66-4d66-b143-5c8ad275a2ec&adu_el_id=div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead&v=0&tz_off=0&js_late=1&js_ts=&size=300x250&pbjs_sizes=970x250%2C970x90%2C728x90%2C468x60%2C300x250%2C200x200%2C250x250%2C160x160%2C640x205&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=2974&pg_durat=4948&pg_paused=0&pg_exp=4948&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-10&clk_time=&reset=0&adsrv_adu_exp=2974&navs_ts=1684847257475&trgr_ts=1684847259798&init_ts=1684847259798&start_ts=1684847259798&reset_ts=&vsbl_ts=1684847261063&adsrv_vsbl_ts=1684847260900&auct_id=1d67fc27-6fd9-4086-b6fe-69fd694712fb&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_masthead&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=2414810363&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=300x250&adgjsv=1.16.2
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

POST
H2 204 avw.gif Show response
c.4dex.io/ Frame B2A6 0
44 B 19ms
19ms XHR
text/plain 35.241.34.106

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&evt=vsbl_actvw&pv_id=4fa4b1ac-4b66-4d66-b143-5c8ad275a2ec&adu_el_id=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&v=0&tz_off=0&js_late=1&js_ts=&size=728x90&pbjs_sizes=728x90%2C468x60&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=2880&pg_durat=4949&pg_paused=0&pg_exp=4949&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=979&clk_time=&reset=0&adsrv_adu_exp=1864&navs_ts=1684847257475&trgr_ts=1684847259810&init_ts=1684847259811&start_ts=1684847259811&reset_ts=&vsbl_ts=1684847260971&adsrv_vsbl_ts=1684847261926&auct_id=1d67fc27-6fd9-4086-b6fe-69fd694712fb&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_kategori_sayfalari_ust_728x90&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=2414810363&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=728x90&adgjsv=1.16.2
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 13:07:42 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DEE2 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4042162531056&version=m202301230201&ct=76&x=8&cor=1006406856720700700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 May 2023 13:07:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 900e6985-f9d6-48fb-82d4-ed934e47d30c
https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/ Frame 6221 802 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/900e6985-f9d6-48fb-82d4-ed934e47d30c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ac68c8224520b3b5ac05d0c0f030f58a7a022416eae30b8e794a7eb3c5631fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 802
Content-Type

GET activeview
pagead2.googlesyndication.com/pcs/ Frame DEE2 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 638E 0
0

GET
BLOB 200
OK 02a91836-d391-4785-af7a-afa4e85fd54c
https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/ Frame A55B 802 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/02a91836-d391-4785-af7a-afa4e85fd54c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ac68c8224520b3b5ac05d0c0f030f58a7a022416eae30b8e794a7eb3c5631fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 802
Content-Type

GET 5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame B2A6 0
0

POST postback
s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/ Frame 6221 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 490D 0
0

GET s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
pagead2.googlesyndication.com/bg/ Frame 57D7 0
0

POST postback
s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/ Frame A55B 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=1500&ts=1684847258867&src=pbjs

Domain: biddr.brealtime.com
URL: https://biddr.brealtime.com/check.html

Domain: idsync.frontend.weborama.fr
URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=D21B8716-F544-4723-B05B-390D61FB0702

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YWYxMGxGVmF1Q3lSTFdVTkpOUzhQby1Idw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D

Domain: unilever.demdex.net
URL: https://unilever.demdex.net/firstevent?d_sid=25453995&cs=1684847262852

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLUl2ZygT3FtgiqNScU1mupl0y_tcRMhU452iqnXVcseJSq98ihI5nhw6tY2vYEnpqm45m4ai8WXByNcpWRp_czRt4ETUeqt0&sig=Cg0ArKJSzFkfHvtXPrVrEAE&id=lidar2&mcvt=1126&p=0,0,600,160&mtos=1126,1126,1126,1126,1126&tos=1126,0,0,0,0&v=20230522&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=1499032284&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684847259745&rpt=2206&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230518&jk=485784724367629&rc=

Domain: ng2.virgul.com
URL: https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1684847258370&userId=vnet6dd915f7-1765-4a38-ab22-8cad630ef3ae

Domain: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuPwREAd4RXj7/postback?dt=9484611597092707615000&pd=avt&pp=15222&md=1&ui=&ap=&ti=&pv=b6fbda1f-f1a9-4a07-85c5-99008a4f41b0&to=3&si=&dm=728x90&gt=DE&di=https%3A%2F%2Fye-mek.net&sr=GOOGLE&pi=XRzobPsLhV&ac=Xmwo1n97Q8&de=2&ci=948461&sid=AgRLuPwREAd4RXj7&oz_sc=676a1bfab3a42278b08ce6e4&oz_df=1684847263089&oz_l=332&cv=3

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230518&jk=2670633855062853&bg=!DA-lD1vNAAZ8_aWmXP07ADkAdvg8WhesK7jQcFLTaY8oDFr03OKPZqLpzzYxtg_HCUI5yNEVJLU6p7ITtZCUZTKE3iLC6S8TS_kCAAABIFIAAAAIaAEHCgAw0D-HsrPSxnqpiwrrlUy2mRGgqsPwOrhG5S8HRnPyuYWhMSWCfDU5ySOzZIFRJyL1mQMB8Zsj0Hj5ui_amQKLe7T5fkupxA23enTq_fmWse8KlDvutszexPjEkhAhYA5AXLzFMGd9-cHFJU-nUSGXiCcxhqgUE3ofKbSHMGpV3PobLXe6iGlH5w-kcd5NJ9N3ggqYzMuF_KPjoGAf0LzaiYEL1hMMDx3LeCV5DMj0FYuw8dMSWUr7tHSoOWOUBj3zwCSGPLBvby-OsDuqGWPDiIc0Dpv0JrKcuK4J0ogD4UHCjEWBVJoAx2ddhHgP8P68KXW9mNZ-cCMWoiSK26swxDEQpiCMO4BqwGgmBSY_u5b4lzmn9csYR19p4WrzT6-M4Iqk1OYzT2CBjtyKFqt8xdf7Q5ZCWKQAIl4t9AxZNWkP6w5O4fWyC6CQqpL43aGeGNZ-Y-sEjCETU1Igg-nt6JnN3Irp3-tsbzGLBXP5Oqv5ICg0u-WdbuNmQXYuP5ep0YQrqQ63QDjK7t8tPemH1rR3rimTZEo6D5DpLOZKhtMNU5n1vUlKdUKNs8wN4PD04FOrwCfAdl5s3Kj7C31qnKOarmnYYiXVzUsbxJ_C4vB3k5vtyNaDYNIWKTW7ys-uzFezndOvJFqGV3ehZ2QTNq-goSQSjLKMva2NJIL_3mLGoan-zPPBHjf1otyeTtewDj8Zn9uGTOBBU_YzHarcENd79zn2RILKDaPdJGVfjpOVFY6YZ8EGGlvYcicupFGnmZpokm3erc5M4ECIpKxqOXd3TRw9pD30kn3O83SnXlDX7UqN57h8iUfa4tPEuL_vICz-QesIlGkhhfeyJ1PXnBAhoJZPqy2y9JfiiL87KPVsiEhn-BYj4KZo6qUyGDLh8ftsmbj5E3AzdBKiF1JanJNp8XtOtAQZQanA9KPstcV31EcbmqHJkuPllGFmsg9RCm94wW0_SyrxG7ZR6RDo1BaiMzwxtx_EWB2TMhOk_blQa2mw98xGFaF91sreA8x-Lsihc1hgB5pUV-O_DtSPRChwJrfjPbrN3s7C7JoFxcuiqXOH55lRyUPL1MvwoYXBD3X6Hw

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js

Domain: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.93.0/948461/AgRLuP0EEAfkkmp0/postback?ui=&ap=&to=3&de=2&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8&sr=GOOGLE&pp=15222&ti=&md=1&si=&pd=avt&pv=398374e8-5faf-4290-9894-ef180fe047bf&dm=728x90&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&sid=AgRLuP0EEAfkkmp0&oz_sc=7ef3d3dd4d7eb15e1c6fbb98&oz_df=1684847263099&oz_l=332&cv=3

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adnxs.com/	1970-01-20 14:10:23	Name: icu Value: ChgIlrpzEAoYASABKAEwm_WyowY4AUABSAEQm_WyowYYAA..
.adnxs.com/	1970-01-20 14:10:23	Name: uuid2 Value: 4767319634528533218
.rubiconproject.com/	1970-01-20 20:46:23	Name: khaos Value: LI0AK18Z-5-2POK
.rubiconproject.com/	1970-01-20 20:46:23	Name: audit Value: 1\|naVuGyos1qqOVZn8qfVKGD5APvdogVCbaTd6KyMQnau+SmvwaNDOni51e93HDyh5DqDbQAwtYdFN+011ZXQEx2pNjxJ85LHdsqlSNZOaaDQ=
.doubleclick.net/	1970-01-20 21:22:23	Name: IDE Value: AHWqTUmBmM0XupeRKho9exMP6Pfb2zsjZRnpI-5NjsgBgXt4YKnVGtU4c6DZ1hYq8L4
.mathtag.com/	1970-01-20 20:46:23	Name: uuid Value: 3507646c-ba9b-4301-aef2-a4ebce43877f
.w55c.net/	1970-01-20 21:32:28	Name: wfivefivec Value: ryGzYCPb1Q1rJN5
.hspvst.com/	1969-12-31 23:59:59	Name: VIP2677 Value: 1
.hspvst.com/	1969-12-31 23:59:59	Name: VI2677 Value: %7B%22time%22%3A1684847259%2C%22utid%22%3A%22405a23d350a9c3762ae5ddcdfe5ec9a0%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.retailads.net/	1970-01-20 12:43:59	Name: ppb2172 Value: 2744357715
.mathtag.com/	1970-01-20 12:43:59	Name: mt_mop Value: 4:1684847260
.adform.net/	1970-01-20 12:45:25	Name: C Value: 1
.casalemedia.com/	1970-01-20 20:46:23	Name: CMID Value: ZGy6nE.Ye17gdau6GWFZIAAA
.casalemedia.com/	1970-01-20 14:10:23	Name: CMPS Value: 3232
.casalemedia.com/	1970-01-20 14:10:23	Name: CMPRO Value: 3232
.bidswitch.net/	1970-01-20 20:46:23	Name: c Value: 1684847260
.bidswitch.net/	1970-01-20 20:46:23	Name: tuuid_lu Value: 1684847260
.bidswitch.net/	1970-01-20 20:46:23	Name: tuuid Value: 9b6f1c93-50ce-4cc1-a532-ebc4d9d5246f
.1rx.io/	1970-01-20 20:46:23	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-eb139c6c-b774-4d87-950b-2a3793942c6d-003%22%7D
.adform.net/	1970-01-20 13:27:11	Name: uid Value: 398015527064169763
.targeting.unrulymedia.com/	1970-01-20 20:46:23	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-eb139c6c-b774-4d87-950b-2a3793942c6d-003%22%7D
.futalis.de/	1970-01-20 13:27:11	Name: raSIDb Value: 2744357715
.quantserve.com/	1970-01-20 14:10:23	Name: d Value: EDYBCQGHKYEA
.quantserve.com/	1970-01-20 21:31:01	Name: mc Value: 646cba9c-a1326-037ea-b23cf
.bidswitch.net/	1970-01-20 12:00:47	Name: google_push Value: ATf1kGOCuybqgan_tIq0Qn-rjbzR3GqQWkMko-GKxC8BjuPGYE-AbpJwnxHJ0tU4NDREnFIVkl51UjkdsH6oDrm-0SpTxrY1vgDkpDgkr2sPBAia1CNNLsvJENO80i0f4_KyX7IxU7hNodBOP7i0KUKUKRko97w
.scoota.co/	1970-01-20 21:36:47	Name: tuuid Value: 32596f40-645d-40ac-a8ea-62df78517b9a
.scoota.co/	1970-01-20 21:36:47	Name: c Value: 1684847260
.scoota.co/	1970-01-20 21:36:47	Name: tuuid_lu Value: 1684847260
.everesttech.net/	1970-01-20 20:46:23	Name: everest_g_v2 Value: g_surferid~ZGy6nAAB-kNoNAAD
.criteo.com/	1970-01-20 21:22:23	Name: uid Value: 3e5475af-d72e-41bd-bfd6-11b4c5cd4e0e
.office-partner.de/	1970-01-20 21:36:47	Name: source Value: {"webgains_webgains":{"timestamp":1684847260839,"clickCookie":false}}

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript	error	URL: https://ye-mek.net/(Line 39) Message: Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network	error	URL: https://s7.addthis.com/js/300/addthis_widget.js#pubid=ra-51c60ec002340f16 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://hb.emxdgt.com/?t=1500&ts=1684847258867&src=pbjs Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684847258624&bpp=5&bdt=840&idt=301&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&nras=1&correlator=5811851906216&frm=24&ife=1&pv=2&ga_vid=748265627.1684847258&ga_sid=1684847259&ga_hid=1927810504&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C44785295%2C44788442%2C44792645%2C21065724&oid=2&pvsid=3789854313045214&tmod=1897158465&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.b45torj5ploi&fsb=1&dtd=316 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://as.ad4m.at/ad/dr?ed=1hcv8jfekfq3n88w1qmk9zb0x0tgjcvf45nz9v5btx0esmvk0yqh5czgqhs6g1qkttpmrnr1ycv143sh390syds1266mmdfyj3jhxawgw249f8bxcpef9h3xbx81x8k4b1y7jt21qt0ny7xwxsq57y0wkq5tpdmtrg0egrjv0e54hk7qfq15zwfjmz4hbks4he2cs98pec5bw1c7102g7nvx9c84ybf5q0kn7cfc3f0n31cnx2v1n09ysmbxh718jg3sv1h7zc4y1ytpjajcqxgkd4zv8s1njxc2nghjzas44gw48z8p99mxmngvfyn6hvhz0dqe6pgwtar8nzd9h2vyarck8e5wh3b17qc8yexkrm2tymxt67nsbv7qf85d7v8tjdarb22g5c3vafvezvhqz4a5nnpbnb1pvv8c20a35t3qb7kwmyvjsqtyzavhgh9yz3mjq8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%26client%3Dca-pub-6593523210010154%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
worker	error	URL: blob:https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/7aacf1e6-5364-44d6-8212-4d9265f59ab8 Message: Mixed Content: The page at 'blob:https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/7aacf1e6-5364-44d6-8212-4d9265f59ab8' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/3b745d63-ddca-4ed6-82ef-44226ef83b7a Message: Mixed Content: The page at 'blob:https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/3b745d63-ddca-4ed6-82ef-44226ef83b7a' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/3b745d63-ddca-4ed6-82ef-44226ef83b7a Message: Mixed Content: The page at 'blob:https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/3b745d63-ddca-4ed6-82ef-44226ef83b7a' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/7aacf1e6-5364-44d6-8212-4d9265f59ab8 Message: Mixed Content: The page at 'blob:https://b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com/7aacf1e6-5364-44d6-8212-4d9265f59ab8' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1g29k1hzex85r2vd4qg2z2satxq9fqd4hc22qw1wa3pryynjf241p49ypsecbad8x7j4jnkq497yp55vv391sbjn8bn76qvprcd4e893qnwa71vn084c4hh3txw8858acdkkfd0hgymjg9tfg64y0zzfnwt2mqvfadz02g7fqbzd73na8k1v88y5h3w2p11m9xp5erybpg602109fz1ttk3sjrrx3195b8tdkd8s9g3wsmxpeyy9h44rw2ypmcw39tdmba7b5646p0s17wngdbah70eg2bwn9w5et6vkcfxvxwvjkg3gmm6mhh2s51vazyrcvffqw3qjr7yzfztwnb7y5ckwq78j5zw0y6y8wrtkwqrfy4j2nvteaa8cre40nnmk2mkfphy8v7cycn6ea42s6qdwysbrjq1q6zt704dq9ncf66nqfnrj7rfh5wrzz6249jbc5w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%26client%3Dca-pub-6593523210010154%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=6e77395cb04b75581f168ff8c29bcb9d%2F10868366338898707073&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847261356&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h87em78pq8etmsqz56g608nsx288k73dq9d03z9qeqfzp97pz1nw0pzyds09zypma2wk6tyr7a4qc6ctcc25j07drveqzhkj923nqtnmgkrdaefp6779wez7kw600nb9ed7q3fs68aknj3rnz3sjhfn1jcrt1m4s7hht7q32rqx3y14p8zcqbat0ww2n58ve5kjhv8ejh2smddksx3fpwmf65f3w1j3mqnatwhd8cmm034nxs2xwy3q35jj8r1mewv7qr52xr4cba8hbc8rqhwfg8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmUhsm7psZMidM_KgtOUP_OqW4ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqQLZUjyvcR6yPqgDAaoEtQFP0PiGNJpFCOVepnqZ7rKcTuvnPmWR8C_KzXWBrsnbi-jEdzm1q6r9rL_y4AxdEEetOFnd2i4_5r_7JvyMMlQopK_9Li_uBmLo8cKNKySCMpvGOYtryQrFDZK0Zs033Hx5luA6Os90g5-GLO62v_TDU6N5YGni0XaOeeKnLyrWHniQOZleN53wCZOMoR-owDJtvCHuTMtVe1cJZrh2YzOLSYIxwPtzCg_FFqV96IYtObBmZoC4gAbE0Z70yIDOvKUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1MW3skn_qyJIrapamqJ3qwBftb0A%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=183975%2C321853%2C46427&b=rWbTQf9f3XBdaAH7HjtqtBXVaYS8TgJka1JYM%2Cg62h8frfWBzXfPHbH8t5tj78WSmSQT954TMx4E%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=P6AhBfbfbJMRC9HjHbtgCP6ASJS9TDpQcjqdY%2CBgwFgfPfYG1XFxH6H3tgCzVDAtjSeT8dbUB6xZ%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=728&d=90&e=&g=dc63350ffbcbccb91b55c6b5eb23600a%2F3079749015362968892&i=20597%2C111803%2C22481&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1684847262102&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hq7p3f5psre6wra922pt5c20evrdc29tzq8n4n688sv73r893bt0xztc6g8ra7mr1ckjxttrcwa4wd2m0bgcjf71n26yp57bqyxt8axndew4f9akybvk88s2gqwck3e3wkq3xx39dgr2z3xh2jk1jye0kn1xv3ryy7yg605n9g5mxvqe7s5ewr215kssr1nasx2ktm7aaa9x4ddve6qpd5fgab4vnnqzzs799aabfy393vjn0dcwrfq1pn3bm827epy6fsym589z2mentrhgxckng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfgTLnLpsZMPgH5PltOUP6MaBgAeQ4YGEXLaoworwAsCNtwEQASAAYKECggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmpAtlSPK9xHrI-qAMBqgS1AU_QJ3eyVPBjwyEo4xR4tW1gU1ijTeUbqCPSfLUJFfIgUQL7uzxwpCQ1IduAp7T3TiCS8FHUZ-u90Pyl2vUD4JXml0lBH8yV8bdkXG01DgZj4QixsAhdQwsNpzJSYZ1OMQ4QCyoxvWRBdnb0L-pZ7vhe3T8T3YzFXr1Uorl5EtAcb4KuEXXHi5GEgEuxDLkI97BetoGZ2wRyle_0BmwRQzPNz2BFlr8nIXSsONqLrlltNieRE6yABsTRnvTIgM68pQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1434s7siZ5-y7fkWzTkp06DAJM4w%2526client%253Dca-pub-6593523210010154%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D21B8716-F544-4723-B05B-390D61FB0702&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-server.eu
ad.yieldlab.net
ad4m.at
ads.pubmatic.com
ads.w55c.net
adservice.google.com
adservice.google.de
adv.office-partner.de
adx.adform.net
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
b7e8aab68d3a2f7c043358f4aba07f97.safeframe.googlesyndication.com
beacon-ams3.rubiconproject.com
bid.g.doubleclick.net
bidder.criteo.com
biddr.brealtime.com
c.4dex.io
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.retailads.net
cdn.track.production.webgains.team
cdn.ye-mek.net
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cpm.programattik.com
cti.w55c.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dt.adsafeprotected.com
eus.rubiconproject.com
fastlane.rubiconproject.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
futalis.de
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90003.redintelligence.net
hb.emxdgt.com
hbopenbid.pubmatic.com
i.w55c.net
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
m.exactag.com
match.adsrvr.org
medialead.de
mp.4dex.io
mug.criteo.com
ng.virgul.com
ng2.virgul.com
p.rfihub.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pghub.io
pixel.mathtag.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prod-rtb.ad4mat.net
pv.medialead.de
px.ads.linkedin.com
r.scoota.co
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.h.w55c.net
s0.2mdn.net
s7.addthis.com
script.4dex.io
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.adsafeprotected.com
static.criteo.net
static.virgul.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.targeting.unrulymedia.com
t.hspvst.com
tags.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
unilever.demdex.net
www.awin1.com
www.cloakan.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ye-mek.net
biddr.brealtime.com
cm.g.doubleclick.net
hb.emxdgt.com
idsync.frontend.weborama.fr
ng2.virgul.com
pagead2.googlesyndication.com
s.h.w55c.net
s7.addthis.com
unilever.demdex.net
104.103.93.163
13.32.119.77
13.42.73.17
138.201.63.117
142.250.185.66
142.250.186.66
145.239.193.130
151.101.130.49
151.101.193.108
151.139.128.10
154.58.197.185
178.250.7.11
178.250.7.13
18.133.36.104
18.195.127.74
18.66.147.98
185.29.132.242
185.29.134.248
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.7.176.222
185.7.176.223
185.80.39.216
185.89.210.153
192.229.233.53
193.0.160.131
2.18.232.7
2.18.233.201
20.60.220.36
213.155.156.169
213.19.147.44
213.202.235.8
216.52.2.30
23.201.255.110
23.209.16.125
23.35.236.201
2600:1901:0:76b9::
2600:1f18:1aca:4281:13ee:cc81:4828:61d9
2600:9000:211e:c200:1b:5138:8a40:93a1
2600:9000:223f:3400:8:48e:53c0:93a1
2600:9000:2491:5800:1b:f040:3600:93a1
2602:803:c003:200::41
2602:803:c003:200::47
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700:20::ac43:4bf1
2606:4700::6812:272
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a01:4f8:d0a:2321::2
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:d::d
2a02:6ea0:c700::10
2a02:fa8:8806:13::1370
2a03:2880:f03d:1c:face:b00c:0:3
2a04:4e42:600::485
2a05:d018:d29:3601:f7ba:e8c1:aa5f:8d5a
2a0b:4d07:102::1
3.64.145.154
3.77.69.115
34.102.243.38
35.204.158.49
35.227.252.103
35.241.34.106
35.241.45.217
35.71.131.137
37.157.4.24
37.157.6.243
46.4.10.49
49.12.22.42
52.17.198.205
52.212.133.238
52.222.208.154
52.46.143.56
54.194.111.53
54.76.176.197
54.76.65.236
64.233.166.154
67.220.228.202
69.173.144.138
69.173.144.165
77.245.159.14
85.111.6.48
94.138.206.83
94.23.99.218
99.86.4.36
002f1235c6484b5b45d65e285ac9623a469f9428889d6b7baa1b698593679321
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00c795e53a1da94d03f6c88687d4e83d4f7c5a8329c924cc303977bb8a387d0d
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00dbe508ace1d5bb95d18d393d9dc700f6c2e26cb5a112ae0943c23e7e8e3578
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01eaf56b886e74da86df78a5c7601b51cc8c47f7090dcba5ae94aa94960c9534
02ea415bf9fd2102d6a1f293e00d07ab0f1803a1e79fe42f27910dfec15425bc
041ad7a7e444fdce40a367b5890354c0e5ae2af30e5139b83fa70ceda367d8c3
04768856c079a1aca293eb1fa81842cb300eacd20fc15f92126c9477ccc72209
0556d83d00bc5c2a831f93f289f6699f7539e6fdb28f4a99d0a3a3b8ab65450c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07a3c65714194e782e500abca00ce765fcf09ba22fb5ed80e44d4e6c51bb43cc
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b40b0d2a61d2af1d18dabc2f77beb9261387d82e173cc62403a4aba239ca603
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c479db5b17f45b42e5b36de6f61cdd8c5596588cc7b19093861de8c38e4d64e
10a53c815898ee13fa3584ffc789a348963965f77264875937a1e7941538c572
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
1255571b23bc5e9c900000b4181bcaf7653353ef6ea0f7c9b8084761b8eb9278
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1953327e8c5bf3a05a19144f978c9ac2007d78e10b17dbb2d289e8b3e9aefd96
1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63
1a66c16a6d4bd230c6e1190801244ce28cf2909aa2cda44f93c635445b46fde2
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e4888cce84b12f519ea6a2123dc8a3e27097a2fec4b8adbe9294dde6af8250a
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
1f461b2da22d1f60b766a23e9fbc8736ae23ec81c2caa40410cedcdd2bf6b99d
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
213b087a5427c3b7e3a7d3acb2e179c6d43503c3f148e69edb8babb71dee622b
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
22d32014cd99a893e2366edb61e0d37ed0f26ce8d055d901c10ce00fbae5db62
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437
23b95f1f93020f5c445db76a269c2f2a59fb62449466e48e02cd6acf9cdc4c09
2462e5a8d5e5f8b077679a4d7b5bcddbffe78e367f77247eb270c4b2da03ec74
24c7796f3b3c9b051f952a478d7a5df944d83ff0ad7efb64130dd7af275c439c
26fb6b33b177499c9dc0768736678057a822f562013e410612b5bb38ff676c36
2730348f2c48ff25337b976205880af8d8666d21bf2a4d4a5b0a626e3e82eef5
280de5c42a75c9865c1bc0cb75c22c790ab35d98c1d06256a0656d1fabdc3212
283438aa556a7bee4241a6c661494b7bbae7a51bfff99e0b98ae2f50f77eeb9d
28f1451571c809f080980e5679bebad6b9b10a4d93233b37a991380d1e7d6828
29e170b1a99866e848f5b0ea7f29ca1e30a481dd1ae51c44411a0700b6609da2
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2b043f45f6c6a1a35643bc6f1c63d78c68d20968e14b2fd48e768e42b2d864c4
2c0307d6e9a5254bd97f653c7648e87136a570479be849645a83c1fd0be03b88
2cbe00cc7557498845d55c1c32df378da128743b06bb6bc9b2af2af142beb5bd
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30bf458f10efd6425384a778db3797a4a3e045d9062684d32dd854e55af146b6
30ece5ac4e330eb0d7d2f0ff3096f914def5a156abfd9f6f0352d03bcf40311b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3347be53ad1c9f1152c3df6639ac74b233cd6ec91e15b859f7f5683d2abac6d1
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad
33e40bc50659b2bcf80594852dbf6230bbb328ca25129c99c4b6fe8ec9ed1bfb
359f23df7c8acb0d22b1053fc19d1b0181a75b85de2042b85cca04e6e91bc29f
35acf11535bd52990555f28aa70d7c6ca1715a7501b1a6c95ef7a56c16b365cc
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
395b4c705d56bbe8a2b839cd854b0960d56ca3a63b9495c2be10a5cae3208042
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
3f1598fe2c1a3446919fc63c7acaf254062ad8dd18ebd4f82a006df240e89724
3fd79e4c8d7ffdd71d8790cb804978f011cac067718f363cdeda887e34947b39
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
419df8031f8b14498b97f32dd843f5c179082c0d015ea26f3d58df68dc9a96ad
438aa1288e7398f815ee02d062efbb9b50b844ae45937d7902129365c9323265
452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f
45aa8d5ea20712aff96d0f962875a64a3798e9d409b8a962ac6462357779f0e9
462bda8ffe5412adbba17d34c21752af91d794cdccb87468518324a8706656b2
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
483b400373b3af8be0e4cee37ff70880c32bb677111ed4ef0aebc48bdecec839
48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f
497dbb1d174ef1c33621082e3e561ef27857ecbfd2dbab70214d83fda04b494b
4a791bddf64e032cc49941dc2eba79c1346ba37b32d4be9acc63abb2643cc422
4a87ab137847708c417f2fe0e4b40b13045387e5450b590e36569844e7d2749a
4cd3bc1f0399dd34a7e2652b1e831bbeaa6ca3ce85b5ae818a6d6f65cf96c8d1
4d64cbbee56a7ac4037731942f74e80bc6f7044c6c9e5667dc8ac15fd0c8ef08
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e454f18b44913721b60327717caa80d346f4e7a9df8af9aff86d5991ae430de
4e61c4c6f2c0c52c9b5dadb303f0db1128715c2e8819a50b1d24c6d7089fbebb
4f6d7dfda0b7d79932ef6764a0fa33df2f75751807df541416af20df4a0dca3e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
524bc0f73ac13548aed7d682fbab5ba006c98304fdf61bd3238a55343d7bd0a7
5253870120f44ad95c0996dda017c7621fc2d7ad9e47d9de57df17653bf8737c
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
545e04a0150f50e8ef7822e74db802e661a82c5868c6eb08920ce7b723f3c4ef
55592eb1d316bcfe139203029a57b5ee4e62815281f0034a760bc26a3ad43d3b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
58712a4f1909f78e6b3cb7b01dfbb8e2952037880985e4fc91ccf08d37a7bd84
5a890b96bb00fd6a96f4b5e43fa646fb4b331d9c55b88bf6ca5dafd2bf1bf184
5ac68c8224520b3b5ac05d0c0f030f58a7a022416eae30b8e794a7eb3c5631fe
5c1c334f01349d40b520a38ba0c550437b4560905ab64ea68ba63f6f11d82831
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5ee80116349c8478b75d60df694847bf80de257887725bb2558b3e321375d102
5f6adba85f511fb49b33996fe402d08c8ea82c8fe296a75c6817ab4eea7f28af
5fd76ea1aecdb515ce204d1d197f7cca3373f2cf12c1d844a22ac4bc697d2a1e
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6217d2a337f448a38f2bfa32e48b9baa9947e8ca5032d05df46df2ba137c6310
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
63b3428dab8c9858bfec0fdd1766207549e01494b99c89a230937546c926592d
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306
64dc9ea43e2df38645b1ce45127d61be13dd790dadba8d2c5f47c136edf34027
6510df06a5fc59708e70510ef5b649004ae66f6c497741d58dabb223b5aef9f9
659c34ea7f0afef2ae27487c55e6ed8e3fe2921de57617d61452e04f74dd6baf
66744148e77cf7303bef8402297081cfb2f7f1ac09a4fb925033788bdd839903
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a88e0d82ba2998038cc86adc47bfb48d21e6114e18d97f0ecd05f5df519a95f
6e69106324df152a12ca30bbcace2ea0329260a312cd16f7562eceb0e39dbe21
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72abcc472362ec78cc673f34210927537087f087edda8db1471f8ead6de1edfa
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
757e6e1b061b973e0bf34e1443f94c0dd5aabe8ae435ca66655879e563b225b0
76cf880a29db3c11a2a0dc93f4a671ef224fb819bb8e10da95f25a2e456f3144
7958f900b01ef0db20857bbe50a8d2379d0a0b18710590790c3ccb93a2c7913e
7b33e9a217e518dcaaa801ea33acf7f50671fc4105ae38ed3d57c9467ed7fcb5
7b517d56d42eaae0c6e18100fbd3c738f17160a88a5a305329ea2560ad0697ce
7c9dee4608395b5a185e7de95a28ae62d2c5376bbaa28b6edd88a5895abc29bd
7cb6faffffa513846dd5bd141fe16779c15082515289a027c827d53128bf07bf
7deda926b42a833cd5c9aa9248a8b15dd75310e0d5de8cc589106ca16e2a4b3c
81094d7429b2724dd8b5fda43a631235b3bd0f26421a7da4d7b277aaa464f1bc
81a3460c4b2496641d1ac4cc26a9f25232d0700ee0b655697a42312e9cc10a95
82b26c270816480cac7ae6e6b713f4aa513bbfa78e68d5b6d2230ba9eb055519
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
849ba610d536297df4d56f5aec64fce464d4166c11b1d2d30a6e00ad23570afe
84c4f1f2363fc3d05a1e537a1722779c596132beb9ae8efb260f34f8ef0441a4
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
8652e27002bee7a3bbf2bea8cd73cbd19b134f00bda6528640ddd5c98826bdd4
871a6421aa0ef3b17b0877a996b95050114f377207299c42af3e90558c291676
89529d02905772e8146d7e1ff9addc92072c23e60bb3dc84b8d61c4e898e93d6
89d04ad1203af4b2ab06cfce9711134e5a49da250ae1486e54608e29e072998d
89fbfdc9926f79ac1e3527e1b5eeebe62a443f1244296087449eafc4b0be792c
8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8fd6a726662c515878453612def3bab16559fb6bb33b1ebaf50708a311952401
91fd3655c06bd0003e2c01a9d1b4d40ac9e1ef07fa8369baa7942bb435c2c082
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
9660fca55635a055a48ba52a8a49341e5585d42caf77fd7b495adaa1bf288259
969ec3de890b69420b346cf069cf0fdd08a58828a83ce3dbea20c866c8c52536
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96e22a33f827f042ac4b239c21f468a17c87545df3f6b90e100d3a91b253a1e7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa15f3d270011a0d81029fc96091ebec29d9cd93a32ffb12eda6e0db7649665
9af69caab91c23c7d73d5e5fd91f10ce2e7268dd9653ae3efe7d863734de79f8
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9f813f7d70ec5f5ecdb41c33f047cb72c6a5a1286c308596579ec2792c2b15fb
a0847b5e0373e2fd011803f2dc04baa326f849fe2b2684b4e89cb11122cb5b17
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a272f5ad880412d2337908257f33241b65a6d0bbff745bf3752b1d66e0781514
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a3eb69a87896380246c640c0b6f2f7259be4dcb40ed50a793a594af4a2bb3eed
a4a0c11a8a2ab6d690d760fa20b53c03ea59a06825be78f8374a094ce9a9101a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b788385293df1407acc0ddf9b8357262517a098c1e0af6c9e3a272bbfcb82d
a7019f1fd3a656f5f264b240d972f15817bc5290d8ccecd04f02d44d19d13c36
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a7bdc5489a06f3c3cc24119a5a76f4d5af38e07c2b7e4e458ce411993eb12e7c
a80a6c4beb37438a58ada9cd421910de21a7b2f25bf4dd4f9f832a2eec22dec2
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
ab53c5062416b4a13b575a1b4e9a171c16ad5c2ab758fa7eb88b7d1ecaedfce8
ac6819ddbdc4c3a3845e32f55947158747e75113248edc9644fa65c4ed9934ad
ac7fa1320a147bde224992b1a2c774099b5c3b792e79005c9166df51a2385109
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
b358220e5b27c2715f2afcdc4c02c448766bb9d81b959f877a0026aaf60c6f86
b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b8f1bdd5272683bf18ab8e581418378f8aa2acde0708f118e284e657f2fee9f1
b9b727249d6d2f31446de5ec8619bc7673fdb94f89367ca010afb4b91367f0d0
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bea79c8339103eb65c3c78986da954cef36ed141b02034e10314f572628fb729
bfdd52bd476486ec1e766b590b0249780df4ac4015a8c8db99e1ed59a1c23539
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c274d3c8508b96ddeb7a0f570316486d5fa96da90cdf758e33e55e2e6ef09102
c2ae6a18b973d0fbd53cd575408e3720cec1b94418b180ab6b83a82611eb1906
c4bc923d5eba3e5804d9362ed9994e8f0b612ad8186fff426afa91860319c4b7
c6ba320adc868a92d71a8d20e0354206b22dafff65a7d4550f3bc6a08e9fd952
c7068eeade96f50e60559ce657a5f220dbb11de37f1db2f449c5417fe679d885
c7bc8098c1b013492c04c1f333e56d3980945b0882c7f57441bf0688362eef29
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca6e4e847dc5da840624f7e36eaebfa2f6d0d9cdfcb36289eb64920c2882e2b6
cb70a0b5ac2b1a8d8e5f0e0b91b99d95723392847800eb91f42673794ce38e5f
cd70de795f5250b1b8c9672459d978fcdfc496f16273554bf6676bcc3714ecee
ce0da5330728f20b8d550536ffbc9aaebece54338daeacce50a2d30f932b3de0
cede5e6b2d0201be197cfb96a9aeb4c5c95bd5749785a3e5473610e267f5de4f
cf035fa0bfc989035b3a60bd3384033c03a80a1ba4103a81d20e0bd053301e9a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf85ed394419b4d73db99d3e12e261fcd4d3feb39d48ed86e78b665bbdfd46ed
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d14570de01f41088f29d7e31e3ba877e5acca14b0c9a236f5dff03ea7c22f071
d2cf600195ec60caa0033acdc2453fc2189fc6714f4d3d2845ce87fe2552a937
d64c6d0f3aee8e256b9cfc4c1bb44e4daf20b50e8103038c5ab9aed27a5b5185
d6787c18b1915b6202e777c32d1fccff5b7449272245141764fd75a636b30264
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
d98024e61787e1bdd709f051b35af56fad581b55527b74b00717435db4489828
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
dacdec6aa88bb9571d309c295248ee5b202de625eba8aaa232f863ad9ba9fed5
dc2760150f05cdc7be23406859aad48288beb4c7a9782b505500551d2e51dfc0
dc614b0c55fb5711aa91b04d777f3bb300630a44deebefccc5b7922e83af3f44
de1f5d1b2a64b34a33a3981dbd472b724437aad046625207654e4d2759c30d0e
de21297dee089ae5c4499999a0317499fe09b6388a181dfaa8f554169052b306
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e1313e91ff827eb081ee37cd251edef99ffcf27f6cf39e1e3e043f74b1b1c6eb
e1490cf313d37ceb7160fdb0f5b19a5f59cb9c259bc84999a96bba736824658d
e183dfed35d6921278c39359a5d34fbb9dfaaf4f990ec6d210a7217a95e897db
e2b92d7a9eed78471dd021e9ec6e163a0f3544dc221a439e979f3c7e83412f5e
e2e3aa4c87654d77e674b99a91eb5735ad0ee66411d5c918c94c26b397282775
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3a527933c9136ddef89280ef38201adb15247ebc6bfedc0e2ece46867914544
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e6500239272b1e3f137d07643753494abaf647508439d46e913a13ae1ff71e4e
e6752b5277552c19d696ad7357381a7adbb507f86ff5dfcfc3b3ee6f563a8df2
e76432c7710cb02ca0d891c67a2faa7d68040e1e1885ba68906233577d65a68c
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e82579c7719e508e943bb982cbe82945941dbdc5e67b2f3364e37a55b276296d
e8f206722d43879dc706b4270e95add2fb8ff20785b9ff7c2bf2bab8f4012435
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee605c7ed94698190dc6e723324e61de26f688de6b1baabaa92741ac4b6b7bd1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f201487298790e63e7ff28bf18bd82165566ba06888175da563a8d807583210c
f33ab5f2e3eb62a05a0916751f424e6c0ebbbc92aa16f518090e121fb085d8b1
f417034e954f35355ab26de74d5f0345e87815c5b5ca8e3963be6fb4377c78bd
f7ed390da978ff7128396440a5f660cff4c994f10a7e00837d4fe8582e00b3a7
f839ccaa446b2e89f94bf57432fccdd0a80567a922a675d3e1e8b5df7bf51c32
fc7a3e7ad7342d2bfbf658ecdb37d64611ee2b553790659c12f6df591e19783e

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

477 Requests

89 %HTTPS

38 %IPv6

71 Domains

117 Subdomains

95 IPs

13 Countries

6701 kBTransfer

13487 kBSize

31 Cookies

0 Outgoing links

Redirected requests

477 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

477
Requests

89 %
HTTPS

38 %
IPv6

71
Domains

117
Subdomains

95
IPs

13
Countries

6701 kB
Transfer

13487 kB
Size

31
Cookies

477 HTTP transactions
9 data transactions