pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Submission: On June 12 via api (June 12th 2023, 12:27:32 pm UTC) from TR — Scanned from DE

Summary HTTP 282 Redirects Behaviour Indicators

Summary

This website contacted 67 IPs in 6 countries across 53 domains to perform 282 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
2	94.138.206.83 94.138.206.83	49126 (AS49126) (AS49126)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
40	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	23.206.208.114 23.206.208.114	16625 (AKAMAI-AS) (AKAMAI-AS)
19	185.7.176.221 185.7.176.221	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.253.136 52.222.253.136	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	3.64.112.248 3.64.112.248	16509 (AMAZON-02) (AMAZON-02)
6	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	204.237.133.116 204.237.133.116	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
4	85.111.6.48 85.111.6.48	9121 (TTNET) (TTNET)
1	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.7.176.223 185.7.176.223	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1 39	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:7... 2600:1901:0:76b9::	() ()
12	2606:4700:20:... 2606:4700:20::681a:bd1	() ()
6	2a00:1450:400... 2a00:1450:4001:80f::2002	() ()
3	185.29.132.242 185.29.132.242	() ()
1	2a00:1450:400... 2a00:1450:4001:827::2003	() ()
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
3 19	142.250.186.130 142.250.186.130	() ()
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	() ()
2	3.33.220.150 3.33.220.150	() ()
2 2	185.80.39.216 185.80.39.216	() ()
2 2	2600:9000:20c... 2600:9000:20c3:c800:1b:5138:8a40:93a1	() ()
4 4	76.223.111.18 76.223.111.18	() ()
2 2	37.252.171.52 37.252.171.52	() ()
1 1	151.101.2.49 151.101.2.49	() ()
1	34.96.105.8 34.96.105.8	() ()
1 2	178.250.7.11 178.250.7.11	() ()
2 2	69.173.144.139 69.173.144.139	() ()
4 4	184.72.23.213 184.72.23.213	() ()
4	78.46.90.238 78.46.90.238	() ()
1	95.101.148.198 95.101.148.198	() ()
1	2606:4700:20:... 2606:4700:20::ac43:444e	() ()
3	46.4.10.49 46.4.10.49	() ()
1	2a0b:4d07:102::1 2a0b:4d07:102::1	() ()
2	145.239.193.130 145.239.193.130	() ()
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	() ()
1	49.12.16.151 49.12.16.151	() ()
2	18.130.16.201 18.130.16.201	() ()
1 1	94.23.99.218 94.23.99.218	() ()
2	2606:4700:20:... 2606:4700:20::681a:ad1	() ()
2 2	35.171.178.115 35.171.178.115	() ()
1	185.86.139.102 185.86.139.102	() ()
2	108.138.36.89 108.138.36.89	() ()
2	99.86.4.53 99.86.4.53	() ()
2	104.103.93.163 104.103.93.163	() ()
282	67

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)

ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.208.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.112.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-112-248.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.30 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.116 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns2.ttidc.com.tr

cpm.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (None, )

ASN- ()

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:bd1 (None, )

ASN- ()

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.242 (None, )

ASN- ()

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (None, ) 2 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.130 (None, ) 3 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (None, )

ASN- ()

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (None, ) 2 redirects

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20c3:c800:1b:5138:8a40:93a1 (None, ) 2 redirects

ASN- ()

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.18 (None, ) 4 redirects

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.52 (None, ) 2 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (None, ) 1 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (None, )

ASN- ()

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (None, ) 1 redirects

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (None, ) 2 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.72.23.213 (None, ) 4 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.90.238 (None, )

ASN- ()

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.198 (None, )

ASN- ()

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (None, )

ASN- ()

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.4.10.49 (None, )

ASN- ()

hal90001.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (None, )

ASN- ()

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (None, )

ASN- ()

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (None, ) 1 redirects

ASN- ()

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.16.151 (None, )

ASN- ()

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.130.16.201 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (None, ) 1 redirects

ASN- ()

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.171.178.115 (None, ) 2 redirects

ASN- ()

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.102 (None, )

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.36.89 (None, )

ASN- ()

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.53 (None, )

ASN- ()

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.103.93.163 (None, )

ASN- ()

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 127 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 154	538 KB
42	ye-mek.net ye-mek.net — Cisco Umbrella Rank: 834583 cdn.ye-mek.net	628 KB
38	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net	373 KB
19	virgul.com static.virgul.com — Cisco Umbrella Rank: 57050 ng.virgul.com — Cisco Umbrella Rank: 53427 ng2.virgul.com — Cisco Umbrella Rank: 58973	231 KB
14	ad4m.at as.ad4m.at ad4m.at assets.ad4m.at	513 KB
9	rubiconproject.com 2 redirects prebid-server.rubiconproject.com — Cisco Umbrella Rank: 983 fastlane.rubiconproject.com — Cisco Umbrella Rank: 526 pixel.rubiconproject.com	6 KB
9	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 106 www.google.com — Cisco Umbrella Rank: 3	2 KB
8	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 422 fonts.googleapis.com — Cisco Umbrella Rank: 67 imasdk.googleapis.com — Cisco Umbrella Rank: 489	158 KB
7	redintelligence.net hal9000.redintelligence.net hal90001.redintelligence.net	53 KB
6	googletagservices.com www.googletagservices.com	329 KB
6	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 742 gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2161 dis.criteo.com	8 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 388	110 KB
4	yahoo.com 4 redirects ups.analytics.yahoo.com	1 KB
4	3lift.com 4 redirects eb2.3lift.com	2 KB
4	turn.com 2 redirects ad.turn.com r.turn.com	2 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	83 KB
4	programattik.com cpm.programattik.com — Cisco Umbrella Rank: 54137	565 B
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244 secure.adnxs.com	5 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 353 aax.amazon-adsystem.com — Cisco Umbrella Rank: 443	61 KB
4	windows.net pcloak.blob.core.windows.net	3 KB
3	medialead.de 1 redirects pv.medialead.de medialead.de	914 B
3	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 724	2 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1518 mp.4dex.io — Cisco Umbrella Rank: 2625	25 KB
2	awin1.com www.awin1.com	1 KB
2	webgains.team cdn.track.production.webgains.team	18 KB
2	webgains.io analytics.webgains.io	62 KB
2	360yield.com 2 redirects match.360yield.com	812 B
2	webgains.com track.webgains.com	4 KB
2	retailads.net 1 redirects cdn.retailads.net	6 KB
2	smaato.net 2 redirects s.ad.smaato.net	882 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	adsrvr.org match.adsrvr.org	529 B
2	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	4 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 562	59 KB
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 101165	131 KB
2	adform.net adx.adform.net — Cisco Umbrella Rank: 4174	1 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 1966 feed.pghub.io — Cisco Umbrella Rank: 2626	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	89 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 12975	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	90 KB
2	cloakan.co www.cloakan.co	1 KB
1	smartadserver.com ssbsync.smartadserver.com	45 B
1	futalis.de futalis.de	401 B
1	office-partner.de adv.office-partner.de	931 B
1	blismedia.com tr.blismedia.com	173 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	546 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1474	377 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 545	109 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57	21 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2185	360 B
0	emxdgt.com Failed hb.emxdgt.com Failed
282	53

	Domain	Requested by
40	cdn.ye-mek.net	ye-mek.net cdn.ye-mek.net
39	tpc.googlesyndication.com	1 redirects ye-mek.net securepubads.g.doubleclick.net tpc.googlesyndication.com pcloak.blob.core.windows.net 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
19	cm.g.doubleclick.net	3 redirects 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
16	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net ye-mek.net pcloak.blob.core.windows.net
13	pagead2.googlesyndication.com	static.virgul.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com pcloak.blob.core.windows.net
8	ng.virgul.com	static.virgul.com ye-mek.net
7	8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	static.virgul.com	ye-mek.net static.virgul.com pcloak.blob.core.windows.net
6	assets.ad4m.at	as.ad4m.at
6	www.googletagservices.com	8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
6	www.google.com	1 redirects tpc.googlesyndication.com 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
6	fonts.googleapis.com	securepubads.g.doubleclick.net 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com tpc.googlesyndication.com hal90001.redintelligence.net
6	fastlane.rubiconproject.com	static.virgul.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	hal9000.redintelligence.net	pcloak.blob.core.windows.net hal90001.redintelligence.net
4	ups.analytics.yahoo.com	4 redirects
4	eb2.3lift.com	4 redirects
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com as.ad4m.at ad4m.at
4	ng2.virgul.com	ye-mek.net
4	cpm.programattik.com	static.virgul.com
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	hal90001.redintelligence.net	hal9000.redintelligence.net hal90001.redintelligence.net
3	tags.mathtag.com	8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com tags.mathtag.com
3	fonts.gstatic.com	fonts.googleapis.com
3	ap.lijit.com	2 redirects static.virgul.com
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com ye-mek.net
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
2	www.awin1.com	as.ad4m.at
2	cdn.track.production.webgains.team	8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com as.ad4m.at
2	analytics.webgains.io	track.webgains.com
2	match.360yield.com	2 redirects
2	track.webgains.com	pcloak.blob.core.windows.net as.ad4m.at
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	hal90001.redintelligence.net 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
2	pixel.rubiconproject.com	2 redirects
2	dis.criteo.com	1 redirects 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
2	secure.adnxs.com	2 redirects
2	s.ad.smaato.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	match.adsrvr.org	8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
2	r.turn.com	8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
2	ad.turn.com	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	static.virgul.com static.criteo.net
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
2	adx.adform.net	static.virgul.com
2	ib.adnxs.com	static.virgul.com
2	script.4dex.io	static.virgul.com script.4dex.io
2	connect.facebook.net	ye-mek.net connect.facebook.net
2	images.dmca.com	ye-mek.net
2	www.googletagmanager.com	ye-mek.net adv.office-partner.de
2	ye-mek.net	www.cloakan.co ye-mek.net
2	www.cloakan.co	pcloak.blob.core.windows.net
1	ssbsync.smartadserver.com	8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	futalis.de	hal90001.redintelligence.net
1	adv.office-partner.de	hal90001.redintelligence.net
1	static-de.ad4mat.net	as.ad4m.at
1	pixel.mathtag.com	tags.mathtag.com
1	tr.blismedia.com	8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
1	www.gstatic.com	8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
1	prod-rtb.ad4mat.net	pcloak.blob.core.windows.net
1	mug.criteo.com
1	imasdk.googleapis.com	c1.imgiz.com
1	feed.pghub.io	pghub.io
1	a.teads.tv	static.virgul.com
1	bidder.criteo.com	static.virgul.com
1	hbopenbid.pubmatic.com	static.virgul.com
1	prebid-server.rubiconproject.com	static.virgul.com
1	mp.4dex.io	static.virgul.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	pghub.io	static.virgul.com
1	www.google-analytics.com	www.googletagmanager.com
1	s7.addthis.com	ye-mek.net
1	ajax.googleapis.com	ye-mek.net
0	hb.emxdgt.com Failed	static.virgul.com
282	80

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
www.ye-mek.net RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-29` - `2023-07-07`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
1099124734.rsc.cdn77.org R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
images.dmca.com R3	`2023-05-13` - `2023-08-11`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-09-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-21` - `2023-06-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-31` - `2023-08-31`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.programattik.com GeoTrust RSA CA 2018	`2022-10-25` - `2023-10-25`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-27` - `2023-09-09`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-06-04` - `2023-09-02`	3 months	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
redintelligence.net R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
adv.office-partner.de R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
pv.medialead.de R3	`2023-04-15` - `2023-07-14`	3 months	crt.sh
*.futalis.de R3	`2023-04-17` - `2023-07-16`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Frame ID: 6429552CBE18626E37F51C437358AA23
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: BF298C8D62AAB827CA91346BA6BE2A3D
Requests: 118 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 2A964091CD612C221E2EB7CEE8C288B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html
Frame ID: 0939C2527B2EC40381910AFA663F6171
Requests: 1 HTTP requests in this frame

Frame: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 374270667666396DD2A4C7AE499D4DBF
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: B6E8D3FF52A235C89B76C042396AD077
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572848409&bpp=3&bdt=805&idt=281&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&nras=1&correlator=2759026751804&frm=24&ife=1&pv=2&ga_vid=124224886.1686572848&ga_sid=1686572849&ga_hid=942458658&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C42532277%2C44759842%2C44759875%2C44759926%2C31071755%2C31075258%2C44785292%2C44788442&oid=2&pvsid=2066474080395047&tmod=1889489679&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.2edd8e6cgc54&fsb=1&dtd=339
Frame ID: DCA476EC2222E43E0F1E41D4F4C6067D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Frame ID: 0A379CEF719BCE11AEF7E0BF4D0808AC
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 482FE3B5ED8BCF273BE6341D74842041
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E4F39695A4D621AF20C840D58EA777FB
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: 464A3C379A66DA6C71FED696B67DCCB1
Requests: 2 HTTP requests in this frame

Frame: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1661B36B126B53037DD302A67318DA0B
Requests: 7 HTTP requests in this frame

Frame: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B70FFAC50D0699F66958D7071D9C315F
Requests: 9 HTTP requests in this frame

Frame: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 990C9D3A2EC44258DF1740E30159FD8C
Requests: 8 HTTP requests in this frame

Frame: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 659C944601333CB68329CD220AE71DB7
Requests: 7 HTTP requests in this frame

Frame: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9A9574D25DAB4F2B735B6CF1B2F6C004
Requests: 18 HTTP requests in this frame

Frame: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 308AD28B12D4710C69BF60086501CF03
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html
Frame ID: 5A2212AA3832738684A26BA30F0C342D
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jc13nkh2tnjzww7rf371mjb08a41rfwg606mpva71ve56wb3mx0q1pjjh7ecq6kng4pjzk189mh7jntdh7a0r0kttbynd9y6q7qbb5aqsx8db7ahcx31yejvgc64z04cj8ejhzp0qpf5p6yacxeqgar4nfpt94r551pavjka2j4k253ayscg869z1d2cebj1xqs7jqj4ykygfqxj51bt1h51mj2jgvc70nzt5cqbhmdnacvdx3w7qpwrx9cn61192zbj59774t3y3te6vc8v3ajctcm4j9gh7veqfm37me8bpmbbagf66brc47vgdr2f8bx5sk3w28kw13e7gpm28h3w40gee7fz2m9cy8kvp7rn4tqpyb8dftk7gkr53wyz0v0gs86b0zy0cb3gfrh6r4ja56eqkp77ehm8frxrv78naxmzrrqx0x99bcb9h5r63835mzjwr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%26client%3Dca-pub-7983651257838282%26adurl%3D
Frame ID: 2AED1EF4053E9F5A7FD4005FA06D1960
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 25C7E3E5586A7201415D89532737FEA7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/325384295048592582/index.html
Frame ID: 202800393169F5D504FA4DD27B2D127D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html
Frame ID: 1A2810A0414FA638587D58BDD32C3F98
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3E216D3B6B769FFA459A30EEFB547DA9
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: E4C7F88DE477F48FB5CBC62D9CEAAFB0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Frame ID: AD48738404F216F10830385998D4D04A
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: E5C23D10C6B30F558D987E901DBF45C1
Requests: 2 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=66773000075975500951389012353001&t=htlp&gdpr=1&consent=1&gdpr_consent=li
Frame ID: 29F8C3EF6DE7AB570C82209A0361E0A6
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2782197028
Frame ID: BC29B33FA42C73BB1FB607DE2257B2F4
Requests: 2 HTTP requests in this frame

Frame: https://hal90001.redintelligence.net/request_content.php?s=66773000075975500951389012353001&a=8e1c7943
Frame ID: 8380AED989660EB62A0BF65514F540B6
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F37A1D9774AA886236DB1BA38CD6AA83
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=6d5027417b0be1e1ba285f404cea03e0%2F9658128626851508511&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686572851684&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtmtv74pz56f9ha0ssfxpp3dbdyxgrsxrz51mk62my9ptgzjsns17y61q8vsxb1nhe3jxm09w4s7myqxjb74sjkh8afee4h5qjhs0xvnjgaj5q1pqv4wq8dm0esdv52a3sdwpjqeyn9n591e809psndyd08kbs6wgz024mc18nq51pkw2trmtzp8rp78pgz02x1948je4zg7exke0cmf0tyepvgzbae7hkd6p33b8njtx87epy5wkpwnx199hrx3eakfbrdfxfvmxvgry7qye02zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Frame ID: 1B4BA94F8BCA02B227682D2C3F9CC8E7
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

282
Requests

93 %
HTTPS

44 %
IPv6

53
Domains

80
Subdomains

67
IPs

6
Countries

3627 kB
Transfer

8447 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 121

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 141

https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=b0-w8HxwZkU3UTNKWnNlVVpzeUp1eWJmREFyZzA1RTQ4RVg3WS9wOUlrclU0dmJOSGgzaXl0Q2NvOHFEdXVaN0UwOGNreDlxU0NwK0lybUVwK3lJWGxNWS9EeDg1MlFvRlAzcGJ3TytqZ3JqaEpBSkYvWUZDbkI5WmZCaWdjSU1jSWJiUnVGVUFiVE1seEhFUHp0bGxCZVA4S2lGNHBBalNXN0xoQmlmTmJ1WnA1dk9PTnMraU01WnUzTlh0Z3U3UWNJRXlvRTNaQi85Qkc1b3BIeWZCbEVyTkd4WmNvOU50V3ZZMnZXT3ZSbzcxWVZSVkU4a0F5L0YzQS82czFqSDlqZWF2TXVpV2I1L3F6VGNjSDBXTU5QQTNkeGtVSHVtM0RSOWlaZlQ4NnFXT3ZVZz18&cppv=2

Request Chain 191

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 203

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPxoxVGSBI-3thBg-oZzl3w&google_cver=1&google_push=ATf1kGPfbNarzVTWdRrXtS0mWHh85IcCL-X8TFz9hbF3bGopasH4ZPOJB0M15SKMUL7yvRiBjgGL02OYjs3YL3A8ocEvUjMwf9mv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzczNzY2ODYzODMwNDA3OTYzMg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPxoxVGSBI-3thBg-oZzl3w&google_cver=1

Request Chain 206

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPBysYiITOq_2dCuq8Ow8zw&google_cver=1&google_push=ATf1kGOG4d8utM0o3WLe2vhCSTbQcVIh7AYVYhZGgdMblSSH7Zttv6pJO1yO-XjW1DwAS-T0306iTTAd1d-QiGTf3vLoEyGQBQv4 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPBysYiITOq_2dCuq8Ow8zw&google_push=ATf1kGOG4d8utM0o3WLe2vhCSTbQcVIh7AYVYhZGgdMblSSH7Zttv6pJO1yO-XjW1DwAS-T0306iTTAd1d-QiGTf3vLoEyGQBQv4&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPBysYiITOq_2dCuq8Ow8zw&google_hm=ZIcPMy5UTsrAznkHNB1tfwAADHcAAAIB&google_nid=index&google_push=ATf1kGOG4d8utM0o3WLe2vhCSTbQcVIh7AYVYhZGgdMblSSH7Zttv6pJO1yO-XjW1DwAS-T0306iTTAd1d-QiGTf3vLoEyGQBQv4

Request Chain 207

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDhM97xzMCPwESxO3qKBhUc&google_cver=1&google_push=ATf1kGPdPLgFutQjgZIOh6uHeeScG3gbLB3xrsJkTmTu6WeErD8i0a8XOLp52YyDDnFSV24BbEc8LdtKZAuKbUGd21oBQEdZxA0D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPdPLgFutQjgZIOh6uHeeScG3gbLB3xrsJkTmTu6WeErD8i0a8XOLp52YyDDnFSV24BbEc8LdtKZAuKbUGd21oBQEdZxA0D

Request Chain 208

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKflYXMRx2ps90xs3rtxuDI&google_cver=1&google_push=ATf1kGOyRWkRC3EU4JwFOm9gFqbZAHTYhW01rU-_D0OyFtWMmfTGQ-N8PdiT6jbWmDIQy0NZOzGdHExYIW8fZAIaJ7_Bcou1aHqo HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGOyRWkRC3EU4JwFOm9gFqbZAHTYhW01rU-_D0OyFtWMmfTGQ-N8PdiT6jbWmDIQy0NZOzGdHExYIW8fZAIaJ7_Bcou1aHqo&google_gid=CAESEKflYXMRx2ps90xs3rtxuDI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI3NjcxMjkzMzY5MjY4NTYxMjI3Ng%3D%3D&google_push=ATf1kGOyRWkRC3EU4JwFOm9gFqbZAHTYhW01rU-_D0OyFtWMmfTGQ-N8PdiT6jbWmDIQy0NZOzGdHExYIW8fZAIaJ7_Bcou1aHqo

Request Chain 209

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENj4RRn_Ko0gC8KAsDIqkHU&google_cver=1&google_push=ATf1kGOfCKHhgMFxyLtqbByZuUvTBG9VBdRJvx_GvtKVKz2HzD1WGlBkzR94d4zjNzbaoBRyqUndXeMZA_V0qdxinLFFA_Sl_Qed HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENj4RRn_Ko0gC8KAsDIqkHU%26google_cver%3D1%26google_push%3DATf1kGOfCKHhgMFxyLtqbByZuUvTBG9VBdRJvx_GvtKVKz2HzD1WGlBkzR94d4zjNzbaoBRyqUndXeMZA_V0qdxinLFFA_Sl_Qed HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTYzOTcyMjg1MDExMDA3MDU1Nw%3D%3D&google_gid=CAESENj4RRn_Ko0gC8KAsDIqkHU&google_cver=1&google_push=ATf1kGOfCKHhgMFxyLtqbByZuUvTBG9VBdRJvx_GvtKVKz2HzD1WGlBkzR94d4zjNzbaoBRyqUndXeMZA_V0qdxinLFFA_Sl_Qed

Request Chain 211

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPxoxVGSBI-3thBg-oZzl3w&google_cver=1&google_push=ATf1kGPeZAzn8qxBnw7Xx9IbD3s9k1ZY-fOInL1FOSe4k7UjxdBwqfWZrKAGHy77Fl-6UsiYO1VN26ApaJ8fUpMh7Lzl4b0gt2SDHA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzUyMTQ5NTg1NjE5MDI5NTgyNA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPxoxVGSBI-3thBg-oZzl3w&google_cver=1

Request Chain 212

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPNcYZNl9IuNkHyCGszaSpw&google_cver=1&google_push=ATf1kGOfwOSAtVemDTrU2TWW-vka74L4bQt3YfMux3vsPZZGnEVo2wKQJzYAmld_ENNzYz6kmDjmDbufvNsjTzTXQ5DpfP4vuKzdlA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPNcYZNl9IuNkHyCGszaSpw&google_push=ATf1kGOfwOSAtVemDTrU2TWW-vka74L4bQt3YfMux3vsPZZGnEVo2wKQJzYAmld_ENNzYz6kmDjmDbufvNsjTzTXQ5DpfP4vuKzdlA

Request Chain 214

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEDB_u7K3sqbfNvCdNxZFxdc&google_cver=1&google_push=ATf1kGOFu9iZa7Jne24glp0XW_ZJ-_abUC01Br_NoBBAFM0xpsX3Jw-K7SGB-jVW_28AaJ2a58Y0FbD45k_HtpCM0oL0foqfZCfAjw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-zIBCJDDj5zfGYuuwHlITJp_n-OA77pSuDkSQ6A&google_push=PUSH_DATA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Request Chain 215

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMvQQcV-Ya7v6E-fKfp3blY&google_cver=1&google_push=ATf1kGPLOeJwPrTju7Fo3y69Qicqm0e0Gis-FLQtrDzH0gUpEw_GqOxYhqQnJYJcLLj8eDJPkQbeGoqwYhvmbhWhdNaDsYBXcaxsxQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElTVFhFU1otMUwtTDVERg==&google_push=ATf1kGPLOeJwPrTju7Fo3y69Qicqm0e0Gis-FLQtrDzH0gUpEw_GqOxYhqQnJYJcLLj8eDJPkQbeGoqwYhvmbhWhdNaDsYBXcaxsxQ

Request Chain 216

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKflYXMRx2ps90xs3rtxuDI&google_cver=1&google_push=ATf1kGNaf1kOjzA0hHrIbYBAGbX-meOjyKe8FuNQwnic6dHjZLaKkjWq_CyiqD_9FfIc63ZJVYej_Jc49KDo2cnU3ed6ncZNJYoHBg HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGNaf1kOjzA0hHrIbYBAGbX-meOjyKe8FuNQwnic6dHjZLaKkjWq_CyiqD_9FfIc63ZJVYej_Jc49KDo2cnU3ed6ncZNJYoHBg&google_gid=CAESEKflYXMRx2ps90xs3rtxuDI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI3NjcxMjkzMzY5MjY4NTYxMjI3Ng%3D%3D&google_push=ATf1kGNaf1kOjzA0hHrIbYBAGbX-meOjyKe8FuNQwnic6dHjZLaKkjWq_CyiqD_9FfIc63ZJVYej_Jc49KDo2cnU3ed6ncZNJYoHBg

Request Chain 217

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHWe0_8ZJEavcbPG-YtZ7PU&google_cver=1&google_push=ATf1kGOtadr4QkIvR2omIZnxTkCf3QZDfD5B9AuoakRDqCvSBW9nl70qWV2y-gHQySgpVL84fi2SHwrvwgBLvKbcgFVlvpufnbP6t4E HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHWe0_8ZJEavcbPG-YtZ7PU&google_cver=1&google_push=ATf1kGOtadr4QkIvR2omIZnxTkCf3QZDfD5B9AuoakRDqCvSBW9nl70qWV2y-gHQySgpVL84fi2SHwrvwgBLvKbcgFVlvpufnbP6t4E&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KWjNhUy5WRTJ1R2ZaLkdEbWNjZ1g3c0t6VF8yM3NuMX5B&google_push=ATf1kGOtadr4QkIvR2omIZnxTkCf3QZDfD5B9AuoakRDqCvSBW9nl70qWV2y-gHQySgpVL84fi2SHwrvwgBLvKbcgFVlvpufnbP6t4E

Request Chain 251

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=66773000075975500951389012353001&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2782197028

Request Chain 254

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66773000075975500951389012353001&t=htlp&gdpr=1&consent=1&gdpr_consent=li HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66773000075975500951389012353001&t=htlp&gdpr=1&consent=1&gdpr_consent=li

Request Chain 264

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMvQQcV-Ya7v6E-fKfp3blY&google_cver=1&google_push=ATf1kGPwyi-_ogYJHCBHVlwZ0RYaU-e7u5qUuXl0H4NLt0ctQIpQMVe63bzIKnV60xPEyUQyxh3kvmku7wvxNMHLYcToZil_tE7F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElTVFhFU1otMUwtTDVERg==&google_push=ATf1kGPwyi-_ogYJHCBHVlwZ0RYaU-e7u5qUuXl0H4NLt0ctQIpQMVe63bzIKnV60xPEyUQyxh3kvmku7wvxNMHLYcToZil_tE7F

Request Chain 265

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIVy-ZlTGAU-ZBBKvYmeWIY&google_cver=1&google_push=ATf1kGPO82IXaFKFrZPE9-m2GOkeq4hH2REjhRFnu0N5bSU-o3q8WlcmadAJyi3Z3DLwkxUzjzWtai-sTFpmNo4JacxGnurZOx19 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIVy-ZlTGAU-ZBBKvYmeWIY&google_cver=1&google_push=ATf1kGPO82IXaFKFrZPE9-m2GOkeq4hH2REjhRFnu0N5bSU-o3q8WlcmadAJyi3Z3DLwkxUzjzWtai-sTFpmNo4JacxGnurZOx19&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPO82IXaFKFrZPE9-m2GOkeq4hH2REjhRFnu0N5bSU-o3q8WlcmadAJyi3Z3DLwkxUzjzWtai-sTFpmNo4JacxGnurZOx19&google_hm=GzaruGZHPnuhbBw0TJaqIXHk

Request Chain 266

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDhM97xzMCPwESxO3qKBhUc&google_cver=1&google_push=ATf1kGN17H1MEcu5WFnSJILaOm1zyc_uuBm-3xEBIspa1QdOxPXF4EQbM4nBtPSWPaViOG5f8LH9G5JbnIDr9D8CJ1HeZmgLpYJj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGN17H1MEcu5WFnSJILaOm1zyc_uuBm-3xEBIspa1QdOxPXF4EQbM4nBtPSWPaViOG5f8LH9G5JbnIDr9D8CJ1HeZmgLpYJj

Request Chain 267

https://match.360yield.com/match/ebda?google_gid=CAESEDNJTAi4skYWRgGqG_RfjEE&google_cver=1&google_push=ATf1kGNagaKjy6ZZGKv3Ak6leFBQW_kce-WfERsjErPH2INwlCgYEUjuA54CJneyYzwhRTp4RgrtdMCk48M3ch37AV80QDnIwSnX HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDNJTAi4skYWRgGqG_RfjEE&google_cver=1&google_push=ATf1kGNagaKjy6ZZGKv3Ak6leFBQW_kce-WfERsjErPH2INwlCgYEUjuA54CJneyYzwhRTp4RgrtdMCk48M3ch37AV80QDnIwSnX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=VvTn7oUISMmDq1umxmv1yQ&google_push=ATf1kGNagaKjy6ZZGKv3Ak6leFBQW_kce-WfERsjErPH2INwlCgYEUjuA54CJneyYzwhRTp4RgrtdMCk48M3ch37AV80QDnIwSnX

Request Chain 269

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHWe0_8ZJEavcbPG-YtZ7PU&google_cver=1&google_push=ATf1kGPr5upo0IRA4ZoixMyajatwllyLD7zpEO7AgAWtb2jBsUe4_VZMHxctQVOQvgZtKdbcq-C8ycdm7WlRmbz_KfFO2ubQ2PRQkQ HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHWe0_8ZJEavcbPG-YtZ7PU&google_cver=1&google_push=ATf1kGPr5upo0IRA4ZoixMyajatwllyLD7zpEO7AgAWtb2jBsUe4_VZMHxctQVOQvgZtKdbcq-C8ycdm7WlRmbz_KfFO2ubQ2PRQkQ&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1pbnprbkxKRTJ1SHd2bF9raHM3Mm1NbHpjUjNKVlV3RX5B&google_push=ATf1kGPr5upo0IRA4ZoixMyajatwllyLD7zpEO7AgAWtb2jBsUe4_VZMHxctQVOQvgZtKdbcq-C8ycdm7WlRmbz_KfFO2ubQ2PRQkQ

282 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x6uf5z9e3262.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 629ms
108ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1324
Content-MD5: XPHdOVCmWyxrVVstkB9xGw==
Content-Type: text/html
Date: Mon, 12 Jun 2023 12:27:26 GMT
ETag: 0x8DB5ED08476F0C5
Last-Modified: Sat, 27 May 2023 16:36:27 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 912b07f4-401e-0062-0129-9d802a000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 109ms
108ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-request-id: 912b0850-401e-0062-5829-9d802a000000
Date: Mon, 12 Jun 2023 12:27:26 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 108ms
107ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 12 Jun 2023 12:27:26 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: 6fe259c2-401e-0010-1b29-9d8765000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 216ms
107ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 12 Jun 2023 12:27:26 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: 6fe25a33-401e-0010-7c29-9d8765000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 743 B
681 B 277ms
111ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x6uf5z9e3262
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:25 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 404

GET
H2 200 nv.php Show response
www.cloakan.co/ 232 B
385 B 303ms
173ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:25 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 112

GET
H2 200 / Show response
ye-mek.net/ Frame BF29 76 KB
76 KB 233ms
66ms Document
text/html 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/
Requested by: Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d01397e6937781e826ccb86a43f1b1ca02e2b31cfbf6072d73690b979bf91ba7

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 77380
content-type: text/html; charset=utf-8
date: Mon, 12 Jun 2023 12:27:27 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame BF29 90 KB
33 KB 70ms
18ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 14:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 14:24:39 GMT

GET
H2 200 yemeknet.js Show response
ye-mek.net/js/ Frame BF29 10 KB
2 KB 104ms
103ms Script
application/javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/js/yemeknet.js?v=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Mon, 12 Jun 2023 12:27:27 GMT
content-encoding: br
last-modified: Tue, 20 Aug 2019 13:15:54 GMT
server: Microsoft-IIS/10.0
etag: "0a144655957d51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2179

GET
H2 200 maincss.css
cdn.ye-mek.net/ Frame BF29 40 KB
12 KB 194ms
27ms Stylesheet
text/css 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ye-mek.net/maincss.css?v=434
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 4763445
x-accel-date: 1681809402
x-77-nzt: AcO1rw6i3oP/Na9IAA
x-accel-expires: @1713345402
last-modified: Tue, 24 Nov 2020 00:00:32 GMT
server: CDN77-Turbo
etag: W/"5fbc4d20-9e5b"
x-77-nzt-ray: 90833930e61ba8342f0f876454bc9d2e
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame BF29 120 KB
47 KB 83ms
33ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eeb71f65c246b88e780b7266dc1e5170372fdd60c089023205579113a4d5a2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47547
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jun 2023 12:27:27 GMT

GET
H2 200 searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame BF29 542 B
896 B 30ms
30ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4763444
x-accel-date: 1681809403
content-length: 542
x-77-nzt: AcO1rw6+5Sn/NK9IAA
x-accel-expires: @1713345403
last-modified: Sat, 22 Oct 2022 20:00:57 GMT
server: CDN77-Turbo
etag: "63544bf9-21e"
x-77-nzt-ray: 90833930e61ba8342f0f8764b3edd930
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ara.png
cdn.ye-mek.net/App_UI/Img/ Frame BF29 2 KB
2 KB 35ms
30ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4763435
x-accel-date: 1681809412
content-length: 1651
x-77-nzt: AcO1rw6q/JD/K69IAA
x-accel-expires: @1713345412
last-modified: Mon, 14 May 2018 22:41:08 GMT
server: CDN77-Turbo
etag: "5afa1084-673"
x-77-nzt-ray: 90833930e61ba8342f0f876442793731
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 arasi-elmali-kek-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame BF29 14 KB
14 KB 43ms
36ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/arasi-elmali-kek-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0403acf352d97f4125629cb0d42e156490c93962f561f94d7f3c2f4816c8f415

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 51564
x-accel-date: 1686521283
content-length: 14260
x-77-nzt: AcO1rw5yOC3/bMkAAA
x-accel-expires: @1718057283
last-modified: Sun, 11 Jun 2023 21:40:09 GMT
server: CDN77-Turbo
etag: "64863f39-37b4"
x-77-nzt-ray: 90833930e61ba8342f0f87642f654d31
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pizza-makarna-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame BF29 19 KB
19 KB 54ms
47ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/pizza-makarna-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7205777014978e168136f841b00836b5a9fa6c9dcc0674336483adfa571da005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 135106
x-accel-date: 1686437741
content-length: 19078
x-77-nzt: AcO1rw4NeYD/wg8CAA
x-accel-expires: @1717973741
last-modified: Sat, 10 Jun 2023 22:36:00 GMT
server: CDN77-Turbo
etag: "6484fad0-4a86"
x-77-nzt-ray: 90833930e61ba8342f0f87646c025231
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 balik-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame BF29 16 KB
16 KB 71ms
64ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/balik-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 19eb8aa79e13101d907ddd5ef9d291cbc5d166d22b4c4961359e00f452f1621a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 217191
x-accel-date: 1686355656
content-length: 16229
x-77-nzt: AcO1rw5mm/j/Z1ADAA
x-accel-expires: @1717891656
last-modified: Mon, 05 Jun 2023 20:37:42 GMT
server: CDN77-Turbo
etag: "647e4796-3f65"
x-77-nzt-ray: 90833930e61ba8342f0f876402a75631
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavada-kalcali-but-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame BF29 15 KB
15 KB 82ms
75ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/tavada-kalcali-but-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e95ae6bc878c84c98ce8435e7546c02b847773de6053b098709bd28fce89dc0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 305271
x-accel-date: 1686267576
content-length: 15133
x-77-nzt: AcO1rw6305n/d6gEAA
x-accel-expires: @1717803576
last-modified: Thu, 08 Jun 2023 23:19:39 GMT
server: CDN77-Turbo
etag: "6482620b-3b1d"
x-77-nzt-ray: 90833930e61ba8342f0f8764889a5931
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tencerede-soslu-tavuk-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/05/ Frame BF29 17 KB
17 KB 82ms
75ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/05/tencerede-soslu-tavuk-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e248fc933bd5b08289fa46b3e2629d9d6199a3e711b0d8e109aaf9f57541796d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4763287
x-accel-date: 1681809560
content-length: 17048
x-77-nzt: AcO1rw6QVyP/l65IAA
x-accel-expires: @1713345560
last-modified: Sat, 21 May 2022 22:49:52 GMT
server: CDN77-Turbo
etag: "62896c90-4298"
x-77-nzt-ray: 90833930e61ba8342f0f8764078d5b31
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kilis-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame BF29 16 KB
16 KB 82ms
75ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/kilis-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a89f7bfa14110d591435cd4944c46084d2eacf435adf24032626b6caebe8738f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4763358
x-accel-date: 1681809489
content-length: 16352
x-77-nzt: AcO1rw68kQr/3q5IAA
x-accel-expires: @1713345489
last-modified: Sat, 16 Apr 2022 14:03:03 GMT
server: CDN77-Turbo
etag: "625acc97-3fe0"
x-77-nzt-ray: 90833930e61ba8342f0f876432305d31
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-ekmek-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/03/ Frame BF29 12 KB
12 KB 82ms
75ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/03/tavuklu-ekmek-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 59641e17cbf2747c31456e5ac08ddd332816ebb6b9fc9273ed4989ef979ca5cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4759629
x-accel-date: 1681813218
content-length: 12285
x-77-nzt: AcO1rw6Xyhj/TaBIAA
x-accel-expires: @1713349218
last-modified: Wed, 01 May 2019 23:13:15 GMT
server: CDN77-Turbo
etag: "5cca280b-2ffd"
x-77-nzt-ray: 90833930e61ba8342f0f87649bd55e31
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 soganli-tavuk-sote-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame BF29 14 KB
14 KB 82ms
76ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/soganli-tavuk-sote-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6d4b039e13080924553d42c56051ec773abb13dd903a5ea542eb3d23702a821a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4759096
x-accel-date: 1681813751
content-length: 14064
x-77-nzt: AcO1rw6LEU7/OJ5IAA
x-accel-expires: @1713349751
last-modified: Fri, 21 May 2021 22:11:36 GMT
server: CDN77-Turbo
etag: "60a83018-36f0"
x-77-nzt-ray: 90833930e61ba8342f0f87640180df31
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 misir-ekmegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/04/ Frame BF29 11 KB
12 KB 82ms
76ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/04/misir-ekmegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 63d492638d445ece5c5162c245202c7a7a8db0fcc12c438e020c5128bd2164cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4762973
x-accel-date: 1681809874
content-length: 11439
x-77-nzt: AcO1rw6IRYv/Xa1IAA
x-accel-expires: @1713345874
last-modified: Fri, 10 Apr 2020 01:33:58 GMT
server: CDN77-Turbo
etag: "5e8fcd06-2caf"
x-77-nzt-ray: 90833930e61ba8342f0f8764b1d6e331
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sikicik-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/11/ Frame BF29 16 KB
16 KB 82ms
76ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/11/sikicik-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c9f0d58bfa4a06dfe46ca39b3f3aaeafea15acd2b32ecff16df4795806d82da1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4763287
x-accel-date: 1681809560
content-length: 16008
x-77-nzt: AcO1rw5g0Vb/l65IAA
x-accel-expires: @1713345560
last-modified: Thu, 04 Nov 2021 21:22:00 GMT
server: CDN77-Turbo
etag: "61844ef8-3e88"
x-77-nzt-ray: 90833930e61ba8342f0f876466fae631
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 saksi-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/08/ Frame BF29 14 KB
14 KB 82ms
76ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2013/08/saksi-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 27b521443caa2567c561c9a2bd377929f40cf7fb68113ccbc4b42669c6841e79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4763293
x-accel-date: 1681809554
content-length: 13931
x-77-nzt: AcO1rw7NEc3/na5IAA
x-accel-expires: @1713345554
last-modified: Wed, 01 May 2019 22:17:07 GMT
server: CDN77-Turbo
etag: "5cca1ae3-366b"
x-77-nzt-ray: 90833930e61ba8342f0f8764e174e931
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tas-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/10/ Frame BF29 11 KB
11 KB 82ms
76ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/10/tas-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4759616
x-accel-date: 1681813231
content-length: 10807
x-77-nzt: AcO1rw43xXL/QKBIAA
x-accel-expires: @1713349231
last-modified: Wed, 01 May 2019 23:24:41 GMT
server: CDN77-Turbo
etag: "5cca2ab9-2a37"
x-77-nzt-ray: 90833930e61ba8342f0f87649d27ec31
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-porsiyon-musakka-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame BF29 18 KB
18 KB 82ms
77ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/firinda-porsiyon-musakka-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9edb23e141fe20aa066d445f9933b24561e461ab1f90a02d40dd2027023a94cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4762670
x-accel-date: 1681810177
content-length: 17964
x-77-nzt: AcO1rw4uKRb/LqxIAA
x-accel-expires: @1713346177
last-modified: Thu, 14 May 2020 23:54:34 GMT
server: CDN77-Turbo
etag: "5ebdda3a-462c"
x-77-nzt-ray: 90833930e61ba8342f0f87645238f231
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 cokertme-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/07/ Frame BF29 16 KB
16 KB 82ms
77ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2013/07/cokertme-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: de828c1de3b057a2132f7e790523411695d4c0189b0eaeb5f0f4f3d92462a540

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4762316
x-accel-date: 1681810531
content-length: 15954
x-77-nzt: AcO1rw6o9l3/zKpIAA
x-accel-expires: @1713346531
last-modified: Wed, 01 May 2019 22:16:47 GMT
server: CDN77-Turbo
etag: "5cca1acf-3e52"
x-77-nzt-ray: 90833930e61ba8342f0f8764a628f531
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kofteli-patates-dizmesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame BF29 16 KB
16 KB 82ms
77ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/kofteli-patates-dizmesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 089371c2d0c637c172d5af2ba670a229c49df18790fa29a8c9a3d4af7796f2c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4763317
x-accel-date: 1681809530
content-length: 16315
x-77-nzt: AcO1rw6dNPf/ta5IAA
x-accel-expires: @1713345530
last-modified: Fri, 22 May 2020 22:51:08 GMT
server: CDN77-Turbo
etag: "5ec8575c-3fbb"
x-77-nzt-ray: 90833930e61ba8342f0f87640762f831
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavada-domates-soslu-kofte-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame BF29 14 KB
14 KB 82ms
77ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/tavada-domates-soslu-kofte-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6ce801c9b5a18d6e9a2b6914f7fcbb927cacf7199e21c2318ac42e594102e2a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4761519
x-accel-date: 1681811328
content-length: 14222
x-77-nzt: AcO1rw4ZBtf/r6dIAA
x-accel-expires: @1713347328
last-modified: Thu, 07 Apr 2022 21:23:55 GMT
server: CDN77-Turbo
etag: "624f566b-378e"
x-77-nzt-ray: 90833930e61ba8342f0f8764fa29fb31
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tencerede-tavuk-pirzola-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/02/ Frame BF29 13 KB
13 KB 83ms
77ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/02/tencerede-tavuk-pirzola-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9aa15f3d270011a0d81029fc96091ebec29d9cd93a32ffb12eda6e0db7649665

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4763300
x-accel-date: 1681809547
content-length: 13004
x-77-nzt: AcO1rw7d54n/pK5IAA
x-accel-expires: @1713345547
last-modified: Sun, 21 Feb 2021 23:47:08 GMT
server: CDN77-Turbo
etag: "6032f0fc-32cc"
x-77-nzt-ray: 90833930e61ba8342f0f87643e87fd31
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-sultan-kebabi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/05/ Frame BF29 12 KB
12 KB 83ms
78ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/05/tavuklu-sultan-kebabi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2214a9c42ac416d027c9814595f62b198356d64ee8eebd6cef1ab5ba1def247d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4762004
x-accel-date: 1681810843
content-length: 11963
x-77-nzt: AcO1rw6WrkH/lKlIAA
x-accel-expires: @1713346843
last-modified: Wed, 01 May 2019 22:58:17 GMT
server: CDN77-Turbo
etag: "5cca2489-2ebb"
x-77-nzt-ray: 90833930e61ba8342f0f87645cda1432
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-tas-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame BF29 14 KB
15 KB 83ms
78ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/tavuklu-tas-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5c43ed02f9d0a2a773e7f13c481df34f9de77c425c368f5cb3398d7e67152e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4763358
x-accel-date: 1681809489
content-length: 14751
x-77-nzt: AcO1rw75wbr/3q5IAA
x-accel-expires: @1713345489
last-modified: Wed, 05 May 2021 00:03:16 GMT
server: CDN77-Turbo
etag: "6091e0c4-399f"
x-77-nzt-ray: 90833930e61ba8342f0f876402101732
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavada-tavuk-sis-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2014/07/ Frame BF29 15 KB
16 KB 83ms
78ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2014/07/tavada-tavuk-sis-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4bff962fb085bc7a7d81b7a59a2dceb2a6dd7f44a6d25af7040fd62f86393a05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4763358
x-accel-date: 1681809489
content-length: 15765
x-77-nzt: AcO1rw5rhE7/3q5IAA
x-accel-expires: @1713345489
last-modified: Wed, 01 May 2019 22:26:43 GMT
server: CDN77-Turbo
etag: "5cca1d23-3d95"
x-77-nzt-ray: 90833930e61ba8342f0f8764ecfb1832
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mercimekli-pirasa-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame BF29 17 KB
17 KB 83ms
78ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/mercimekli-pirasa-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0d8812f5547b313d30ae9c9b712b8fc50eafb19ab00a1658b484a35de8f78fba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4760499
x-accel-date: 1681812348
content-length: 17093
x-77-nzt: AcO1rw6BXib/s6NIAA
x-accel-expires: @1713348348
last-modified: Sun, 05 Mar 2023 21:20:02 GMT
server: CDN77-Turbo
etag: "64050782-42c5"
x-77-nzt-ray: 90833930e61ba8342f0f876461ae1b32
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 semizotu-borani-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/06/ Frame BF29 17 KB
18 KB 83ms
79ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/06/semizotu-borani-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3a0fad2a356f8d50d02af3a5886e30e159cfa1474984f6fa5ae08d4639e9897f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4762548
x-accel-date: 1681810299
content-length: 17623
x-77-nzt: AcO1rw7JXvb/tKtIAA
x-accel-expires: @1713346299
last-modified: Fri, 03 Jun 2022 22:23:16 GMT
server: CDN77-Turbo
etag: "629a89d4-44d7"
x-77-nzt-ray: 90833930e61ba8342f0f87645f5a1f32
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-tavuk-pirzola-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/06/ Frame BF29 12 KB
13 KB 83ms
79ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/06/firinda-tavuk-pirzola-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 09d46eb1397a55833670832dcac4edf7f7e1d2b170b3eb7c11557cadcfe0a784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4762654
x-accel-date: 1681810193
content-length: 12609
x-77-nzt: AcO1rw6V5QD/HqxIAA
x-accel-expires: @1713346193
last-modified: Wed, 01 May 2019 23:19:17 GMT
server: CDN77-Turbo
etag: "5cca2975-3141"
x-77-nzt-ray: 90833930e61ba8342f0f8764d86d2232
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mastave-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/01/ Frame BF29 13 KB
14 KB 83ms
79ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/01/mastave-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ec5725d4053198fbf31e6d9122e875de3dc5434a7f80748fb848704caf82b322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 134169
x-accel-date: 1686438678
content-length: 13465
x-77-nzt: AcO1rw4K5Nf/GQwCAA
x-accel-expires: @1717974678
last-modified: Thu, 16 Jan 2020 13:07:50 GMT
server: CDN77-Turbo
etag: "5e206026-3499"
x-77-nzt-ray: 90833930e61ba8342f0f8764b1e22432
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 karamelize-soganli-corba-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/06/ Frame BF29 11 KB
11 KB 83ms
79ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/06/karamelize-soganli-corba-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 96da7cbd165c265c74e140817dda609aab677ad3738efac98ce863665dc3512b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4761789
x-accel-date: 1681811058
content-length: 10908
x-77-nzt: AcO1rw5nPIv/vahIAA
x-accel-expires: @1713347058
last-modified: Sat, 04 Jun 2022 21:55:07 GMT
server: CDN77-Turbo
etag: "629bd4bb-2a9c"
x-77-nzt-ray: 90833930e61ba8342f0f8764e6f42732
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 anadolu-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame BF29 14 KB
14 KB 84ms
79ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/anadolu-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1c67a7d5bd4eeea4dac61fdb402693f5ecce11630369d396bd6ec60516bda492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4761805
x-accel-date: 1681811042
content-length: 14404
x-77-nzt: AcO1rw5wHpX/zahIAA
x-accel-expires: @1713347042
last-modified: Tue, 01 Dec 2020 00:12:50 GMT
server: CDN77-Turbo
etag: "5fc58a82-3844"
x-77-nzt-ray: 90833930e61ba8342f0f876429ba2a32
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 balkabagi-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/11/ Frame BF29 14 KB
14 KB 84ms
80ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/11/balkabagi-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 37696e118071c7484a8001f32a4e80edaab20322d5c8ae8e2b1f48a1c45baad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4761276
x-accel-date: 1681811571
content-length: 13941
x-77-nzt: AcO1rw4PAf//vKZIAA
x-accel-expires: @1713347571
last-modified: Wed, 01 May 2019 22:51:05 GMT
server: CDN77-Turbo
etag: "5cca22d9-3675"
x-77-nzt-ray: 90833930e61ba8342f0f8764a2e62d32
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 havuc-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/03/ Frame BF29 9 KB
10 KB 84ms
80ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/03/havuc-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c682503cceca1b904b22355c3303d0065985fd83992209d6d65f1ca4546033b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4760729
x-accel-date: 1681812118
content-length: 9583
x-77-nzt: AcO1rw7YeMb/maRIAA
x-accel-expires: @1713348118
last-modified: Mon, 15 Mar 2021 00:48:39 GMT
server: CDN77-Turbo
etag: "604eaee7-256f"
x-77-nzt-ray: 90833930e61ba8342f0f8764ef9d3032
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 iki-renkli-sutlu-irmik-tatlisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/06/ Frame BF29 15 KB
15 KB 84ms
80ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/06/iki-renkli-sutlu-irmik-tatlisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1223d352430065cc6ee6ecfe6c3ed6e1e4b2f5714817dcf8967ffca08f192c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4761311
x-accel-date: 1681811536
content-length: 15229
x-77-nzt: AcO1rw4rONb/36ZIAA
x-accel-expires: @1713347536
last-modified: Thu, 11 Jun 2020 22:59:34 GMT
server: CDN77-Turbo
etag: "5ee2b756-3b7d"
x-77-nzt-ray: 90833930e61ba8342f0f8764b7dc3232
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hashasli-irmik-tatlisi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/04/ Frame BF29 10 KB
11 KB 84ms
80ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/04/hashasli-irmik-tatlisi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 24762ab428a6fcf11ff285c267ba773b0a63638dcee78a5cc3ea8406f092ad58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4763356
x-accel-date: 1681809491
content-length: 10514
x-77-nzt: AcO1rw5KF6//3K5IAA
x-accel-expires: @1713345491
last-modified: Wed, 01 May 2019 23:16:07 GMT
server: CDN77-Turbo
etag: "5cca28b7-2912"
x-77-nzt-ray: 90833930e61ba8342f0f876493147132
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 biskuvili-yas-pasta-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/10/ Frame BF29 13 KB
13 KB 84ms
80ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/10/biskuvili-yas-pasta-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 25a120a3830417d169351a3985042dc4bcf6e490fbbe75794190d73794836ebe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4760750
x-accel-date: 1681812097
content-length: 13265
x-77-nzt: AcO1rw4NHgj/rqRIAA
x-accel-expires: @1713348097
last-modified: Wed, 01 May 2019 22:49:27 GMT
server: CDN77-Turbo
etag: "5cca2277-33d1"
x-77-nzt-ray: 90833930e61ba8342f0f8764edb37332
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 yaz-helvasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/06/ Frame BF29 14 KB
14 KB 84ms
81ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/06/yaz-helvasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4532ed97c8ec16da3c9275a5345ba6406647074a9c078e609aa9f56c1a40f76b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4762255
x-accel-date: 1681810592
content-length: 13981
x-77-nzt: AcO1rw6ob+f/j6pIAA
x-accel-expires: @1713346592
last-modified: Mon, 08 Jun 2020 21:41:02 GMT
server: CDN77-Turbo
etag: "5edeb06e-369d"
x-77-nzt-ray: 90833930e61ba8342f0f87648b727532
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 uskup-boregi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/08/ Frame BF29 13 KB
13 KB 84ms
81ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/08/uskup-boregi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 75f2b3e1739c7ed8ee367a6990d7f5abdb0fd1040724273ee5a5f87489a41228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4762310
x-accel-date: 1681810537
content-length: 12833
x-77-nzt: AcO1rw4JsUn/xqpIAA
x-accel-expires: @1713346537
last-modified: Sun, 23 Aug 2020 23:39:16 GMT
server: CDN77-Turbo
etag: "5f42fe24-3221"
x-77-nzt-ray: 90833930e61ba8342f0f87640c397732
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 cilbir-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/05/ Frame BF29 13 KB
13 KB 84ms
81ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2013/05/cilbir-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 97831ff1642b67d43154d0b76a95e26b0fd8ec1533c4ba30c37ea1c0bdfb30e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4761205
x-accel-date: 1681811642
content-length: 12850
x-77-nzt: AcO1rw4BiiH/daZIAA
x-accel-expires: @1713347642
last-modified: Wed, 01 May 2019 22:14:43 GMT
server: CDN77-Turbo
etag: "5cca1a53-3232"
x-77-nzt-ray: 90833930e61ba8342f0f876406247932
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavada-ispanakli-kol-boregi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/02/ Frame BF29 14 KB
14 KB 84ms
81ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/02/tavada-ispanakli-kol-boregi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 681ab93dd0600e24018acefe10a3a2c960a04646fc477eb45f13088f9a8a65d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4759904
x-accel-date: 1681812943
content-length: 13911
x-77-nzt: AcO1rw7uJtX/YKFIAA
x-accel-expires: @1713348943
last-modified: Wed, 01 May 2019 22:54:06 GMT
server: CDN77-Turbo
etag: "5cca238e-3657"
x-77-nzt-ray: 90833930e61ba8342f0f876475657b32
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 avokado-ezmesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/08/ Frame BF29 14 KB
14 KB 84ms
81ms Image
image/jpeg 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/08/avokado-ezmesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d389d4e827b1df5e191df76750ebe767b7d290eaafc03264964e576b11b43cb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4753178
x-accel-date: 1681819669
content-length: 14366
x-77-nzt: AcO1rw5YX4H/GodIAA
x-accel-expires: @1713355669
last-modified: Sun, 16 Aug 2020 22:36:31 GMT
server: CDN77-Turbo
etag: "5f39b4ef-381e"
x-77-nzt-ray: 90833930e61ba8342f0f876419587d32
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 _dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame BF29 5 KB
6 KB 86ms
21ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:27 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "8ae3cdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1686572847.cds250.fr8.hn,1686572847.cds153.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length: 5605

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame BF29 56 B
360 B 117ms
46ms Script
text/javascript 23.206.208.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-114.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 12:27:27 GMT
server: Oracle API Gateway
opc-request-id: /E7C4FEC07894685219CF8B5C22105403/458D92940EC136AD4144A44721BAC23C
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ Frame BF29 465 B
585 B 87ms
23ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:27 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1686572847.cds250.fr8.hn,1686572847.cds057.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ Frame BF29 74 KB
26 KB 359ms
61ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e83a6e6d3b514c443964ced040878fe12d03f326240804355adc29084ed7ca8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:28 GMT
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 17:43:14 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame BF29 3 KB
3 KB 70ms
20ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4daf38a37358da6ba33e9260e8381f7d678a26351b7a368bcff17b79f3c38ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 12:27:27 GMT
content-md5: oncchR4M4jv4Z8bZt4bdug==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: GBfowuEsOdpUeOyzXWOug5UHKJtTiQ6IyPyxlRn5uAtYcSEYThD+vTPengqf00UqXbiZdUHZlVwcEnxF9bPRcg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 660b0ff00392778a64a9ef5ccdde46c3
cross-origin-opener-policy: same-origin-allow-popups
etag: "b763da2af480ec8db16ff1f5bbed9af2"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 12 Jun 2023 12:41:24 GMT

GET
H2 200 sprite_3.png
cdn.ye-mek.net/grafik/ Frame BF29 21 KB
21 KB 83ms
81ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by: Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ye-mek.net/maincss.css?v=434
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 12 Jun 2023 12:27:27 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4763445
x-accel-date: 1681809402
content-length: 21525
x-77-nzt: AcO1rw4XTV7/Na9IAA
x-accel-expires: @1713345402
last-modified: Mon, 14 May 2018 20:55:05 GMT
server: CDN77-Turbo
etag: "5af9f7a9-5415"
x-77-nzt-ray: 90833930e61ba8342f0f8764cd307f32
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame BF29 51 KB
21 KB 76ms
24ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 11:04:48 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4959
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 12 Jun 2023 13:04:48 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame BF29 307 KB
87 KB 39ms
19ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=e2416d457abff81aa3341f734e2f9c36

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ffc2b5053becd181a15bf01a1cb3b959ca9e406a6557db62579dacd96defb5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Jun 2023 12:27:27 GMT
content-md5: wN2g+3+E4mmCwELEbVqrBQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88757
x-fb-rlafr: 0
x-fb-debug: nUEpEpicWLYWXAvnBDwTbdWyDhSw5rwUUmdAE4kqN6awMtPyiFg87O9fiO1gySspcfTMv4AM+Gw7MzOJhkbpPA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: cef0adef4312265bee2ca10d4d5458de
cross-origin-opener-policy: same-origin-allow-popups
etag: "80d06e60beb21f89ee49cbd4776f5720"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 11 Jun 2024 10:22:42 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BF29 75 KB
25 KB 161ms
100ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb879f6f8efab99f91e14e9cdc5979e96007d040b4f66a6b33f7c7a61cadea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25256
x-xss-protection: 0
server: cafe
etag: 657 / 19520 / 31075210 / config-hash: 18223134292049318635
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 12:27:28 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame BF29 120 B
306 B 58ms
57ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:28 GMT
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame 2A96 891 B
1 KB 58ms
58ms Document
text/html 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Mon, 12 Jun 2023 12:27:28 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BF29 138 KB
47 KB 119ms
68ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a1db06ff695a6dbf5ec21aac5d54a1482bfe865a379bb01eb8bd4dce4e0bc40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47599
x-xss-protection: 0
server: cafe
etag: 17994515765974328481
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 12:27:28 GMT

GET
H2 200 prebid7.38.0.js Show response
static.virgul.com/theme/mockups/outside/ Frame BF29 489 KB
182 KB 65ms
64ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:28 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:56:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame BF29 235 KB
57 KB 99ms
20ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17f4c082b272213f4da075af5c73893db6c70f060c8441ff6e70f7251324ff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:23:15 GMT
content-encoding: gzip
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront), 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified: Thu, 08 Jun 2023 19:47:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 254
x-amz-server-side-encryption: AES256
etag: W/"22e740da4e2336def33bbd74ea6796a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: yJo4aMPGjlwKdEUYcatEss7UdGm_P1Kuwg1JQ1N0r--8XVOmCR3snQ==

GET
H2 200 pageview Show response
ng.virgul.com/ Frame BF29 33 KB
5 KB 186ms
90ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1686572848243&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.7181847865121309
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cae1a621b632d777a710d463253856796b8a4acfea09028dd9e0cae076417dae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:28 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/fallback/ Frame BF29 12 KB
2 KB 58ms
58ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19520
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:28 GMT
content-encoding: gzip
last-modified: Wed, 31 May 2023 14:14:23 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 hb Show response
ng.virgul.com/ Frame BF29 49 KB
5 KB 176ms
83ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=468492
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: c823201798005c8f4f9254248e1995aa38eab8e4d3c7d8263c568a8a1752c1e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:28 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame BF29 0
308 B 28ms
26ms XHR
text/plain 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 09:18:34 GMT
via: 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 11334
x-cache: Hit from cloudfront
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: QVlbBH4X8pOR8YXlDGqMKDEmT61Sz7z5w2vlVXLhhmi4qIa6ilbGQw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame BF29 6 KB
3 KB 76ms
20ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding: gzip
via: 1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront)
date: Mon, 12 Jun 2023 06:10:02 GMT
x-amz-cf-pop: FRA56-P3
age: 24172
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 01:35:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: GTBvcFQCO_GWNO3UVIwanB_HctNz16TQUudB02TZNgzlSo7Ud4u7Qw==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/ Frame BF29 352 KB
118 KB 128ms
86ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1745404afda8b9f849707bf0c32b0e1651cee0c8cf8b9e5e8a83df40e3374c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121041
x-xss-protection: 0
server: cafe
etag: 7976741596842825238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 12:27:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/ Frame 0939 10 KB
5 KB 70ms
21ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 18:54:38 GMT
etag: 15057649708203361565
expires: Sun, 25 Jun 2023 18:54:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/ Frame BF29 404 KB
125 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbbc366133eebc269aa0b4c9893140db2b61666a03417b07923f8201846ed8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 09:22:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11077
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127525
x-xss-protection: 0
server: cafe
etag: 1285551304932764827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:22:51 GMT

GET
H2 200 empowerwebplayer3.js Show response
static.virgul.com/theme/mockups/outside/ Frame BF29 9 KB
3 KB 58ms
58ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 35b21209877b5b74adcb3a1bd21f8fd45a5ee0ea13d754f7d69bad34147800bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:28 GMT
content-encoding: gzip
last-modified: Mon, 05 Jun 2023 18:40:24 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/sites/ Frame BF29 11 KB
5 KB 59ms
58ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=468492
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:28 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 09:08:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ Frame BF29 17 KB
5 KB 94ms
20ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 11:58:42 GMT
content-encoding: gzip
age: 1726
x-guploader-uploadid: ADPycdug_sdl2uzBVFDWGsLuP2JXnfo5PAd7fD8U5OaZlf90tGDmz0xMq2bLTBi2ywpQbQvUEP1mcJtd-1dcn53MBhCySw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5009
last-modified: Mon, 05 Jun 2023 16:36:50 GMT
server: UploadServer
etag: "47a886353056caf33a998c6041e20896"
vary: Accept-Encoding
x-goog-generation: 1685983010517890
x-goog-hash: crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 5009
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ Frame BF29 0
209 B 62ms
61ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1686572848471&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnet5c80b025-94a4-461b-9820-7c21f2fc0de0&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.5818023746709666
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 12 Jun 2023 12:27:28 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame BF29 483 B
1 KB 82ms
26ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 12:27:28 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Tue, 06 Jun 2023 12:52:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 514990
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v1MAtOmCoA6XV1Y4vOIIs5%2FdDxepgMLEVA8xyKaVt45xD%2ByLaPVb045UF6%2BXUTG9f%2FD1nHT9kVWKEy9jHMovEvMgV0LYRAhpo0%2BwG%2FH908XhwUoDiHyjtrX6nCHTfoIZwy5JHoVfsahc7GMl"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7d62168fc8fb18f1-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame BF29 23 B
459 B 148ms
57ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=SmszumO7NM3J9&cb=0&ws=1600x1200&v=23.605.2213&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:28 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: YRF67CS8GGAWWEV0Y7B9
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 5Z8OCmrxPi4S3wjFEU7uI2-MViMtZvTGQRU7rQvzJQWGsSQiHIStSg==

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BF29 107 B
456 B 79ms
31ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BF29 63 KB
14 KB 384ms
383ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2066474080395047&correlator=1160273212556970&eid=31072020%2C31075063%2C31075210&output=ldjh&gdfp_req=1&vrg=202306080101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686572848243%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet5c80b025-94a4-461b-9820-7c21f2fc0de0%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet5c80b02594a4461b98207c21f2fc0de0&sc=1&cdm=ye-mek.net&abxe=1&dt=1686572848564&lmt=1686572848&dlt=1686572847605&idt=910&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=pvuo3l5yfpd8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=124224886.1686572848&ga_sid=1686572849&ga_hid=942458658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf48cc968dc811cb5eb4d3dea1c476e5f91880d42fff90dba092d7b0c6ced468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13833
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3742 6 KB
3 KB 100ms
26ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 12:27:28 GMT
expires: Tue, 11 Jun 2024 12:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 prebid Show response
mp.4dex.io/ Frame BF29 0
281 B 102ms
53ms XHR
text/plain 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:28 GMT
x-err: Parsing the Prebid Request. adrequest and manager domains do not match
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7d62169019d118ef-FRA
expires: 0

POST /
hb.emxdgt.com/ Frame BF29 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BF29 361 B
1 KB 91ms
29ms XHR
application/json 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b056eb970e34d6a4e18c469a41ede71c79082bf40ac841cf3f5549912d36af7a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Jun 2023 12:27:28 GMT
AN-X-Request-Uuid: 9dd2df36-02e3-47cb-a443-9788341e9290
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 361
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame BF29 0
527 B 176ms
70ms XHR
text/plain 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame BF29 173 B
400 B 134ms
24ms XHR
application/json 3.64.112.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.112.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-112-248.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: aafa3e1ed47a88da681dc3605234b8ab12ac6d46bcc8f910715fcdfcf2218702

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:28 GMT
content-encoding: gzip
x-prebid: pbs-java/1.120.0
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame BF29 416 B
741 B 186ms
112ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862172&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2c37278d-8ee7-44dc-998f-65845875a7ce%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&tk_flint=pbjs_lite_v7.38.0&x_source.tid=558ba7a7-4660-4207-a042-b55b1dfa83aa&l_pb_bid_id=262e65e0f9f98f6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6620019165659243
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 680ecf5292c16dfcc39308f1f90ef3b2de6378b7ec56c81a82ac114f2083dde2

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 416
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame BF29 410 B
733 B 160ms
86ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862174&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2c37278d-8ee7-44dc-998f-65845875a7ce%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&tk_flint=pbjs_lite_v7.38.0&x_source.tid=f0a59865-23b4-4a46-a472-33a7c84bd502&l_pb_bid_id=2795ca397e1d59b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6389393205245109
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1a94fa6a7b6a36ae43667a17e734b972282225f77d5cc9afa4f2c1eae26217a7

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 410
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame BF29 404 B
728 B 261ms
187ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746578&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C55%2C57&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2c37278d-8ee7-44dc-998f-65845875a7ce%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead&tk_flint=pbjs_lite_v7.38.0&x_source.tid=0ccf5059-4d47-4e3b-97e2-fbffdc307844&l_pb_bid_id=2808c23566db622&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6838877973972599
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4cef1301e357957806dc748d630533b01d35aeb353591cc8b0414c7cc5d48bd4

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 404
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame BF29 398 B
724 B 346ms
273ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746730&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2c37278d-8ee7-44dc-998f-65845875a7ce%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=1b08e327-686c-4e4c-a7fe-99f583713a23&l_pb_bid_id=29bbebfe4dc779a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.019612674382328388
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8cb6f8390badd77bc5cc503ecaa065a48f1e3f7a28882b7f48c2c5cb9b8a2ac0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 398
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame BF29 397 B
723 B 217ms
144ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746580&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2c37278d-8ee7-44dc-998f-65845875a7ce%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=4278e36b-9c5a-450b-9d71-96671e53f91d&l_pb_bid_id=30dad844d3e3ac8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6931700834063461
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 88014bb1678f27ccd12f365f093df94e44090572780c78170f448cea5bdad694

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 397
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame BF29 408 B
956 B 115ms
41ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862158&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2c37278d-8ee7-44dc-998f-65845875a7ce%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&tk_flint=pbjs_lite_v7.38.0&x_source.tid=0b741e33-9f51-495e-b62a-e6c308c28794&l_pb_bid_id=3219128d2af2576&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6322578292696484
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d8438866a06fe771b806303a6beb5697133f730eff458be4aa366a4f07fc08bb

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 408
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame BF29 24 B
397 B 95ms
31ms XHR
application/json 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.38.0
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 6ca3f1757a2cb89786ba5d7c156a6541a51f8b250009d81d58a2f7a8446ea7b0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 12 Jun 2023 12:27:28 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ye-mek.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BF29 472 B
1 KB 84ms
30ms XHR
application/json 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6f46d60153e10ddf4036ee99e19a65528cea5d0339dc52b969e2ff4abc136db2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Jun 2023 12:27:28 GMT
AN-X-Request-Uuid: 37ec981d-5e69-4848-830f-d975b539417b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 472
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame BF29 0
528 B 163ms
64ms XHR
text/plain 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame BF29 0
109 B 707ms
367ms XHR
text/plain 204.237.133.116
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.237.133.116 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 12 Jun 2023 12:27:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 hb Show response
cpm.programattik.com/ Frame BF29 0
142 B 240ms
72ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=43&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Mon, 12 Jun 2023 12:27:28 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame BF29 0
141 B 241ms
73ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=45&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Mon, 12 Jun 2023 12:27:28 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame BF29 0
141 B 240ms
73ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=44&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Mon, 12 Jun 2023 12:27:28 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame BF29 0
141 B 240ms
72ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=80&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Mon, 12 Jun 2023 12:27:28 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame BF29 0
189 B 144ms
50ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.38.0&cb=81273081262&lsavail=0

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 12 Jun 2023 12:27:28 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 bid-request Show response
a.teads.tv/hb/ Frame BF29 16 B
377 B 173ms
72ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:28 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Mon, 12 Jun 2023 12:27:28 GMT

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ Frame BF29 7 KB
3 KB 376ms
59ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19520
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:28 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Mon, 19 Jun 2023 12:27:28 GMT

GET
H2 200 zoneview
ng.virgul.com/ Frame BF29 0
209 B 60ms
59ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1686572848617&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnet5c80b025-94a4-461b-9820-7c21f2fc0de0&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.6036814492526965
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 12 Jun 2023 12:27:28 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 tag Show response
feed.pghub.io/ Frame B6E8 13 B
248 B 110ms
33ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Mon, 12 Jun 2023 12:27:28 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame BF29 74 KB
23 KB 71ms
31ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 12:27:28 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 514793
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 12:52:54 GMT
Server: cloudflare
ETag: W/"845b176368f98c92daf7aa531dcbc491"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hf5qSDsgocyJKTOmjjUOLNYd2Ew9TrxZIZPuT4xn3ot45uDXeIbs%2FxNiZARfHMBqqwsSwjjdc2ToyTHw%2BFg2KrHXff25R7qnc245qEkbyyoEB0CCY5G21BnFZScu0SpBvDGacpI%2BHlfdYlcF"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7d6216903b28914a-FRA

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BF29 107 B
165 B 31ms
30ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DCA4 603 B
218 B 89ms
84ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572848409&bpp=3&bdt=805&idt=281&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&nras=1&correlator=2759026751804&frm=24&ife=1&pv=2&ga_vid=124224886.1686572848&ga_sid=1686572849&ga_hid=942458658&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C42532277%2C44759842%2C44759875%2C44759926%2C31071755%2C31075258%2C44785292%2C44788442&oid=2&pvsid=2066474080395047&tmod=1889489679&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.2edd8e6cgc54&fsb=1&dtd=339

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 12:27:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305221508000/ Frame 0A37 222 KB
61 KB 95ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Jun 2023 03:47:12 GMT
age: 549617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61790
x-xss-protection: 0
server: sffe
etag: "dc39a5ea8e84372b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 05 Jun 2024 03:47:12 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 0A37 15 KB
5 KB 130ms
57ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 10 Jun 2023 04:33:48 GMT
age: 201221
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "68ea093d80ab2def"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 09 Jun 2024 04:33:48 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 0A37 94 KB
28 KB 132ms
59ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 10 Jun 2023 06:02:30 GMT
age: 195899
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28884
x-xss-protection: 0
server: sffe
etag: "52a0fa5b1f73dc96"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 09 Jun 2024 06:02:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 0A37 5 KB
2 KB 140ms
68ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 10 Jun 2023 06:37:49 GMT
age: 193780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1912
x-xss-protection: 0
server: sffe
etag: "64a18d292337e38c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 09 Jun 2024 06:37:49 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 0A37 40 KB
13 KB 141ms
69ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Jun 2023 21:30:23 GMT
age: 226626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "4886bdcdd7fc48e5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Jun 2024 21:30:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A37 14 KB
2 KB 74ms
29ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Jun 2023 12:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 10:37:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jun 2023 12:27:29 GMT

GET
H2 200 tr_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0A37 3 KB
3 KB 92ms
26ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr_bl.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb8e687f8ef4d4838ea77f88aa15f238529f8273aa2d22b7efc8ff18460f7757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:27:53 GMT
x-content-type-options: nosniff
server: cafe
age: 32376
etag: 2395455429816220802
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3040
x-xss-protection: 0
expires: Tue, 13 Jun 2023 03:27:53 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0A37 344 B
714 B 91ms
26ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 82339
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 12 Jun 2023 13:35:10 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0A37 0
0 67ms
67ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6p1rMA-HZNLkJsew7_UPhMmT2AKxhKPdcNzC-Yj2CdrZHhABIMCygmtglYKAgKwHoAGn64PyAsgBAakCLNJtuXmyZj7gAgCoAwHIAwqqBNkBT9DMtNN5iHVcEAewvuEh4jXePc4lyFJ_VxLrYjD4lt6EW9sxISn3K5FP8V0ok0wD9iUzP2YVjIvam2rGjDjXY-sarc97QPeyVmifk4sdHnILIZ6Ff3ZkO0HQG2HzfkikanzdYnnJnHHPDINqweFBAKZivDZCQVpT4DRf2YQa9hthZstdeEa6-81sPI-6GKDiLE3bGsVAUPD1TnvtlKtax_UB2thm8WuJq5pu5__tul7hxarrUPZThjYyy4ae3-KBnyPLXPkv_e-MDUwiyezT5azB87jBKQYSF8AEyrTL_v4B4AQBkgUECAQYAZIFBAgFGASgBmaAB8GU_I0BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQmOsB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA8gLAdgTDIgUB9AVAZgWAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=3m7IgsghMnM&uach_m=[UACH]&cid=CAQSLQBygQiDLnrpSg2P-e3H97311hXspFaE9zBLTLkFeUZpdbgZ6wOMclgSMAG1aRgB
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 0A37 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0A37 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 986e429f21810d7b110bdea97fc8a8421cb955d56ed64dc48df589d5972f4c90

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BF29 361 KB
121 KB 99ms
37ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19520

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Mon, 12 Jun 2023 12:27:29 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ Frame BF29 398 KB
128 KB 66ms
65ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=6/12/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19520
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:29 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2023 18:51:56 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Mon, 19 Jun 2023 12:27:29 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0A37 33 KB
34 KB 68ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 494292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 19:09:17 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjwUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0A37 19 KB
19 KB 89ms
40ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjwUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08d75b5efe81a77e5662b604db053d1d0ff9e0d8e9625d480543e1c5b68afb49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:20:32 GMT
x-content-type-options: nosniff
age: 493617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19700
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 19:20:32 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0A37
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

34ms
34ms

Image
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

date: Mon, 12 Jun 2023 12:27:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 5ed7638be4b07a92411bbffe
ng2.virgul.com/tck/imp/ Frame BF29 0
209 B 106ms
58ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7638be4b07a92411bbffe?g=1&t=gb&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1686572848243&userId=vnet5c80b025-94a4-461b-9820-7c21f2fc0de0
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 12 Jun 2023 12:27:29 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BF29 14 KB
11 KB 68ms
68ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306080101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48933afc3e2a21de9759acd5d38355c6ef812f5e64a3138fbc95b47a00182731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11140
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BF29 17 KB
7 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 12:27:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 482F 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10469
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 09:33:00 GMT
expires: Tue, 11 Jun 2024 09:33:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E4F3 783 B
971 B 32ms
31ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

04e7f6b9f61f65d4716aedf7a1926e347d6a657c6ddd640f4c2281f0c6133472

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A3RXVKySHuI3lCDsIeOLJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-A3RXVKySHuI3lCDsIeOLJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 12:27:29 GMT
expires: Mon, 12 Jun 2023 12:27:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame 482F 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 13:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 341745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jun 2024 13:31:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E4F3 0
0 56ms
55ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306080101&jk=2066474080395047&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 482F 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5eHsFA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame BF29 107 B
122 B 30ms
29ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BF29 115 KB
38 KB 751ms
751ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2066474080395047&correlator=19723176027204&eid=31072020%2C31075063%2C31075210&output=ldjh&gdfp_req=1&vrg=202306080101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160%7C640x205&fluid=height&ifi=3&adks=3050045420&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686572848243%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet5c80b025-94a4-461b-9820-7c21f2fc0de0%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet5c80b02594a4461b98207c21f2fc0de0&sc=1&cdm=ye-mek.net&abxe=1&dt=1686572850112&lmt=1686572850&dlt=1686572847605&idt=910&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=hpi1v4hfdzmy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=996x0&msz=996x0&fws=388&ohw=1600&ga_vid=124224886.1686572848&ga_sid=1686572849&ga_hid=942458658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd40f237eea2f94f17b951f7289c187b2575ab5055e3f5ca21e15a494532c590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38571
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BF29 125 KB
45 KB 526ms
526ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2066474080395047&correlator=337511650013723&eid=31072020%2C31075063%2C31075210&output=ldjh&gdfp_req=1&vrg=202306080101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=4&adks=3299242717&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686572848243%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet5c80b025-94a4-461b-9820-7c21f2fc0de0%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet5c80b02594a4461b98207c21f2fc0de0&sc=1&cdm=ye-mek.net&abxe=1&dt=1686572850118&lmt=1686572850&dlt=1686572847605&idt=910&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=rmue79x38w31&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&ga_vid=124224886.1686572848&ga_sid=1686572849&ga_hid=942458658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be93f136c41bb69744385e44af8bd22f67124c71fd11018e13ac03c6d196f409

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNjD_rzdvf8CFWjBuwgdgVQMBQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/7315224385242948676/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNjD_rzdvf8CFWjBuwgdgVQMBQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/7315224385242948676/index.html
date: Mon, 12 Jun 2023 12:27:30 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46234
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BF29 33 KB
14 KB 597ms
597ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2066474080395047&correlator=2750336971545561&eid=31072020%2C31075063%2C31075210&output=ldjh&gdfp_req=1&vrg=202306080101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=5&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686572848243%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet5c80b025-94a4-461b-9820-7c21f2fc0de0%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet5c80b02594a4461b98207c21f2fc0de0&sc=1&cdm=ye-mek.net&abxe=1&dt=1686572850121&lmt=1686572850&dlt=1686572847605&idt=910&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=apnb2cmd8oqg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=124224886.1686572848&ga_sid=1686572849&ga_hid=942458658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc0a744d2c9a2b26c20b9ceea745b32bcc32144ea14cf655d16d3d51a47c97f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14302
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BF29 33 KB
14 KB 536ms
535ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2066474080395047&correlator=1346897860021675&eid=31072020%2C31075063%2C31075210&output=ldjh&gdfp_req=1&vrg=202306080101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=6&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686572848243%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet5c80b025-94a4-461b-9820-7c21f2fc0de0%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet5c80b02594a4461b98207c21f2fc0de0&sc=1&cdm=ye-mek.net&abxe=1&dt=1686572850124&lmt=1686572850&dlt=1686572847605&idt=910&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=o13x0h7dxgcs&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=124224886.1686572848&ga_sid=1686572849&ga_hid=942458658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eeed42dcd5880c6552904e1a38ed4a7bef423327755f9ea62fdc3af864a2c6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13836
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BF29 126 KB
45 KB 570ms
570ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2066474080395047&correlator=1188600295795567&eid=31072020%2C31075063%2C31075210&output=ldjh&gdfp_req=1&vrg=202306080101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=7&adks=3203893797&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686572848243%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet5c80b025-94a4-461b-9820-7c21f2fc0de0%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet5c80b02594a4461b98207c21f2fc0de0&sc=1&cdm=ye-mek.net&abxe=1&dt=1686572850127&lmt=1686572850&dlt=1686572847605&idt=910&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=fom6vdcmwks1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&ga_vid=124224886.1686572848&ga_sid=1686572849&ga_hid=942458658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

579f83393dc328c5bd403411e9088cb9105ca4e918df5bd29f1f668df6aa7bd1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLb9_rzdvf8CFSvBuwgdxbIPKg&gqi=&layout=/sadbundle/%24csp%253Der3%24/7315224385242948676/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLb9_rzdvf8CFSvBuwgdxbIPKg&gqi=&layout=/sadbundle/%24csp%253Der3%24/7315224385242948676/index.html
date: Mon, 12 Jun 2023 12:27:30 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46445
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BF29 126 KB
46 KB 534ms
534ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2066474080395047&correlator=3827755297887890&eid=31072020%2C31075063%2C31075210&output=ldjh&gdfp_req=1&vrg=202306080101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=8&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686572848243%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet5c80b025-94a4-461b-9820-7c21f2fc0de0%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet5c80b02594a4461b98207c21f2fc0de0&sc=1&cdm=ye-mek.net&abxe=1&dt=1686572850131&lmt=1686572850&dlt=1686572847605&idt=910&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=j8nsao12ikn2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=124224886.1686572848&ga_sid=1686572849&ga_hid=942458658&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a25f1a3059a34e09651ba900d02a819165053e139d04adcd56ee514a700ecdf3

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/325384295048592582/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/325384295048592582/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMff_rzdvf8CFdKR_QcdxqUIxQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/325384295048592582/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/325384295048592582/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/325384295048592582/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMff_rzdvf8CFdKR_QcdxqUIxQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/325384295048592582/index.html
date: Mon, 12 Jun 2023 12:27:30 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46571
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ Frame BF29 89 KB
29 KB 152ms
64ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 13 Jun 2023 12:27:30 GMT

GET
H2 200 5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame BF29 0
209 B 58ms
58ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1686572848243&userId=vnet5c80b025-94a4-461b-9820-7c21f2fc0de0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 12 Jun 2023 12:27:30 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 464A 15 KB
6 KB 103ms
36ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 12:27:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 449004
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame BF29 94 KB
30 KB 131ms
64ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-176eb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 13 Jun 2023 12:27:30 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 464A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=b0-w8HxwZkU3UTNKWnNlVVpzeUp1eWJmREFyZzA1RTQ4RVg3WS9wOUlrclU0dmJOSGgzaXl0Q2NvOHFEdXVaN0UwOGNreDlxU0NwK0lybUVwK3lJWGxNWS9EeDg1MlFvRlAzcGJ3TytqZ3JqaEpBSkYvWUZDbkI5WmZCaW...

444 B
658 B

130ms
34ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=b0-w8HxwZkU3UTNKWnNlVVpzeUp1eWJmREFyZzA1RTQ4RVg3WS9wOUlrclU0dmJOSGgzaXl0Q2NvOHFEdXVaN0UwOGNreDlxU0NwK0lybUVwK3lJWGxNWS9EeDg1MlFvRlAzcGJ3TytqZ3JqaEpBSkYvWUZDbkI5WmZCaWdjSU1jSWJiUnVGVUFiVE1seEhFUHp0bGxCZVA4S2lGNHBBalNXN0xoQmlmTmJ1WnA1dk9PTnMraU01WnUzTlh0Z3U3UWNJRXlvRTNaQi85Qkc1b3BIeWZCbEVyTkd4WmNvOU50V3ZZMnZXT3ZSbzcxWVZSVkU4a0F5L0YzQS82czFqSDlqZWF2TXVpV2I1L3F6VGNjSDBXTU5QQTNkeGtVSHVtM0RSOWlaZlQ4NnFXT3ZVZz18&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

33c4e29fe336359170f275e73f9e445cfd3d31967677e461257f6b365c498017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:30 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1144438
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=b0-w8HxwZkU3UTNKWnNlVVpzeUp1eWJmREFyZzA1RTQ4RVg3WS9wOUlrclU0dmJOSGgzaXl0Q2NvOHFEdXVaN0UwOGNreDlxU0NwK0lybUVwK3lJWGxNWS9EeDg1MlFvRlAzcGJ3TytqZ3JqaEpBSkYvWUZDbkI5WmZCaWdjSU1jSWJiUnVGVUFiVE1seEhFUHp0bGxCZVA4S2lGNHBBalNXN0xoQmlmTmJ1WnA1dk9PTnMraU01WnUzTlh0Z3U3UWNJRXlvRTNaQi85Qkc1b3BIeWZCbEVyTkd4WmNvOU50V3ZZMnZXT3ZSbzcxWVZSVkU4a0F5L0YzQS82czFqSDlqZWF2TXVpV2I1L3F6VGNjSDBXTU5QQTNkeGtVSHVtM0RSOWlaZlQ4NnFXT3ZVZz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 327051
content-length: 0
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BF29 0
0 57ms
57ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306080101&jk=2066474080395047&bg=!iomlid3NAAaGYqkwpmI7ADkAdvg8WggF3OECjzuFvtKUE11AkZ1v1UqfOVDMWJYFJv1_sIOi9lo7Zadv4Njb56Fi4EEXCqpNRj4CAAAAUVIAAAADaAEHmQLpQkT6lmPJxqnAuiaVTp_o07l9210l6APfuJOzvVnsQkOG2tpCbwRRNaqE741bIZQuVtHsN4kqFDSNOneJZ29qsbBX5jA_YpKPE_nJItMB8wg-L7g1whgiCQRUA8JagBRfS4Uecte4DFcJ90y62r9fusxfT2PRJd78cyVzISgrk0PSSbh_NAKZomkZhSuYOiT8LahmZNtpZfM30jvuU5JanTJKxX1iRHTDD2N1rvC33gLDQCidIkZ3wNApXAG_gJlORDqWO_DJnt6miKkdPjsVIUQyKnKnC__9pgzDETZ6jCpQvPC9MWzUVsIR_tNh8C5ZUcgtQj9Qsv3nZx2GFuynqPXiplLPiabQgqlMg8t0V0W2tch9qjd06eB6SYXeD6o4ua06RGTi-l8oSi6U-1jSv7kW7kVU2TQRaMiMVdzcL2z-uVY6-vdNyigokJBNzcurwYmh6wVBUKbpjb7JRK0lxPYQDHLEdeLglmFc1JvHapFrqjuaeBPuhCNGo1hdDyMg-FIwTERH9aWvOCynyfx9v8DueiekTBVQ4AP0vlrPXTLI6NLNw3gl7uXvrNMdtMrrD4d3EzEGE196Z3H_-DkFygBnWhGjk1mi-n1AXx2F8mg6NGLQHWfAVQAeHQMsyAFA8I7Kti8fZyEInsSwtcn4s1JPG9fAYTfOnBY3wKtZhEhi3DaOGfCTBAMIoRvskSHbuJIxulWdn6qhhuGbKXFp7bcfz9NsBns6UAEHSGwwlc4AzXy3HpSiLSxG8mkhrV1-EmsCrCmG74lq3lSe5jduv_IQLhsUT7mjZLATpYM4ccGJ-PC7oDQnhKIFYxrBqIlQ9k8XNnTo5VKOP7KJqzdddU6OOpNHGozLo56J98pKIwVzoVdzfcl8GCmRPMdjdZNaee2WU8yVnCbY7Z64NGY1RWWd5fby7m_IxVC0YnXIOYpjG0rhXmwGcavK23xpuCGcS4qFfJx2xioPFpJQSGoh9RW9FQxSPFyf_Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 container.html Show response
8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1661 6 KB
3 KB 26ms
20ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 12:27:28 GMT
expires: Tue, 11 Jun 2024 12:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B70F 6 KB
3 KB 26ms
21ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 12:27:28 GMT
expires: Tue, 11 Jun 2024 12:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 990C 6 KB
3 KB 26ms
22ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 12:27:28 GMT
expires: Tue, 11 Jun 2024 12:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 659C 6 KB
3 KB 26ms
23ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 12:27:28 GMT
expires: Tue, 11 Jun 2024 12:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9A95 6 KB
3 KB 26ms
24ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 12:27:28 GMT
expires: Tue, 11 Jun 2024 12:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 308A 6 KB
3 KB 25ms
25ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js?cb=31075210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 12:27:28 GMT
expires: Tue, 11 Jun 2024 12:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/ Frame 5A22 79 KB
19 KB 21ms
20ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1554eec839b108cdd73d20f9db0806b780b5bdf750e9f4d83f9025e2b7ed0ca9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 549195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19716
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 03:54:15 GMT
expires: Wed, 05 Jun 2024 03:54:15 GMT
last-modified: Wed, 10 May 2023 12:03:25 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1661 0
0 64ms
63ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPyubMg-HZNjiC-iC7_UPgamxKMiu-YBx4MX2i9URzoWhyvYBEAEgwLKCa2CVgoCArAegAdjdy5kDyAEJqQIUao0nTfJ4PuACAKgDAcgDSKoE4AFP0OB1XbJZitTE12akrjPOxOEjek74QebZ2NN_s0lKHfLezZAsRU0XGqjtPG4adfnCmVwe9OJzYBzw4fFwkpUbBGE0R_1sKRbMsQEN5c_lPk0BnRqp2Ce7MVd1dahXG5R4Vj2GTpVrKiiLGEv7s0h1C5xwNiWjH4-sQEQnHQcn0McICgnFkfj9QJRmd-2z0jmL4ZAY9whdhI8wrFRsHYzD-whsXCLsuX5SiE6vO1SM_6zVtuVrJ3x4rVK3IIdvwlP5TFozRrLYYn8_EKtmCouYKXMbqSrFfAOu_DyjSNu7ZsAE18Dnhd8D4AQBkgUECAQYAZIFBAgFGASgBi6AB5CitGaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCVxgjSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=tCQK4dViArE&uach_m=[UACH]&cid=CAQSOwBygQiDnBpr_JjhBQTNIH7fkKQPPNzYiv4p7C7eohDJA2lR_x3fXN4fbAXJ3hpwRJBeFth9UtZtbUZkGAE&template_id=419
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 1661 23 KB
9 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:37:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 1661 3 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 09:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 09:32:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 1661 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:38:27 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B70F 0
0 64ms
64ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cq7lOMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoE_QFP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRJnE9D_jhwFppfiJJEcfbfN8g1jWEbOrbAFrYQG_5cIguXR8lGH14AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=WRuUcYRBxzg&uach_m=[UACH]&cid=CAQSOwBygQiD6QrV3bl9p9ic8xSqORdDti4sTuULdP8d8tknQJO3Sgq3g3DazZLbRfEHvg7MgkdmNnhivOQEGAE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame B70F 0
0 82ms
28ms Fetch
image/gif 2600:1901:0:76b9::

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g5kbfy6b4acj2p1cgz552gb2171dg48tqve7fb0q8qzn556whjtxxjdk0yt5zpgyfa696a0e6qsx79zr5j5marqje6njymh2ztv2zp40vcrbcrg9erc6nkpvjhpxan7qz6cx59fvcrq9p98633dv81r0v4ccwm1j132qc0n7j9zva1mj8fq52jwysc09nppnzf9e8v43cpt3v60cbhn7kk30ce6rrhc6za07yy45t7r25kzyq2vvz1zb911575qbv3nb01rw3g677g4w0a4afpe9njzhrhy7bphtevvr34jwrw38gymwphv12gywqp7jwdcfprn59b3aka5a9kkk3f9qt4r9ntqyc3esdkkqd066e7rspybxn6ptzxr7ndmjk34wsndye2sap15&b=ZIcPMgADBpUIu8igAAjLtGdRK_GEuUuAe4naIQ
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Jun 2023 12:27:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 2AED 2 KB
3 KB 97ms
41ms Document
text/html 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jc13nkh2tnjzww7rf371mjb08a41rfwg606mpva71ve56wb3mx0q1pjjh7ecq6kng4pjzk189mh7jntdh7a0r0kttbynd9y6q7qbb5aqsx8db7ahcx31yejvgc64z04cj8ejhzp0qpf5p6yacxeqgar4nfpt94r551pavjka2j4k253ayscg869z1d2cebj1xqs7jqj4ykygfqxj51bt1h51mj2jgvc70nzt5cqbhmdnacvdx3w7qpwrx9cn61192zbj59774t3y3te6vc8v3ajctcm4j9gh7veqfm37me8bpmbbagf66brc47vgdr2f8bx5sk3w28kw13e7gpm28h3w40gee7fz2m9cy8kvp7rn4tqpyb8dftk7gkr53wyz0v0gs86b0zy0cb3gfrh6r4ja56eqkp77ehm8frxrv78naxmzrrqx0x99bcb9h5r63835mzjwr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%26client%3Dca-pub-7983651257838282%26adurl%3D

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

d5cc685a3df0cf6cb6fbe13c5850854c64c8b93328af9488763f32bdc64b3590

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d62169f1f698fe9-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 12:27:31 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame B70F 3 KB
1 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 09:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 09:32:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 25C7 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Mon, 12 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame B70F 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:38:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B70F 0
0 31ms
30ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvCZPhbjZna3dutEjdPBY1jUGzfUH6DHb5wiTSmXTISz4-H32efrTwK04XSX59kNA4t7MLSX08o5Q6coOkkXhvhtGqAQ
Requested by: Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B70F 24 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 13:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 342115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 07 Jun 2024 13:25:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B70F 175 KB
55 KB 92ms
33ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 12:27:31 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/325384295048592582/ Frame 2028 84 KB
19 KB 20ms
20ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/325384295048592582/index.html

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c310500d429672e89b6cf5c6e9b6b9f2b4e677c6f86c0a0ec45795f3a2a9ad90

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 570205
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19932
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 22:04:06 GMT
expires: Tue, 04 Jun 2024 22:04:06 GMT
last-modified: Thu, 11 May 2023 12:23:44 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 990C 0
0 65ms
65ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CU1wsMg-HZMf-C9Kj9u8PxsuiqAzIrvmAcbet6rfKEdLh0uCyARABIMCygmtglYKAgKwHoAHY3cuZA8gBCakCFGqNJ03yeD7gAgCoAwHIA0iqBN8BT9AhvMPOXvtqRiRAbDLy9pvXJHM8zfD9-tvEcNbaBGa0CoCUaJhnaDzgp-ed94i7oFwIc47qpbCdV0-h1E4N0CsvBNivZpBabYm7xW2pdXL8O5SmJ0ZTZdswDHble90b5AKdglbWrTdyYbg2cu0csGkdSgfBvr_9wdHiN0syM-hNaB7kHiupAnTCTrOd2dN5hMDEYXT7HmLEeopBJzNUdhjA9ZugbO6JuktbjhbYUM1RH3UGltCn-lRnc9P_3TtzY2-yVSc2LOMkDc9a2ybA4mRDVyxHqRJMwAKNuM-3FsAEp8Hnhd8D4AQBkgUECAQYAZIFBAgFGASgBi6AB5CitGaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCqjQLSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=clHncDnFQI8&uach_m=[UACH]&cid=CAQSOwBygQiDCuQfdRVyldkH62PCSCTmiCgRg0TGh4EkVPrKItvV47moVaNEmTHbIhIyQVo5LS3nhShwVPFoGAE&template_id=419
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 990C 23 KB
9 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:37:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 990C 3 KB
1 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 09:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 09:32:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 990C 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:38:27 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/ Frame 1A28 79 KB
19 KB 20ms
20ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1554eec839b108cdd73d20f9db0806b780b5bdf750e9f4d83f9025e2b7ed0ca9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 549196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19716
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 03:54:15 GMT
expires: Wed, 05 Jun 2024 03:54:15 GMT
last-modified: Wed, 10 May 2023 12:03:25 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 659C 0
0 64ms
64ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2b5AMg-HZLacDKuC7_UPxeW-0ALIrvmAceDF9ovVEc6Focr2ARABIMCygmtglYKAgKwHoAHY3cuZA8gBCakCFGqNJ03yeD7gAgCoAwHIA0iqBOABT9BVDZWxbrWtzbQC50cHSZ0rMRFrJLXA8-kUBobgY3kaekUwWiMBgPwI8VCWod6GPH2kyY3JH781OIhU_B7rzqOzfBC8VVCjBWtIN8kXMQ2MV3eXCZmycIcvll6HTO22QKAhRzSW60CurP67rwh7Hdwrc2fGTIPWniQLE7WuIoQ2KELtUdVUUdITOsO4mLSizBoOZpUje5ptLt6j8gECYS5N7_r0GmY_tDcmuEPV9OynowGLyrfKSY3T-eQwvgpsUxJra2Ft2HDA0hKuk-b7d99iV79Lj5FkcQcbzABp0xDABNfA54XfA-AEAZIFBAgEGAGSBQQIBRgEoAYugAeQorRmqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQh8ED0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=gwV6cdzvk5M&uach_m=[UACH]&cid=CAQSOwBygQiD2kVfN_hKqZe0tCamBXlXYo3exR1RqXSQ2FVKnEIgUn2MEbFV0GMAPs2nuzMC1_UOXmNNnWxNGAE&template_id=419
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 659C 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:37:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 659C 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 09:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 09:32:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 659C 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:38:27 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9A95 0
0 63ms
62ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKTPNMg-HZNCSDPKV7_UPzv-0yAfPh46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT3AU_QPMroLr2Gq0JNZLlYM9QicYm5NzpRdUglbWSA7dOW4uYK0rfMQyD2jEDSg7zbTryvSwxLs_yenNhvceo-k_ke9Djw4kJqVZ34VoXELzerr1OiSX_-cPLFve5vpJfd8fgBLsIB4SUa6CfImWDcrbA64-XX5JPVLB7HCGC06VKqtRp1CaGOsAomD9IUJLk-t7aSpqL_Nq0lA8-M-qHtNg6v0Jc1A_6514-d1z4bqusujRd_Z2kGVL68atG9svYG9NZZqkWD0xmPY2jILOq7Y1raYcv-YwsotfkL8hKP_ujBI0kfXDrQlcRREndZV1tM5iqGDx5ASIHgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc5ODM2NTEyNTc4MzgyODIY6sFt&sigh=GsLBxq-G2l4&uach_m=[UACH]&cid=CAQSOwBygQiDbqBc1dyK1v2sly8859NVO83HNDGlS26mspGGPoOAiAmefwQZCOzDWMQxx47VwiXc11lPm34OGAE&tpd=AGWhJms-MMhPO_lNhFWAlxBFbHS8KjF4UBNYtZW06WMX4xMfidWzF0ZVs-U7khWwbC_0Rv4uCVzXcQKDeLlc9X60keHIFpuBZWiW68GbvrdqBl55p37dBADlhpL39B19VYK9YF0hRyNEhngKJOvNeEYU5-wVvQR6Ks77alCBzkM1o3nenNloqBOIp5k6wlzSAMfhg6UUbsnx8nl9N60NXU1HCFcqmzLSb-RNGm0VjxELkutv0hudhodrgJM9qhjH9vMoar0qoeN6cs3J11taoovVu9zHgLK07K3IIMUcN1qQ7RbGufk3lXQrJikpf2LUDVGX_XIFXHeMZsze0hdS5SGUohm3LjAU0J9TiUh7Tl1Z1RbVUeo71egdE2Cl3PAuEVOn9hB3rdiyiD0d_-yvAxA1K37ON2WkvokjiJYWPW-10wTC28QK83WIN-WKYLzq9GhrAbtCbuF3I5h18sM-SiGRHvVbSNG8zhD36CtmFbUJ7iPbMcCeL2-B489JO0JgUD5KjZgEHenPZGin3ky4ZGAiJuTQT2_HvAzcUELB5RoUSqRR8U_H9u35kNF_mV6nBiBsSG8rZT2rlv3mE07nq3LmQwVynkEaupXMArtoBY71hX0RpUMkQNZuxq_GlNEn2L5xwA36jSbspQiqZA29S0SeXXfxNaoz_pclR1M6hrVaw8GUWBa9WqraX1PNyAUHsPpCkHWRiNI2JeA1mJ5xl1Yf3V3Tu-vBHsPFw2u7ds7SJEducam9dQebPmQeqcQR9LMEB2ViHw79ee3PnkVRLQTSt4WDvuMgVRBEtFxSbPFpltWC98notCAYPa-1tCLlRCq7pS6QivpVyWCa4i6mdIhNmYVXP_ulF1PxKpd3PUpS8NJeC5hGRRTRXvqZlLp4d8fqbFSDeRia9OteLT-p4loiZMTO5XZsrnGR5FliuNC8Dc5WIOmeSSch9dbbPD1jUdSDj2LOquPEDc2AsmtzcifEqM9a9pA2QSDp3KJ6j3-HnDlA3lozJdnrANM6uFrFmi75NKUjJgkjB-e-Bi561EoXLJGJeGTzEPsZFd_81ZF6IcR4r0gLf9J3_Tt6st4m6z21hWc6QFv_6pUhady4b2vQVGtDBIZXBcrk-kRIPm0n7G8
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 9A95 3 KB
2 KB 85ms
26ms Script
application/x-javascript 185.29.132.242

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpnMFkyWXlOV1V0T0RjMU9DMDVPR013TFRBd01EQXRNREF3TURBd01EQXdNREF3LzY2OTI5OTMzMjQ5NjQxMjAxNC82NjIyMzMyLzQ1NjIzMDYvNC9ESFNDM3Nsb1NycWg5enJyUjFEdTU0eUlYZXhmZjJNVWZPeE5WenNLRllBLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY2OTI5OTMzMjQ5NjQxMjAxNC96cmgvMC8zMjYvNjAvOTk5LzE2Mi8yMDAxOjFiNjA6Mjo6LzAuMDAwLzE2ODY1NzI4NTAvMTY4NjU4NTQ1MC80L3B1Yi03OTgzNjUxMjU3ODM4MjgyLw/xA1hHw7164gusRu1K55_dwmpLxc&nodeid=3798&group=zrh&auctionid=669299332496412014&pbs_auctionid=669299332496412014&shardkey=669299332496412014&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.172&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC2gbMg-HZNCSDPKV7_UPzv-0yAfPh46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT6AU_QPMroLr2Gq0JNZLlYM9QicYm5NzpRdUglbWSA7dOW4uYK0rfMQyD2jEDSg7zbTryvSwxLs_yenNhvceo-k_ke9Djw4kJqVZ34VoXELzerr1OiSX_-cPLFve5vpJfd8fgBLsIB4SUa6CfImWDcrbA64-XX5JPVLB7HCGC06VKqtRp1CaGOsAomD9IUJLk-t7aSpqL_Nq0lA8-M-qHtNg6v0Jc1A_6514-d1z4bqusujRd_Z2kGVL68atG9svYG9NZZqkWD0xmPY2jILOq7Y1raI8nf8aeUEf6GVlokJqhu01QLVobau9ywr7cZ-KHt-AaeoYf8TwxgzOTgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33eUMIAql3KXG_J8Fvu50QOjNYjg%26client%3Dca-pub-7983651257838282%26adurl%3D
Requested by: Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 -, , ASN (),
Reverse DNS
Software: MMBD/3.390.0 /
Resource Hash: 975c34d0f96aac70ad610a543d81318cb332fc149e3312498afbe3acca506b20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 12:27:31 GMT
x-mm-nodeid: 3798
Content-Encoding: gzip
x-mm-bid-request-time: 1686572850
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Mon, 12 Jun 2023 12:27:30 GMT
Server: MMBD/3.390.0
x-mm-latency: 1 (1)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: zrh-router-x74, zrh-bidder-x57
x-mm-lag: 1
Expires: Mon, 12 Jun 2023 12:27:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 9A95 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 09:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 09:32:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 9A95 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:38:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9A95 0
0 31ms
30ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS11u14YPKm_fXrdgodNa8lDmTzxynuPf5JyoKuQ9-k80-jXS32kozgCqpvdNzhj_CNIb9oModUVrRW_aW1_lL2AGlGjQ
Requested by: Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9A95 24 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 13:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 342115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 07 Jun 2024 13:25:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A95 175 KB
55 KB 91ms
76ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 12:27:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 308A 4 KB
751 B 30ms
28ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Jun 2023 12:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 10:47:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jun 2023 12:27:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 308A 2 KB
893 B 23ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:38:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:38:28 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 308A 0
0 64ms
63ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CpsryMg-HZN3aDMOh9u8P8sWJmAy9jaavb5_Mr6y_Duqf3KDUARABIMCygmtglYKAgKwHoAGwuqHXA8gBCakCthJkG_IUsj7gAgCoAwHIA8sEqgTcAU_QSt5p4u6V4R2u2yzLJa2ytoXwvDVQ6Umeoz22ojX5fjF5U0AtArrVSwrwO--fTfxtgBbbXIB1puvlmilPjvJcFANCa532czRc-AU0SGo1UBBJMoonC8WQ1yw934iihFtwYn5zbC4arxG5l0w_t-RC9R0lWIINiWx-1XtnV6HT7TyY61-nUOYsENFEfWvkGqPH1TjDEW4wK34YsLPTf68gbge-qV0ZXlD46gLV0qGpXszI97Im1nB5U4nSnjglZ8nRRQ2hESr1dldpB3mX4gAiYQsKDU509JXea1DABKmcqargA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfF960-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEP-rC9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgPICwHYEwyIFALQFQGAFwGyFx4KHAgAEhRwdWItNjU5MzUyMzIxMDAxMDE1NBjqwW0&sigh=NTTDuSB3gBw&uach_m=[UACH]&cid=CAQSOwBygQiDJzwRn6E2dbJDaP98yqG7YRUUj-F3R5AJ7K_QUT532BYx2mDy2Gq1IQzF0aSHIKaXkuX4YhjJGAE&template_id=494
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 308A 23 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 17960421598201694375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:37:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 308A 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 09:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 09:32:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3E21 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Mon, 12 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 308A 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 00:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8202
x-xss-protection: 0
server: cafe
etag: 12977410716570951617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jun 2023 00:38:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 308A 0
0 28ms
27ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOS9-kI1bYtq4Vjjdj04pKXAXM1Wt-_rcXPGeK0v6yM9bYwHwHIPcEEf_ZnLOIRWoLsLrL8gkpdo8ShMWaLsGciv7aug
Requested by: Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 308A 175 KB
55 KB 89ms
82ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 12:27:31 GMT

GET
H2 200 d955217a3c39fa1d48035534c1a62142.js Show response
www.gstatic.com/mysidia/ Frame 308A 32 KB
14 KB 66ms
18ms Script
text/javascript 2a00:1450:4001:827::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d955217a3c39fa1d48035534c1a62142.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 23:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13662
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 22:56:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 23:20:12 GMT

GET
DATA 200
OK truncated
/ Frame 308A 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 308A
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

20ms
20ms

Image
image/png

2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 19:41:57 GMT
x-content-type-options: nosniff
age: 146734
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Jun 2024 19:41:57 GMT

Redirect headers

date: Mon, 12 Jun 2023 09:30:02 GMT
x-content-type-options: nosniff
server: cafe
age: 10649
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 12 Jul 2023 09:30:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5A22 1 KB
546 B 28ms
27ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+Thai:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a197cb012a53cc819f64679ad787456977c07535984b9fb61c55360eafb56c0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Jun 2023 12:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 12:00:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jun 2023 12:27:31 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5A22 16 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 11:20:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:20:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5A22 34 KB
13 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 11:15:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:15:37 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2028 1 KB
473 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+Thai:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/325384295048592582/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a197cb012a53cc819f64679ad787456977c07535984b9fb61c55360eafb56c0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Jun 2023 12:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 12:01:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jun 2023 12:27:31 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2028 16 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/325384295048592582/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 11:20:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:20:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2028 34 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/325384295048592582/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 11:15:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:15:37 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1A28 1 KB
473 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+Thai:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a197cb012a53cc819f64679ad787456977c07535984b9fb61c55360eafb56c0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Jun 2023 12:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 11:51:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jun 2023 12:27:31 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1A28 16 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 11:20:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:20:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1A28 34 KB
13 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 11:15:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:15:37 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.42/one-ad/ Frame 2AED 106 KB
13 KB 32ms
30ms Stylesheet
text/css 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jc13nkh2tnjzww7rf371mjb08a41rfwg606mpva71ve56wb3mx0q1pjjh7ecq6kng4pjzk189mh7jntdh7a0r0kttbynd9y6q7qbb5aqsx8db7ahcx31yejvgc64z04cj8ejhzp0qpf5p6yacxeqgar4nfpt94r551pavjka2j4k253ayscg869z1d2cebj1xqs7jqj4ykygfqxj51bt1h51mj2jgvc70nzt5cqbhmdnacvdx3w7qpwrx9cn61192zbj59774t3y3te6vc8v3ajctcm4j9gh7veqfm37me8bpmbbagf66brc47vgdr2f8bx5sk3w28kw13e7gpm28h3w40gee7fz2m9cy8kvp7rn4tqpyb8dftk7gkr53wyz0v0gs86b0zy0cb3gfrh6r4ja56eqkp77ehm8frxrv78naxmzrrqx0x99bcb9h5r63835mzjwr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jc13nkh2tnjzww7rf371mjb08a41rfwg606mpva71ve56wb3mx0q1pjjh7ecq6kng4pjzk189mh7jntdh7a0r0kttbynd9y6q7qbb5aqsx8db7ahcx31yejvgc64z04cj8ejhzp0qpf5p6yacxeqgar4nfpt94r551pavjka2j4k253ayscg869z1d2cebj1xqs7jqj4ykygfqxj51bt1h51mj2jgvc70nzt5cqbhmdnacvdx3w7qpwrx9cn61192zbj59774t3y3te6vc8v3ajctcm4j9gh7veqfm37me8bpmbbagf66brc47vgdr2f8bx5sk3w28kw13e7gpm28h3w40gee7fz2m9cy8kvp7rn4tqpyb8dftk7gkr53wyz0v0gs86b0zy0cb3gfrh6r4ja56eqkp77ehm8frxrv78naxmzrrqx0x99bcb9h5r63835mzjwr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%26client%3Dca-pub-7983651257838282%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1686312358
age: 260186
cf-polished: origSize=108907
x-guploader-uploadid: ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 09 Jun 2023 12:06:25 GMT
server: cloudflare
etag: W/"913a188acf4937267d989357edafdccf"
vary: Accept-Encoding
x-goog-generation: 1686312385390155
content-type: text/css
x-goog-hash: crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NWQ4A9EAZdPkHJmL9tWZEb4N5tK2rTZSrPx3dPdobpL9TUoy9SSWguPsyd3WU6MN%2FcGryqo5GcUka2vzhfOFRAkBz5UOffkXBGnx4%2FTOPCS0J1MMXkcaGwuKnCNYncvCTnD5pq4GMQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 108907
cf-ray: 7d62169f7fde8fe9-FRA
expires: Mon, 12 Jun 2023 13:27:31 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 2AED 25 KB
10 KB 43ms
31ms Script
application/javascript 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jc13nkh2tnjzww7rf371mjb08a41rfwg606mpva71ve56wb3mx0q1pjjh7ecq6kng4pjzk189mh7jntdh7a0r0kttbynd9y6q7qbb5aqsx8db7ahcx31yejvgc64z04cj8ejhzp0qpf5p6yacxeqgar4nfpt94r551pavjka2j4k253ayscg869z1d2cebj1xqs7jqj4ykygfqxj51bt1h51mj2jgvc70nzt5cqbhmdnacvdx3w7qpwrx9cn61192zbj59774t3y3te6vc8v3ajctcm4j9gh7veqfm37me8bpmbbagf66brc47vgdr2f8bx5sk3w28kw13e7gpm28h3w40gee7fz2m9cy8kvp7rn4tqpyb8dftk7gkr53wyz0v0gs86b0zy0cb3gfrh6r4ja56eqkp77ehm8frxrv78naxmzrrqx0x99bcb9h5r63835mzjwr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 482006
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EAjDXgRLk17hwU5oz%2BDEuXF2AfzgV%2FLbnX47fp%2FyZnFMKGzF2JOSfGbJsbxqdMxwslInXGxg%2BwZyByU1KlVf8KBuTsiAi%2B80S7HGCRa%2BGE8uPgoE0%2Bxov4OH6MmT%2Bv%2Bh3dC0Mg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7d62169f8ff38fe9-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Jun 2023 13:46:12 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 25C7
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPxoxVGSBI-3thBg-oZzl3w&google_cver=1&google_push=ATf1kGPfbNarzVTWdRrXtS0mWHh85IcCL-X8TFz9hbF3bGopasH4ZPOJB0M15SKMUL7yvRiBjgGL02OYjs3YL3A8ocEvUjMwf9mv
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzczNzY2ODYzODMwNDA3OTYzMg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPxoxVGSBI-3thBg-oZzl3w&google_cver=1

43 B
398 B

69ms
31ms

Image
image/gif

2001:678:cb4:bbbb::11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPxoxVGSBI-3thBg-oZzl3w&google_cver=1
Requested by: Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 12 Jun 2023 12:27:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPxoxVGSBI-3thBg-oZzl3w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 25C7 0
104 B 165ms
67ms Image
text/plain 2a02:fa8:8806:20::2040

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGCAW6Ag5Jqo24uggu10Apo&google_cver=1&google_push=ATf1kGPZr-aCjXHEnrS4B1IDFg6Fd3hGKrMNFhSVmd3kbsK1rP31gjw0MzbBCYYNkVl5G15YLCiTytu-GJIhWeTkEPXdrM-G-xWo
Requested by: Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 25C7 70 B
265 B 152ms
45ms Image
image/gif 3.33.220.150

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELdEt9PQWxMiMFS-c_S31Y8&google_cver=1&google_push=ATf1kGMMdr-_T9riGTVQ4qXgeDekMN37i-WMMuJ3_vUZTyTYUKraueH4AKEMASKtAUUI43-ssiEmIpTOmFjfYkED_VqaN552eQJP
Requested by: Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25C7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPBysYiITOq_2dCuq8Ow8zw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPBysYiITOq_2dCuq8Ow8zw&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPBysYiITOq_2dCuq8Ow8zw&google_hm=ZIcPMy5UTsrAznkHNB1tfwAADHcAAAIB&google_nid=index&google_push=ATf1kGOG4d8utM0o3WLe2vhCSTbQcVIh7AYVY...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPBysYiITOq_2dCuq8Ow8zw&google_hm=ZIcPMy5UTsrAznkHNB1tfwAADHcAAAIB&google_nid=index&google_push=ATf1kGOG4d8utM0o3WLe2vhCSTbQcVIh7AYVYhZGgdMblSSH7Zttv6pJO1yO-XjW1DwAS-T0306iTTAd1d-QiGTf3vLoEyGQBQv4

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jun 2023 12:27:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPBysYiITOq_2dCuq8Ow8zw&google_hm=ZIcPMy5UTsrAznkHNB1tfwAADHcAAAIB&google_nid=index&google_push=ATf1kGOG4d8utM0o3WLe2vhCSTbQcVIh7AYVYhZGgdMblSSH7Zttv6pJO1yO-XjW1DwAS-T0306iTTAd1d-QiGTf3vLoEyGQBQv4
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 25C7
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDhM97xzMCPwESxO3qKBhUc&google_cver=1&google_push=ATf1kGPdPLgFutQjgZIOh6uHeeScG3gbLB3xrsJkTmTu6WeErD8i0a8XOLp52YyDDnFSV24BbEc8LdtKZAuKbUGd...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPdPLgFutQjgZIOh6uHeeScG3gbLB3xrsJkTmTu6WeErD8i0a8XOLp52YyDDnFSV24BbEc8LdtKZAuKbUGd21oBQEdZxA0D

170 B
329 B

28ms
28ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPdPLgFutQjgZIOh6uHeeScG3gbLB3xrsJkTmTu6WeErD8i0a8XOLp52YyDDnFSV24BbEc8LdtKZAuKbUGd21oBQEdZxA0D

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 12 Jun 2023 12:27:31 GMT
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPdPLgFutQjgZIOh6uHeeScG3gbLB3xrsJkTmTu6WeErD8i0a8XOLp52YyDDnFSV24BbEc8LdtKZAuKbUGd21oBQEdZxA0D
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: VFVpK4tagfsTqOIIG9l76punUgDpLVjBYCWoHQDEagfCtwo5bvgvRg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25C7
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKflYXMRx2ps90xs3rtxuDI&google_cver=1&google_push=ATf1kGOyRWkRC3EU4JwFOm9gFqbZAHTYhW01rU-_D0OyFtWMmfTGQ-N8PdiT6jbWmDIQy0NZOzGdHExYIW8fZAIaJ7_Bcou1aHqo
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGOyRWkRC3EU4JwFOm9gFqbZAHTYhW01rU-_D0OyFtWMmfTGQ-N8PdiT6jbWmDIQy0NZOzGdHExYIW8fZAIaJ7_Bcou1aHq...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI3NjcxMjkzMzY5MjY4NTYxMjI3Ng%3D%3D&google_push=ATf1kGOyRWkRC3EU4JwFOm9gFqbZAHTYhW01rU-_D0OyFtWMmfTGQ-N8...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI3NjcxMjkzMzY5MjY4NTYxMjI3Ng%3D%3D&google_push=ATf1kGOyRWkRC3EU4JwFOm9gFqbZAHTYhW01rU-_D0OyFtWMmfTGQ-N8PdiT6jbWmDIQy0NZOzGdHExYIW8fZAIaJ7_Bcou1aHqo

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI3NjcxMjkzMzY5MjY4NTYxMjI3Ng%3D%3D&google_push=ATf1kGOyRWkRC3EU4JwFOm9gFqbZAHTYhW01rU-_D0OyFtWMmfTGQ-N8PdiT6jbWmDIQy0NZOzGdHExYIW8fZAIaJ7_Bcou1aHqo
date: Mon, 12 Jun 2023 12:27:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 25C7
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENj4RRn_Ko0gC8KAsDIqkHU&google_cver=1&google_push=ATf1kGOfCKHhgMFxy...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENj4RRn_Ko0gC8KAsDIqkHU%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTYzOTcyMjg1MDExMDA3MDU1Nw%3D%3D&google_gid=CAESENj4RRn_Ko0gC8KAsDIqkHU&google_cver=1&google_push=ATf1kGOfCKHhgMFxyLtqbByZuUvTBG9VBd...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTYzOTcyMjg1MDExMDA3MDU1Nw%3D%3D&google_gid=CAESENj4RRn_Ko0gC8KAsDIqkHU&google_cver=1&google_push=ATf1kGOfCKHhgMFxyLtqbByZuUvTBG9VBdRJvx_GvtKVKz2HzD1WGlBkzR94d4zjNzbaoBRyqUndXeMZA_V0qdxinLFFA_Sl_Qed

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 12 Jun 2023 12:27:31 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5083b91d-cff8-4e08-a034-883961394ab8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTYzOTcyMjg1MDExMDA3MDU1Nw%3D%3D&google_gid=CAESENj4RRn_Ko0gC8KAsDIqkHU&google_cver=1&google_push=ATf1kGOfCKHhgMFxyLtqbByZuUvTBG9VBdRJvx_GvtKVKz2HzD1WGlBkzR94d4zjNzbaoBRyqUndXeMZA_V0qdxinLFFA_Sl_Qed
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 25C7 0
139 B 101ms
27ms Image
text/html 142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jpkcdw9cEyt_kC3Em75CwZ0eufp87Cexb9dZ4MHKaDLXWHUttuG7Vj35Voix3-I_qtjiUK1g

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3E21
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPxoxVGSBI-3thBg-oZzl3w&google_cver=1&google_push=ATf1kGPeZAzn8qxBnw7Xx9IbD3s9k1ZY-fOInL1FOSe4k7UjxdBwqfWZrKAGHy77Fl-6UsiYO1VN26ApaJ8fUpMh7Lzl4b0gt2SDHA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzUyMTQ5NTg1NjE5MDI5NTgyNA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPxoxVGSBI-3thBg-oZzl3w&google_cver=1

43 B
398 B

68ms
31ms

Image
image/gif

2001:678:cb4:bbbb::11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPxoxVGSBI-3thBg-oZzl3w&google_cver=1
Requested by: Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 12 Jun 2023 12:27:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPxoxVGSBI-3thBg-oZzl3w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E21
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPNcYZNl9IuNkHyCGszaSpw&google_push=ATf1kGOfwOSAtVemDTrU2TWW-vka74L4bQt3YfMux3vsPZZGnEVo2wKQJz...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPNcYZNl9IuNkHyCGszaSpw&google_push=ATf1kGOfwOSAtVemDTrU2TWW-vka74L4bQt3YfMux3vsPZZGnEVo2wKQJzYAmld_ENNzYz6kmDjmDbufvNsjTzTXQ5DpfP4vuKzdlA

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220071-FRA
pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1686572851.202176,VS0,VE88
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPNcYZNl9IuNkHyCGszaSpw&google_push=ATf1kGOfwOSAtVemDTrU2TWW-vka74L4bQt3YfMux3vsPZZGnEVo2wKQJzYAmld_ENNzYz6kmDjmDbufvNsjTzTXQ5DpfP4vuKzdlA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 3E21 0
173 B 80ms
28ms Image
text/plain 34.96.105.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMOwsxegZv8YN52zmjPyFCw&google_cver=1&google_push=ATf1kGO_TC_OuSdcF86XQwzDXqW1-Q3eKnE8XYpRWNkOs0MJdP8wBd3ME3J69vtHYX9Df_usSH2BMgmnIFSPNFPb4vj49ZVEH3VF
Requested by: Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 3E21
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-zIBCJDDj5zfGYuuwHlITJp_n-OA77pSuDkSQ6A&google_push=PUSH_DATA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

43 B
368 B

33ms
33ms

Image
image/gif

178.250.7.11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

178.250.7.11 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 95919
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E21
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMvQQcV-Ya7v6E-fKfp3blY&google_cver=1&google_push=ATf1kGPLOeJwPrTju7Fo3y69Qicqm0e0Gis-FLQtrDzH0gUpEw_GqOxYhqQnJYJcLLj8eDJPkQb...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElTVFhFU1otMUwtTDVERg==&google_push=ATf1kGPLOeJwPrTju7Fo3y69Qicqm0e0Gis-FLQtrDzH0gUpEw_GqOxYhqQnJYJcLLj8eDJPkQbeGoqwYhvmbhWhdNaDsYBXcaxsxQ

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElTVFhFU1otMUwtTDVERg==&google_push=ATf1kGPLOeJwPrTju7Fo3y69Qicqm0e0Gis-FLQtrDzH0gUpEw_GqOxYhqQnJYJcLLj8eDJPkQbeGoqwYhvmbhWhdNaDsYBXcaxsxQ

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElTVFhFU1otMUwtTDVERg==&google_push=ATf1kGPLOeJwPrTju7Fo3y69Qicqm0e0Gis-FLQtrDzH0gUpEw_GqOxYhqQnJYJcLLj8eDJPkQbeGoqwYhvmbhWhdNaDsYBXcaxsxQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E21
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKflYXMRx2ps90xs3rtxuDI&google_cver=1&google_push=ATf1kGNaf1kOjzA0hHrIbYBAGbX-meOjyKe8FuNQwnic6dHjZLaKkjWq_CyiqD_9FfIc63ZJVYej_Jc49KDo2cnU3ed6ncZNJY...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGNaf1kOjzA0hHrIbYBAGbX-meOjyKe8FuNQwnic6dHjZLaKkjWq_CyiqD_9FfIc63ZJVYej_Jc49KDo2cnU3ed6ncZNJYo...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI3NjcxMjkzMzY5MjY4NTYxMjI3Ng%3D%3D&google_push=ATf1kGNaf1kOjzA0hHrIbYBAGbX-meOjyKe8FuNQwnic6dHjZLaKkjWq...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI3NjcxMjkzMzY5MjY4NTYxMjI3Ng%3D%3D&google_push=ATf1kGNaf1kOjzA0hHrIbYBAGbX-meOjyKe8FuNQwnic6dHjZLaKkjWq_CyiqD_9FfIc63ZJVYej_Jc49KDo2cnU3ed6ncZNJYoHBg

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI3NjcxMjkzMzY5MjY4NTYxMjI3Ng%3D%3D&google_push=ATf1kGNaf1kOjzA0hHrIbYBAGbX-meOjyKe8FuNQwnic6dHjZLaKkjWq_CyiqD_9FfIc63ZJVYej_Jc49KDo2cnU3ed6ncZNJYoHBg
date: Mon, 12 Jun 2023 12:27:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E21
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHWe0_8ZJEavcbPG-YtZ7PU&google_cver=1&google_push=ATf1kGOtadr4QkIvR2omIZnxTkCf3QZDfD5B9AuoakRDqCvSBW9nl70qWV2y-gHQySgpVL84fi...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHWe0_8ZJEavcbPG-YtZ7PU&google_cver=1&google_push=ATf1kGOtadr4QkIvR2omIZnxTkCf3QZDfD5B9AuoakRDqCvSBW9nl70qWV2y-gHQySgpVL84fi...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KWjNhUy5WRTJ1R2ZaLkdEbWNjZ1g3c0t6VF8yM3NuMX5B&google_push=ATf1kGOtadr4QkIvR2omIZnxTkCf3QZDfD5B9AuoakRDqCvSBW9nl70qW...

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KWjNhUy5WRTJ1R2ZaLkdEbWNjZ1g3c0t6VF8yM3NuMX5B&google_push=ATf1kGOtadr4QkIvR2omIZnxTkCf3QZDfD5B9AuoakRDqCvSBW9nl70qWV2y-gHQySgpVL84fi2SHwrvwgBLvKbcgFVlvpufnbP6t4E

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KWjNhUy5WRTJ1R2ZaLkdEbWNjZ1g3c0t6VF8yM3NuMX5B&google_push=ATf1kGOtadr4QkIvR2omIZnxTkCf3QZDfD5B9AuoakRDqCvSBW9nl70qWV2y-gHQySgpVL84fi2SHwrvwgBLvKbcgFVlvpufnbP6t4E
date: Mon, 12 Jun 2023 12:27:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3E21 0
40 B 90ms
28ms Image
text/html 142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JsEaYi9ioMOeftfSHjSjDdbTsLEp9udmcelTwDTHAKQzYHh_z9yPu0qUTZrT1fUYXHFbBSjw

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1661 175 KB
55 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 12:27:31 GMT

GET
DATA 200
OK truncated
/ Frame B70F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c9ae37f05f3ab3fa28648efeacabfa877a22c292d788a88f2d18294a4848cb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 l
www.google.com/ads/measurement/ Frame 990C 0
0 32ms
32ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRV-POHZN906mkrhkwL9KBLQnCyAugTbk7_uVM2k3aBdWW59lRslJhMpbrzCFjF6w4VW2fGcSKxQBVcksyG_kQl7C85HA
Requested by: Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 990C 175 KB
55 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 12:27:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 659C 175 KB
55 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 12:27:31 GMT

GET
DATA 200
OK truncated
/ Frame 1661 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd3a040642cf3131df4cfd4063c4306c833ff4b74db468c6fa22342087a86ad3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 990C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c140f162040228e028d9b86e408827f9ebe79eff646c16f911c08898a5c8c4e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 659C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c379cf9c8fd35370a2c03709c7e4cc6e54eaf50915a36cefa489038810d487c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 308A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1e227f4adadd06ea21921d22f6a355eb1b2f2a16e8f6150081cdf9d8f33d27e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ajk4xlebn4mw Show response
hal9000.redintelligence.net/zone/ Frame 9A95 10 KB
4 KB 90ms
26ms Script
text/html 78.46.90.238

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=669299332496412014&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1vR9bFe_ZEuRLSqfvSa1Vw%26exch_seat%3D20035004448%26mt_aid%3D669299332496412014%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df4526487-0f33-4401-8426-7125835ee55c%26mt_cid%3Df4526487-0f33-4401-8426-7125835ee55c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCC2gbMg-HZNCSDPKV7_UPzv-0yAfPh46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT6AU_QPMroLr2Gq0JNZLlYM9QicYm5NzpRdUglbWSA7dOW4uYK0rfMQyD2jEDSg7zbTryvSwxLs_yenNhvceo-k_ke9Djw4kJqVZ34VoXELzerr1OiSX_-cPLFve5vpJfd8fgBLsIB4SUa6CfImWDcrbA64-XX5JPVLB7HCGC06VKqtRp1CaGOsAomD9IUJLk-t7aSpqL_Nq0lA8-M-qHtNg6v0Jc1A_6514-d1z4bqusujRd_Z2kGVL68atG9svYG9NZZqkWD0xmPY2jILOq7Y1raI8nf8aeUEf6GVlokJqhu01QLVobau9ywr7cZ-KHt-AaeoYf8TwxgzOTgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33eUMIAql3KXG_J8Fvu50QOjNYjg%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 382c1403edc5386a0382267faf0cba0f231b2bac2611e4e77df235becfd51b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 12:27:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3455
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 9A95 49 B
329 B 76ms
25ms Image
image/gif 185.29.132.242

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=669299332496412014&node_id=3798&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpnMFkyWXlOV1V0T0RjMU9DMDVPR013TFRBd01EQXRNREF3TURBd01EQXdNREF3LzY2OTI5OTMzMjQ5NjQxMjAxNC82NjIyMzMyLzQ1NjIzMDYvNC9ESFNDM3Nsb1NycWg5enJyUjFEdTU0eUlYZXhmZjJNVWZPeE5WenNLRllBLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY2OTI5OTMzMjQ5NjQxMjAxNC96cmgvMC8zMjYvNjAvOTk5LzE2Mi8yMDAxOjFiNjA6Mjo6LzAuMDAwLzE2ODY1NzI4NTAvMTY4NjU4NTQ1MC80L3B1Yi03OTgzNjUxMjU3ODM4MjgyLw/xA1hHw7164gusRu1K55_dwmpLxc&nodeid=3798&group=zrh&auctionid=669299332496412014&pbs_auctionid=669299332496412014&shardkey=669299332496412014&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.172&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC2gbMg-HZNCSDPKV7_UPzv-0yAfPh46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT6AU_QPMroLr2Gq0JNZLlYM9QicYm5NzpRdUglbWSA7dOW4uYK0rfMQyD2jEDSg7zbTryvSwxLs_yenNhvceo-k_ke9Djw4kJqVZ34VoXELzerr1OiSX_-cPLFve5vpJfd8fgBLsIB4SUa6CfImWDcrbA64-XX5JPVLB7HCGC06VKqtRp1CaGOsAomD9IUJLk-t7aSpqL_Nq0lA8-M-qHtNg6v0Jc1A_6514-d1z4bqusujRd_Z2kGVL68atG9svYG9NZZqkWD0xmPY2jILOq7Y1raI8nf8aeUEf6GVlokJqhu01QLVobau9ywr7cZ-KHt-AaeoYf8TwxgzOTgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33eUMIAql3KXG_J8Fvu50QOjNYjg%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 -, , ASN (),
Reverse DNS
Software: MMBD/3.390.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 12:27:31 GMT
Server: MMBD/3.390.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x79, zrh-bidder-x57
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 12 Jun 2023 12:27:30 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 9A95 43 B
417 B 81ms
30ms Image
image/gif 95.101.148.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=669299332496412014&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpnMFkyWXlOV1V0T0RjMU9DMDVPR013TFRBd01EQXRNREF3TURBd01EQXdNREF3LzY2OTI5OTMzMjQ5NjQxMjAxNC82NjIyMzMyLzQ1NjIzMDYvNC9ESFNDM3Nsb1NycWg5enJyUjFEdTU0eUlYZXhmZjJNVWZPeE5WenNLRllBLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY2OTI5OTMzMjQ5NjQxMjAxNC96cmgvMC8zMjYvNjAvOTk5LzE2Mi8yMDAxOjFiNjA6Mjo6LzAuMDAwLzE2ODY1NzI4NTAvMTY4NjU4NTQ1MC80L3B1Yi03OTgzNjUxMjU3ODM4MjgyLw/xA1hHw7164gusRu1K55_dwmpLxc&nodeid=3798&group=zrh&auctionid=669299332496412014&pbs_auctionid=669299332496412014&shardkey=669299332496412014&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.172&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC2gbMg-HZNCSDPKV7_UPzv-0yAfPh46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT6AU_QPMroLr2Gq0JNZLlYM9QicYm5NzpRdUglbWSA7dOW4uYK0rfMQyD2jEDSg7zbTryvSwxLs_yenNhvceo-k_ke9Djw4kJqVZ34VoXELzerr1OiSX_-cPLFve5vpJfd8fgBLsIB4SUa6CfImWDcrbA64-XX5JPVLB7HCGC06VKqtRp1CaGOsAomD9IUJLk-t7aSpqL_Nq0lA8-M-qHtNg6v0Jc1A_6514-d1z4bqusujRd_Z2kGVL68atG9svYG9NZZqkWD0xmPY2jILOq7Y1raI8nf8aeUEf6GVlokJqhu01QLVobau9ywr7cZ-KHt-AaeoYf8TwxgzOTgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33eUMIAql3KXG_J8Fvu50QOjNYjg%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 -, , ASN (),
Reverse DNS
Software: MT3 986 b247903 master cdg cdg-pixel-x11 config_version:"3795" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 12:27:31 GMT
Server: MT3 986 b247903 master cdg cdg-pixel-x11 config_version:"3795"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 12 Jun 2023 12:27:30 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 9A95 49 B
329 B 80ms
26ms Image
image/gif 185.29.132.242

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=669299332496412014&st=4562306&time=1686572851&nodeid=3798
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpnMFkyWXlOV1V0T0RjMU9DMDVPR013TFRBd01EQXRNREF3TURBd01EQXdNREF3LzY2OTI5OTMzMjQ5NjQxMjAxNC82NjIyMzMyLzQ1NjIzMDYvNC9ESFNDM3Nsb1NycWg5enJyUjFEdTU0eUlYZXhmZjJNVWZPeE5WenNLRllBLzEvNC8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzY2OTI5OTMzMjQ5NjQxMjAxNC96cmgvMC8zMjYvNjAvOTk5LzE2Mi8yMDAxOjFiNjA6Mjo6LzAuMDAwLzE2ODY1NzI4NTAvMTY4NjU4NTQ1MC80L3B1Yi03OTgzNjUxMjU3ODM4MjgyLw/xA1hHw7164gusRu1K55_dwmpLxc&nodeid=3798&group=zrh&auctionid=669299332496412014&pbs_auctionid=669299332496412014&shardkey=669299332496412014&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.172&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC2gbMg-HZNCSDPKV7_UPzv-0yAfPh46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT6AU_QPMroLr2Gq0JNZLlYM9QicYm5NzpRdUglbWSA7dOW4uYK0rfMQyD2jEDSg7zbTryvSwxLs_yenNhvceo-k_ke9Djw4kJqVZ34VoXELzerr1OiSX_-cPLFve5vpJfd8fgBLsIB4SUa6CfImWDcrbA64-XX5JPVLB7HCGC06VKqtRp1CaGOsAomD9IUJLk-t7aSpqL_Nq0lA8-M-qHtNg6v0Jc1A_6514-d1z4bqusujRd_Z2kGVL68atG9svYG9NZZqkWD0xmPY2jILOq7Y1raI8nf8aeUEf6GVlokJqhu01QLVobau9ywr7cZ-KHt-AaeoYf8TwxgzOTgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33eUMIAql3KXG_J8Fvu50QOjNYjg%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 -, , ASN (),
Reverse DNS
Software: MMBD/3.390.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 12:27:31 GMT
Server: MMBD/3.390.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x29, zrh-bidder-x57
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 12 Jun 2023 12:27:30 GMT

GET
H2 200 5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame BF29 0
209 B 65ms
62ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1686572848243&userId=vnet5c80b025-94a4-461b-9820-7c21f2fc0de0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 12 Jun 2023 12:27:31 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 2AED 3 KB
4 KB 84ms
26ms Image
image/png 2606:4700:20::ac43:444e

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2226
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zagGJDPMWdUjUGIqqMEhJAI%2FdmzhimAY%2BMzyhFey2kYJFaB5KsLQQf6XWHAJK3VcSqtIjW3JYCjVm6mMTdEmWpMCZqdTUYm5u1cpUY4VySVU7wC9%2F6%2FpnDliWATzME3YG8qfCoIB8gNiLp1j%2FzXQdIz"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7d6216a1081c9012-FRA
expires: Mon, 12 Jun 2023 12:50:25 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame E4C7 2 KB
1 KB 30ms
30ms Document
text/html 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 320576
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7d6216a0efc2bba1-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 12 Jun 2023 12:27:31 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3LqfbEH4QJRGlyN%2Bpld%2BkbdPErkNHzKZrJMC6z7vvitNY5TCEHQgQ2sQjs09z2GkFfcyNTAP4Z%2BEzpScIQwAl5wgkVaL9A1spgb8La1UMFDJ0nB99LSLKgVQ7fE1F98nnhyJ9w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A22 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 13:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 341747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jun 2024 13:31:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 308A 16 KB
16 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 19:08:02 GMT
x-content-type-options: nosniff
age: 148769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 19:08:02 GMT

GET
H/1.1 200
OK request.php Show response
hal90001.redintelligence.net/ Frame 9A95 3 KB
2 KB 161ms
101ms Script
application/x-javascript 46.4.10.49

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=0eead5b0fd&subid=&uid=6c8fc79b2c288c07&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1vR9bFe_ZEuRLSqfvSa1Vw%26exch_seat%3D20035004448%26mt_aid%3D669299332496412014%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df4526487-0f33-4401-8426-7125835ee55c%26mt_cid%3Df4526487-0f33-4401-8426-7125835ee55c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCC2gbMg-HZNCSDPKV7_UPzv-0yAfPh46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT6AU_QPMroLr2Gq0JNZLlYM9QicYm5NzpRdUglbWSA7dOW4uYK0rfMQyD2jEDSg7zbTryvSwxLs_yenNhvceo-k_ke9Djw4kJqVZ34VoXELzerr1OiSX_-cPLFve5vpJfd8fgBLsIB4SUa6CfImWDcrbA64-XX5JPVLB7HCGC06VKqtRp1CaGOsAomD9IUJLk-t7aSpqL_Nq0lA8-M-qHtNg6v0Jc1A_6514-d1z4bqusujRd_Z2kGVL68atG9svYG9NZZqkWD0xmPY2jILOq7Y1raI8nf8aeUEf6GVlokJqhu01QLVobau9ywr7cZ-KHt-AaeoYf8TwxgzOTgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33eUMIAql3KXG_J8Fvu50QOjNYjg%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2F8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=623456763330&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=669299332496412014&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1vR9bFe_ZEuRLSqfvSa1Vw%26exch_seat%3D20035004448%26mt_aid%3D669299332496412014%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df4526487-0f33-4401-8426-7125835ee55c%26mt_cid%3Df4526487-0f33-4401-8426-7125835ee55c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCC2gbMg-HZNCSDPKV7_UPzv-0yAfPh46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT6AU_QPMroLr2Gq0JNZLlYM9QicYm5NzpRdUglbWSA7dOW4uYK0rfMQyD2jEDSg7zbTryvSwxLs_yenNhvceo-k_ke9Djw4kJqVZ34VoXELzerr1OiSX_-cPLFve5vpJfd8fgBLsIB4SUa6CfImWDcrbA64-XX5JPVLB7HCGC06VKqtRp1CaGOsAomD9IUJLk-t7aSpqL_Nq0lA8-M-qHtNg6v0Jc1A_6514-d1z4bqusujRd_Z2kGVL68atG9svYG9NZZqkWD0xmPY2jILOq7Y1raI8nf8aeUEf6GVlokJqhu01QLVobau9ywr7cZ-KHt-AaeoYf8TwxgzOTgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33eUMIAql3KXG_J8Fvu50QOjNYjg%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 3215047ba3d9e3a85929c21fa364f8f532272497ade05f7b1ad47c59a235b096

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jun 2023 12:27:31 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 66773000075975500951389012353001
Connection: close
Content-Length: 1118
Expires: Mon, 12 Jun 2023 13:27:31 +0200

GET
H3 200 tg_logotype_white_RGB.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/ Frame 5A22 4 KB
2 KB 23ms
22ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/tg_logotype_white_RGB.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f337877d7d9cc9c8c548280d672afc8c734c697025f1ca68c1b28a2ebaeeb64

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Jun 2023 03:54:16 GMT
age: 549195
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1823
x-xss-protection: 0
last-modified: Wed, 10 May 2023 12:03:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Jun 2024 03:54:16 GMT

GET
H3 200 summer23-display-banner-160x600.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/ Frame 5A22 12 KB
12 KB 22ms
22ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/summer23-display-banner-160x600.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405c12171491cd55b978e55507cd6f8dd37e3893a3e4b87d133dc9fea6030b49

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 06 Jun 2023 03:54:16 GMT
x-content-type-options: nosniff
age: 549195
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12619
x-xss-protection: 0
last-modified: Wed, 10 May 2023 12:03:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Jun 2024 03:54:16 GMT

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame 2028 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 13:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 341747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jun 2024 13:31:44 GMT

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A28 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 13:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 341747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jun 2024 13:31:44 GMT

GET
H3 200 tg_logotype_white_RGB.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/ Frame 1A28 4 KB
2 KB 21ms
20ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/tg_logotype_white_RGB.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f337877d7d9cc9c8c548280d672afc8c734c697025f1ca68c1b28a2ebaeeb64

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Jun 2023 03:54:16 GMT
age: 549195
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1823
x-xss-protection: 0
last-modified: Wed, 10 May 2023 12:03:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Jun 2024 03:54:16 GMT

GET
H3 200 summer23-display-banner-160x600.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/ Frame 1A28 12 KB
12 KB 22ms
21ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/summer23-display-banner-160x600.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7315224385242948676/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405c12171491cd55b978e55507cd6f8dd37e3893a3e4b87d133dc9fea6030b49

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 06 Jun 2023 03:54:16 GMT
x-content-type-options: nosniff
age: 549195
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12619
x-xss-protection: 0
last-modified: Wed, 10 May 2023 12:03:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Jun 2024 03:54:16 GMT

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame AD48 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 13:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 341747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jun 2024 13:31:44 GMT

GET
H2 200 5ed7638be4b07a92411bbffe
ng.virgul.com/tck/i_vb2/ Frame BF29 0
209 B 58ms
58ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed7638be4b07a92411bbffe?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1686572851508&userId=vnet5c80b025-94a4-461b-9820-7c21f2fc0de0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 12 Jun 2023 12:27:31 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame BF29 0
209 B 58ms
58ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1686572851508&userId=vnet5c80b025-94a4-461b-9820-7c21f2fc0de0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 12 Jun 2023 12:27:31 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame BF29 0
209 B 58ms
58ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1686572851509&userId=vnet5c80b025-94a4-461b-9820-7c21f2fc0de0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 12 Jun 2023 12:27:31 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame BF29 0
209 B 59ms
58ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1686572851509&userId=vnet5c80b025-94a4-461b-9820-7c21f2fc0de0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 12 Jun 2023 12:27:31 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 / Show response
adv.office-partner.de/ Frame E5C2 930 B
931 B 130ms
25ms Document
text/html 2a0b:4d07:102::1

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=0eead5b0fd&subid=&uid=6c8fc79b2c288c07&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1vR9bFe_ZEuRLSqfvSa1Vw%26exch_seat%3D20035004448%26mt_aid%3D669299332496412014%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df4526487-0f33-4401-8426-7125835ee55c%26mt_cid%3Df4526487-0f33-4401-8426-7125835ee55c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCC2gbMg-HZNCSDPKV7_UPzv-0yAfPh46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT6AU_QPMroLr2Gq0JNZLlYM9QicYm5NzpRdUglbWSA7dOW4uYK0rfMQyD2jEDSg7zbTryvSwxLs_yenNhvceo-k_ke9Djw4kJqVZ34VoXELzerr1OiSX_-cPLFve5vpJfd8fgBLsIB4SUa6CfImWDcrbA64-XX5JPVLB7HCGC06VKqtRp1CaGOsAomD9IUJLk-t7aSpqL_Nq0lA8-M-qHtNg6v0Jc1A_6514-d1z4bqusujRd_Z2kGVL68atG9svYG9NZZqkWD0xmPY2jILOq7Y1raI8nf8aeUEf6GVlokJqhu01QLVobau9ywr7cZ-KHt-AaeoYf8TwxgzOTgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33eUMIAql3KXG_J8Fvu50QOjNYjg%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2F8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=623456763330&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 -, , ASN (),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Mon, 12 Jun 2023 12:27:31 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Mon, 19 Jun 2023 12:27:31 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame 29F8 0
366 B 170ms
88ms Document
application/javascript 145.239.193.130

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=66773000075975500951389012353001&t=htlp&gdpr=1&consent=1&gdpr_consent=li

Requested by

Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=0eead5b0fd&subid=&uid=6c8fc79b2c288c07&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1vR9bFe_ZEuRLSqfvSa1Vw%26exch_seat%3D20035004448%26mt_aid%3D669299332496412014%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df4526487-0f33-4401-8426-7125835ee55c%26mt_cid%3Df4526487-0f33-4401-8426-7125835ee55c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCC2gbMg-HZNCSDPKV7_UPzv-0yAfPh46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT6AU_QPMroLr2Gq0JNZLlYM9QicYm5NzpRdUglbWSA7dOW4uYK0rfMQyD2jEDSg7zbTryvSwxLs_yenNhvceo-k_ke9Djw4kJqVZ34VoXELzerr1OiSX_-cPLFve5vpJfd8fgBLsIB4SUa6CfImWDcrbA64-XX5JPVLB7HCGC06VKqtRp1CaGOsAomD9IUJLk-t7aSpqL_Nq0lA8-M-qHtNg6v0Jc1A_6514-d1z4bqusujRd_Z2kGVL68atG9svYG9NZZqkWD0xmPY2jILOq7Y1raI8nf8aeUEf6GVlokJqhu01QLVobau9ywr7cZ-KHt-AaeoYf8TwxgzOTgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33eUMIAql3KXG_J8Fvu50QOjNYjg%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2F8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=623456763330&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 -, , ASN (),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Content-Type: application/javascript; charset=utf-8
Date: Mon, 12 Jun 2023 12:27:31 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: D972DA15:C0B0_91EFC182:01BB_64870F33_139C7E0F:6DD8

GET
H2

200

htlp Show response
futalis.de/ Frame BC29
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=66773000075975500951389012353001&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2782197028

350 B
401 B

78ms
23ms

Document
text/html

49.12.16.151

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2782197028
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=0eead5b0fd&subid=&uid=6c8fc79b2c288c07&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1vR9bFe_ZEuRLSqfvSa1Vw%26exch_seat%3D20035004448%26mt_aid%3D669299332496412014%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df4526487-0f33-4401-8426-7125835ee55c%26mt_cid%3Df4526487-0f33-4401-8426-7125835ee55c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCC2gbMg-HZNCSDPKV7_UPzv-0yAfPh46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT6AU_QPMroLr2Gq0JNZLlYM9QicYm5NzpRdUglbWSA7dOW4uYK0rfMQyD2jEDSg7zbTryvSwxLs_yenNhvceo-k_ke9Djw4kJqVZ34VoXELzerr1OiSX_-cPLFve5vpJfd8fgBLsIB4SUa6CfImWDcrbA64-XX5JPVLB7HCGC06VKqtRp1CaGOsAomD9IUJLk-t7aSpqL_Nq0lA8-M-qHtNg6v0Jc1A_6514-d1z4bqusujRd_Z2kGVL68atG9svYG9NZZqkWD0xmPY2jILOq7Y1raI8nf8aeUEf6GVlokJqhu01QLVobau9ywr7cZ-KHt-AaeoYf8TwxgzOTgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33eUMIAql3KXG_J8Fvu50QOjNYjg%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2F8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=623456763330&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 12 Jun 2023 12:27:31 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2782197028
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9A95 2 KB
2 KB 155ms
74ms Script
text/html 18.130.16.201

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=66773000075975500951389012353001&nw=1
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.16.201 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: d2bfce028cb97332fab67c30004622dc9e3c1d27cec76768e32c723a214acf95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
last-modified: Mon, 12 Jun 2023 12:27:31 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 12 Jun 2023 12:28:31 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90001.redintelligence.net/ Frame 8380 7 KB
2 KB 70ms
24ms Document
text/html 46.4.10.49

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request_content.php?s=66773000075975500951389012353001&a=8e1c7943
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=0eead5b0fd&subid=&uid=6c8fc79b2c288c07&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D1vR9bFe_ZEuRLSqfvSa1Vw%26exch_seat%3D20035004448%26mt_aid%3D669299332496412014%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df4526487-0f33-4401-8426-7125835ee55c%26mt_cid%3Df4526487-0f33-4401-8426-7125835ee55c%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCC2gbMg-HZNCSDPKV7_UPzv-0yAfPh46bXMCG2YLGAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMBqgT6AU_QPMroLr2Gq0JNZLlYM9QicYm5NzpRdUglbWSA7dOW4uYK0rfMQyD2jEDSg7zbTryvSwxLs_yenNhvceo-k_ke9Djw4kJqVZ34VoXELzerr1OiSX_-cPLFve5vpJfd8fgBLsIB4SUa6CfImWDcrbA64-XX5JPVLB7HCGC06VKqtRp1CaGOsAomD9IUJLk-t7aSpqL_Nq0lA8-M-qHtNg6v0Jc1A_6514-d1z4bqusujRd_Z2kGVL68atG9svYG9NZZqkWD0xmPY2jILOq7Y1raI8nf8aeUEf6GVlokJqhu01QLVobau9ywr7cZ-KHt-AaeoYf8TwxgzOTgBAGABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_33eUMIAql3KXG_J8Fvu50QOjNYjg%2526client%253Dca-pub-7983651257838282%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2F8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&ancestorOrigins=null&random=623456763330&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: c2257651e3df62d2dab0c36c75d03134dd566768596cd26453fb9b4f72413210

Request headers

Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2062
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Jun 2023 12:27:31 GMT
Expires: Mon, 12 Jun 2023 13:27:31 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 9A95
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66773000075975500951389012353001&t=htlp&gdpr=1&consent=1&gdpr_consent=li
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66773000075975500951389012353001&t=htlp&gdpr=1&consent=1&gdpr_consent=li

43 B
382 B

166ms
93ms

Image
image/gif

145.239.193.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66773000075975500951389012353001&t=htlp&gdpr=1&consent=1&gdpr_consent=li

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

HTTP/1.1

Server

145.239.193.130 -, , ASN (),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 12:27:31 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: D972DA15:C0B0_91EFC182:01BB_64870F33_139C7E1C:6DD8
X-IPLB-Instance: 40027
Content-Type: image/gif
Keep-Alive: timeout=20
Content-Length: 43
Proxy-Host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66773000075975500951389012353001&t=htlp&gdpr=1&consent=1&gdpr_consent=li
date: Mon, 12 Jun 2023 12:27:31 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F37A 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Mon, 12 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9A95 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3eb79b4d2ffba8edb4bc68e626be9fbefda2665c814a19c369be473830085cf4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 8380 2 KB
434 B 33ms
33ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=66773000075975500951389012353001&a=8e1c7943

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Jun 2023 12:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 12:10:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jun 2023 12:27:31 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8380 16 KB
16 KB 71ms
26ms Image
image/png 78.46.90.238

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=66773000075975500951389012353001&a=8e1c7943
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7b1bce1d922fda8f24654799535f0d77a93437b133095ce3a02c9c4899e3f926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 12:27:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16512
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8380 16 KB
16 KB 70ms
26ms Image
image/png 78.46.90.238

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=66773000075975500951389012353001&a=8e1c7943
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 6706f934c4b4bf7e620f35b3d1aa608625b1b3017918894a0b217024a1e02e4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 12:27:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16230
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8380 13 KB
13 KB 71ms
26ms Image
image/png 78.46.90.238

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=66773000075975500951389012353001&a=8e1c7943
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 001fde0da5c751757c5c5d93f5f6131b16735d7c37fe979db15fc952e0adb8dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 12:27:31 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12997
Vary: Accept-Encoding
Content-Type: image/png

POST
H3 200 rs Show response
ad4m.at/ Frame 2AED 2 KB
2 KB 46ms
46ms XHR
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b87016a901bbfa70e06cb5874e3368471b56d57806745ed55c52df5021921cf

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLYUT6oZlaufjQehbmpTNu3w%2BiqNluz64Lb071RNssukr65c6wFSzP22iTLs9dgaThzVAjUXADnucbyLBthQnI9ttCA1BiZLZn8KUt7OzPXKS1dsFwkwjeZ4F0uR%2BpJi7s9HnNc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7d6216a30f37043a-FRA
x-backend-server: aa-reachservice-group-europe-west1-3zc0
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 64ms
42ms Preflight
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d6216a2bece043a-FRA
content-length: 24
content-type: text/plain
date: Mon, 12 Jun 2023 12:27:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQBW6LOLBeAoi2aGJ1IsEvdSSjI8CF9TOnO%2Bw9E8QFQrueQOeeaS9UTXarshz8Tk%2FQBEI14Y5q2bC7mGP6EyjmE%2Ff9RDfb%2FFeu4oMUmqWUcMRyvIAMKOthOK1HeIVZERvdvH86E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-3zc0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F37A 70 B
264 B 46ms
44ms Image
image/gif 3.33.220.150

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELdEt9PQWxMiMFS-c_S31Y8&google_cver=1&google_push=ATf1kGPX0DUzk4mTDC0hxQ8FEYx0DmeqSj0dZHMsor009On2dXJyxYmNn0tfoJu4V8sQP_Y_HtX9L98ZOQrHM5_OJ6wyOj3uDU_q
Requested by: Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F37A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMvQQcV-Ya7v6E-fKfp3blY&google_cver=1&google_push=ATf1kGPwyi-_ogYJHCBHVlwZ0RYaU-e7u5qUuXl0H4NLt0ctQIpQMVe63bzIKnV60xPEyUQyxh3...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElTVFhFU1otMUwtTDVERg==&google_push=ATf1kGPwyi-_ogYJHCBHVlwZ0RYaU-e7u5qUuXl0H4NLt0ctQIpQMVe63bzIKnV60xPEyUQyxh3kvmku7wvxNMHLYcToZil_tE7F

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElTVFhFU1otMUwtTDVERg==&google_push=ATf1kGPwyi-_ogYJHCBHVlwZ0RYaU-e7u5qUuXl0H4NLt0ctQIpQMVe63bzIKnV60xPEyUQyxh3kvmku7wvxNMHLYcToZil_tE7F

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElTVFhFU1otMUwtTDVERg==&google_push=ATf1kGPwyi-_ogYJHCBHVlwZ0RYaU-e7u5qUuXl0H4NLt0ctQIpQMVe63bzIKnV60xPEyUQyxh3kvmku7wvxNMHLYcToZil_tE7F
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F37A
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIVy-ZlTGAU-ZBBKvYmeWIY&google_cver=1&google_push=ATf1kGPO82IXaFKFrZPE9-m2GOkeq4hH2REjhRFnu0N5bSU-o3q8WlcmadAJyi3Z3DLwkxUzjzWtai-sTFpmNo4Ja...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIVy-ZlTGAU-ZBBKvYmeWIY&google_cver=1&google_push=ATf1kGPO82IXaFKFrZPE9-m2GOkeq4hH2REjhRFnu0N5bSU-o3q8WlcmadAJyi3Z3DLwkxUzjzWtai-sTFpmNo4Ja...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPO82IXaFKFrZPE9-m2GOkeq4hH2REjhRFnu0N5bSU-o3q8WlcmadAJyi3Z3DLwkxUzjzWtai-sTFpmNo4JacxGnurZOx19&google_hm=GzaruGZHPnuhbBw0TJaqIXHk

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPO82IXaFKFrZPE9-m2GOkeq4hH2REjhRFnu0N5bSU-o3q8WlcmadAJyi3Z3DLwkxUzjzWtai-sTFpmNo4JacxGnurZOx19&google_hm=GzaruGZHPnuhbBw0TJaqIXHk

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 12 Jun 2023 12:27:31 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPO82IXaFKFrZPE9-m2GOkeq4hH2REjhRFnu0N5bSU-o3q8WlcmadAJyi3Z3DLwkxUzjzWtai-sTFpmNo4JacxGnurZOx19&google_hm=GzaruGZHPnuhbBw0TJaqIXHk
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F37A
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDhM97xzMCPwESxO3qKBhUc&google_cver=1&google_push=ATf1kGN17H1MEcu5WFnSJILaOm1zyc_uuBm-3xEBIspa1QdOxPXF4EQbM4nBtPSWPaViOG5f8LH9G5JbnIDr9D8C...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGN17H1MEcu5WFnSJILaOm1zyc_uuBm-3xEBIspa1QdOxPXF4EQbM4nBtPSWPaViOG5f8LH9G5JbnIDr9D8CJ1HeZmgLpYJj

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGN17H1MEcu5WFnSJILaOm1zyc_uuBm-3xEBIspa1QdOxPXF4EQbM4nBtPSWPaViOG5f8LH9G5JbnIDr9D8CJ1HeZmgLpYJj

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 12 Jun 2023 12:27:31 GMT
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGN17H1MEcu5WFnSJILaOm1zyc_uuBm-3xEBIspa1QdOxPXF4EQbM4nBtPSWPaViOG5f8LH9G5JbnIDr9D8CJ1HeZmgLpYJj
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: ElouQDDWTFMk-WgNa8to2BfEjLxzK9RXKpJ1dJ7gHjxuWSTO9XIjjw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F37A
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEDNJTAi4skYWRgGqG_RfjEE&google_cver=1&google_push=ATf1kGNagaKjy6ZZGKv3Ak6leFBQW_kce-WfERsjErPH2INwlCgYEUjuA54CJneyYzwhRTp4RgrtdMCk48M3ch37AV80QD...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDNJTAi4skYWRgGqG_RfjEE&google_cver=1&google_push=ATf1kGNagaKjy6ZZGKv3Ak6leFBQW_kce-WfERsjErPH2INwlCgYEUjuA54CJneyYzwhRTp4RgrtdMCk48M3ch37...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=VvTn7oUISMmDq1umxmv1yQ&google_push=ATf1kGNagaKjy6ZZGKv3Ak6leFBQW_kce-WfERsjErPH2INwlCgYEUjuA54CJneyYzwhRTp4RgrtdMCk48M3ch3...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=VvTn7oUISMmDq1umxmv1yQ&google_push=ATf1kGNagaKjy6ZZGKv3Ak6leFBQW_kce-WfERsjErPH2INwlCgYEUjuA54CJneyYzwhRTp4RgrtdMCk48M3ch37AV80QDnIwSnX

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=VvTn7oUISMmDq1umxmv1yQ&google_push=ATf1kGNagaKjy6ZZGKv3Ak6leFBQW_kce-WfERsjErPH2INwlCgYEUjuA54CJneyYzwhRTp4RgrtdMCk48M3ch37AV80QDnIwSnX
access-control-allow-origin: *
date: Mon, 12 Jun 2023 12:27:32 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame F37A 0
45 B 168ms
28ms Image
text/plain 185.86.139.102

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEED8V3xP6vYIK8xpGwrhVes&google_cver=1&google_push=ATf1kGN-4BJ7u_BL8oilOuhlnZ-6xAFDXd4QAZALIEuQY0JD06D5tMZf9ljHCUzxK3i_M-tiqi-d1bzFN3AGvr9HNnaYiDeTo2g
Requested by: Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:30 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F37A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHWe0_8ZJEavcbPG-YtZ7PU&google_cver=1&google_push=ATf1kGPr5upo0IRA4ZoixMyajatwllyLD7zpEO7AgAWtb2jBsUe4_VZMHxctQVOQvgZtKdbcq-...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHWe0_8ZJEavcbPG-YtZ7PU&google_cver=1&google_push=ATf1kGPr5upo0IRA4ZoixMyajatwllyLD7zpEO7AgAWtb2jBsUe4_VZMHxctQVOQvgZtKdbcq-...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1pbnprbkxKRTJ1SHd2bF9raHM3Mm1NbHpjUjNKVlV3RX5B&google_push=ATf1kGPr5upo0IRA4ZoixMyajatwllyLD7zpEO7AgAWtb2jBsUe4_VZMH...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1pbnprbkxKRTJ1SHd2bF9raHM3Mm1NbHpjUjNKVlV3RX5B&google_push=ATf1kGPr5upo0IRA4ZoixMyajatwllyLD7zpEO7AgAWtb2jBsUe4_VZMHxctQVOQvgZtKdbcq-C8ycdm7WlRmbz_KfFO2ubQ2PRQkQ

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1pbnprbkxKRTJ1SHd2bF9raHM3Mm1NbHpjUjNKVlV3RX5B&google_push=ATf1kGPr5upo0IRA4ZoixMyajatwllyLD7zpEO7AgAWtb2jBsUe4_VZMHxctQVOQvgZtKdbcq-C8ycdm7WlRmbz_KfFO2ubQ2PRQkQ
date: Mon, 12 Jun 2023 12:27:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F37A 0
12 B 29ms
28ms Image
text/html 142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_n_BrItRoZGE7fQFViUpE1f9asgm44yQo0DSe208r_XaLB_jEAXU2QaHGFCjEi4esN6IAxw

Requested by

Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal90001.redintelligence.net/ Frame 8380 0
150 B 70ms
24ms Script
text/html 46.4.10.49

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/viewability?s=66773000075975500951389012353001&a=38e9c3b6&vb=m
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=66773000075975500951389012353001&a=8e1c7943
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/request_content.php?s=66773000075975500951389012353001&a=8e1c7943
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 12:27:31 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame E5C2 112 KB
43 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8cf77823106d0f8069fcaa9088e9a43082f15b77f32c7b67dbe84ea6693c255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44031
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jun 2023 12:27:31 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9A95 85 KB
31 KB 117ms
27ms Script
text/javascript 108.138.36.89

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=66773000075975500951389012353001&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.89 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 14:02:21 GMT
content-encoding: gzip
via: 1.1 3fbcd51d3039c17ef404823aaeb1f66c.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 80710
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: jpS1mf3k6zyz_UXyhyWy1E-i2-krbJvjDrlBVf8B1tG5TW-GghIZnQ==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 9A95 3 KB
3 KB 65ms
18ms Image
image/png 99.86.4.53

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1686573151&Signature=ZUeXbluCqvfAVV7tjOXTE~HB1T3rZhvw1O3IdKlBKkbpD9O7KscjPia1nt1UCRs9DH4BJcqHNRwyvD5fiWeeEPZxFuZ7A0ev8yZAUuiUi2U9F~T2Xdv7i-dafhR-HeyrbZfSU3OERtxExiS7bWD6KbeQmrksP9subyW7yJhPhQOmbrKor5~MBZ87sHsiyXj7kWEV86mX-GZ0N~NBeTMoVdfGzIT2XAuZ2krxa61KqHNDguKfNznDOa1zLN1NZjUIeylMH6zBPhfNzvpLKlH5vDSFoa0vlFwqw70IbuxFBjzDBUzlvtqEYyYduwxsAXa9oEcsY1LUoEAhaUVGwqSOJQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 12 Jun 2023 04:53:09 GMT
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 27263
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: nZlma6rPr8MXaRa_pFiQsM7-Ojn2Jbwujp04NkTbkCI-uhIbejic2A==

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame BC29 5 KB
5 KB 23ms
22ms Script
application/javascript 2a01:4f8:d0a:2321::2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2782197028
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 1B4B 11 KB
4 KB 45ms
44ms Document
text/html 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=6d5027417b0be1e1ba285f404cea03e0%2F9658128626851508511&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686572851684&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtmtv74pz56f9ha0ssfxpp3dbdyxgrsxrz51mk62my9ptgzjsns17y61q8vsxb1nhe3jxm09w4s7myqxjb74sjkh8afee4h5qjhs0xvnjgaj5q1pqv4wq8dm0esdv52a3sdwpjqeyn9n591e809psndyd08kbs6wgz024mc18nq51pkw2trmtzp8rp78pgz02x1948je4zg7exke0cmf0tyepvgzbae7hkd6p33b8njtx87epy5wkpwnx199hrx3eakfbrdfxfvmxvgry7qye02zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

07c5441aaeb4a16942be0180551640c13dfd8287a00f49d507de369b8731272b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jc13nkh2tnjzww7rf371mjb08a41rfwg606mpva71ve56wb3mx0q1pjjh7ecq6kng4pjzk189mh7jntdh7a0r0kttbynd9y6q7qbb5aqsx8db7ahcx31yejvgc64z04cj8ejhzp0qpf5p6yacxeqgar4nfpt94r551pavjka2j4k253ayscg869z1d2cebj1xqs7jqj4ykygfqxj51bt1h51mj2jgvc70nzt5cqbhmdnacvdx3w7qpwrx9cn61192zbj59774t3y3te6vc8v3ajctcm4j9gh7veqfm37me8bpmbbagf66brc47vgdr2f8bx5sk3w28kw13e7gpm28h3w40gee7fz2m9cy8kvp7rn4tqpyb8dftk7gkr53wyz0v0gs86b0zy0cb3gfrh6r4ja56eqkp77ehm8frxrv78naxmzrrqx0x99bcb9h5r63835mzjwr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%26client%3Dca-pub-7983651257838282%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d6216a35b79bba1-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 12:27:31 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.42/one-ad/ Frame 1B4B 106 KB
13 KB 33ms
33ms Stylesheet
text/css 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=6d5027417b0be1e1ba285f404cea03e0%2F9658128626851508511&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686572851684&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtmtv74pz56f9ha0ssfxpp3dbdyxgrsxrz51mk62my9ptgzjsns17y61q8vsxb1nhe3jxm09w4s7myqxjb74sjkh8afee4h5qjhs0xvnjgaj5q1pqv4wq8dm0esdv52a3sdwpjqeyn9n591e809psndyd08kbs6wgz024mc18nq51pkw2trmtzp8rp78pgz02x1948je4zg7exke0cmf0tyepvgzbae7hkd6p33b8njtx87epy5wkpwnx199hrx3eakfbrdfxfvmxvgry7qye02zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=6d5027417b0be1e1ba285f404cea03e0%2F9658128626851508511&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686572851684&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtmtv74pz56f9ha0ssfxpp3dbdyxgrsxrz51mk62my9ptgzjsns17y61q8vsxb1nhe3jxm09w4s7myqxjb74sjkh8afee4h5qjhs0xvnjgaj5q1pqv4wq8dm0esdv52a3sdwpjqeyn9n591e809psndyd08kbs6wgz024mc18nq51pkw2trmtzp8rp78pgz02x1948je4zg7exke0cmf0tyepvgzbae7hkd6p33b8njtx87epy5wkpwnx199hrx3eakfbrdfxfvmxvgry7qye02zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1686312358
age: 260186
cf-polished: origSize=108907
x-guploader-uploadid: ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 09 Jun 2023 12:06:25 GMT
server: cloudflare
etag: W/"913a188acf4937267d989357edafdccf"
vary: Accept-Encoding
x-goog-generation: 1686312385390155
content-type: text/css
x-goog-hash: crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwjuAi8bgjXl1MelVRhvTug3Dvp7vL2KAi4pweN%2FqKLzOgzzNEexhzcl80zUgYr%2BBG6X2yBbMA%2FdRQxOPZoUZ1zBGbVx2wPc539TE4hj%2FF0a%2BJQiCvY6ozehUJPjK0uKtoWFxBK3%2BTI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 108907
cf-ray: 7d6216a39bdbbba1-FRA
expires: Mon, 12 Jun 2023 13:27:31 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 1B4B 5 KB
5 KB 49ms
39ms Image
image/webp 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=6d5027417b0be1e1ba285f404cea03e0%2F9658128626851508511&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686572851684&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtmtv74pz56f9ha0ssfxpp3dbdyxgrsxrz51mk62my9ptgzjsns17y61q8vsxb1nhe3jxm09w4s7myqxjb74sjkh8afee4h5qjhs0xvnjgaj5q1pqv4wq8dm0esdv52a3sdwpjqeyn9n591e809psndyd08kbs6wgz024mc18nq51pkw2trmtzp8rp78pgz02x1948je4zg7exke0cmf0tyepvgzbae7hkd6p33b8njtx87epy5wkpwnx199hrx3eakfbrdfxfvmxvgry7qye02zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 926242
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ImIWHPrF8zbpUtE14FY9oJwcFqhHpWV%2FSnlxKSeWvoDQYN3oF9kcz8KfE4fc7p5wq8yyy7iAgWCTglH8KOlzCVni7S3cDzj4e87yUFOmB%2BJja3shUc%2FnA%2FMIhJD5%2BesExopG74d4w7dFpXO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d6216a3ac398fe9-FRA
expires: Tue, 13 Jun 2023 12:27:31 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 1B4B 54 KB
55 KB 38ms
29ms Image
image/webp 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=6d5027417b0be1e1ba285f404cea03e0%2F9658128626851508511&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686572851684&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtmtv74pz56f9ha0ssfxpp3dbdyxgrsxrz51mk62my9ptgzjsns17y61q8vsxb1nhe3jxm09w4s7myqxjb74sjkh8afee4h5qjhs0xvnjgaj5q1pqv4wq8dm0esdv52a3sdwpjqeyn9n591e809psndyd08kbs6wgz024mc18nq51pkw2trmtzp8rp78pgz02x1948je4zg7exke0cmf0tyepvgzbae7hkd6p33b8njtx87epy5wkpwnx199hrx3eakfbrdfxfvmxvgry7qye02zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 279425
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400
content-length: 55798
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XlIFbphOxocY41AOwYYV%2F%2BYOW0Smdm1g29uRbyiaaJ%2FtDExvs19e9p5kV%2Fg9RbMZJontQGvi%2BcfqqXTa2A%2FfNgKRcUTySHG%2BRzzkJmF7NRl2OC8qpzPVWtf0Cxhf5SDysEtdknWIxuR4lT3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d6216a3ac388fe9-FRA
expires: Tue, 13 Jun 2023 12:27:31 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 1B4B 2 KB
3 KB 62ms
52ms Image
image/webp 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=6d5027417b0be1e1ba285f404cea03e0%2F9658128626851508511&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686572851684&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtmtv74pz56f9ha0ssfxpp3dbdyxgrsxrz51mk62my9ptgzjsns17y61q8vsxb1nhe3jxm09w4s7myqxjb74sjkh8afee4h5qjhs0xvnjgaj5q1pqv4wq8dm0esdv52a3sdwpjqeyn9n591e809psndyd08kbs6wgz024mc18nq51pkw2trmtzp8rp78pgz02x1948je4zg7exke0cmf0tyepvgzbae7hkd6p33b8njtx87epy5wkpwnx199hrx3eakfbrdfxfvmxvgry7qye02zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142654
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCD4657V7OjjbHbVTp0KY3EBqZRJ%2BDFaKNDcIfbZdrjzW%2BnDVeXHRYy67z%2FGcgVSQCKsRy3ZR1Yr0%2Bk4W3Y3bdvhEp%2BMchYdkAzUX4xcBagd0qelutnMiuCfmCltUZl22KAJAo50ayTFOv3j"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d6216a3ac358fe9-FRA
expires: Tue, 13 Jun 2023 12:27:31 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 1B4B 339 KB
340 KB 48ms
39ms Image
image/webp 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=6d5027417b0be1e1ba285f404cea03e0%2F9658128626851508511&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686572851684&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtmtv74pz56f9ha0ssfxpp3dbdyxgrsxrz51mk62my9ptgzjsns17y61q8vsxb1nhe3jxm09w4s7myqxjb74sjkh8afee4h5qjhs0xvnjgaj5q1pqv4wq8dm0esdv52a3sdwpjqeyn9n591e809psndyd08kbs6wgz024mc18nq51pkw2trmtzp8rp78pgz02x1948je4zg7exke0cmf0tyepvgzbae7hkd6p33b8njtx87epy5wkpwnx199hrx3eakfbrdfxfvmxvgry7qye02zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2482083
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTJ7G9Sst0wGlcfL6%2FCQnNhORoJWYXuBehUxa8d4AjgW9rCmIS%2BWKfJ%2B01geSXAbggq3G9p9eeZwvR%2Bv5fXJ3GgKZtmX34npBUBrRGWZfiCVFQmWZzS4deV1QjukQUUe39sDpG%2B3gT8NtQl8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d6216a3ac3a8fe9-FRA
expires: Tue, 13 Jun 2023 12:27:31 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 1B4B 43 B
705 B 173ms
70ms Image
image/gif 104.103.93.163

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=6d5027417b0be1e1ba285f404cea03e0%2F9658128626851508511&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686572851684&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtmtv74pz56f9ha0ssfxpp3dbdyxgrsxrz51mk62my9ptgzjsns17y61q8vsxb1nhe3jxm09w4s7myqxjb74sjkh8afee4h5qjhs0xvnjgaj5q1pqv4wq8dm0esdv52a3sdwpjqeyn9n591e809psndyd08kbs6wgz024mc18nq51pkw2trmtzp8rp78pgz02x1948je4zg7exke0cmf0tyepvgzbae7hkd6p33b8njtx87epy5wkpwnx199hrx3eakfbrdfxfvmxvgry7qye02zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.103.93.163 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jun 2023 12:27:31 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 1B4B 36 KB
36 KB 48ms
40ms Image
image/webp 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=6d5027417b0be1e1ba285f404cea03e0%2F9658128626851508511&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686572851684&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtmtv74pz56f9ha0ssfxpp3dbdyxgrsxrz51mk62my9ptgzjsns17y61q8vsxb1nhe3jxm09w4s7myqxjb74sjkh8afee4h5qjhs0xvnjgaj5q1pqv4wq8dm0esdv52a3sdwpjqeyn9n591e809psndyd08kbs6wgz024mc18nq51pkw2trmtzp8rp78pgz02x1948je4zg7exke0cmf0tyepvgzbae7hkd6p33b8njtx87epy5wkpwnx199hrx3eakfbrdfxfvmxvgry7qye02zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1950432
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1El0kvXgaWKwfzO0HLU1KMw32mkVsdvUbo3aTWwvBokNFsUs4CpYJH1hCk9E4bbyd%2Bigd0rJgQwzWwMqlzmO1veDvf7BmmdKIjfFYDycQmmYznJ1oZe125tdP61Ex28vjPtjoErJlNd8Lr2k"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d6216a3ac378fe9-FRA
expires: Tue, 13 Jun 2023 12:27:31 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 1B4B 28 KB
28 KB 49ms
40ms Image
image/webp 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=6d5027417b0be1e1ba285f404cea03e0%2F9658128626851508511&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686572851684&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtmtv74pz56f9ha0ssfxpp3dbdyxgrsxrz51mk62my9ptgzjsns17y61q8vsxb1nhe3jxm09w4s7myqxjb74sjkh8afee4h5qjhs0xvnjgaj5q1pqv4wq8dm0esdv52a3sdwpjqeyn9n591e809psndyd08kbs6wgz024mc18nq51pkw2trmtzp8rp78pgz02x1948je4zg7exke0cmf0tyepvgzbae7hkd6p33b8njtx87epy5wkpwnx199hrx3eakfbrdfxfvmxvgry7qye02zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 233180
cf-polished: qual=85, origFmt=jpeg, origSize=133780
alt-svc: h3=":443"; ma=86400
content-length: 28740
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2%2FB%2BDi2ajP9LaxR669VQ8tGJy%2FZHf9JuVkZzb7lXeAmHKMzHLvnupnr7Ex36umMMYFjyAeDWhEOsyB1eo1zhp3Y3N5CGu0dEQOO%2BfG2ehPg6PRamjtOzsl0loGeuUgcR8VU8lOf90jvREcv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d6216a3ac368fe9-FRA
expires: Tue, 13 Jun 2023 12:27:31 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 1B4B 43 B
705 B 199ms
97ms Image
image/gif 104.103.93.163

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.103.93.163 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jun 2023 12:27:31 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame 1B4B 2 KB
2 KB 81ms
80ms Script
text/html 18.130.16.201

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g9z22a5fem2am753384yf7b02sq20mn4zk0svwcmsejgjceta7n80pz9jhxgfxrpjarx9c1jx7yg74hh28ba0w5xx7y6j822er2mtj58ph1kdaa98qnj31r5vfm25gsr95pzz7e63dqb8zc77ccepzx5v1wez6mb91q05ab0mbfnyhk6r2f1r3skmdz2egvkx5vk4qjjpak1byjjfh8zzgcp5mm327aykca1gas198bagj7xbbevjxfys1j1d05h1q0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtmtv74pz56f9ha0ssfxpp3dbdyxgrsxrz51mk62my9ptgzjsns17y61q8vsxb1nhe3jxm09w4s7myqxjb74sjkh8afee4h5qjhs0xvnjgaj5q1pqv4wq8dm0esdv52a3sdwpjqeyn9n591e809psndyd08kbs6wgz024mc18nq51pkw2trmtzp8rp78pgz02x1948je4zg7exke0cmf0tyepvgzbae7hkd6p33b8njtx87epy5wkpwnx199hrx3eakfbrdfxfvmxvgry7qye02zr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=6d5027417b0be1e1ba285f404cea03e0%2F9658128626851508511&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686572851684&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtmtv74pz56f9ha0ssfxpp3dbdyxgrsxrz51mk62my9ptgzjsns17y61q8vsxb1nhe3jxm09w4s7myqxjb74sjkh8afee4h5qjhs0xvnjgaj5q1pqv4wq8dm0esdv52a3sdwpjqeyn9n591e809psndyd08kbs6wgz024mc18nq51pkw2trmtzp8rp78pgz02x1948je4zg7exke0cmf0tyepvgzbae7hkd6p33b8njtx87epy5wkpwnx199hrx3eakfbrdfxfvmxvgry7qye02zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.16.201 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: d3c13dd149dd19de07831be92bb81051ca2aa18401b7b2ce9c84b37cd77918a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:27:31 GMT
last-modified: Mon, 12 Jun 2023 12:27:31 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 12 Jun 2023 12:28:31 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 1B4B 85 KB
31 KB 25ms
25ms Script
text/javascript 108.138.36.89

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g9z22a5fem2am753384yf7b02sq20mn4zk0svwcmsejgjceta7n80pz9jhxgfxrpjarx9c1jx7yg74hh28ba0w5xx7y6j822er2mtj58ph1kdaa98qnj31r5vfm25gsr95pzz7e63dqb8zc77ccepzx5v1wez6mb91q05ab0mbfnyhk6r2f1r3skmdz2egvkx5vk4qjjpak1byjjfh8zzgcp5mm327aykca1gas198bagj7xbbevjxfys1j1d05h1q0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jtmtv74pz56f9ha0ssfxpp3dbdyxgrsxrz51mk62my9ptgzjsns17y61q8vsxb1nhe3jxm09w4s7myqxjb74sjkh8afee4h5qjhs0xvnjgaj5q1pqv4wq8dm0esdv52a3sdwpjqeyn9n591e809psndyd08kbs6wgz024mc18nq51pkw2trmtzp8rp78pgz02x1948je4zg7exke0cmf0tyepvgzbae7hkd6p33b8njtx87epy5wkpwnx199hrx3eakfbrdfxfvmxvgry7qye02zr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.89 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 14:02:21 GMT
content-encoding: gzip
via: 1.1 3fbcd51d3039c17ef404823aaeb1f66c.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 80710
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: sVevmIUJvGwg8jDvMytFTC4OLL2S77rDhHlC8ahOeIkHl10LTRGSKg==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 1B4B 15 KB
15 KB 20ms
20ms Image
image/png 99.86.4.53

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1686573151&Signature=oWSewcxFAA0ipmmhJbRirxP0PfprIgeHHVmTEIBqXpnFmAbO1q5DWIIQH5Y3OoegrHUi9Hc5uA7jmrGQYx7oR9cSMBFQkTmXrBCnnfXLQogoDdCSm4iT8JuW1W6RaFpgyMCnX81ZrK9Qbqh8FU6X1yj2bWmbBFdTvCXNpvskaqZjoIfLbFhxvhPigpW5IHEHJJC88wrFbDXXKv3dAJFvmCXsNYSRtg-VPF2noSiiKtMWswK5HBX0ZF3b~7LVGRX-bg8VQ231DSRbNUNAkYbVkq1BLptow97NZUKZUD0IY08nJiRfo7LGK~XvYt1YFeSKLeZNM7DsFmKgaxyO7RfKyQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=6d5027417b0be1e1ba285f404cea03e0%2F9658128626851508511&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686572851684&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtmtv74pz56f9ha0ssfxpp3dbdyxgrsxrz51mk62my9ptgzjsns17y61q8vsxb1nhe3jxm09w4s7myqxjb74sjkh8afee4h5qjhs0xvnjgaj5q1pqv4wq8dm0esdv52a3sdwpjqeyn9n591e809psndyd08kbs6wgz024mc18nq51pkw2trmtzp8rp78pgz02x1948je4zg7exke0cmf0tyepvgzbae7hkd6p33b8njtx87epy5wkpwnx199hrx3eakfbrdfxfvmxvgry7qye02zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 11 Jun 2023 15:18:04 GMT
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 76168
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: A28KBjLfAtOfObJfcYRbf0dpEKZ7WApqBRomNtrVntnGwMRQMNbEYA==

GET
H2 200 5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame BF29 0
209 B 58ms
58ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1686572848243&userId=vnet5c80b025-94a4-461b-9820-7c21f2fc0de0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Mon, 12 Jun 2023 12:27:32 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=1500&ts=1686572848591&src=pbjs

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubiconproject.com/	1970-01-20 21:15:08	Name: khaos Value: LISTXESZ-1L-L5DF
.rubiconproject.com/	1970-01-20 21:15:08	Name: audit Value: 1\|naVuGyos1qpK3mOdNWvBCLU1ZxogGjlwOA+xFj1I9sdpdF/86rQGb8gpkAqYfMzlDqDbQAwtYdFN+011ZXQEx2pNjxJ85LHdsqlSNZOaaDQ=
.doubleclick.net/	1970-01-20 21:51:08	Name: IDE Value: AHWqTUnv017WqJU81u-v4zgYBsDDg4VmwJFg7QYH91dEnpY_N4nV6LNF6JK69dAnrJs
.doubleclick.net/	1970-01-20 12:29:36	Name: DSID Value: NO_DATA
.criteo.com/	1970-01-20 21:51:08	Name: uid Value: c4a15a04-83be-46b8-9823-96b5b6506333

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript	error	URL: https://ye-mek.net/(Line 39) Message: Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572848409&bpp=3&bdt=805&idt=281&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&nras=1&correlator=2759026751804&frm=24&ife=1&pv=2&ga_vid=124224886.1686572848&ga_sid=1686572849&ga_hid=942458658&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=42532279%2C42532277%2C44759842%2C44759875%2C44759926%2C31071755%2C31075258%2C44785292%2C44788442&oid=2&pvsid=2066474080395047&tmod=1889489679&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.2edd8e6cgc54&fsb=1&dtd=339 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/7315224385242948676/index.html".
security	error	URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/325384295048592582/index.html".
security	error	URL: https://8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/7315224385242948676/index.html".
security	error	URL: https://as.ad4m.at/ad/dr?ed=1jc13nkh2tnjzww7rf371mjb08a41rfwg606mpva71ve56wb3mx0q1pjjh7ecq6kng4pjzk189mh7jntdh7a0r0kttbynd9y6q7qbb5aqsx8db7ahcx31yejvgc64z04cj8ejhzp0qpf5p6yacxeqgar4nfpt94r551pavjka2j4k253ayscg869z1d2cebj1xqs7jqj4ykygfqxj51bt1h51mj2jgvc70nzt5cqbhmdnacvdx3w7qpwrx9cn61192zbj59774t3y3te6vc8v3ajctcm4j9gh7veqfm37me8bpmbbagf66brc47vgdr2f8bx5sk3w28kw13e7gpm28h3w40gee7fz2m9cy8kvp7rn4tqpyb8dftk7gkr53wyz0v0gs86b0zy0cb3gfrh6r4ja56eqkp77ehm8frxrv78naxmzrrqx0x99bcb9h5r63835mzjwr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%26client%3Dca-pub-7983651257838282%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=6d5027417b0be1e1ba285f404cea03e0%2F9658128626851508511&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1686572851684&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtmtv74pz56f9ha0ssfxpp3dbdyxgrsxrz51mk62my9ptgzjsns17y61q8vsxb1nhe3jxm09w4s7myqxjb74sjkh8afee4h5qjhs0xvnjgaj5q1pqv4wq8dm0esdv52a3sdwpjqeyn9n591e809psndyd08kbs6wgz024mc18nq51pkw2trmtzp8rp78pgz02x1948je4zg7exke0cmf0tyepvgzbae7hkd6p33b8njtx87epy5wkpwnx199hrx3eakfbrdfxfvmxvgry7qye02zr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxj7aMg-HZJWNDKCR7_UPtJej8ASQ4YGEXLaoworwAsCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQKQFKTl8BeyPuACAKgDAaoEgAJP0Gl5-oPl1wdBQDSxPjhwNaW7ceKuNNm6NTFbGshyMc7fqtCSpOdAQmBoYF-TOHnv-Jwc6uZ_ajJBJ9lJTEbJsBAQirBVmyV1z8MD8Ky7Xdmf2GK_3pxC8uD509g59dRIx6iKefVtfNlcLLcsrqpApBjjYMYShTKrX6m7i_1hmK22EN9ppAGcx-NUZpP-jKopklMP1PvhIdM2Hyq-fM2fkPGl4CI_6q80slHVlIFyg4noK0HyhMAkaRrJZR_WCmdrmwnQAyztliAQ8ZoSadAB_LbhfLnCRNvG1a00foYpbX_Bsp1W_wFFl1J7G52zsYGpKJNHcdwMoaGgCyE9fLum4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3ua67SPji7OLdnfsz5iVAj4Yas2g%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8f689efa0fdf9a5d5ae17f95a29b1cea.safeframe.googlesyndication.com
a.teads.tv
aax.amazon-adsystem.com
ad.turn.com
ad4m.at
adservice.google.com
adv.office-partner.de
adx.adform.net
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
as.ad4m.at
assets.ad4m.at
bidder.criteo.com
c.amazon-adsystem.com
c1.imgiz.com
cdn.ampproject.org
cdn.retailads.net
cdn.track.production.webgains.team
cdn.ye-mek.net
cm.g.doubleclick.net
connect.facebook.net
cpm.programattik.com
dclk-match.dotomi.com
dis.criteo.com
eb2.3lift.com
fastlane.rubiconproject.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90001.redintelligence.net
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
images.dmca.com
imasdk.googleapis.com
match.360yield.com
match.adsrvr.org
medialead.de
mp.4dex.io
mug.criteo.com
ng.virgul.com
ng2.virgul.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pghub.io
pixel.mathtag.com
pixel.rubiconproject.com
prebid-server.rubiconproject.com
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
s.ad.smaato.net
s7.addthis.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
static.virgul.com
sync-tm.everesttech.net
tags.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
ups.analytics.yahoo.com
www.awin1.com
www.cloakan.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
ye-mek.net
hb.emxdgt.com
104.103.93.163
108.138.36.89
142.250.186.130
145.239.193.130
151.101.2.49
151.139.128.10
178.250.7.11
178.250.7.13
18.130.16.201
184.30.21.51
184.72.23.213
185.29.132.242
185.7.176.221
185.7.176.223
185.80.39.216
185.86.139.102
185.89.210.20
20.60.220.36
2001:4860:4802:38::178
2001:678:cb4:bbbb::11
204.237.133.116
216.52.2.30
23.206.208.114
2600:1901:0:76b9::
2600:9000:20c3:c800:1b:5138:8a40:93a1
2602:803:c003:200::21
2606:4700:20::681a:9a9
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700::6812:372
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2008
2a00:1450:4001:809::2001
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200a
2a01:4f8:d0a:2321::2
2a02:2638:3::c
2a02:2638:d::2
2a02:2638:d::a
2a02:6ea0:c700::10
2a02:fa8:8806:20::2040
2a03:2880:f084:d:face:b00c:0:3
2a0b:4d07:102::1
3.33.220.150
3.64.112.248
34.102.243.38
34.96.105.8
35.171.178.115
35.241.45.217
37.157.4.28
37.252.171.52
46.4.10.49
49.12.16.151
52.222.208.154
52.222.253.136
69.173.144.139
76.223.111.18
77.245.159.14
78.46.90.238
85.111.6.48
94.138.206.83
94.23.99.218
95.101.148.198
99.86.4.53
001fde0da5c751757c5c5d93f5f6131b16735d7c37fe979db15fc952e0adb8dd
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0403acf352d97f4125629cb0d42e156490c93962f561f94d7f3c2f4816c8f415
04e7f6b9f61f65d4716aedf7a1926e347d6a657c6ddd640f4c2281f0c6133472
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07c5441aaeb4a16942be0180551640c13dfd8287a00f49d507de369b8731272b
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
089371c2d0c637c172d5af2ba670a229c49df18790fa29a8c9a3d4af7796f2c7
08d75b5efe81a77e5662b604db053d1d0ff9e0d8e9625d480543e1c5b68afb49
09d46eb1397a55833670832dcac4edf7f7e1d2b170b3eb7c11557cadcfe0a784
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ceb879f6f8efab99f91e14e9cdc5979e96007d040b4f66a6b33f7c7a61cadea
0d8812f5547b313d30ae9c9b712b8fc50eafb19ab00a1658b484a35de8f78fba
0ffc2b5053becd181a15bf01a1cb3b959ca9e406a6557db62579dacd96defb5a
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
1223d352430065cc6ee6ecfe6c3ed6e1e4b2f5714817dcf8967ffca08f192c1a
1554eec839b108cdd73d20f9db0806b780b5bdf750e9f4d83f9025e2b7ed0ca9
1745404afda8b9f849707bf0c32b0e1651cee0c8cf8b9e5e8a83df40e3374c33
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
19eb8aa79e13101d907ddd5ef9d291cbc5d166d22b4c4961359e00f452f1621a
1a1db06ff695a6dbf5ec21aac5d54a1482bfe865a379bb01eb8bd4dce4e0bc40
1a94fa6a7b6a36ae43667a17e734b972282225f77d5cc9afa4f2c1eae26217a7
1c67a7d5bd4eeea4dac61fdb402693f5ecce11630369d396bd6ec60516bda492
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28
2214a9c42ac416d027c9814595f62b198356d64ee8eebd6cef1ab5ba1def247d
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
24762ab428a6fcf11ff285c267ba773b0a63638dcee78a5cc3ea8406f092ad58
25a120a3830417d169351a3985042dc4bcf6e490fbbe75794190d73794836ebe
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
27b521443caa2567c561c9a2bd377929f40cf7fb68113ccbc4b42669c6841e79
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3215047ba3d9e3a85929c21fa364f8f532272497ade05f7b1ad47c59a235b096
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
33c4e29fe336359170f275e73f9e445cfd3d31967677e461257f6b365c498017
35b21209877b5b74adcb3a1bd21f8fd45a5ee0ea13d754f7d69bad34147800bf
37696e118071c7484a8001f32a4e80edaab20322d5c8ae8e2b1f48a1c45baad9
382c1403edc5386a0382267faf0cba0f231b2bac2611e4e77df235becfd51b96
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3a0fad2a356f8d50d02af3a5886e30e159cfa1474984f6fa5ae08d4639e9897f
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab
3eb79b4d2ffba8edb4bc68e626be9fbefda2665c814a19c369be473830085cf4
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
405c12171491cd55b978e55507cd6f8dd37e3893a3e4b87d133dc9fea6030b49
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
4532ed97c8ec16da3c9275a5345ba6406647074a9c078e609aa9f56c1a40f76b
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48933afc3e2a21de9759acd5d38355c6ef812f5e64a3138fbc95b47a00182731
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4bff962fb085bc7a7d81b7a59a2dceb2a6dd7f44a6d25af7040fd62f86393a05
4cef1301e357957806dc748d630533b01d35aeb353591cc8b0414c7cc5d48bd4
4daf38a37358da6ba33e9260e8381f7d678a26351b7a368bcff17b79f3c38ac5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
579f83393dc328c5bd403411e9088cb9105ca4e918df5bd29f1f668df6aa7bd1
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
59641e17cbf2747c31456e5ac08ddd332816ebb6b9fc9273ed4989ef979ca5cc
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
5c43ed02f9d0a2a773e7f13c481df34f9de77c425c368f5cb3398d7e67152e68
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63d492638d445ece5c5162c245202c7a7a8db0fcc12c438e020c5128bd2164cf
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6706f934c4b4bf7e620f35b3d1aa608625b1b3017918894a0b217024a1e02e4e
680ecf5292c16dfcc39308f1f90ef3b2de6378b7ec56c81a82ac114f2083dde2
681ab93dd0600e24018acefe10a3a2c960a04646fc477eb45f13088f9a8a65d8
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b87016a901bbfa70e06cb5874e3368471b56d57806745ed55c52df5021921cf
6ca3f1757a2cb89786ba5d7c156a6541a51f8b250009d81d58a2f7a8446ea7b0
6ce801c9b5a18d6e9a2b6914f7fcbb927cacf7199e21c2318ac42e594102e2a1
6d4b039e13080924553d42c56051ec773abb13dd903a5ea542eb3d23702a821a
6f46d60153e10ddf4036ee99e19a65528cea5d0339dc52b969e2ff4abc136db2
7205777014978e168136f841b00836b5a9fa6c9dcc0674336483adfa571da005
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75f2b3e1739c7ed8ee367a6990d7f5abdb0fd1040724273ee5a5f87489a41228
7b1bce1d922fda8f24654799535f0d77a93437b133095ce3a02c9c4899e3f926
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
88014bb1678f27ccd12f365f093df94e44090572780c78170f448cea5bdad694
8bbbc366133eebc269aa0b4c9893140db2b61666a03417b07923f8201846ed8f
8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8
8c9ae37f05f3ab3fa28648efeacabfa877a22c292d788a88f2d18294a4848cb7
8cb6f8390badd77bc5cc503ecaa065a48f1e3f7a28882b7f48c2c5cb9b8a2ac0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f337877d7d9cc9c8c548280d672afc8c734c697025f1ca68c1b28a2ebaeeb64
96da7cbd165c265c74e140817dda609aab677ad3738efac98ce863665dc3512b
975c34d0f96aac70ad610a543d81318cb332fc149e3312498afbe3acca506b20
97831ff1642b67d43154d0b76a95e26b0fd8ec1533c4ba30c37ea1c0bdfb30e5
986e429f21810d7b110bdea97fc8a8421cb955d56ed64dc48df589d5972f4c90
9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa15f3d270011a0d81029fc96091ebec29d9cd93a32ffb12eda6e0db7649665
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9edb23e141fe20aa066d445f9933b24561e461ab1f90a02d40dd2027023a94cc
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
a197cb012a53cc819f64679ad787456977c07535984b9fb61c55360eafb56c0d
a25f1a3059a34e09651ba900d02a819165053e139d04adcd56ee514a700ecdf3
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a3c8d1021bd2ee3bb73e29d8fdf79a184be2c6b5ef6ba41b0a6bd09519d0dfd3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a89f7bfa14110d591435cd4944c46084d2eacf435adf24032626b6caebe8738f
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aafa3e1ed47a88da681dc3605234b8ab12ac6d46bcc8f910715fcdfcf2218702
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b056eb970e34d6a4e18c469a41ede71c79082bf40ac841cf3f5549912d36af7a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17f4c082b272213f4da075af5c73893db6c70f060c8441ff6e70f7251324ff9
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b8cf77823106d0f8069fcaa9088e9a43082f15b77f32c7b67dbe84ea6693c255
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
bd3a040642cf3131df4cfd4063c4306c833ff4b74db468c6fa22342087a86ad3
be93f136c41bb69744385e44af8bd22f67124c71fd11018e13ac03c6d196f409
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c140f162040228e028d9b86e408827f9ebe79eff646c16f911c08898a5c8c4e8
c2257651e3df62d2dab0c36c75d03134dd566768596cd26453fb9b4f72413210
c310500d429672e89b6cf5c6e9b6b9f2b4e677c6f86c0a0ec45795f3a2a9ad90
c379cf9c8fd35370a2c03709c7e4cc6e54eaf50915a36cefa489038810d487c7
c682503cceca1b904b22355c3303d0065985fd83992209d6d65f1ca4546033b9
c823201798005c8f4f9254248e1995aa38eab8e4d3c7d8263c568a8a1752c1e7
c9f0d58bfa4a06dfe46ca39b3f3aaeafea15acd2b32ecff16df4795806d82da1
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
cae1a621b632d777a710d463253856796b8a4acfea09028dd9e0cae076417dae
cf48cc968dc811cb5eb4d3dea1c476e5f91880d42fff90dba092d7b0c6ced468
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d01397e6937781e826ccb86a43f1b1ca02e2b31cfbf6072d73690b979bf91ba7
d1e227f4adadd06ea21921d22f6a355eb1b2f2a16e8f6150081cdf9d8f33d27e
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
d2bfce028cb97332fab67c30004622dc9e3c1d27cec76768e32c723a214acf95
d389d4e827b1df5e191df76750ebe767b7d290eaafc03264964e576b11b43cb6
d3c13dd149dd19de07831be92bb81051ca2aa18401b7b2ce9c84b37cd77918a7
d5cc685a3df0cf6cb6fbe13c5850854c64c8b93328af9488763f32bdc64b3590
d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643
d8438866a06fe771b806303a6beb5697133f730eff458be4aa366a4f07fc08bb
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
dc0a744d2c9a2b26c20b9ceea745b32bcc32144ea14cf655d16d3d51a47c97f9
de828c1de3b057a2132f7e790523411695d4c0189b0eaeb5f0f4f3d92462a540
e248fc933bd5b08289fa46b3e2629d9d6199a3e711b0d8e109aaf9f57541796d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e83a6e6d3b514c443964ced040878fe12d03f326240804355adc29084ed7ca8c
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
e95ae6bc878c84c98ce8435e7546c02b847773de6053b098709bd28fce89dc0c
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eb8e687f8ef4d4838ea77f88aa15f238529f8273aa2d22b7efc8ff18460f7757
ec5725d4053198fbf31e6d9122e875de3dc5434a7f80748fb848704caf82b322
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
eeb71f65c246b88e780b7266dc1e5170372fdd60c089023205579113a4d5a2a5
eeed42dcd5880c6552904e1a38ed4a7bef423327755f9ea62fdc3af864a2c6d1
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fd40f237eea2f94f17b951f7289c187b2575ab5055e3f5ca21e15a494532c590
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

282 Requests

93 %HTTPS

44 %IPv6

53 Domains

80 Subdomains

67 IPs

6 Countries

3627 kBTransfer

8447 kBSize

5 Cookies

0 Outgoing links

Redirected requests

282 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

282
Requests

93 %
HTTPS

44 %
IPv6

53
Domains

80
Subdomains

67
IPs

6
Countries

3627 kB
Transfer

8447 kB
Size

5
Cookies

282 HTTP transactions
9 data transactions