urlscan.io logo urlscan.io
SecurityTrails logo

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36  Public Scan

Go To Rescan Add Verdict Report
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Submission: On June 12 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 68 IPs in 7 countries across 62 domains to perform 375 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.
This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 20.60.220.36 8075 (MICROSOFT...)
2 77.245.159.14 42868 (NIOBEBILI...)
2 94.138.206.83 49126 (AS49126)
3 2a00:1450:400... 15169 (GOOGLE)
40 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.139.128.10 20446 (STACKPATH...)
1 2.19.224.115 16625 (AKAMAI-AS)
18 185.7.176.223 42910 (PREMIERDC...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
56 2a00:1450:400... 15169 (GOOGLE)
3 108.138.1.25 16509 (AMAZON-02)
1 35.241.45.217 15169 (GOOGLE)
2 185.7.176.222 42910 (PREMIERDC...)
1 34.102.243.38 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.222.253.136 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 185.64.189.112 62713 (AS-PUBMATIC)
3 4 216.52.2.39 30282 (AS-INAPCD...)
4 6 37.157.5.84 198622 (ADFORM)
1 95.101.149.35 16625 (AKAMAI-AS)
3 6 185.89.211.132 29990 (ASN-APPNEX)
4 85.111.6.48 9121 (TTNET)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.66.39.176 16509 (AMAZON-02)
6 2602:803:c003... 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
39 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
3 185.29.134.249 30419 (MEDIAMATH...)
4 13 2a00:1450:400... ()
4 78.46.90.238 ()
1 23.52.122.195 ()
3 138.201.63.149 ()
39 2a00:1450:400... ()
1 2a0b:4d07:101::1 ()
2 145.239.193.130 ()
1 18.130.16.201 ()
1 1 94.23.99.218 ()
1 1 35.186.231.97 ()
1 13.224.189.92 ()
8 41 142.250.186.34 ()
2 4 185.80.39.216 ()
1 2a00:1450:400... ()
2 34.98.64.218 ()
1 4 104.102.35.84 ()
2 4 2001:678:cb4:... ()
1 2 2620:116:800d... ()
1 2a02:fa8:8806... ()
2 2 35.157.43.161 ()
4 4 18.159.217.158 ()
1 178.250.1.9 ()
3 3 51.89.9.251 ()
1 18.66.147.120 ()
1 99.86.4.94 ()
4 142.250.184.194 ()
1 2 3.126.58.194 ()
1 1 69.173.144.165 ()
1 1 2600:9000:205... ()
8 8 213.19.147.45 ()
2 185.86.138.154 ()
3 6 2606:4700::68... ()
3 3 35.190.0.66 ()
2 2 3.71.149.231 ()
3 3 20.127.253.7 ()
3 162.19.138.120 ()
1 1 35.186.193.173 ()
1 1 193.0.160.131 ()
2 2 52.213.96.27 ()
1 1 35.204.74.118 ()
1 3.33.220.150 ()
1 35.227.252.103 ()
2 2 198.47.127.19 ()
1 2 2a02:2638:d::d ()
2 2a00:1450:400... ()
1 178.250.1.11 ()
2 3.8.219.7 ()
375 68
4    20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pcloak.blob.core.windows.net
2    77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com
www.cloakan.co
2    94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)
ye-mek.net
3    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
40    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.ye-mek.net
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
images.dmca.com
1    2.19.224.115 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-115.deploy.static.akamaitechnologies.com
s7.addthis.com
18    185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
static.virgul.com
ng.virgul.com
ng2.virgul.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
15    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
56    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
2    185.7.176.222 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
c1.imgiz.com
1    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
feed.pghub.io
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net
aax.amazon-adsystem.com
3    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
6    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
c1.adform.net
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
6    185.89.211.132 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
4    85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns2.ttidc.com.tr
cpm.programattik.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    3.66.39.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-39-176.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
6    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
39    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
7    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
13    2a00:1450:4001:830::2004 (None, )

ASN- ()
www.google.com
4    78.46.90.238 (None, )

ASN- ()
hal9000.redintelligence.net
1    23.52.122.195 (None, )

ASN- ()
pixel.mathtag.com
3    138.201.63.149 (None, )

ASN- ()
hal90009.redintelligence.net
39    2a00:1450:4001:811::2006 (None, )

ASN- ()
s0.2mdn.net
1    2a0b:4d07:101::1 (None, )

ASN- ()
adv.office-partner.de
2    145.239.193.130 (None, )

ASN- ()
pv.medialead.de
1    18.130.16.201 (None, )

ASN- ()
track.webgains.com
1    94.23.99.218 (None, )

ASN- ()
medialead.de
1    35.186.231.97 (None, )

ASN- ()
impfr.tradedoubler.com
1    13.224.189.92 (None, )

ASN- ()
img.tradedoubler.com
41    142.250.186.34 (None, )

ASN- ()
cm.g.doubleclick.net
4    185.80.39.216 (None, )

ASN- ()
dsum-sec.casalemedia.com
1    2a00:1450:4001:82a::200a (None, )

ASN- ()
fonts.googleapis.com
2    34.98.64.218 (None, )

ASN- ()
us-u.openx.net
4    104.102.35.84 (None, )

ASN- ()
sync.teads.tv
4    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
r.turn.com
2    2620:116:800d:21:c5a4:625:6563:a5bb (None, )

ASN- ()
cms.quantserve.com
1    2a02:fa8:8806:20::2040 (None, )

ASN- ()
dclk-match.dotomi.com
2    35.157.43.161 (None, )

ASN- ()
pm.w55c.net
4    18.159.217.158 (None, )

ASN- ()
x.bidswitch.net
1    178.250.1.9 (None, )

ASN- ()
dis.criteo.com
3    51.89.9.251 (None, )

ASN- ()
onetag-sys.com
1    18.66.147.120 (None, )

ASN- ()
analytics.webgains.io
1    99.86.4.94 (None, )

ASN- ()
cdn.track.production.webgains.team
4    142.250.184.194 (None, )

ASN- ()
googleads4.g.doubleclick.net
2    3.126.58.194 (None, )

ASN- ()
d.adtriba.com
1    69.173.144.165 (None, )

ASN- ()
pixel.rubiconproject.com
1    2600:9000:2057:8400:1b:5138:8a40:93a1 (None, )

ASN- ()
s.ad.smaato.net
8    213.19.147.45 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
2    185.86.138.154 (None, )

ASN- ()
ssbsync.smartadserver.com
6    2606:4700::6812:19ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
3    35.190.0.66 (None, )

ASN- ()
ads.travelaudience.com
2    3.71.149.231 (None, )

ASN- ()
ups.analytics.yahoo.com
3    20.127.253.7 (None, )

ASN- ()
sync.inmobi.com
3    162.19.138.120 (None, )

ASN- ()
id5-sync.com
1    35.186.193.173 (None, )

ASN- ()
gcm.ctnsnet.com
1    193.0.160.131 (None, )

ASN- ()
p.rfihub.com
2    52.213.96.27 (None, )

ASN- ()
match.360yield.com
1    35.204.74.118 (None, )

ASN- ()
um.simpli.fi
1    3.33.220.150 (None, )

ASN- ()
match.adsrvr.org
1    35.227.252.103 (None, )

ASN- ()
rtb.openx.net
2    198.47.127.19 (None, )

ASN- ()
image6.pubmatic.com
2    2a02:2638:d::d (None, )

ASN- ()
gum.criteo.com
2    2a00:1450:4001:810::200e (None, )

ASN- ()
www.youtube.com
1    178.250.1.11 (None, )

ASN- ()
mug.criteo.com
2    3.8.219.7 (None, )

ASN- ()
api.webgains.io
Apex Domain
Subdomains		 Transfer
80 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
cm.g.doubleclick.net
googleads4.g.doubleclick.net
417 KB
77 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 127
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 154
762 KB
42 ye-mek.net
ye-mek.net — Cisco Umbrella Rank: 834583
cdn.ye-mek.net
628 KB
39 2mdn.net
s0.2mdn.net
1 MB
18 virgul.com
static.virgul.com — Cisco Umbrella Rank: 57050
ng.virgul.com — Cisco Umbrella Rank: 53427
ng2.virgul.com — Cisco Umbrella Rank: 58973
231 KB
16 google.com
adservice.google.com — Cisco Umbrella Rank: 106
www.google.com
2 KB
8 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 983
fastlane.rubiconproject.com — Cisco Umbrella Rank: 526
pixel.rubiconproject.com
5 KB
7 redintelligence.net
hal9000.redintelligence.net
hal90009.redintelligence.net
35 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
383 KB
6 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
3 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
secure.adnxs.com
7 KB
6 adform.net
adx.adform.net — Cisco Umbrella Rank: 4174
c1.adform.net
5 KB
5 1rx.io
sync.1rx.io
4 KB
5 ampproject.org
cdn.ampproject.org
110 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 742
dis.criteo.com
gum.criteo.com
mug.criteo.com
8 KB
5 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1474
sync.teads.tv
1 KB
5 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 422
imasdk.googleapis.com — Cisco Umbrella Rank: 489
fonts.googleapis.com
246 KB
4 bidswitch.net
x.bidswitch.net
2 KB
4 turn.com
ad.turn.com
r.turn.com
2 KB
4 casalemedia.com
dsum-sec.casalemedia.com
3 KB
4 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 4731
pixel.mathtag.com
3 KB
4 programattik.com
cpm.programattik.com — Cisco Umbrella Rank: 54137
565 B
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 724
2 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 353
aax.amazon-adsystem.com — Cisco Umbrella Rank: 443
61 KB
4 windows.net
pcloak.blob.core.windows.net
3 KB
3 id5-sync.com
id5-sync.com
3 KB
3 inmobi.com
sync.inmobi.com
2 KB
3 travelaudience.com
ads.travelaudience.com
1 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com
2 KB
3 webgains.io
analytics.webgains.io
api.webgains.io
31 KB
3 onetag-sys.com
onetag-sys.com
1010 B
3 openx.net
us-u.openx.net
rtb.openx.net
663 B
3 medialead.de
pv.medialead.de
medialead.de
914 B
3 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 545
image6.pubmatic.com
1 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1518
mp.4dex.io — Cisco Umbrella Rank: 2625
25 KB
2 youtube.com
www.youtube.com
63 KB
2 360yield.com
match.360yield.com
811 B
2 yahoo.com
ups.analytics.yahoo.com
797 B
2 smartadserver.com
ssbsync.smartadserver.com
150 B
2 adtriba.com
d.adtriba.com
757 B
2 w55c.net
pm.w55c.net
2 KB
2 quantserve.com
cms.quantserve.com
796 B
2 tradedoubler.com
impfr.tradedoubler.com
img.tradedoubler.com
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 562
59 KB
2 imgiz.com
c1.imgiz.com — Cisco Umbrella Rank: 101165
131 KB
2 pghub.io
pghub.io — Cisco Umbrella Rank: 1966
feed.pghub.io — Cisco Umbrella Rank: 2626
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170
89 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 12975
6 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
90 KB
2 cloakan.co
www.cloakan.co
1 KB
1 adsrvr.org
match.adsrvr.org
265 B
1 simpli.fi
um.simpli.fi
714 B
1 rfihub.com
p.rfihub.com
755 B
1 ctnsnet.com
gcm.ctnsnet.com
609 B
1 smaato.net
s.ad.smaato.net
438 B
1 webgains.team
cdn.track.production.webgains.team
436 B
1 dotomi.com
dclk-match.dotomi.com
104 B
1 webgains.com
track.webgains.com
2 KB
1 office-partner.de
adv.office-partner.de
931 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57
21 KB
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2185
361 B
0 emxdgt.com Failed
hb.emxdgt.com Failed
375 62
Domain Requested by
41 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
ye-mek.net
40 cdn.ye-mek.net ye-mek.net
cdn.ye-mek.net
39 s0.2mdn.net ye-mek.net
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
pcloak.blob.core.windows.net
cdn.ampproject.org
s0.2mdn.net
36 pagead2.googlesyndication.com static.virgul.com
pagead2.googlesyndication.com
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
pcloak.blob.core.windows.net
www.googletagservices.com
34 tpc.googlesyndication.com 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ye-mek.net
pcloak.blob.core.windows.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
20 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
ye-mek.net
pcloak.blob.core.windows.net
15 securepubads.g.doubleclick.net static.virgul.com
securepubads.g.doubleclick.net
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
ye-mek.net
pcloak.blob.core.windows.net
www.googletagservices.com
13 www.google.com 4 redirects googleads.g.doubleclick.net
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
ye-mek.net
tpc.googlesyndication.com
8 ng.virgul.com static.virgul.com
ye-mek.net
7 www.googletagservices.com 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
googleads.g.doubleclick.net
7 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 static.virgul.com ye-mek.net
static.virgul.com
pcloak.blob.core.windows.net
6 fastlane.rubiconproject.com static.virgul.com
5 sync.1rx.io 5 redirects
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 ib.adnxs.com 2 redirects static.virgul.com
googleads.g.doubleclick.net
4 c1.adform.net 4 redirects
4 googleads4.g.doubleclick.net pcloak.blob.core.windows.net
4 x.bidswitch.net 4 redirects
4 sync.teads.tv 1 redirects googleads.g.doubleclick.net
pcloak.blob.core.windows.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 hal9000.redintelligence.net pcloak.blob.core.windows.net
hal90009.redintelligence.net
4 cpm.programattik.com static.virgul.com
4 ap.lijit.com 3 redirects static.virgul.com
4 pcloak.blob.core.windows.net pcloak.blob.core.windows.net
3 id5-sync.com ye-mek.net
3 sync.inmobi.com 3 redirects
3 ads.travelaudience.com 3 redirects
3 s.tribalfusion.com ye-mek.net
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
3 a.tribalfusion.com 3 redirects
3 sync.targeting.unrulymedia.com 3 redirects
3 onetag-sys.com 3 redirects
3 hal90009.redintelligence.net hal9000.redintelligence.net
hal90009.redintelligence.net
3 tags.mathtag.com googleads.g.doubleclick.net
tags.mathtag.com
3 ng2.virgul.com ye-mek.net
3 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 c.amazon-adsystem.com static.virgul.com
c.amazon-adsystem.com
3 ajax.googleapis.com ye-mek.net
s0.2mdn.net
2 api.webgains.io analytics.webgains.io
2 www.youtube.com s0.2mdn.net
www.youtube.com
2 gum.criteo.com 1 redirects static.criteo.net
2 image6.pubmatic.com 2 redirects
2 match.360yield.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 ssbsync.smartadserver.com 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
2 d.adtriba.com 1 redirects 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
2 pm.w55c.net 2 redirects
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 r.turn.com ye-mek.net
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 us-u.openx.net googleads.g.doubleclick.net
2 pv.medialead.de hal90009.redintelligence.net
googleads.g.doubleclick.net
2 static.criteo.net static.virgul.com
static.criteo.net
2 adx.adform.net static.virgul.com
2 script.4dex.io static.virgul.com
script.4dex.io
2 c1.imgiz.com static.virgul.com
c1.imgiz.com
2 connect.facebook.net ye-mek.net
connect.facebook.net
2 images.dmca.com ye-mek.net
2 www.googletagmanager.com ye-mek.net
adv.office-partner.de
2 ye-mek.net www.cloakan.co
ye-mek.net
2 www.cloakan.co pcloak.blob.core.windows.net
1 mug.criteo.com pcloak.blob.core.windows.net
1 secure.adnxs.com 1 redirects
1 rtb.openx.net 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
1 match.adsrvr.org 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
1 um.simpli.fi 1 redirects
1 p.rfihub.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 cdn.track.production.webgains.team googleads.g.doubleclick.net
1 analytics.webgains.io track.webgains.com
1 dis.criteo.com googleads.g.doubleclick.net
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 fonts.googleapis.com hal90009.redintelligence.net
1 img.tradedoubler.com googleads.g.doubleclick.net
1 impfr.tradedoubler.com 1 redirects
1 medialead.de 1 redirects
1 track.webgains.com pcloak.blob.core.windows.net
1 adv.office-partner.de hal90009.redintelligence.net
1 pixel.mathtag.com tags.mathtag.com
1 imasdk.googleapis.com c1.imgiz.com
1 prebid-server.rubiconproject.com static.virgul.com
1 mp.4dex.io static.virgul.com
1 bidder.criteo.com static.virgul.com
1 a.teads.tv static.virgul.com
1 hbopenbid.pubmatic.com static.virgul.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 feed.pghub.io pghub.io
1 pghub.io static.virgul.com
1 www.google-analytics.com www.googletagmanager.com
1 s7.addthis.com ye-mek.net
0 hb.emxdgt.com Failed static.virgul.com
375 93

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2023-03-22 -
2024-03-22		 a year crt.sh
cpanel.cloakan.co
R3		 2023-05-03 -
2023-08-01		 3 months crt.sh
www.ye-mek.net
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-29 -
2023-07-07		 7 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
1099124734.rsc.cdn77.org
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
images.dmca.com
R3		 2023-05-13 -
2023-08-11		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
*.virgul.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-24 -
2023-09-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-21 -
2023-06-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
*.imgiz.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-27 -
2023-09-09		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.programattik.com
GeoTrust RSA CA 2018		 2022-10-25 -
2023-10-25		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-31 -
2023-08-31		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
redintelligence.net
R3		 2023-06-09 -
2023-09-07		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
adv.office-partner.de
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh
pv.medialead.de
R3		 2023-04-15 -
2023-07-14		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh

This page contains 40 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Frame ID: E29AD37D9009C9AC5490099D8B5E5FD7
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: EC09514750EC3258BC754FFB411E59F2
Requests: 116 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: D74AA52D91FA6C37FDF47251BB8E5872
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html
Frame ID: 4A81305983084BFAD3C35E5CF26DC2FD
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 66B1CAAC09C6E5B53A4C1FD118F0444A
Requests: 1 HTTP requests in this frame

Frame: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 263B424B4FD4C80CDFE0A17C6086F97A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572613988&bpp=3&bdt=939&idt=278&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&nras=1&correlator=6496900150640&frm=24&ife=1&pv=2&ga_vid=285724483.1686572614&ga_sid=1686572614&ga_hid=677360343&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759927%2C44759876%2C44792109%2C31075205%2C44788442&oid=2&pvsid=548481982940284&tmod=1057530013&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.aj9escs46kz6&fsb=1&dtd=290
Frame ID: 05153A0A1B5AD10F66691E375E2405B5
Requests: 1 HTTP requests in this frame

Frame: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 39163622832CEAE8B814E7040CA696AC
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614834&bpp=9&bdt=158&idt=196&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&nras=1&correlator=7725164863994&frm=8&ife=1&pv=2&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.9oa5hwn9571y&fsb=1&dtd=208
Frame ID: DE75EAA15F54EA1A8A9F02F8258F144C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Frame ID: 19B2A8BC07A1C7D65F03B6DABC38B7BF
Requests: 19 HTTP requests in this frame

Frame: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C06D34DA9DA15792B7EECC2633976825
Requests: 19 HTTP requests in this frame

Frame: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 275DD2E9AFB3C6A5592748B78F6CEE1D
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUjtq1ejq9qrpjSRYBXEY_JlMBMVwMiMjSCIC6VMpjhyQAZvqoet0VWDrELli7V2pHcI1HKBUyPODG-kDjLfva207R_j4ZWOqAOd4261rMTA1Q_sOg8tDhzyFNfp9Kc_PyY4ZrQBgEOfwc_LDfcDFboO-vWgwzhjf-crP68xNm7HauQEFc
Frame ID: 62349A922F191C73869E8A3F751BFB8C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCE4EIYv6qy4gEwAQ&v=APEucNVUdX_8dXSsfCR-iVH4lkA4v-33QB1ZsV4zYiQxTmH5g2CtCU3UuBwPNufT1Dia126yKvdQfO9q5Xj0M2DaBSKqZ-e5LD8Lb1bufQmGR_ja-0reXJf9ZxeU7ShJ6pUgVP0zGcmbYdJ_L6rbU7eqg_nbr5102iaWAx3kF6WHJZp0TmQN02Y
Frame ID: 5170C36AD1DDDE863BB52370F1533A6D
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Frame ID: 6E9E3D00C4C3A1990026B6210852FC90
Requests: 17 HTTP requests in this frame

Frame: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C6679A387B761DA23F77AA7D8360F347
Requests: 14 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 3267CE05073825D095BED7DC555ED9DD
Requests: 2 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=31707400070838500951389012353009&t=htlp&gdpr=1&consent=1&gdpr_consent=li
Frame ID: 5FF58990DC99956B7722D709DEA8BB45
Requests: 1 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=31707400070838500951389012353009&a=fd3d4c3d
Frame ID: 06362B2B7590815884CBE11FE3F75D88
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AF1B14F3677F96AC053C2DEE738687D0
Requests: 9 HTTP requests in this frame

Frame: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 81D59D5045A8CBF7321FF78B7446EC03
Requests: 13 HTTP requests in this frame

Frame: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0D1993E620BADDD7D8F515CDBB2D774A
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 47E547D2399ED7E07BA612B814AE6A09
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A0374E05C1120E4DC328BC3ED3991942
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 017B7EE498EC6177B9FF9CEE99A7549F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5E381A8F75D1CC65892E02F97BCF93D4
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
Frame ID: 9A4740CC44C40E52EB506046B87D091E
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2273863C121CA6FE9D03F514A11CAF73
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F67CDFF4EE4215BF90634F60F6A9D849
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0FB2514597B088CC9EE16A515F5475F0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3EA60EEE7EC0DC9D8DA9265F1581231E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FE0A43AE54A6AD5BD443D2D815E44DBF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D6092390597C8AE71690907EA0D38DC7
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
Frame ID: 1267C6469E7668686987603EE471F8DB
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CF0131B05492F3FFD3C6249DA46D5E1A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA948687C9ECFC3B35C92F2C2DA26AD2
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: 2E8FF3D9BC89D925A59EA41BA33F6375
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: B3EA5304E9B40ACAA551DA4E20837054
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E2D57023B0D5F15B73C76E124214B108
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FCF8C2639248703283D04B812A99EDBF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

375
Requests

87 %
HTTPS

34 %
IPv6

62
Domains

93
Subdomains

68
IPs

7
Countries

4534 kB
Transfer

10349 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 175
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=31707400070838500951389012353009&t=htlp&gdpr=1&consent=1&gdpr_consent=li HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=31707400070838500951389012353009&t=htlp&gdpr=1&consent=1&gdpr_consent=li
Request Chain 176
  • https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(31707400070838500951389012353009)704315866 HTTP 302
  • https://img.tradedoubler.com/images/inv.gif
Request Chain 181
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMJySqbbxU73FH4RaWMRlZc&google_cver=1
Request Chain 182
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZIcOSL1YRLGYJiF4.u6X6gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMJySqbbxU73FH4RaWMRlZc&google_cver=1&google_hm=2
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAASuUcGlBFOCldPZHg3kPs&google_cver=1
Request Chain 184
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk3NjQ0OTQzNzMzNDkzNDE3Mw%3D%3D
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBTfZEqwOiXIdv95GmzCd_A&google_cver=1
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOFqQq-O40dxMhFI-4D3y2w&google_cver=1
Request Chain 211
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENkBPFO_q5aqYiDVYVTnpAU&google_cver=1&google_push=ATf1kGMAmkrzHAR9iwELA3Y8DweqfmJASDLL-HKhQlZ70ul8hhesnUBChBwtzTXR-RzGczpj9MrKrSTLbBRRrPpylHU79vh3sFufcg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODQ3NTUzMjcwODY0MTcxMzA1OA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENkBPFO_q5aqYiDVYVTnpAU&google_cver=1
Request Chain 214
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBrBlF9P0gpxpHL0bSks3mU&google_cver=1&google_push=ATf1kGPuRpIn0dm0neeJbxSf1NvmIVJVIg-fZwr5olANhH85va9PBLUV7DhPN_uV9EykVlrSnFUepAZgJy0LA16SfXL7M3VDEXBZjQ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBrBlF9P0gpxpHL0bSks3mU&google_cver=1&google_push=ATf1kGPuRpIn0dm0neeJbxSf1NvmIVJVIg-fZwr5olANhH85va9PBLUV7DhPN_uV9EykVlrSnFUepAZgJy0LA16SfXL7M3VDEXBZjQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c01wd3RMb3MxUThHQTg1&google_gid=CAESEBrBlF9P0gpxpHL0bSks3mU&google_cver=1&google_push=ATf1kGPuRpIn0dm0neeJbxSf1NvmIVJVIg-fZwr5olANhH85va9PBLUV7DhPN_uV9EykVlrSnFUepAZgJy0LA16SfXL7M3VDEXBZjQ
Request Chain 215
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIGDEjmUPBLKBGCYlRTVF48&google_cver=1&google_push=ATf1kGOyjIHBCLWD8UFssN9EvGwVC0rKdR2GZkh2JPdN_YzbyzZgkEqBcMsjh2ndD-rK_ShN8bfpA44ngvs3UwucOSH2PllILx7_OA HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIGDEjmUPBLKBGCYlRTVF48&google_cver=1&google_push=ATf1kGOyjIHBCLWD8UFssN9EvGwVC0rKdR2GZkh2JPdN_YzbyzZgkEqBcMsjh2ndD-rK_ShN8bfpA44ngvs3UwucOSH2PllILx7_OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOyjIHBCLWD8UFssN9EvGwVC0rKdR2GZkh2JPdN_YzbyzZgkEqBcMsjh2ndD-rK_ShN8bfpA44ngvs3UwucOSH2PllILx7_OA&google_hm=Nf8FLe9xRUCpEYdljULUYw==
Request Chain 217
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMTrvQmgeeWAws32p-RyMtU&google_cver=1&google_push=ATf1kGNve-7c4BLFdX2NuCBamF0wYCc3YhCPTDrLAUSKAZC4mssu5GmyBbdZQ7qe9h0fJaiKt-0bzunz3h5d2QfWj4xCZY6aEunvyQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNve-7c4BLFdX2NuCBamF0wYCc3YhCPTDrLAUSKAZC4mssu5GmyBbdZQ7qe9h0fJaiKt-0bzunz3h5d2QfWj4xCZY6aEunvyQ
Request Chain 236
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 264
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202210_es_hunger_dv_pros_347628237&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 267
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECkxzPiNIFqySRJSNwWDEkM&google_cver=1&google_push=ATf1kGOVGwJwrU2Hdc75hEUA7s6ZRX-J8QDhi33SDXhu781qO3bAXYNZPwrqPtzafVfJghqV7Cy4fr45IMGz2z5wKd1CS5q_KVc6Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOVGwJwrU2Hdc75hEUA7s6ZRX-J8QDhi33SDXhu781qO3bAXYNZPwrqPtzafVfJghqV7Cy4fr45IMGz2z5wKd1CS5q_KVc6Ag&google_hm=-UpnHDZCa2I4dDV4K-4QrQ
Request Chain 268
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN7Q5MrWpm__RwVD-UvmJN0&google_cver=1&google_push=ATf1kGPgMzG4eejUYLzhqJpMEy27we0WcAiv2CBcsI_iAfCSLjDgFyAg2ui5oMUrAoVeoS7xtuk7i34aXJVT25slN1GS3ZC7QGJB HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN7Q5MrWpm__RwVD-UvmJN0&google_cver=1&google_push=ATf1kGPgMzG4eejUYLzhqJpMEy27we0WcAiv2CBcsI_iAfCSLjDgFyAg2ui5oMUrAoVeoS7xtuk7i34aXJVT25slN1GS3ZC7QGJB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE4MTM0MTkxNjc1OTc0OTY3Ng&google_push=ATf1kGPgMzG4eejUYLzhqJpMEy27we0WcAiv2CBcsI_iAfCSLjDgFyAg2ui5oMUrAoVeoS7xtuk7i34aXJVT25slN1GS3ZC7QGJB
Request Chain 269
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA9HosoRPP7nBVpln5ihCA8&google_cver=1&google_push=ATf1kGO_y2bzqKNzuF1tuKzmCR2nQuksozcFLdvnmZWLkac-d8udmBtWfpGaOBGKnawPXG8vSbYCmHqsLksEfeYaq8UV4rpz77bFEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElTVFNEV0ktMUItQjlRQQ==&google_push=ATf1kGO_y2bzqKNzuF1tuKzmCR2nQuksozcFLdvnmZWLkac-d8udmBtWfpGaOBGKnawPXG8vSbYCmHqsLksEfeYaq8UV4rpz77bFEw
Request Chain 270
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEO3blkK9DUVutkgKeI8Sy4E&google_cver=1&google_push=ATf1kGOY-xo3u1mV0EeGvhrr3Z3lKQG09dZkgKRYZPQobc2Ftqva8J0OI_lA7eD162u80oEBsCBRWpayRAC3t-VngPzuE-vEtTCj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOY-xo3u1mV0EeGvhrr3Z3lKQG09dZkgKRYZPQobc2Ftqva8J0OI_lA7eD162u80oEBsCBRWpayRAC3t-VngPzuE-vEtTCj
Request Chain 271
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMTrvQmgeeWAws32p-RyMtU&google_cver=1&google_push=ATf1kGNBZ3sFdUIP6QKWgO_JREWxyvBbBTgYWcQ5uzhWu_DBnchAHgSVqeHiXLz_qC862zKJyW6v5H5qg2IyP6XY3HsosnOIj18DRg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNBZ3sFdUIP6QKWgO_JREWxyvBbBTgYWcQ5uzhWu_DBnchAHgSVqeHiXLz_qC862zKJyW6v5H5qg2IyP6XY3HsosnOIj18DRg
Request Chain 272
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPoluLuRewp3t_ZHV4nyq7Q&google_cver=1&google_push=ATf1kGPX8v66O2_xrezhsi_IWkiTn8GyHZwKQ546JR2vNXpCl1SWVSk6Iiz7U2qJy7DFp1QQ05QKA480Av9CofiDFbQypLubkkFMeg HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGPX8v66O2_xrezhsi_IWkiTn8GyHZwKQ546JR2vNXpCl1SWVSk6Iiz7U2qJy7DFp1QQ05QKA480Av9CofiDFbQypLubkkFMeg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1686572616802 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-53b9ccea-a419-44c2-83a3-61e45c1d27d9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGPX8v66O2_xrezhsi_IWkiTn8GyHZwKQ546JR2vNXpCl1SWVSk6Iiz7U2qJy7DFp1QQ05QKA480Av9CofiDFbQypLubkkFMeg%26google_hm%3DA1O5zOqkGUTCg6Nh5FwdJ9k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPX8v66O2_xrezhsi_IWkiTn8GyHZwKQ546JR2vNXpCl1SWVSk6Iiz7U2qJy7DFp1QQ05QKA480Av9CofiDFbQypLubkkFMeg&google_hm=A1O5zOqkGUTCg6Nh5FwdJ9k
Request Chain 276
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENkBPFO_q5aqYiDVYVTnpAU&google_cver=1&google_push=ATf1kGP0uacxo1ULA6G6WcLD0iql7rIzOJtIPw3htilah1tPiw-Q5IVS3jUxu5aA-zhSkovSOYLZizVgHPKvl0jjMTMFvcRsps6C HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODQ3NTUzMjcwODY0MTcxMzA1OA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENkBPFO_q5aqYiDVYVTnpAU&google_cver=1
Request Chain 277
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGOxCbx4WvyFcIQN6dSld73O6uPoOBvddhs7K-xu4PGex2RSmle3gs3RdNs37ZkniQwLHeDMwEyE-sNnUZb907_iEaBh3og&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOxCbx4WvyFcIQN6dSld73O6uPoOBvddhs7K-xu4PGex2RSmle3gs3RdNs37ZkniQwLHeDMwEyE-sNnUZb907_iEaBh3og%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGOxCbx4WvyFcIQN6dSld73O6uPoOBvddhs7K-xu4PGex2RSmle3gs3RdNs37ZkniQwLHeDMwEyE-sNnUZb907_iEaBh3og&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOxCbx4WvyFcIQN6dSld73O6uPoOBvddhs7K-xu4PGex2RSmle3gs3RdNs37ZkniQwLHeDMwEyE-sNnUZb907_iEaBh3og%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 278
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMcxQumpZZNPJgRviAq_fPo&google_cver=1&google_push=ATf1kGO82WPNIsBV_uJYzQ8zsoGRxhpCaMOwRpvldmwWAMUWluSlAmvLlJWzVd4TKMinL78QLcO7CXd3Uhxx9d9p3Wjr7p5A_4h9 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=fJ4jgA_SRJeoOR-r0CBhtg2&google_push=ATf1kGO82WPNIsBV_uJYzQ8zsoGRxhpCaMOwRpvldmwWAMUWluSlAmvLlJWzVd4TKMinL78QLcO7CXd3Uhxx9d9p3Wjr7p5A_4h9
Request Chain 279
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHiAFcL83pSKb_QWxB9P7tw&google_cver=1&google_push=ATf1kGOg19Ai76mLk2_8_2X7DsAotNNVNrZLjVYO6wslFFcyM087y7BSiM4jNmcLoTIm-L3xlH5Rt7y37Pjmh2hmH1oszNsbSfLC HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHiAFcL83pSKb_QWxB9P7tw&google_cver=1&google_push=ATf1kGOg19Ai76mLk2_8_2X7DsAotNNVNrZLjVYO6wslFFcyM087y7BSiM4jNmcLoTIm-L3xlH5Rt7y37Pjmh2hmH1oszNsbSfLC&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOg19Ai76mLk2_8_2X7DsAotNNVNrZLjVYO6wslFFcyM087y7BSiM4jNmcLoTIm-L3xlH5Rt7y37Pjmh2hmH1oszNsbSfLC&google_hm=GzanvGZHTWdq7QrzTCmW8zZd
Request Chain 280
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMTrvQmgeeWAws32p-RyMtU&google_cver=1&google_push=ATf1kGM8M7Xv0XMi4-jPs4nykkMPTSn25xxinYTenkEKU9IuyWRZXmR29WWIcbgZvZzCiEny8vSQt8dFnt0Bad0DKy8KUUjsmk3O HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGM8M7Xv0XMi4-jPs4nykkMPTSn25xxinYTenkEKU9IuyWRZXmR29WWIcbgZvZzCiEny8vSQt8dFnt0Bad0DKy8KUUjsmk3O
Request Chain 281
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIG65DxU6W33J3seL-8pr70&google_cver=1&google_push=ATf1kGNqa5tSRGyX2FPkBMJ790NgfP6GhHmyMOJKgGPFxsuYD3zlGAuPfZrNUmugvz4OntMU2AJbm6OmW2VZ02qAtWosGktNr5MDRg HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIG65DxU6W33J3seL-8pr70&google_cver=1&google_push=ATf1kGNqa5tSRGyX2FPkBMJ790NgfP6GhHmyMOJKgGPFxsuYD3zlGAuPfZrNUmugvz4OntMU2AJbm6OmW2VZ02qAtWosGktNr5MDRg&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS16RlB0cXYxRTJ1RWhoLk11aGFzcExvSVJndlo2QkExan5B&google_push=ATf1kGNqa5tSRGyX2FPkBMJ790NgfP6GhHmyMOJKgGPFxsuYD3zlGAuPfZrNUmugvz4OntMU2AJbm6OmW2VZ02qAtWosGktNr5MDRg
Request Chain 282
  • https://sync.inmobi.com/gob?google_gid=CAESEPQh1YZzy9Qz_lEML_aLJS8&google_cver=1&google_push=ATf1kGMn1BiZdER7TepFCXxDII2kBfSf_lokTVib2dKlgpg_nPTk00e6L1XVX2XxEDE0_P4AfLbf4Cfq_kOqqRhd5ydSQ7uOuHjcnQ HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMn1BiZdER7TepFCXxDII2kBfSf_lokTVib2dKlgpg_nPTk00e6L1XVX2XxEDE0_P4AfLbf4Cfq_kOqqRhd5ydSQ7uOuHjcnQ
Request Chain 284
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGO1ygH4-nGOgCTsTYMkXcUOaHpLE0sI9ts_7-FR8vPK8hPK13TfKCZy6llGOabEs1utfeV1t8vfVkRK7mxd65erydJS4yI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO1ygH4-nGOgCTsTYMkXcUOaHpLE0sI9ts_7-FR8vPK8hPK13TfKCZy6llGOabEs1utfeV1t8vfVkRK7mxd65erydJS4yI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGO1ygH4-nGOgCTsTYMkXcUOaHpLE0sI9ts_7-FR8vPK8hPK13TfKCZy6llGOabEs1utfeV1t8vfVkRK7mxd65erydJS4yI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO1ygH4-nGOgCTsTYMkXcUOaHpLE0sI9ts_7-FR8vPK8hPK13TfKCZy6llGOabEs1utfeV1t8vfVkRK7mxd65erydJS4yI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 285
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEN8JfJBvdWota7VACBlP0go&google_cver=1&google_push=ATf1kGOIUFCTZwmVszb-8pvJfSOk8v1_3VEQgg_S9zzw6HpJI4var5yW74xrpr_hwbu4BNeIUSd2H_jIw0ISM4A5y9cXrey-2Mk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGOIUFCTZwmVszb-8pvJfSOk8v1_3VEQgg_S9zzw6HpJI4var5yW74xrpr_hwbu4BNeIUSd2H_jIw0ISM4A5y9cXrey-2Mk&google_hm=NJiJM9S1TLmL-_labj8J7YM
Request Chain 286
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMcxQumpZZNPJgRviAq_fPo&google_cver=1&google_push=ATf1kGNqil8KVkJ5iuTnTvvqSfshxz0zJ7NPvGiMOoeihyoH-TkSMfdT7itNwdppxwST8rGsivcSnK_gvrywUJw7PaNemoNcQwgM HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=r2WyuPTqRtmu9836XnSNXw2&google_push=ATf1kGNqil8KVkJ5iuTnTvvqSfshxz0zJ7NPvGiMOoeihyoH-TkSMfdT7itNwdppxwST8rGsivcSnK_gvrywUJw7PaNemoNcQwgM
Request Chain 287
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIGDEjmUPBLKBGCYlRTVF48&google_cver=1&google_push=ATf1kGPCdBUEAVvjql3oRgJ3Gcvc3many9cjwZVmGq1p-ah21butVOqmyCygyF_nyanQ6ZZvHT1VuAVMUp_VXFJMSDOKkOhokDxX HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685628058804016&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPCdBUEAVvjql3oRgJ3Gcvc3many9cjwZVmGq1p-ah21butVOqmyCygyF_nyanQ6ZZvHT1VuAVMUp_VXFJMSDOKkOhokDxX&google_hm=Nf8FLe9xRUCpEYdljULUYw==
Request Chain 288
  • https://match.360yield.com/match/ebda?google_gid=CAESEBVtUH8S2gqba7A48XRkVjk&google_cver=1&google_push=ATf1kGPX07HxUihbkmA1L4V5pnRySA52LWz27LbbAqQ7PclNjj-GhMnRuokuvsBPbXVmG_hwp18pMwi1FzSqbhJ0gPxzOk-fmP0_ HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBVtUH8S2gqba7A48XRkVjk&google_cver=1&google_push=ATf1kGPX07HxUihbkmA1L4V5pnRySA52LWz27LbbAqQ7PclNjj-GhMnRuokuvsBPbXVmG_hwp18pMwi1FzSqbhJ0gPxzOk-fmP0_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=wW_RqhNcTRuAVIHjNolQ-g&google_push=ATf1kGPX07HxUihbkmA1L4V5pnRySA52LWz27LbbAqQ7PclNjj-GhMnRuokuvsBPbXVmG_hwp18pMwi1FzSqbhJ0gPxzOk-fmP0_
Request Chain 289
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPoluLuRewp3t_ZHV4nyq7Q&google_cver=1&google_push=ATf1kGPCxo3WoeT1NYXBmrz44fbM-XhpUK25v6Op-X8u3ijmJiHeNM4QvRFQp0NfSHuoWujcgvWJnHE3ts8kEkHQcl1DvRl9248z HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGPCxo3WoeT1NYXBmrz44fbM-XhpUK25v6Op-X8u3ijmJiHeNM4QvRFQp0NfSHuoWujcgvWJnHE3ts8kEkHQcl1DvRl9248z&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1686572616801 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-53b9ccea-a419-44c2-83a3-61e45c1d27d9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGPCxo3WoeT1NYXBmrz44fbM-XhpUK25v6Op-X8u3ijmJiHeNM4QvRFQp0NfSHuoWujcgvWJnHE3ts8kEkHQcl1DvRl9248z%26google_hm%3DA1O5zOqkGUTCg6Nh5FwdJ9k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPCxo3WoeT1NYXBmrz44fbM-XhpUK25v6Op-X8u3ijmJiHeNM4QvRFQp0NfSHuoWujcgvWJnHE3ts8kEkHQcl1DvRl9248z&google_hm=A1O5zOqkGUTCg6Nh5FwdJ9k
Request Chain 290
  • https://sync.inmobi.com/gob?google_gid=CAESEPQh1YZzy9Qz_lEML_aLJS8&google_cver=1&google_push=ATf1kGO8e2cxsj4O0d5LuW4mUiSLtZUwO-fWOYNZckrRZgkJl0q8c1WPX4ZUQpyTdBkpYsnY0zdI185xHp2Aapbq18ZzWOCFcc7TYQ HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGO8e2cxsj4O0d5LuW4mUiSLtZUwO-fWOYNZckrRZgkJl0q8c1WPX4ZUQpyTdBkpYsnY0zdI185xHp2Aapbq18ZzWOCFcc7TYQ
Request Chain 305
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 307
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGNHg-8CFIcoCyOKCUHTRPOcTU4oMfgslZPdVs_cHnexmpg2oL82qyOWd9pms4Ek0n43fRJLbbJOOAfjpvJ71vHp9-F_sRpP&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNHg-8CFIcoCyOKCUHTRPOcTU4oMfgslZPdVs_cHnexmpg2oL82qyOWd9pms4Ek0n43fRJLbbJOOAfjpvJ71vHp9-F_sRpP%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGNHg-8CFIcoCyOKCUHTRPOcTU4oMfgslZPdVs_cHnexmpg2oL82qyOWd9pms4Ek0n43fRJLbbJOOAfjpvJ71vHp9-F_sRpP&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNHg-8CFIcoCyOKCUHTRPOcTU4oMfgslZPdVs_cHnexmpg2oL82qyOWd9pms4Ek0n43fRJLbbJOOAfjpvJ71vHp9-F_sRpP%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 308
  • https://um.simpli.fi/gp_match?google_gid=CAESELgB5ZIXQSeUTjKedJQ9RyA&google_cver=1&google_push=ATf1kGOMJXhJru0r7Zdh8UBTi7kvtq9KJzfvaPYHbH2ZfOkQw0KYio9lINwe8_VpwkOtyNR52MavBdgu2YsZjNsbHoL5L9wgiutP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EE246F487F2042A78EF98B8728CECC19&google_push=ATf1kGOMJXhJru0r7Zdh8UBTi7kvtq9KJzfvaPYHbH2ZfOkQw0KYio9lINwe8_VpwkOtyNR52MavBdgu2YsZjNsbHoL5L9wgiutP
Request Chain 310
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN7Q5MrWpm__RwVD-UvmJN0&google_cver=1&google_push=ATf1kGPFajOIFOLfpIsXrmcehfWnbs5dpNg1ioVASQNMAns0814ufwCDZBWktw3nA-XkwFFpyiQd0p4ePDdNO7bHYXbUtuj6Ui3_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE4MTM0MTkxNjc1OTc0OTY3Ng&google_push=ATf1kGPFajOIFOLfpIsXrmcehfWnbs5dpNg1ioVASQNMAns0814ufwCDZBWktw3nA-XkwFFpyiQd0p4ePDdNO7bHYXbUtuj6Ui3_
Request Chain 313
  • https://sync.inmobi.com/gob?google_gid=CAESEPQh1YZzy9Qz_lEML_aLJS8&google_cver=1&google_push=ATf1kGOROtICyDbvKEjEe6AX7RBVidlfYM25yHMBS6T1ojAVZb0j7BzG4xWAL0U6YaVFy4e5ePpuHorSYJrdNNcWQ3XN0Z2wV2ASZw HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGOROtICyDbvKEjEe6AX7RBVidlfYM25yHMBS6T1ojAVZb0j7BzG4xWAL0U6YaVFy4e5ePpuHorSYJrdNNcWQ3XN0Z2wV2ASZw
Request Chain 316
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMcxQumpZZNPJgRviAq_fPo&google_cver=1&google_push=ATf1kGPcoHq7goTd53aDOJlKKZ9FgFOQMUImRqo7PKsPskrcRlkCgjc-y-jCtXQkXfywHi_yl3VWhsX09AJb8BQJ-UkbVndK8mxc HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=r2WyuPTqRtmu9836XnSNXw2&google_push=ATf1kGPcoHq7goTd53aDOJlKKZ9FgFOQMUImRqo7PKsPskrcRlkCgjc-y-jCtXQkXfywHi_yl3VWhsX09AJb8BQJ-UkbVndK8mxc
Request Chain 317
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN7Q5MrWpm__RwVD-UvmJN0&google_cver=1&google_push=ATf1kGMZjPakts8d0phG_Pm8RgahJCXhIpZGcY2BaiLedvUZ1ac0e30zCi1iCfoTTSaQTw8ggQaPmpV8vTOV69QMDcqNRLa6o8rf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE4MTM0MTkxNjc1OTc0OTY3Ng&google_push=ATf1kGMZjPakts8d0phG_Pm8RgahJCXhIpZGcY2BaiLedvUZ1ac0e30zCi1iCfoTTSaQTw8ggQaPmpV8vTOV69QMDcqNRLa6o8rf
Request Chain 318
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFA7CFI6Ah3uCeI2flIxbsA&google_cver=1&google_push=ATf1kGOEFlr_nENWfHX6wIf84Fe-01QoxUlmWhk2NZ3L2oAc9ZwKa4Od8ltcFKeBU_eymH_SCLyotB4O5P9mp0Mfd9fY8vn_TTwj HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFA7CFI6Ah3uCeI2flIxbsA&google_cver=1&google_push=ATf1kGOEFlr_nENWfHX6wIf84Fe-01QoxUlmWhk2NZ3L2oAc9ZwKa4Od8ltcFKeBU_eymH_SCLyotB4O5P9mp0Mfd9fY8vn_TTwj&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VdPX6MojQ62L0PIOA9acXA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOEFlr_nENWfHX6wIf84Fe-01QoxUlmWhk2NZ3L2oAc9ZwKa4Od8ltcFKeBU_eymH_SCLyotB4O5P9mp0Mfd9fY8vn_TTwj
Request Chain 319
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHiAFcL83pSKb_QWxB9P7tw&google_cver=1&google_push=ATf1kGNv1ejoTrgyTi0og8RnirkSOxHrW-YzORYkNazjNYzXRHdFTjsIPoRuo5Ira-mbSB-JlKKqQYO3M_QdTpWksFdP-rcaTNJU HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNv1ejoTrgyTi0og8RnirkSOxHrW-YzORYkNazjNYzXRHdFTjsIPoRuo5Ira-mbSB-JlKKqQYO3M_QdTpWksFdP-rcaTNJU&google_hm=GzanvGZHTWdq7QrzTCmW8zZd
Request Chain 320
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPoluLuRewp3t_ZHV4nyq7Q&google_cver=1&google_push=ATf1kGP6h559_WYHSBTk5M1ZNRdGhRmTUF1Kw_smOCAZQTsOTzSQcqdRkGmoJOLMpl60-FlRGuvq2dllH6BQ2XCxZJsHrS_TQuQZ HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-53b9ccea-a419-44c2-83a3-61e45c1d27d9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGP6h559_WYHSBTk5M1ZNRdGhRmTUF1Kw_smOCAZQTsOTzSQcqdRkGmoJOLMpl60-FlRGuvq2dllH6BQ2XCxZJsHrS_TQuQZ%26google_hm%3DA1O5zOqkGUTCg6Nh5FwdJ9k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP6h559_WYHSBTk5M1ZNRdGhRmTUF1Kw_smOCAZQTsOTzSQcqdRkGmoJOLMpl60-FlRGuvq2dllH6BQ2XCxZJsHrS_TQuQZ&google_hm=A1O5zOqkGUTCg6Nh5FwdJ9k
Request Chain 321
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEOYy_BZ8r7Ns5eyABtZ7aI&google_cver=1&google_push=ATf1kGNm4LdzrWF4W7X5EtM5zMF9Rm42bI7jwlc9CpP8wc4QzX4mV1RjY6YCVrtln5vR5ZBlLOdkgiVQR2cAzj0A3oI6grU-UPJgNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGNm4LdzrWF4W7X5EtM5zMF9Rm42bI7jwlc9CpP8wc4QzX4mV1RjY6YCVrtln5vR5ZBlLOdkgiVQR2cAzj0A3oI6grU-UPJgNw HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 322
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFKIQs24-ThhUKClV-oaO-Y&google_cver=1&google_push=ATf1kGM8OBO2gKGQu0W9wNAPLVMNub4L14jIZrCgIx0SOAT8PnN3E_WhF63UoyYY0vjm48FARRlVO3CyHsE8UuO2xK8S1MzKnNKCLQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTk3NjQ0OTQzNzMzNDkzNDE3Mw%3D%3D&google_gid=CAESEFKIQs24-ThhUKClV-oaO-Y&google_cver=1&google_push=ATf1kGM8OBO2gKGQu0W9wNAPLVMNub4L14jIZrCgIx0SOAT8PnN3E_WhF63UoyYY0vjm48FARRlVO3CyHsE8UuO2xK8S1MzKnNKCLQ
Request Chain 325
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 333
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 369
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=TToDy3x5WFhJUktDa0xJTzJvMXFnQVIzRDVKbWZCUk4zOFZ0Q2x2Z25TcXpxZ0g4SWN2eTVxVWRzV1Vwd29PbXZ4cGtKYzBoZ0did2RCRjd3MEo2OUZ6TnhONC85SUQvRWkrZUJlMU5hUlgxY0xHUnNNckxyUm1kS0tNcDZaSnZWMEFkRXlPd2pubFovdER5bXF0bENIZlErYzA2Z1AvaUR0TUF3TmV3RURobW9tRWIyZlhCK2xib2ZhVFg3ajlGQkIrQXZyVDB3bFZjaEg4QUpOOHRXN290ZWJSTUxVNThRcXZWbHZiVkZFdHVkL1podytlVURRUHByQW9qdUIvbUZlQ3NCRWJXSnFlSjNON2FlNlloZlF2QWNLSFN3aHBEajVjeU5DL2t2NXI1RElNQT18&cppv=2

375 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6x69807j0b5.html
pcloak.blob.core.windows.net/web/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
1318
Content-MD5
+Dz/d7Mp2GQfilgWrAkqiw==
Content-Type
text/html
Date
Mon, 12 Jun 2023 12:23:31 GMT
ETag
0x8DB5ED0599CC10C
Last-Modified
Sat, 27 May 2023 16:35:15 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
0664cbfc-401e-003f-4c28-9d8aae000000
x-ms-version
2009-09-19
jquery.min.js
pcloak.blob.core.windows.net/web/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-request-id
0664cc50-401e-003f-1528-9d8aae000000
Date
Mon, 12 Jun 2023 12:23:31 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
cloakan.js
pcloak.blob.core.windows.net/web/ 		308 B
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 12 Jun 2023 12:23:31 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zPiKctHo6j8i1UGOFPpInw==
ETag
0x8DA4D4A263C11C2
Content-Type
text/javascript
x-ms-request-id
0664ccfa-401e-003f-3428-9d8aae000000
x-ms-version
2009-09-19
Content-Length
308
style.css
pcloak.blob.core.windows.net/web/ 		166 B
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/style.css
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 12 Jun 2023 12:23:31 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
9ruAIrm4XHnQO3/sM8J0AQ==
ETag
0x8DA4D4A26527CA0
Content-Type
text/css
x-ms-request-id
0664ccb4-401e-003f-7228-9d8aae000000
x-ms-version
2009-09-19
Content-Length
166
px.php
www.cloakan.co/ 		743 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/px.php?id=6x69807j0b5
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:31 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
404
nv.php
www.cloakan.co/ 		232 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:31 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
112
/
ye-mek.net/ Frame EC09 		76 KB
76 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/
Requested by
Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d01397e6937781e826ccb86a43f1b1ca02e2b31cfbf6072d73690b979bf91ba7

Request headers

Referer
https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
77380
content-type
text/html; charset=utf-8
date
Mon, 12 Jun 2023 12:23:32 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame EC09 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 14:24:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jun 2024 14:24:39 GMT
yemeknet.js
ye-mek.net/js/ Frame EC09 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/js/yemeknet.js?v=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Mon, 12 Jun 2023 12:23:32 GMT
content-encoding
br
last-modified
Tue, 20 Aug 2019 13:15:54 GMT
server
Microsoft-IIS/10.0
etag
"0a144655957d51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=691200
accept-ranges
bytes
content-length
2179
maincss.css
cdn.ye-mek.net/ Frame EC09 		40 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ye-mek.net/maincss.css?v=434
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
4763160
x-accel-date
1681809453
x-77-nzt
AcO1qhElzQn/GK5IAA
x-accel-expires
@1713345453
last-modified
Tue, 24 Nov 2020 00:00:32 GMT
server
CDN77-Turbo
etag
W/"5fbc4d20-9e5b"
x-77-nzt-ray
4c1562245e3ae85e450e876495d39e09
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ Frame EC09 		120 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-38733763-1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cceab971a6189a6e8b63f0e18dc3217355f15f6585392d7954ac5b7dbb0cf111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47599
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Jun 2023 12:23:33 GMT
searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame EC09 		542 B
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4763225
x-accel-date
1681809388
content-length
542
x-77-nzt
AcO1qhEN5In/Wa5IAA
x-accel-expires
@1713345388
last-modified
Sat, 22 Oct 2022 20:00:57 GMT
server
CDN77-Turbo
etag
"63544bf9-21e"
x-77-nzt-ray
4c1562245e3ae85e450e876458def30d
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ara.png
cdn.ye-mek.net/App_UI/Img/ Frame EC09 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4763160
x-accel-date
1681809453
content-length
1651
x-77-nzt
AcO1qhG5Ruv/GK5IAA
x-accel-expires
@1713345453
last-modified
Mon, 14 May 2018 22:41:08 GMT
server
CDN77-Turbo
etag
"5afa1084-673"
x-77-nzt-ray
4c1562245e3ae85e450e87647958d60f
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
arasi-elmali-kek-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame EC09 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/arasi-elmali-kek-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0403acf352d97f4125629cb0d42e156490c93962f561f94d7f3c2f4816c8f415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
51387
x-accel-date
1686521226
content-length
14260
x-77-nzt
AcO1qhEdfDf/u8gAAA
x-accel-expires
@1718057226
last-modified
Sun, 11 Jun 2023 21:40:09 GMT
server
CDN77-Turbo
etag
"64863f39-37b4"
x-77-nzt-ray
4c1562245e3ae85e450e8764113d5310
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
pizza-makarna-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame EC09 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/pizza-makarna-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7205777014978e168136f841b00836b5a9fa6c9dcc0674336483adfa571da005

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
134683
x-accel-date
1686437930
content-length
19078
x-77-nzt
AcO1qhGspIn/Gw4CAA
x-accel-expires
@1717973930
last-modified
Sat, 10 Jun 2023 22:36:00 GMT
server
CDN77-Turbo
etag
"6484fad0-4a86"
x-77-nzt-ray
4c1562245e3ae85e450e876468a05c10
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
balik-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame EC09 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/balik-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
19eb8aa79e13101d907ddd5ef9d291cbc5d166d22b4c4961359e00f452f1621a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
216394
x-accel-date
1686356219
content-length
16229
x-77-nzt
AcO1qhFZmhz/Sk0DAA
x-accel-expires
@1717892219
last-modified
Mon, 05 Jun 2023 20:37:42 GMT
server
CDN77-Turbo
etag
"647e4796-3f65"
x-77-nzt-ray
4c1562245e3ae85e450e87640e066810
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavada-kalcali-but-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame EC09 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/tavada-kalcali-but-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e95ae6bc878c84c98ce8435e7546c02b847773de6053b098709bd28fce89dc0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
305483
x-accel-date
1686267130
content-length
15133
x-77-nzt
AcO1qhG3Jd7/S6kEAA
x-accel-expires
@1717803130
last-modified
Thu, 08 Jun 2023 23:19:39 GMT
server
CDN77-Turbo
etag
"6482620b-3b1d"
x-77-nzt-ray
4c1562245e3ae85e450e87645fa06c10
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tencerede-soslu-tavuk-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/05/ Frame EC09 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/05/tencerede-soslu-tavuk-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e248fc933bd5b08289fa46b3e2629d9d6199a3e711b0d8e109aaf9f57541796d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4763144
x-accel-date
1681809469
content-length
17048
x-77-nzt
AcO1qhEjqlz/CK5IAA
x-accel-expires
@1713345469
last-modified
Sat, 21 May 2022 22:49:52 GMT
server
CDN77-Turbo
etag
"62896c90-4298"
x-77-nzt-ray
4c1562245e3ae85e450e87645f5a7110
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kilis-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame EC09 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/kilis-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a89f7bfa14110d591435cd4944c46084d2eacf435adf24032626b6caebe8738f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4763137
x-accel-date
1681809476
content-length
16352
x-77-nzt
AcO1qhEPU17/Aa5IAA
x-accel-expires
@1713345476
last-modified
Sat, 16 Apr 2022 14:03:03 GMT
server
CDN77-Turbo
etag
"625acc97-3fe0"
x-77-nzt-ray
4c1562245e3ae85e450e876432597310
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuklu-ekmek-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/03/ Frame EC09 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/03/tavuklu-ekmek-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
59641e17cbf2747c31456e5ac08ddd332816ebb6b9fc9273ed4989ef979ca5cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4761543
x-accel-date
1681811070
content-length
12285
x-77-nzt
AcO1qhEpqIr/x6dIAA
x-accel-expires
@1713347070
last-modified
Wed, 01 May 2019 23:13:15 GMT
server
CDN77-Turbo
etag
"5cca280b-2ffd"
x-77-nzt-ray
4c1562245e3ae85e450e87648ab27510
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
soganli-tavuk-sote-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame EC09 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/soganli-tavuk-sote-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6d4b039e13080924553d42c56051ec773abb13dd903a5ea542eb3d23702a821a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4756035
x-accel-date
1681816578
content-length
14064
x-77-nzt
AcO1qhEd7qn/Q5JIAA
x-accel-expires
@1713352578
last-modified
Fri, 21 May 2021 22:11:36 GMT
server
CDN77-Turbo
etag
"60a83018-36f0"
x-77-nzt-ray
4c1562245e3ae85e450e8764ea7c7c10
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
misir-ekmegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/04/ Frame EC09 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/04/misir-ekmegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
63d492638d445ece5c5162c245202c7a7a8db0fcc12c438e020c5128bd2164cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4761604
x-accel-date
1681811009
content-length
11439
x-77-nzt
AcO1qhFk8I//BKhIAA
x-accel-expires
@1713347009
last-modified
Fri, 10 Apr 2020 01:33:58 GMT
server
CDN77-Turbo
etag
"5e8fcd06-2caf"
x-77-nzt-ray
4c1562245e3ae85e450e876462c47e10
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sikicik-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/11/ Frame EC09 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/11/sikicik-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c9f0d58bfa4a06dfe46ca39b3f3aaeafea15acd2b32ecff16df4795806d82da1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4762808
x-accel-date
1681809805
content-length
16008
x-77-nzt
AcO1qhEAzXz/uKxIAA
x-accel-expires
@1713345805
last-modified
Thu, 04 Nov 2021 21:22:00 GMT
server
CDN77-Turbo
etag
"61844ef8-3e88"
x-77-nzt-ray
4c1562245e3ae85e450e8764447b8010
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
saksi-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/08/ Frame EC09 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2013/08/saksi-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
27b521443caa2567c561c9a2bd377929f40cf7fb68113ccbc4b42669c6841e79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4763088
x-accel-date
1681809525
content-length
13931
x-77-nzt
AcO1qhEfAqn/0K1IAA
x-accel-expires
@1713345525
last-modified
Wed, 01 May 2019 22:17:07 GMT
server
CDN77-Turbo
etag
"5cca1ae3-366b"
x-77-nzt-ray
4c1562245e3ae85e450e876479d4b010
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tas-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/10/ Frame EC09 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/10/tas-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4761662
x-accel-date
1681810951
content-length
10807
x-77-nzt
AcO1qhGn1I3/PqhIAA
x-accel-expires
@1713346951
last-modified
Wed, 01 May 2019 23:24:41 GMT
server
CDN77-Turbo
etag
"5cca2ab9-2a37"
x-77-nzt-ray
4c1562245e3ae85e450e876429b7b310
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-porsiyon-musakka-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame EC09 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/firinda-porsiyon-musakka-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9edb23e141fe20aa066d445f9933b24561e461ab1f90a02d40dd2027023a94cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4763055
x-accel-date
1681809558
content-length
17964
x-77-nzt
AcO1qhEtaFv/r61IAA
x-accel-expires
@1713345558
last-modified
Thu, 14 May 2020 23:54:34 GMT
server
CDN77-Turbo
etag
"5ebdda3a-462c"
x-77-nzt-ray
4c1562245e3ae85e450e876477dfb610
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cokertme-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/07/ Frame EC09 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2013/07/cokertme-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
de828c1de3b057a2132f7e790523411695d4c0189b0eaeb5f0f4f3d92462a540

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4760712
x-accel-date
1681811901
content-length
15954
x-77-nzt
AcO1qhEeAYT/iKRIAA
x-accel-expires
@1713347901
last-modified
Wed, 01 May 2019 22:16:47 GMT
server
CDN77-Turbo
etag
"5cca1acf-3e52"
x-77-nzt-ray
4c1562245e3ae85e450e8764f93bb910
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kofteli-patates-dizmesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame EC09 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/kofteli-patates-dizmesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
089371c2d0c637c172d5af2ba670a229c49df18790fa29a8c9a3d4af7796f2c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4762847
x-accel-date
1681809766
content-length
16315
x-77-nzt
AcO1qhFTrhr/36xIAA
x-accel-expires
@1713345766
last-modified
Fri, 22 May 2020 22:51:08 GMT
server
CDN77-Turbo
etag
"5ec8575c-3fbb"
x-77-nzt-ray
4c1562245e3ae85e450e8764fbd5bb10
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavada-domates-soslu-kofte-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame EC09 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/tavada-domates-soslu-kofte-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6ce801c9b5a18d6e9a2b6914f7fcbb927cacf7199e21c2318ac42e594102e2a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4760930
x-accel-date
1681811683
content-length
14222
x-77-nzt
AcO1qhEWYaH/YqVIAA
x-accel-expires
@1713347683
last-modified
Thu, 07 Apr 2022 21:23:55 GMT
server
CDN77-Turbo
etag
"624f566b-378e"
x-77-nzt-ray
4c1562245e3ae85e450e87648d20be10
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tencerede-tavuk-pirzola-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/02/ Frame EC09 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/02/tencerede-tavuk-pirzola-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9aa15f3d270011a0d81029fc96091ebec29d9cd93a32ffb12eda6e0db7649665

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4762709
x-accel-date
1681809904
content-length
13004
x-77-nzt
AcO1qhGbDzT/VaxIAA
x-accel-expires
@1713345904
last-modified
Sun, 21 Feb 2021 23:47:08 GMT
server
CDN77-Turbo
etag
"6032f0fc-32cc"
x-77-nzt-ray
4c1562245e3ae85e450e87641ea7c010
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuklu-sultan-kebabi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/05/ Frame EC09 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/05/tavuklu-sultan-kebabi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2214a9c42ac416d027c9814595f62b198356d64ee8eebd6cef1ab5ba1def247d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4762751
x-accel-date
1681809862
content-length
11963
x-77-nzt
AcO1qhEM50r/f6xIAA
x-accel-expires
@1713345862
last-modified
Wed, 01 May 2019 22:58:17 GMT
server
CDN77-Turbo
etag
"5cca2489-2ebb"
x-77-nzt-ray
4c1562245e3ae85e450e8764a44fc210
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuklu-tas-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame EC09 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/tavuklu-tas-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5c43ed02f9d0a2a773e7f13c481df34f9de77c425c368f5cb3398d7e67152e68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4762847
x-accel-date
1681809766
content-length
14751
x-77-nzt
AcO1qhEQ4Br/36xIAA
x-accel-expires
@1713345766
last-modified
Wed, 05 May 2021 00:03:16 GMT
server
CDN77-Turbo
etag
"6091e0c4-399f"
x-77-nzt-ray
4c1562245e3ae85e450e8764ef16c410
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavada-tavuk-sis-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2014/07/ Frame EC09 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2014/07/tavada-tavuk-sis-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4bff962fb085bc7a7d81b7a59a2dceb2a6dd7f44a6d25af7040fd62f86393a05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4762847
x-accel-date
1681809766
content-length
15765
x-77-nzt
AcO1qhFni/v/36xIAA
x-accel-expires
@1713345766
last-modified
Wed, 01 May 2019 22:26:43 GMT
server
CDN77-Turbo
etag
"5cca1d23-3d95"
x-77-nzt-ray
4c1562245e3ae85e450e8764572ac610
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
mercimekli-pirasa-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame EC09 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/mercimekli-pirasa-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0d8812f5547b313d30ae9c9b712b8fc50eafb19ab00a1658b484a35de8f78fba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4762073
x-accel-date
1681810540
content-length
17093
x-77-nzt
AcO1qhH7ggP/2alIAA
x-accel-expires
@1713346540
last-modified
Sun, 05 Mar 2023 21:20:02 GMT
server
CDN77-Turbo
etag
"64050782-42c5"
x-77-nzt-ray
4c1562245e3ae85e450e87644a29dd11
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
semizotu-borani-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/06/ Frame EC09 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/06/semizotu-borani-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3a0fad2a356f8d50d02af3a5886e30e159cfa1474984f6fa5ae08d4639e9897f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4762289
x-accel-date
1681810324
content-length
17623
x-77-nzt
AcO1qhF9Z5X/sapIAA
x-accel-expires
@1713346324
last-modified
Fri, 03 Jun 2022 22:23:16 GMT
server
CDN77-Turbo
etag
"629a89d4-44d7"
x-77-nzt-ray
4c1562245e3ae85e450e87642977e111
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-tavuk-pirzola-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/06/ Frame EC09 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/06/firinda-tavuk-pirzola-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
09d46eb1397a55833670832dcac4edf7f7e1d2b170b3eb7c11557cadcfe0a784

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4761676
x-accel-date
1681810937
content-length
12609
x-77-nzt
AcO1qhEN0FH/TKhIAA
x-accel-expires
@1713346937
last-modified
Wed, 01 May 2019 23:19:17 GMT
server
CDN77-Turbo
etag
"5cca2975-3141"
x-77-nzt-ray
4c1562245e3ae85e450e8764d90ae411
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
mastave-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/01/ Frame EC09 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/01/mastave-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ec5725d4053198fbf31e6d9122e875de3dc5434a7f80748fb848704caf82b322

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
134683
x-accel-date
1686437930
content-length
13465
x-77-nzt
AcO1qhGyi6v/Gw4CAA
x-accel-expires
@1717973930
last-modified
Thu, 16 Jan 2020 13:07:50 GMT
server
CDN77-Turbo
etag
"5e206026-3499"
x-77-nzt-ray
4c1562245e3ae85e450e876467a3e911
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
karamelize-soganli-corba-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/06/ Frame EC09 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/06/karamelize-soganli-corba-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
96da7cbd165c265c74e140817dda609aab677ad3738efac98ce863665dc3512b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4760498
x-accel-date
1681812115
content-length
10908
x-77-nzt
AcO1qhHoUIH/sqNIAA
x-accel-expires
@1713348115
last-modified
Sat, 04 Jun 2022 21:55:07 GMT
server
CDN77-Turbo
etag
"629bd4bb-2a9c"
x-77-nzt-ray
4c1562245e3ae85e450e87648f5fec11
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
anadolu-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame EC09 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/anadolu-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1c67a7d5bd4eeea4dac61fdb402693f5ecce11630369d396bd6ec60516bda492

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4762641
x-accel-date
1681809972
content-length
14404
x-77-nzt
AcO1qhF5AKn/EaxIAA
x-accel-expires
@1713345972
last-modified
Tue, 01 Dec 2020 00:12:50 GMT
server
CDN77-Turbo
etag
"5fc58a82-3844"
x-77-nzt-ray
4c1562245e3ae85e450e8764c2efee11
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
balkabagi-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/11/ Frame EC09 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2015/11/balkabagi-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
37696e118071c7484a8001f32a4e80edaab20322d5c8ae8e2b1f48a1c45baad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4757930
x-accel-date
1681814683
content-length
13941
x-77-nzt
AcO1qhHoOuH/qplIAA
x-accel-expires
@1713350683
last-modified
Wed, 01 May 2019 22:51:05 GMT
server
CDN77-Turbo
etag
"5cca22d9-3675"
x-77-nzt-ray
4c1562245e3ae85e450e87647ce9f211
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
havuc-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/03/ Frame EC09 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/03/havuc-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c682503cceca1b904b22355c3303d0065985fd83992209d6d65f1ca4546033b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4762338
x-accel-date
1681810275
content-length
9583
x-77-nzt
AcO1qhGNkff/4qpIAA
x-accel-expires
@1713346275
last-modified
Mon, 15 Mar 2021 00:48:39 GMT
server
CDN77-Turbo
etag
"604eaee7-256f"
x-77-nzt-ray
4c1562245e3ae85e450e8764f112f911
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
iki-renkli-sutlu-irmik-tatlisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/06/ Frame EC09 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/06/iki-renkli-sutlu-irmik-tatlisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1223d352430065cc6ee6ecfe6c3ed6e1e4b2f5714817dcf8967ffca08f192c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4761252
x-accel-date
1681811361
content-length
15229
x-77-nzt
AcO1qhEnyr3/pKZIAA
x-accel-expires
@1713347361
last-modified
Thu, 11 Jun 2020 22:59:34 GMT
server
CDN77-Turbo
etag
"5ee2b756-3b7d"
x-77-nzt-ray
4c1562245e3ae85e450e876463a5fb11
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
hashasli-irmik-tatlisi-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/04/ Frame EC09 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/04/hashasli-irmik-tatlisi-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
24762ab428a6fcf11ff285c267ba773b0a63638dcee78a5cc3ea8406f092ad58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4762696
x-accel-date
1681809917
content-length
10514
x-77-nzt
AcO1qhFjnkf/SKxIAA
x-accel-expires
@1713345917
last-modified
Wed, 01 May 2019 23:16:07 GMT
server
CDN77-Turbo
etag
"5cca28b7-2912"
x-77-nzt-ray
4c1562245e3ae85e450e8764bd130412
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
biskuvili-yas-pasta-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/10/ Frame EC09 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2015/10/biskuvili-yas-pasta-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
25a120a3830417d169351a3985042dc4bcf6e490fbbe75794190d73794836ebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4758835
x-accel-date
1681813778
content-length
13265
x-77-nzt
AcO1qhEPq0z/M51IAA
x-accel-expires
@1713349778
last-modified
Wed, 01 May 2019 22:49:27 GMT
server
CDN77-Turbo
etag
"5cca2277-33d1"
x-77-nzt-ray
4c1562245e3ae85e450e87641d7eae12
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
yaz-helvasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/06/ Frame EC09 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/06/yaz-helvasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4532ed97c8ec16da3c9275a5345ba6406647074a9c078e609aa9f56c1a40f76b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4762339
x-accel-date
1681810274
content-length
13981
x-77-nzt
AcO1qhH4/Xn/46pIAA
x-accel-expires
@1713346274
last-modified
Mon, 08 Jun 2020 21:41:02 GMT
server
CDN77-Turbo
etag
"5edeb06e-369d"
x-77-nzt-ray
4c1562245e3ae85e450e87649a1a5e13
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
uskup-boregi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/08/ Frame EC09 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/08/uskup-boregi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
75f2b3e1739c7ed8ee367a6990d7f5abdb0fd1040724273ee5a5f87489a41228

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4761556
x-accel-date
1681811057
content-length
12833
x-77-nzt
AcO1qhEn6Qj/1KdIAA
x-accel-expires
@1713347057
last-modified
Sun, 23 Aug 2020 23:39:16 GMT
server
CDN77-Turbo
etag
"5f42fe24-3221"
x-77-nzt-ray
4c1562245e3ae85e450e8764083b6613
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cilbir-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/05/ Frame EC09 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2013/05/cilbir-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
97831ff1642b67d43154d0b76a95e26b0fd8ec1533c4ba30c37ea1c0bdfb30e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4760481
x-accel-date
1681812132
content-length
12850
x-77-nzt
AcO1qhFNcY//oaNIAA
x-accel-expires
@1713348132
last-modified
Wed, 01 May 2019 22:14:43 GMT
server
CDN77-Turbo
etag
"5cca1a53-3232"
x-77-nzt-ray
4c1562245e3ae85e450e876470f76d13
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavada-ispanakli-kol-boregi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/02/ Frame EC09 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/02/tavada-ispanakli-kol-boregi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
681ab93dd0600e24018acefe10a3a2c960a04646fc477eb45f13088f9a8a65d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4759235
x-accel-date
1681813378
content-length
13911
x-77-nzt
AcO1qhF0b1T/w55IAA
x-accel-expires
@1713349378
last-modified
Wed, 01 May 2019 22:54:06 GMT
server
CDN77-Turbo
etag
"5cca238e-3657"
x-77-nzt-ray
4c1562245e3ae85e450e87641e9a8613
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
avokado-ezmesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/08/ Frame EC09 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/08/avokado-ezmesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d389d4e827b1df5e191df76750ebe767b7d290eaafc03264964e576b11b43cb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4757418
x-accel-date
1681815195
content-length
14366
x-77-nzt
AcO1qhE+ZyP/qpdIAA
x-accel-expires
@1713351195
last-modified
Sun, 16 Aug 2020 22:36:31 GMT
server
CDN77-Turbo
etag
"5f39b4ef-381e"
x-77-nzt-ray
4c1562245e3ae85e450e8764e5968913
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
_dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame EC09 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:33 GMT
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
Microsoft-IIS/10.0
etag
"8ae3cdbd420cc1:0"
x-powered-by
ASP.NET
x-hw
1686572613.cds308.am5.hn,1686572613.cds292.am5.c
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length
5605
addthis_widget.js
s7.addthis.com/js/300/ Frame EC09 		56 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.224.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-224-115.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 12 Jun 2023 12:23:34 GMT
server
Oracle API Gateway
opc-request-id
/AAC94F8E0AB7F1075EDF3ECDFF8391E1/1C037D885C1E158FB1E30E9199AD4142
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block
DMCABadgeHelper.min.js
images.dmca.com/Badges/ Frame EC09 		465 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:33 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
Microsoft-IIS/10.0
etag
"26b181f16d28d51:0"
x-powered-by
ASP.NET
x-hw
1686572613.cds308.am5.hn,1686572613.cds214.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
395
outside.js
static.virgul.com/theme/mockups/adcode/ Frame EC09 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e83a6e6d3b514c443964ced040878fe12d03f326240804355adc29084ed7ca8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:33 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 17:43:14 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
sdk.js
connect.facebook.net/tr_TR/ Frame EC09 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4daf38a37358da6ba33e9260e8381f7d678a26351b7a368bcff17b79f3c38ac5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 12 Jun 2023 12:23:33 GMT
content-md5
oncchR4M4jv4Z8bZt4bdug==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
GBfowuEsOdpUeOyzXWOug5UHKJtTiQ6IyPyxlRn5uAtYcSEYThD+vTPengqf00UqXbiZdUHZlVwcEnxF9bPRcg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
660b0ff00392778a64a9ef5ccdde46c3
cross-origin-opener-policy
same-origin-allow-popups
etag
"b763da2af480ec8db16ff1f5bbed9af2"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:41:24 GMT
sprite_3.png
cdn.ye-mek.net/grafik/ Frame EC09 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by
Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ye-mek.net/maincss.css?v=434
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Jun 2023 12:23:33 GMT
x-cache
HIT
x-77-cache
HIT
x-age
4763160
x-accel-date
1681809453
content-length
21525
x-77-nzt
AcO1qhHo1fz/GK5IAA
x-accel-expires
@1713345453
last-modified
Mon, 14 May 2018 20:55:05 GMT
server
CDN77-Turbo
etag
"5af9f7a9-5415"
x-77-nzt-ray
4c1562245e3ae85e450e876477ef9013
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sdk.js
connect.facebook.net/tr_TR/ Frame EC09 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js?hash=e2416d457abff81aa3341f734e2f9c36
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ffc2b5053becd181a15bf01a1cb3b959ca9e406a6557db62579dacd96defb5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 12 Jun 2023 12:23:33 GMT
content-md5
wN2g+3+E4mmCwELEbVqrBQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88757
x-fb-rlafr
0
x-fb-debug
nUEpEpicWLYWXAvnBDwTbdWyDhSw5rwUUmdAE4kqN6awMtPyiFg87O9fiO1gySspcfTMv4AM+Gw7MzOJhkbpPA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
cef0adef4312265bee2ca10d4d5458de
cross-origin-opener-policy
same-origin-allow-popups
etag
"80d06e60beb21f89ee49cbd4776f5720"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 11 Jun 2024 10:22:42 GMT
analytics.js
www.google-analytics.com/ Frame EC09 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 12 Jun 2023 10:35:27 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
6486
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 12 Jun 2023 12:35:27 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame EC09 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dabf9aaccb56f50059e983ef701b4c4f0199fe9ebcc57b2c0c74b5960c87711
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25546
x-xss-protection
0
server
cafe
etag
259 / 19520 / 31075166 / config-hash: 18223134292049318635
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:23:33 GMT
ads.js
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame EC09 		120 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:33 GMT
last-modified
Wed, 21 Dec 2022 18:47:42 GMT
server
openresty/1.15.8.3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
120
str.html
static.virgul.com/theme/mockups/outside/ Frame D74A 		891 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=5184000
content-length
891
content-type
text/html
date
Mon, 12 Jun 2023 12:23:33 GMT
last-modified
Wed, 28 Sep 2022 10:07:57 GMT
server
openresty/1.15.8.3
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame EC09 		138 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e94a20d204c5b7a88cabbb14a268a7032581384fce94211e9213db730dc8551
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47872
x-xss-protection
0
server
cafe
etag
1417429928597633959
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:23:33 GMT
prebid7.38.0.js
static.virgul.com/theme/mockups/outside/ Frame EC09 		489 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:33 GMT
content-encoding
gzip
last-modified
Mon, 27 Mar 2023 14:56:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
apstag.js
c.amazon-adsystem.com/aax2/ Frame EC09 		235 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b17f4c082b272213f4da075af5c73893db6c70f060c8441ff6e70f7251324ff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:50:50 GMT
content-encoding
gzip
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jun 2023 19:47:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1964
x-amz-server-side-encryption
AES256
etag
W/"22e740da4e2336def33bbd74ea6796a6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
XyEbAkrra-08q7-MwvcekcG1YToQKbYGUEujRSJepWA9jYH283sIvw==
pageview
ng.virgul.com/ Frame EC09 		33 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/pageview?c=site_geneli&mt=1686572613750&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.43504352220595965
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
9bd27faa78313193eed6415c1364d42285bdfb16d79e5531190e2a04a7f49bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:33 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
yemek_net.js
static.virgul.com/theme/mockups/fallback/ Frame EC09 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19520
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:33 GMT
content-encoding
gzip
last-modified
Wed, 31 May 2023 14:14:23 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
hb
ng.virgul.com/ Frame EC09 		49 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=468492
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
8b94c4b099000cda49ad143f948373d5485f91decba08a0bd3eb455c9d0ab6b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:33 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
cache-control
max-age=3600
access-control-allow-credentials
true
config
c.amazon-adsystem.com/cdn/prod/ Frame EC09 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 09:18:34 GMT
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
11099
x-cache
Hit from cloudfront
access-control-allow-origin
https://ye-mek.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
XPqyxe1bdWk8ScGXwcbj9miOUKdVPsKaaT6ARAm7iktPKq_IQaJUxA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame EC09 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding
gzip
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
date
Mon, 12 Jun 2023 05:44:40 GMT
x-amz-cf-pop
FRA56-P6
age
23937
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 26 May 2023 01:35:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
AoR1LwS6AREOQBlpGU4NSD3_sYWLjORWAHP2sugEalpO1AFBTY22AA==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/ Frame EC09 		404 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efa58e6c55e790f1c83deaa0e2b30bb1a075acc2ed6ec0f50f928c0d42dbc472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 16:36:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
71228
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127703
x-xss-protection
0
server
cafe
etag
12901696529074996400
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 10 Jun 2024 16:36:25 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/ Frame EC09 		352 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31075205
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cb597de905c1c182df5bca289de9ce34f87d064d97860c3378a7d8fae736ab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120871
x-xss-protection
0
server
cafe
etag
5857149368620128679
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:23:34 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/ Frame 4A81 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230607/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62936
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Jun 2023 18:54:38 GMT
etag
15057649708203361565
expires
Sun, 25 Jun 2023 18:54:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
empowerwebplayer3.js
static.virgul.com/theme/mockups/outside/ Frame EC09 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
35b21209877b5b74adcb3a1bd21f8fd45a5ee0ea13d754f7d69bad34147800bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:34 GMT
content-encoding
gzip
last-modified
Mon, 05 Jun 2023 18:40:24 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
yemek_net.js
static.virgul.com/theme/mockups/sites/ Frame EC09 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=468492
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:34 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 09:08:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
pandg-sdk.js
pghub.io/js/ Frame EC09 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:46:24 GMT
content-encoding
gzip
age
2230
x-guploader-uploadid
ADPycdtkuCZFQsauy0lvLGaxT4NlnX5ifuc92yKX3aQ6SRacjpLzrB5CCEsOb03mdIv_R-0WmggZkxetdY_SONeqvyWNGD_K-NJ6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5009
last-modified
Mon, 05 Jun 2023 16:36:50 GMT
server
UploadServer
etag
"47a886353056caf33a998c6041e20896"
vary
Accept-Encoding
x-goog-generation
1685983010517890
x-goog-hash
crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
5009
accept-ranges
bytes
content-type
application/javascript
zoneview
ng.virgul.com/ Frame EC09 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1686572614021&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.8976301477310766
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 12 Jun 2023 12:23:34 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
NoktaNpmPlayerApi.js
c1.imgiz.com/player_others/html5/ Frame EC09 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19520
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:34 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 11:58:21 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Mon, 19 Jun 2023 12:23:34 GMT
zoneview
ng.virgul.com/ Frame EC09 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1686572614086&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.7342129867533618
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 12 Jun 2023 12:23:34 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
tag
feed.pghub.io/ Frame 66B1 		13 B
257 B 		Document
General
Check archive.org
Download Go to
Full URL
https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Mon, 12 Jun 2023 12:23:34 GMT
strict-transport-security
max-age=31536000
via
1.1 google
localstore.js
script.4dex.io/ Frame EC09 		483 B
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:23:34 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Tue, 06 Jun 2023 12:52:55 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
239408
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8cuxn92Cw2gIyXq38Pu2WnfsCUwjoYUWOWXNLYTD1d6VtkEYgZGUDWqcEXK6Q%2B0g6T8XUXvxCxlqxsVIhb00Sm%2F7eIMvQaY%2FU6o65Wdv8XRAbUhhHznZa8JRMYNxl6V2qNEeWqjS6xlyv3r"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7d6210d66db9997a-FRA
bid
aax.amazon-adsystem.com/e/dtb/ Frame EC09 		23 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=WQw6DwnvbSIIM&cb=0&ws=1600x1200&v=23.605.2213&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:34 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
P8QXCZD2BG3D0NDRKEMX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
HYZvkvXT_eFFohxqYfRMYA0TiOLcuiO8mF2yMHcK6_SpQwjaAvy10w==
integrator.js
adservice.google.com/adsid/ Frame EC09 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame EC09 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=548481982940284&correlator=3019187971949593&eid=31073863%2C31075062%2C31075063%2C31075166&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686572613750%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet48545b5c89324b089bc2e71e7fbad8fa&sc=1&cdm=ye-mek.net&abxe=1&dt=1686572614139&lmt=1686572614&dlt=1686572613049&idt=1052&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=z65tg02vk6ks&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=285724483.1686572614&ga_sid=1686572614&ga_hid=677360343&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b63a58867ee310ab9e72e6afd83cd36a2c8cd0684e9b6d772d6eb122ae8d71b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11527
x-xss-protection
0
google-lineitem-id
6241543851
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425219174
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 263B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:34 GMT
expires
Tue, 11 Jun 2024 12:23:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
translator
hbopenbid.pubmatic.com/ Frame EC09 		0
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 12 Jun 2023 12:23:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame EC09 		24 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.38.0
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
82e72e90d076eb6c68c64839f15f87442e097158efb6afcde6c1773020045c14

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Jun 2023 12:23:34 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ye-mek.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
openrtb
adx.adform.net/adx/ Frame EC09 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
44d8ce2ad3c417e438b4d477b4ce7790e5844d351a4466c68c189364cc00a274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Jun 2023 12:23:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://ye-mek.net
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
hb.emxdgt.com/ Frame EC09 		0
0
bid-request
a.teads.tv/hb/ Frame EC09 		16 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:34 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 12 Jun 2023 12:23:34 GMT
prebid
ib.adnxs.com/ut/v3/ Frame EC09 		361 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f7e23615e93523d47ef48c044bcb86f5aa8ea4784b276332704958e3c0055f9c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Jun 2023 12:23:34 GMT
AN-X-Request-Uuid
3da64687-3883-4d7f-b0a3-4d788623a508
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.131; 185.213.155.131; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
361
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
cpm.programattik.com/ Frame EC09 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=43&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Mon, 12 Jun 2023 12:23:34 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame EC09 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=45&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Mon, 12 Jun 2023 12:23:34 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame EC09 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=44&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Mon, 12 Jun 2023 12:23:34 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame EC09 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=80&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns2.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Mon, 12 Jun 2023 12:23:34 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
openrtb
adx.adform.net/adx/ Frame EC09 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame EC09 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.38.0&cb=59103030047&lsavail=0
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 12 Jun 2023 12:23:33 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame EC09 		471 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0e211e56d9d3cf2a0c97d380a2213a8953c6695f805572cf28cb73820865048a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Jun 2023 12:23:34 GMT
AN-X-Request-Uuid
fe4cc041-547f-4c41-8f96-c3a451fb1f6f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.131; 185.213.155.131; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
471
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
mp.4dex.io/ Frame EC09 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:34 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7d6210d6ca0e5c3e-FRA
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame EC09 		173 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.39.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-39-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4e8ff724da4925363fd2393c43cf7ff37a16d9bb274e4627f9395461d36cc24e

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:34 GMT
content-encoding
gzip
x-prebid
pbs-java/1.120.0
content-type
application/json
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EC09 		416 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862172&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=181cadab-401e-4c1c-9947-3ec6bc792848%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&tk_flint=pbjs_lite_v7.38.0&x_source.tid=634edeff-0616-401c-9d8b-b754facacd53&l_pb_bid_id=60d705c6847f4c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6878266684077539
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e13e3754fe0004ef5cd1c4f831f6f89549527c0071c1e36fb301497015621b78

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
416
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EC09 		410 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862174&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=181cadab-401e-4c1c-9947-3ec6bc792848%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&tk_flint=pbjs_lite_v7.38.0&x_source.tid=60e7f69e-dacd-4fe2-8e85-8e89e8ed9ee5&l_pb_bid_id=6121ad27e2289c3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7803840491097263
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fd43e77a53a6f23550f59802f51a31a5886a2ecc9716e5a9ceaf0078da7dc2e6

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
410
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EC09 		404 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746578&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C55%2C57&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=181cadab-401e-4c1c-9947-3ec6bc792848%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead&tk_flint=pbjs_lite_v7.38.0&x_source.tid=af7a3e9f-8fcd-4c87-a430-649946c1038c&l_pb_bid_id=62d62498411804f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9679765105813909
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7a297205e39569af001a36b1936b8347626da35716a3d845e0d5f359a322e712

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
404
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EC09 		398 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746730&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=181cadab-401e-4c1c-9947-3ec6bc792848%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=2b844d90-3836-4824-b042-4542e8769c06&l_pb_bid_id=6322a98faa4097f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6632287026208401
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3f5baf734dcce745e20e25520282ce3bac49c617d40afd57d1e793f3d3d900e4

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
398
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EC09 		397 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746580&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=181cadab-401e-4c1c-9947-3ec6bc792848%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=b26f9e8d-6e90-4c01-9c5f-e475384bb0c7&l_pb_bid_id=64b5b67c8276224&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.22259180573745008
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2a28a80a026ccdd5ee4d2054a9f5fe71d0a84e1de06353b55538f53a5a1e72e1

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EC09 		408 B
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862158&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=181cadab-401e-4c1c-9947-3ec6bc792848%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&tk_flint=pbjs_lite_v7.38.0&x_source.tid=8da2c2ca-93ba-432e-8017-3b54270113d4&l_pb_bid_id=667aba31d41c14c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38655053999932343
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
df5a79057ca1b922f0ae35af7965fbd0c0612b2f677cd66b26a2ca182da7d446

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
408
expires
Wed, 17 Sep 1975 21:32:10 GMT
adagio.js
script.4dex.io/ Frame EC09 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:23:34 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
514460
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 06 Jun 2023 12:52:54 GMT
Server
cloudflare
ETag
W/"845b176368f98c92daf7aa531dcbc491"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCVwJtzctJe8qDITEJFQTObEETwWr55UXJqy04A%2FYP%2BUrtFKphxvLefNkM2D9S%2Bt1dXejeOHbqbXeyI9uhI3AjmbFWOyUbSjOm0H59yb%2FVVbUwk00mzBDVUGu2fw%2FZrO4l3qzr3awEPbu4SO"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7d6210d6cea4bbcb-FRA
ads
googleads.g.doubleclick.net/pagead/ Frame 0515 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572613988&bpp=3&bdt=939&idt=278&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&nras=1&correlator=6496900150640&frm=24&ife=1&pv=2&ga_vid=285724483.1686572614&ga_sid=1686572614&ga_hid=677360343&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759927%2C44759876%2C44792109%2C31075205%2C44788442&oid=2&pvsid=548481982940284&tmod=1057530013&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.aj9escs46kz6&fsb=1&dtd=290
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31075205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame EC09 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123120
x-xss-protection
0
expires
Mon, 12 Jun 2023 12:23:34 GMT
NoktaPlayer.js
c1.imgiz.com/player_others/html5/ Frame EC09 		398 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=6/12/2023
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19520
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.222 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:34 GMT
content-encoding
gzip
last-modified
Mon, 29 May 2023 18:51:56 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Mon, 19 Jun 2023 12:23:34 GMT
container.html
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3916 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:34 GMT
expires
Tue, 11 Jun 2024 12:23:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3916 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
341878
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 07 Jun 2024 13:25:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 3916 		137 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63e74470c65e1b2e02dbff00d73259bfb6ae5ef874121a2c4e4ddfd4fc16e920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Origin
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47394
x-xss-protection
0
server
cafe
etag
6711321853622031345
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:23:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3916 		175 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55943
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686137816735621"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:23:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3916 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujMOXsIJbEUzUsZJvOjpeTGLgd1a35XwytE3gomk6gGY6ZHj_C3AsXZGOGJ7eZMajhw1Bv3jP0zXGJ10DmtXGiCOb_Fq7bJrHxwW3IeULgq1wElOTGPl5ye-lufl-tdLJ0XkFRJbQWJoM73KLaHh8PB8eC4_WJ4Lj4GviJRK7tPqOZObKJeM5zjM_lfRIMK6t_KUNjEqNQXqpd7oUzxGp8vmgZEhWGzfGdGTAQZnNGTF2fV9G13fFTKaXzH7IpwDJsl5I_TfQSFMHLGQl6RNdwGvpMSE7UH2qSk0Uhb1qZ_pdxKWoYh6hTk-tRcY8jsB5zjoYV-jVsg9rny_I7SWrohsPXgUAwCsvkQGZd9AI3tc0lYu11IG9K9w&sai=AMfl-YRrYt2wdqDvOexGEZxA4B0WVx0bmibVJToT6yyJHGYBQOws16UAKI3GC3CxPEJvb_51A7T2XdCuIZaYeIupBVU4XwsCjxAII2wpAreT9iI&sig=Cg0ArKJSzDa9c4VPAF2ZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 12 Jun 2023 12:23:34 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/ Frame 3916 		352 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
489f45ce2ab8539db8d510b0b5b7f646d9f0b6d41a396d9afbe487ffdaab19f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121041
x-xss-protection
0
server
cafe
etag
2105480027286938006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:23:34 GMT
5ed7638be4b07a92411bbffe
ng2.virgul.com/tck/imp/ Frame EC09 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7638be4b07a92411bbffe?g=1&t=gb&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1686572613750&userId=vnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 12 Jun 2023 12:23:34 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
truncated
/ Frame 3916 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89413dda23a1651bfe71b1bc7cc3f7ede648a093d8a8770f5477004b34d3812a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.com/adsid/ Frame 3916 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DE75 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614834&bpp=9&bdt=158&idt=196&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&nras=1&correlator=7725164863994&frm=8&ife=1&pv=2&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.9oa5hwn9571y&fsb=1&dtd=208
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 19B2 		33 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
234b6c7d490b86839fbe2fe4fdd30a24c6ba6a58cb757148fe889b03aabf79b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
14258
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame EC09 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame EC09 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=548481982940284&correlator=704509459565293&eid=31073863%2C31075062%2C31075063%2C31075166&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=3&adks=3299242717&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686572613750%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet48545b5c89324b089bc2e71e7fbad8fa&sc=1&cdm=ye-mek.net&abxe=1&dt=1686572615679&lmt=1686572615&dlt=1686572613049&idt=1052&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ml086i2naxl6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCviIHuGRXmzpbvH0Bh7kxKWD_4rf4I_eYKyZSZhzwn7kbXeTRZPLiCAquq9Qxo5GWs2Hcc_jjxPam7Pwe2jE6A&ga_vid=285724483.1686572614&ga_sid=1686572614&ga_hid=677360343&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
942de6560858b96de85e3bc16524236a37df964cbc33b73a962db73165e22b15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11131
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EC09 		111 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=548481982940284&correlator=1638118186487664&eid=31073863%2C31075062%2C31075063%2C31075166&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=4&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686572613750%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet48545b5c89324b089bc2e71e7fbad8fa&sc=1&cdm=ye-mek.net&abxe=1&dt=1686572615683&lmt=1686572615&dlt=1686572613049&idt=1052&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=affmfudc6zet&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCviIHuGRXmzpbvH0Bh7kxKWD_4rf4I_eYKyZSZhzwn7kbXeTRZPLiCAquq9Qxo5GWs2Hcc_jjxPam7Pwe2jE6A&ga_vid=285724483.1686572614&ga_sid=1686572614&ga_hid=677360343&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a310ddfcf1e42d46b52386190c180a326b58ab663fbe05a1c9e9ba7849df6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40816
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EC09 		66 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=548481982940284&correlator=2615752985036245&eid=31073863%2C31075062%2C31075063%2C31075166&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=5&adks=3203893797&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D1.84%26hb_adid%3D68c30187c5776d5%26hb_bidder%3Dadf%26hb_format_adf%3Dbanner%26hb_size_adf%3D300x600%26hb_pb_adf%3D1.84%26hb_adid_adf%3D68c30187c5776d5%26hb_bidder_adf%3Dadf%26hg_pb%3D1.84&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686572613750%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet48545b5c89324b089bc2e71e7fbad8fa&sc=1&cdm=ye-mek.net&abxe=1&dt=1686572615687&lmt=1686572615&dlt=1686572613049&idt=1052&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=pvqp81okc4no&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCviIHuGRXmzpbvH0Bh7kxKWD_4rf4I_eYKyZSZhzwn7kbXeTRZPLiCAquq9Qxo5GWs2Hcc_jjxPam7Pwe2jE6A&ga_vid=285724483.1686572614&ga_sid=1686572614&ga_hid=677360343&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14bdb1813769bdeaa9977b91d6c2446e569e41f3e3ef864cc748fb133f43e549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14973
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EC09 		110 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=548481982940284&correlator=2771491569852948&eid=31073863%2C31075062%2C31075063%2C31075166&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160%7C640x205&fluid=height&ifi=6&adks=3050045420&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686572613750%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet48545b5c89324b089bc2e71e7fbad8fa&sc=1&cdm=ye-mek.net&abxe=1&dt=1686572615690&lmt=1686572615&dlt=1686572613049&idt=1052&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=jqkrvpdvl7lc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=996x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCviIHuGRXmzpbvH0Bh7kxKWD_4rf4I_eYKyZSZhzwn7kbXeTRZPLiCAquq9Qxo5GWs2Hcc_jjxPam7Pwe2jE6A&ga_vid=285724483.1686572614&ga_sid=1686572614&ga_hid=677360343&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f110b2b70f2c639be70232be838b5bb1230022484a318236a8fac983940a6fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40874
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EC09 		112 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=548481982940284&correlator=75030422564071&eid=31073863%2C31075062%2C31075063%2C31075166&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686572613750%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet48545b5c89324b089bc2e71e7fbad8fa&sc=1&cdm=ye-mek.net&abxe=1&dt=1686572615693&lmt=1686572615&dlt=1686572613049&idt=1052&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=1iqkw0ekd720&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCviIHuGRXmzpbvH0Bh7kxKWD_4rf4I_eYKyZSZhzwn7kbXeTRZPLiCAquq9Qxo5GWs2Hcc_jjxPam7Pwe2jE6A&ga_vid=285724483.1686572614&ga_sid=1686572614&ga_hid=677360343&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dc180e4363e40ec91aa2a80cac20cb838eee194c5e2e4e1d88240f4eb27a9bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41278
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EC09 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=548481982940284&correlator=4411137780019986&eid=31073863%2C31075062%2C31075063%2C31075166&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=8&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1686572613750%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnet48545b5c89324b089bc2e71e7fbad8fa&sc=1&cdm=ye-mek.net&abxe=1&dt=1686572615697&lmt=1686572615&dlt=1686572613049&idt=1052&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ik8tafruq9xl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCviIHuGRXmzpbvH0Bh7kxKWD_4rf4I_eYKyZSZhzwn7kbXeTRZPLiCAquq9Qxo5GWs2Hcc_jjxPam7Pwe2jE6A&ga_vid=285724483.1686572614&ga_sid=1686572614&ga_hid=677360343&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3865ecb84a848fe88ecf52734a7559ce55046d94447bfa38c0981f5abc3cd4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11246
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ Frame EC09 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 13 Jun 2023 12:23:35 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame EC09 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-176eb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 13 Jun 2023 12:23:35 GMT
5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame EC09 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1686572613750&userId=vnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 12 Jun 2023 12:23:35 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
js
tags.mathtag.com/notify/ Frame 19B2 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdaaU5tSTBOek10TWpCaFlTMDJOVGswTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0MzM5MDU4NDgzNjI3MTMwOTgvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1Mm9tN01CQVZnVVZDQVZnZ3ZIazE0cy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82NDMzOTA1ODQ4MzYyNzEzMDk4L2lhZC8wLzMyNC81OS85OTkvMTYyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY4NjU3MjYxNS8xNjg2NTg1MjE1LzQvcHViLTY1OTM1MjMyMTAwMTAxNTQv/ubzI2dPICurvV9mvcKHa5eKd0Nk&nodeid=4030&group=cdg&auctionid=6433905848362713098&pbs_auctionid=6433905848362713098&shardkey=6433905848362713098&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNFy_Rw6HZJydIOvmo9kP6qWH6AHPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqAMBqgTVAU_QfsyEkyKQyMW3VWmywhisku1dzE3EIH76LUaWx90FEBQpUep-8gultx7kP2LYRaUYf-MB8qEs3nCA7UpQNk5kZI7KUsPekSLMMWT1uYXppiAigX6tGc89F6i_q_Uy6AfkZbDmC_Gn2cKxuswoZLTWxk_hc-Dhb0qC1SBqg5Gt1cqvYQhiBCx7MIYE-Q-_WvWas-L09FJ-11_LJkQPoZheHJyOTq9iI2TO7SwOGquVStmIHxK51TeUTbYlymAXn3dLGSt7_UzB-Bqffx7ad4Soqx-1OYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3wa96uX9u-SMUTbRVH07nyIpXp8A%26client%3Dca-pub-6593523210010154%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.390.0 /
Resource Hash
f1ef7a65c2d948bd893d34b0fe416ab3dbe7f282e0110cb458dc1a3fd64ca0bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:23:35 GMT
x-mm-nodeid
4030
Content-Encoding
gzip
x-mm-bid-request-time
1686572615
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
close
x-mm-handled-by-owner
true
Last-Modified
Mon, 12 Jun 2023 12:23:35 GMT
Server
MMBD/3.390.0
x-mm-latency
1 (1)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
cdg-router-x107, cdg-bidder-x176
x-mm-lag
0
Expires
Mon, 12 Jun 2023 12:23:34 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 19B2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 09:32:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
10243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 09:32:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 19B2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 00:38:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
42308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8202
x-xss-protection
0
server
cafe
etag
12977410716570951617
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 00:38:27 GMT
l
www.google.com/ads/measurement/ Frame 19B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4A-5e8Bliw5u90sJ9MOgPKCX7XaPSF2od_-Mq13tdluWfVACWNu9sTKIAoi9aE9gvFJi7-U-35XNTB2_j3wtB7jrKzA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 19B2 		175 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55943
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686137816735621"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:23:35 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 19B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cns8iRw6HZJydIOvmo9kP6qWH6AHPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqAMBqgTSAU_QfsyEkyKQyMW3VWmywhisku1dzE3EIH76LUaWx90FEBQpUep-8gultx7kP2LYRaUYf-MB8qEs3nCA7UpQNk5kZI7KUsPekSLMMWT1uYXppiAigX6tGc89F6i_q_Uy6AfkZbDmC_Gn2cKxuswoZLTWxk_hc-Dhb0qC1SBqg5Gt1cqvYQhiBCx7MIYE-Q-_WvWas-L09FJ-11_LJkQPoZheHJyOTq9iI2TO7SxMGIoH5mUsGJ8dnZxMDRnV13QdI31lAcrGPQxuAruBUwZ07jivJoAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjU5MzUyMzIxMDAxMDE1NBgA&sigh=PbD9aYDmJlk&uach_m=[UACH]&cid=CAQSKQBygQiDSuwuufWwqpJzHU-JuCiHPW9Z5oZ-WDHy-MFMmAwfKTadrBFsGAE&tpd=AGWhJmsXtpATJTvJxnsXC6twIzNF4IfIhPFDunwWheibryxajTBg_8YDhuTpoKi-r7WHdCKp5LtxLCjQqHtoDlfSczf3DHYj2rCkPUCIPRwp1zjQJxG7clHMbwhxPhcS839W83wUXanzhgDCrvdw22Ut2qbvzrO8isbEzrjkVxpArFnGYxX2AGlWhvzZxPN3td-1t7SbM_avpQBe_1snHAnh6nfNQ9ypQ8vCjxvmR09eoZM0YD-yps8xpOgDrNK0k8GO4b1pgmKClzXqHsYmUUuKZJHd1q-dGtQH9Wr830BNbJBfPCkSelWshupNPUwFKSdPaAMC_UTl2aIW1-4UDz-xQJIjqAKdSPWHrUasSkzxF_8zkzPl3T6XkngsbKUCsq_RN-9ABTR-4JKLSQKD-CpodihJxu0MwZJd8Yye9nXBcqnL9rQU0DGYl-8HK5bEunzqLFhsmcLlYm3ctbKki2FlQgVqSorVSxp-alO-BcYbpT-mlcX-w0dzIGg1nkXI_A-iQMYSM9gBi_52_DPvZmwDi6ia6RcGChNyPReagOh4xHPj140MpOcgXheYXbYNNqD-rKjiusD6P11Qs2ml7rga_paxVxKD_6U6eMnDFfGztp2V8hQ8dTGcts-f-EJ_BcfD7LJ4KkdCzjL1f8omcKsxZwO5rgOn_Y3qt6Zp6E8XEp2J9hRFYH22rIXp-uWkee12o-bujb8Aa1Fz1fZcrMoVwuGfJpztHcoemQGOr0AI-hGkZhPFkHBcPrpn6rtZU6BUPH218grPfscy67oPZA24LiRzW8y_z_Sx8Dq6HFs6lot2i-YdQ-8r71ZUZEaW_rWHiRaNOKmSz-MP70hLqq6criIoMoCusD2RhsdkX3LswCpCS5979bqYeRCHE1yJnXaEqJp7fGYlMcyAfIYixN2dPE1GuLnt_OXnuJChPtWdIRqaLFxyQRggVq9kmFP5IL4i4wZO3vE8pztI1kL2NyjyLPIrOUPUxGQUsa2u8lhkbo3R0fi_c7TYmc3PY9ziv8eulYLuNrTisMjvU-Bz-3hLuIdbswhSE9UtZqFyGNxrxZz_299OOmM1-DwfElqTPihx5PUu2l_RR9UBBkt-2VLJqrE-50sy9hFXbaEzYuuM7-Xeaq7J
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 12 Jun 2023 12:23:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ajk4xlebn4mw
hal9000.redintelligence.net/zone/ Frame 19B2 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=6433905848362713098&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DiK3BDjR2WlO9kSjdvEbA8A%26exch_seat%3D20035004448%26mt_aid%3D6433905848362713098%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D52496487-0e47-4301-9c33-dda8d0188b52%26mt_cid%3D52496487-0e47-4301-9c33-dda8d0188b52%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCNFy_Rw6HZJydIOvmo9kP6qWH6AHPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqAMBqgTVAU_QfsyEkyKQyMW3VWmywhisku1dzE3EIH76LUaWx90FEBQpUep-8gultx7kP2LYRaUYf-MB8qEs3nCA7UpQNk5kZI7KUsPekSLMMWT1uYXppiAigX6tGc89F6i_q_Uy6AfkZbDmC_Gn2cKxuswoZLTWxk_hc-Dhb0qC1SBqg5Gt1cqvYQhiBCx7MIYE-Q-_WvWas-L09FJ-11_LJkQPoZheHJyOTq9iI2TO7SwOGquVStmIHxK51TeUTbYlymAXn3dLGSt7_UzB-Bqffx7ad4Soqx-1OYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3wa96uX9u-SMUTbRVH07nyIpXp8A%2526client%253Dca-pub-6593523210010154%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
3243bcbeef62e146f23e134145103eabf746360684d732d26a55954f6d3f6156

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:23:36 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3375
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 19B2 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=6433905848362713098&node_id=4030&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdaaU5tSTBOek10TWpCaFlTMDJOVGswTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0MzM5MDU4NDgzNjI3MTMwOTgvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1Mm9tN01CQVZnVVZDQVZnZ3ZIazE0cy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82NDMzOTA1ODQ4MzYyNzEzMDk4L2lhZC8wLzMyNC81OS85OTkvMTYyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY4NjU3MjYxNS8xNjg2NTg1MjE1LzQvcHViLTY1OTM1MjMyMTAwMTAxNTQv/ubzI2dPICurvV9mvcKHa5eKd0Nk&nodeid=4030&group=cdg&auctionid=6433905848362713098&pbs_auctionid=6433905848362713098&shardkey=6433905848362713098&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNFy_Rw6HZJydIOvmo9kP6qWH6AHPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqAMBqgTVAU_QfsyEkyKQyMW3VWmywhisku1dzE3EIH76LUaWx90FEBQpUep-8gultx7kP2LYRaUYf-MB8qEs3nCA7UpQNk5kZI7KUsPekSLMMWT1uYXppiAigX6tGc89F6i_q_Uy6AfkZbDmC_Gn2cKxuswoZLTWxk_hc-Dhb0qC1SBqg5Gt1cqvYQhiBCx7MIYE-Q-_WvWas-L09FJ-11_LJkQPoZheHJyOTq9iI2TO7SwOGquVStmIHxK51TeUTbYlymAXn3dLGSt7_UzB-Bqffx7ad4Soqx-1OYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3wa96uX9u-SMUTbRVH07nyIpXp8A%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.390.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:23:36 GMT
Server
MMBD/3.390.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x41, cdg-bidder-x176
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 12 Jun 2023 12:23:35 GMT
img
pixel.mathtag.com/event/ Frame 19B2 		43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=6433905848362713098&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdaaU5tSTBOek10TWpCaFlTMDJOVGswTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0MzM5MDU4NDgzNjI3MTMwOTgvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1Mm9tN01CQVZnVVZDQVZnZ3ZIazE0cy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82NDMzOTA1ODQ4MzYyNzEzMDk4L2lhZC8wLzMyNC81OS85OTkvMTYyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY4NjU3MjYxNS8xNjg2NTg1MjE1LzQvcHViLTY1OTM1MjMyMTAwMTAxNTQv/ubzI2dPICurvV9mvcKHa5eKd0Nk&nodeid=4030&group=cdg&auctionid=6433905848362713098&pbs_auctionid=6433905848362713098&shardkey=6433905848362713098&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNFy_Rw6HZJydIOvmo9kP6qWH6AHPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqAMBqgTVAU_QfsyEkyKQyMW3VWmywhisku1dzE3EIH76LUaWx90FEBQpUep-8gultx7kP2LYRaUYf-MB8qEs3nCA7UpQNk5kZI7KUsPekSLMMWT1uYXppiAigX6tGc89F6i_q_Uy6AfkZbDmC_Gn2cKxuswoZLTWxk_hc-Dhb0qC1SBqg5Gt1cqvYQhiBCx7MIYE-Q-_WvWas-L09FJ-11_LJkQPoZheHJyOTq9iI2TO7SwOGquVStmIHxK51TeUTbYlymAXn3dLGSt7_UzB-Bqffx7ad4Soqx-1OYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3wa96uX9u-SMUTbRVH07nyIpXp8A%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.122.195 -, , ASN (),
Reverse DNS
Software
MT3 986 b247903 master cdg cdg-pixel-x33 config_version:"3795" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:23:36 GMT
Server
MT3 986 b247903 master cdg cdg-pixel-x33 config_version:"3795"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Mon, 12 Jun 2023 12:23:35 GMT
img
tags.mathtag.com/event/ Frame 19B2 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=6433905848362713098&st=4562306&time=1686572615&nodeid=4030
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdaaU5tSTBOek10TWpCaFlTMDJOVGswTFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0MzM5MDU4NDgzNjI3MTMwOTgvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1Mm9tN01CQVZnVVZDQVZnZ3ZIazE0cy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82NDMzOTA1ODQ4MzYyNzEzMDk4L2lhZC8wLzMyNC81OS85OTkvMTYyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY4NjU3MjYxNS8xNjg2NTg1MjE1LzQvcHViLTY1OTM1MjMyMTAwMTAxNTQv/ubzI2dPICurvV9mvcKHa5eKd0Nk&nodeid=4030&group=cdg&auctionid=6433905848362713098&pbs_auctionid=6433905848362713098&shardkey=6433905848362713098&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNFy_Rw6HZJydIOvmo9kP6qWH6AHPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqAMBqgTVAU_QfsyEkyKQyMW3VWmywhisku1dzE3EIH76LUaWx90FEBQpUep-8gultx7kP2LYRaUYf-MB8qEs3nCA7UpQNk5kZI7KUsPekSLMMWT1uYXppiAigX6tGc89F6i_q_Uy6AfkZbDmC_Gn2cKxuswoZLTWxk_hc-Dhb0qC1SBqg5Gt1cqvYQhiBCx7MIYE-Q-_WvWas-L09FJ-11_LJkQPoZheHJyOTq9iI2TO7SwOGquVStmIHxK51TeUTbYlymAXn3dLGSt7_UzB-Bqffx7ad4Soqx-1OYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3wa96uX9u-SMUTbRVH07nyIpXp8A%26client%3Dca-pub-6593523210010154%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.390.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:23:36 GMT
Server
MMBD/3.390.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x28, cdg-bidder-x176
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 12 Jun 2023 12:23:35 GMT
request.php
hal90009.redintelligence.net/ Frame 19B2 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=4e13d99930&subid=&uid=05b7abe038190176&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DiK3BDjR2WlO9kSjdvEbA8A%26exch_seat%3D20035004448%26mt_aid%3D6433905848362713098%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D52496487-0e47-4301-9c33-dda8d0188b52%26mt_cid%3D52496487-0e47-4301-9c33-dda8d0188b52%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCNFy_Rw6HZJydIOvmo9kP6qWH6AHPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqAMBqgTVAU_QfsyEkyKQyMW3VWmywhisku1dzE3EIH76LUaWx90FEBQpUep-8gultx7kP2LYRaUYf-MB8qEs3nCA7UpQNk5kZI7KUsPekSLMMWT1uYXppiAigX6tGc89F6i_q_Uy6AfkZbDmC_Gn2cKxuswoZLTWxk_hc-Dhb0qC1SBqg5Gt1cqvYQhiBCx7MIYE-Q-_WvWas-L09FJ-11_LJkQPoZheHJyOTq9iI2TO7SwOGquVStmIHxK51TeUTbYlymAXn3dLGSt7_UzB-Bqffx7ad4Soqx-1OYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3wa96uX9u-SMUTbRVH07nyIpXp8A%2526client%253Dca-pub-6593523210010154%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6593523210010154%26output%3Dhtml%26h%3D90%26slotname%3D9586219513%26adk%3D1165138949%26adf%3D4198790052%26pi%3Dt.ma~as.9586219513%26w%3D728%26format%3D728x90%26url%3Dhttps%253A%252F%252Fye-mek.net%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1686572614843%26bpp%3D1%26bdt%3D167%26idt%3D201%26shv%3Dr20230607%26mjsv%3Dm202306060101%26ptt%3D9%26saldr%3Daa%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7725164863994%26frm%3D8%26ife%3D1%26pv%3D1%26ga_vid%3D203484682.1686572615%26ga_sid%3D1686572615%26ga_hid%3D1844000573%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D728%26ish%3D90%26ifk%3D454473896%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759926%252C44759837%252C44759875%252C31075258%252C42531705%252C44785292%252C44785294%252C44788442%26oid%3D2%26pvsid%3D989115233521573%26tmod%3D1008808033%26uas%3D0%26nvt%3D1%26top%3Dhttps%253A%252F%252Fpcloak.blob.core.windows.net%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3D2.ayhqsc6aybs2%26fsb%3D1%26dtd%3D205&ancestorOrigins=null&random=1042048998513&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=6433905848362713098&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DiK3BDjR2WlO9kSjdvEbA8A%26exch_seat%3D20035004448%26mt_aid%3D6433905848362713098%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D52496487-0e47-4301-9c33-dda8d0188b52%26mt_cid%3D52496487-0e47-4301-9c33-dda8d0188b52%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCNFy_Rw6HZJydIOvmo9kP6qWH6AHPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqAMBqgTVAU_QfsyEkyKQyMW3VWmywhisku1dzE3EIH76LUaWx90FEBQpUep-8gultx7kP2LYRaUYf-MB8qEs3nCA7UpQNk5kZI7KUsPekSLMMWT1uYXppiAigX6tGc89F6i_q_Uy6AfkZbDmC_Gn2cKxuswoZLTWxk_hc-Dhb0qC1SBqg5Gt1cqvYQhiBCx7MIYE-Q-_WvWas-L09FJ-11_LJkQPoZheHJyOTq9iI2TO7SwOGquVStmIHxK51TeUTbYlymAXn3dLGSt7_UzB-Bqffx7ad4Soqx-1OYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3wa96uX9u-SMUTbRVH07nyIpXp8A%2526client%253Dca-pub-6593523210010154%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
36b02c2d09a7d444675aff75bd0a98a875450f76e44dfe11bfeafde1b0c1aabf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Jun 2023 12:23:36 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
31707400070838500951389012353009
Connection
close
Content-Length
1163
Expires
Mon, 12 Jun 2023 13:23:36 +0200
container.html
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C06D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:34 GMT
expires
Tue, 11 Jun 2024 12:23:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 275D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:34 GMT
expires
Tue, 11 Jun 2024 12:23:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6234 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUjtq1ejq9qrpjSRYBXEY_JlMBMVwMiMjSCIC6VMpjhyQAZvqoet0VWDrELli7V2pHcI1HKBUyPODG-kDjLfva207R_j4ZWOqAOd4261rMTA1Q_sOg8tDhzyFNfp9Kc_PyY4ZrQBgEOfwc_LDfcDFboO-vWgwzhjf-crP68xNm7HauQEFc
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C06D 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:23:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C06D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BIIM5Hl8D7mrl0iwigQQ2nH8bovInfR_NajHlJ3XSszR8gnByxZ6IMAkofEG8cBb8BUk7bqlyxUh0kddAZ2QgKViqihCfsaEK554NaCFSJ2rdoC_0
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C06D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=866101035818832675&x=1&ct=76
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame C06D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 09:32:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
10244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 09:32:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame C06D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 00:38:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
42309
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8202
x-xss-protection
0
server
cafe
etag
12977410716570951617
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 00:38:27 GMT
l
www.google.com/ads/measurement/ Frame C06D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqhLEKdqKt0mvryasZXOx815ytB1RefUmjYQbG6Iz8_nIIYBwx5YotIf0Md-RDTaLc9kBJty6XUtN8bNLwZG94e3uL4Q
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C06D 		175 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55943
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686137816735621"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:23:36 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5170 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCE4EIYv6qy4gEwAQ&v=APEucNVUdX_8dXSsfCR-iVH4lkA4v-33QB1ZsV4zYiQxTmH5g2CtCU3UuBwPNufT1Dia126yKvdQfO9q5Xj0M2DaBSKqZ-e5LD8Lb1bufQmGR_ja-0reXJf9ZxeU7ShJ6pUgVP0zGcmbYdJ_L6rbU7eqg_nbr5102iaWAx3kF6WHJZp0TmQN02Y
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 275D 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:23:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 275D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dg192cer3l0eiHzJ2TdOdzQlnNBM3va8tkYBimW_t9hprrVkNeC4UNuaD5eGiiwkylwzhUDHoz31Xhqr02Npzcq0cxF92fNdhiNq5ozWcKj7sxevo
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 275D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12386242478710881066&x=1&ct=76
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 275D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 09:32:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
10244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 09:32:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 275D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 00:38:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
42309
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8202
x-xss-protection
0
server
cafe
etag
12977410716570951617
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 00:38:27 GMT
l
www.google.com/ads/measurement/ Frame 275D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQNpGeQa0nmfV3hvbfIVmmrJ6nRuYUs4N4KrfPk6fVc67srVqcxtsVKMoLQNsZjkEix34Hs8sJH9cQ7u1DU-7qIGrMYw
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 275D 		175 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55943
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686137816735621"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:23:36 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305221508000/ Frame 6E9E 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 10 Jun 2023 11:57:54 GMT
age
174342
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61790
x-xss-protection
0
server
sffe
etag
"dc39a5ea8e84372b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Jun 2024 11:57:54 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 6E9E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 10 Jun 2023 05:03:11 GMT
age
199225
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5228
x-xss-protection
0
server
sffe
etag
"68ea093d80ab2def"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Jun 2024 05:03:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 6E9E 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 10 Jun 2023 10:13:15 GMT
age
180621
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28884
x-xss-protection
0
server
sffe
etag
"52a0fa5b1f73dc96"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Jun 2024 10:13:15 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 6E9E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 10 Jun 2023 06:17:42 GMT
age
194754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1912
x-xss-protection
0
server
sffe
etag
"64a18d292337e38c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Jun 2024 06:17:42 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 6E9E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 10 Jun 2023 00:34:48 GMT
age
215328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12949
x-xss-protection
0
server
sffe
etag
"4886bdcdd7fc48e5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Jun 2024 00:34:48 GMT
truncated
/ Frame 6E9E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50d3681e6849a5716734c9632a1a2a017e020073e71f4b5ccc79cc23a54560e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
10261972549777223277
s0.2mdn.net/simgad/ Frame 6E9E 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10261972549777223277
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
25b451f3cad26104f57800c79546bf5a40295d0cecf5623e623f4479b94d0ddd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 17:53:50 GMT
x-content-type-options
nosniff
age
412186
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44765
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 13:36:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Jun 2024 17:53:50 GMT
7352296608196688721
s0.2mdn.net/simgad/ Frame 6E9E 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7352296608196688721
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
2d3ebc5963c3ba449fc6f11b2d5ac883abaf7dbc046ac7c1b267518e0ca5fa27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 17:53:54 GMT
x-content-type-options
nosniff
age
412182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10020
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 13:36:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Jun 2024 17:53:54 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6E9E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTTMI2SY6aUA7Y5jxUcB9zWvkauxoXrBDJHddiwvxyns-OrQAt16cFE3bqwH5NQgjQEYUDNjDkLiH3-0aYOh21yoxf7THlElyAw3dpybb2Un0lvnpoJEuLx1pJ3t5NYIByOchMMl12UXQq2sA1TXYUubDHMw&dbm_d=AKAmf-DbSIZ-Lt4WElrk5NdrqJjNG810f8m6VtAzjaA2kPNYvdapOq_6-41_0BtCMkN3DiB33XIBFXb0dkYnbxw2HnWPiKfI1uQbxJhujVP_k6byzC7Nai6-XMRQi9Ul5dI09vVIZWjojREmwgCfBORh8FiLZ7liLDdfJejEmrTShe9rrVDl9NFGErcI4mL9V6jxBH8xU7QIpV5YjCW54h2GdfmpfU7sPb3v95g_kWNbKgwlsjrICbrie91yxh3EjZgH64msICxrut32YFD6XFPslnJv-iaE6YBXrbNWBYxe7nA8lHJmjO91c5CxKVpF4abdOC--lr3SJSANcTVyxac9b2Oakrj9tAsTBpFCWPGzIgH0bTfQaWsSDV0ov4_Gf3VeXFL35pnF0S76mRbQOjV-vRzj7kpPhb4wvoR8w7SujFYx7O5LJ6W-ZAbUXcllLxWIoMSyuP0w5STG-iOailoIPoltaHrbVzythM-QFRzvK3QoPNjzJtk6DFBacn2WqBmoqYvYHWMMVs2Q7N4ROfYfHUOuhuKByZeANjhm-EJ3YajvJqJ9fg9ecsmfOaSViLcXC6RPO41blhcEPBtd7n5IYVGm-KU8TfIJoCViZhsQztama6ot2obUR3xfr51lORv_g-AxKfKqvTR4n6BbwxFBqsyishsIR1_6is2Ixg0rrJtiQF4AEFxUVY2S-139x-86PHtDEUBHhgZCLsqLfMgfZUVASTWFvRfSlnVoj6YwDWNntPF7Nf68_p49YiPeyZb1ejE1YGoSPoFg32NfZDsLgwWGT7KOla0xfgon04XTiDO0rnoRlvrobAD8-2lwymJETYD3ZYyLSDldBA2YY7wQ06SRCKQmE6TeuJNnkGMx6K_qg4mkJe822Spxg0ET_t_XZIkV3vMaOpwALpORxhOx_br7yIwXxYhJY1dhAPCPwE2A2fJJWjlO8xJhmJkP7qdmp1gTse5jrNCaw0BWRFqsjrC9IodTsKU1iMPI-bBQs1grczoyNZlKSO2AxajvTh44gMNFp8c1GFtq-QJPUE5xR4tEKiK25q5xaoSAUOvkqVHXxyx9DEq-8Ow23O3RXqgEB4nYaH67hD8n5yokmECdgNs92c_z3OimHDY_-dvC6I8OjIhWK5JyVtVotPUZB9JtEhe-aRgcLOlAUdrKWxMi4K1UmrMG-RhOvebgrO2FaXvitXTmL9y3EYVzUqKMUdwrsQ-x-7rV_IVyQ-hGRN02ECCiHl0FEewp3mZklVgCUgH0iwC6jn8KunT8VIlN9L1fIHDx4UUN9gC8qosOG7TmBacFyjqmxD219-0WvZbdU6dUZhxuq1W0egl4KGVgrS9q8BsQPOgMPj544VwCbyck_L5344HIgypNjddIJ7TlndiDQtBZRvo6MxEX9HDYGoxDQPCXhJoJ9Hso3evhvdEY6aaVYQSxuo2BU7WOgyFY5LAI3FprRAdIGaOiiBffH3O5q58GHpHmmNzfjAOwVCHIbggpJu4W0XftOh05FpvywOhcHk8uK0oUg-ZTqMRw_22bbgkESt4NZ8iXTiza29YHiMSyw10KlLASQYYReVVzXPgY2JGbifEb4tpHXUgeW5njnNym6REhWJKv5tjAs7AtDfePz4EXLd37_zpTigviu2Z80ayI4Fi2edeUdlcncVnqY5FoNX0wIL-ciO5ed-Wz-RD2ugeYLf50CqAar5-8xpOxNHFvIFkaqK8fYhX8RR2qCXDbJog0rnomy8lTUTyjR_r6UDxIjPotGpBjSthGduiYByMzPu6qLI9xY1OBdBElICI2xlSPnKBaBxBur5pnKAigESz44ZA7E0mW3R6tOUqjWMWxJXBcI6UI-YJcLy--RkQ040_jcg-RvkWhrdWCHsQAhegF-eSFu_BwmhMb9cMooOXtM1zUsZrYUG9_ohD8o08qS1Xx5UIdJh52qELY_ebMl0ACY83sap_KpxbPFeaaZIb8PGApm6ei6j5ALWrCGkxS7Qhye-JFxx6o_LmEjFMkdgUrGw0fjz07cV482yWl7XbvgFDetyupq9xD99kOgQhRc3Gocu3b-BVfl3ytynRcobql1Z9f_Ew7k-A56aidVb738Zf7GRwTkfLvwuMKDG0LzleRnQ0TvCxU_FZwUvtk83UkcKsqwePmsHbJA9Ydp4CW7Zjx5uxUQ051qIj4IC5thqFYu3XhjcMXG8D5Oql0DsrlkfpdVuND2b_ehYhmYus4HpwrotzUEFweANfx6GF41IkFYTRn2rUK-KGfqVmUXnpg4hJR6RSwuup0UFfuCykF-RogXZR8WN-77F889iBiqZJoQWGOu6fTgcah4iU5pbUVKPkYIViI1yLZ2g-92JomlUqi8CVSBm4HJh2qZqBo3lT7v5VaV35ipEx5RtE7Uo52pBdsENUiTYo19M6lPtcZVbKVxClHH-SbGFreyrwqBACZzHSwwSfRzln-aUh0v1u-ypwspfZ45-rB4xz-xYK4dexSVDbCM5BjvTZ-OPnauKEuDl5cKsJkcTodoupCxNLA4cP_VEQx6n0zB_3wvrTVPcpKWwHzi-lp761RFDWfE8Ymmb3CBnFhb8SdQIyjCUWj7XBcEyZF_Am8oCr6Xq-dpD2MT3StOwu7qTGYQrw1dUnT5iE3n6yehriAU3u3jt56LW0g99Y9uXsx4wHlmF9H8_A5zdYG_4gndMjSdn-1lmd7_0zAvu8oftmZKguksATHAaJ_mCkJZtjwwhmSO5ugMpBMmdNh09u9hFeJGZI8jQ5KMqRZg7Jk3f7QD1j3NWOi-XNgafyX7f0h9KsEHtjOZwuDgKGnaYETRjyTi1PKg2gApdiN0vP9yEOiMe09tUBOZOHqSOVjltfzn6wqZ4d9VkkSpD8Zs0wFXPuno2Cl1YD2hXTORzdHKsihO_F3Q-ZvMjVdmnpwYjRGktgl0mZ7kFMcyTxSHnNHBFI1JZaz_7bB9TePg_c3-h0F6gI2keRc43dy90LP-kaHAxEpIkLzr0fRU_kHpk5p_yFBo8l20TK8NdWPKosxauMparDJCH9IvmpVwrd9kz50Zgso0bupFsDU68xmf1y1wdEYlYZeyxfOenJb52fgn1M4kM-tvdp9JYlpaBqoFt3gweF5dRBAu5QZTdbwq5iAVrpNqA4l5MRIN61r0w-pXP5caWM95g3MXlEiutnZmctgxioBY4-5J7rvH_YlYBkBRfxR03QT9WzsdTN96EciaqzfkRSeWFGRIdUzSyKiCqD-4hC90dZuJIK4iwnpKcFZdVCnqs8Jq173VK-6UE9-j_QvvpjK-UWi3f1FrqcSWmGSU_pitq_OgG_98-8KAzuCCzAUZ-PPETgpOUBrAO5dQC8686AuDaQP6dPk-z77uxJjHKXt0YMj1-yCrhBHpOAaOqjE4gdwsS8DWohyH38vLnhaCo_Fs19OaPl8caLi8QheO0bSZL46jPEf7qz07FFIh7tMxsTK8ZFxK9sRNk25wJSjXsH3kN6PprZZdP8OP8owzKowHbvLJzNTWYwqd_v83DuTAQeZHS9aoTWfbJsvr7wdxg9RzmLeQvGA0CVCxJAcfmpt3s0gPNM8SNK_7UUgOJrDUcacenr_N_w0zRexuGMupxwspFjvLsyz8EJSvb3zCK56IS1DSP2Ke8K9wu7HNirTeX2JBX6ZiQV3C_K1x2KAzbZOZkKKUg&cid=CAQSOwBygQiDW0dLfD-T8x1O_ZpzJWaxazQBWSFtG0k0Onq3OwL29JuR4mntYkk870Zw6UhfCD14SG3Nsp-LGAE&dc_exteid=31111773410842859563671651645108096&dc_pubid=4
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6E9E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CpNGcRw6HZIzsMZWOgAf6hqPIBtqxuf5wlO_CufkRjqq9n9k8EAEgwLKCa2CV4pCCoAegAdOp3fkCyAEGqQKQFKTl8BeyPqgDAaoE4AFP0ATxPD1Ts_2yrOqF3PQuk2sZgo1F2vE072sV9f6hNNsNhyVINel1kVht5IscMh91QrFWUy7-UFKzAKffpkoG46wsd6-0aE0kzG7RMEHiz-mjhIAgmQUsavaglPDXnytUh75cqxRQjtfltz4i5BKmYKOGQBoR5vPlZiwd9GgpYi7I8Nhg9oiz74EEbIB3as7P83n0OqjWAtGZ8U2GC93vABnfIpIKlNEd_LIx1aZehBVIn0UQPyLQV523STocJHpydW9muE8RmdI6IFq56c9fqsG2-FMPagtorZj0w2054MAElJuD_sEE4AQDiAX42de5S5IFBggDEAIYAZIFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHldaihgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChCy0QcYpfXv7AHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsBsBP61NUTyBOXuoXjA9ATANgTDYgUBNgUAdAVAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=OXRTqR72t3Y&uach_m=[UACH]&cid=CAQSOwBygQiDW0dLfD-T8x1O_ZpzJWaxazQBWSFtG0k0Onq3OwL29JuR4mntYkk870Zw6UhfCD14SG3Nsp-LGAE&template_id=509&vt=10
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame 6E9E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTw0Bop924CwOapEThyg71jKafHCn96nxuGvnZ-8u8kqKWJV_h5HE6D9wodPjjVLKWiid0ysUL8aSQQe76d9oCWf4Opxw
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6E9E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 19:04:08 GMT
x-content-type-options
nosniff
server
cafe
age
62368
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3057
x-xss-protection
0
expires
Mon, 12 Jun 2023 19:04:08 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6E9E 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
82106
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 12 Jun 2023 13:35:10 GMT
container.html
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C667 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:34 GMT
expires
Tue, 11 Jun 2024 12:23:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
adv.office-partner.de/ Frame 3267 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=4e13d99930&subid=&uid=05b7abe038190176&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DiK3BDjR2WlO9kSjdvEbA8A%26exch_seat%3D20035004448%26mt_aid%3D6433905848362713098%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D52496487-0e47-4301-9c33-dda8d0188b52%26mt_cid%3D52496487-0e47-4301-9c33-dda8d0188b52%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCNFy_Rw6HZJydIOvmo9kP6qWH6AHPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqAMBqgTVAU_QfsyEkyKQyMW3VWmywhisku1dzE3EIH76LUaWx90FEBQpUep-8gultx7kP2LYRaUYf-MB8qEs3nCA7UpQNk5kZI7KUsPekSLMMWT1uYXppiAigX6tGc89F6i_q_Uy6AfkZbDmC_Gn2cKxuswoZLTWxk_hc-Dhb0qC1SBqg5Gt1cqvYQhiBCx7MIYE-Q-_WvWas-L09FJ-11_LJkQPoZheHJyOTq9iI2TO7SwOGquVStmIHxK51TeUTbYlymAXn3dLGSt7_UzB-Bqffx7ad4Soqx-1OYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3wa96uX9u-SMUTbRVH07nyIpXp8A%2526client%253Dca-pub-6593523210010154%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6593523210010154%26output%3Dhtml%26h%3D90%26slotname%3D9586219513%26adk%3D1165138949%26adf%3D4198790052%26pi%3Dt.ma~as.9586219513%26w%3D728%26format%3D728x90%26url%3Dhttps%253A%252F%252Fye-mek.net%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1686572614843%26bpp%3D1%26bdt%3D167%26idt%3D201%26shv%3Dr20230607%26mjsv%3Dm202306060101%26ptt%3D9%26saldr%3Daa%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7725164863994%26frm%3D8%26ife%3D1%26pv%3D1%26ga_vid%3D203484682.1686572615%26ga_sid%3D1686572615%26ga_hid%3D1844000573%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D728%26ish%3D90%26ifk%3D454473896%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759926%252C44759837%252C44759875%252C31075258%252C42531705%252C44785292%252C44785294%252C44788442%26oid%3D2%26pvsid%3D989115233521573%26tmod%3D1008808033%26uas%3D0%26nvt%3D1%26top%3Dhttps%253A%252F%252Fpcloak.blob.core.windows.net%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3D2.ayhqsc6aybs2%26fsb%3D1%26dtd%3D205&ancestorOrigins=null&random=1042048998513&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 -, , ASN (),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Mon, 12 Jun 2023 12:23:36 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Mon, 19 Jun 2023 12:23:36 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 5FF5 		0
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=31707400070838500951389012353009&t=htlp&gdpr=1&consent=1&gdpr_consent=li
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=4e13d99930&subid=&uid=05b7abe038190176&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DiK3BDjR2WlO9kSjdvEbA8A%26exch_seat%3D20035004448%26mt_aid%3D6433905848362713098%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D52496487-0e47-4301-9c33-dda8d0188b52%26mt_cid%3D52496487-0e47-4301-9c33-dda8d0188b52%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCNFy_Rw6HZJydIOvmo9kP6qWH6AHPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqAMBqgTVAU_QfsyEkyKQyMW3VWmywhisku1dzE3EIH76LUaWx90FEBQpUep-8gultx7kP2LYRaUYf-MB8qEs3nCA7UpQNk5kZI7KUsPekSLMMWT1uYXppiAigX6tGc89F6i_q_Uy6AfkZbDmC_Gn2cKxuswoZLTWxk_hc-Dhb0qC1SBqg5Gt1cqvYQhiBCx7MIYE-Q-_WvWas-L09FJ-11_LJkQPoZheHJyOTq9iI2TO7SwOGquVStmIHxK51TeUTbYlymAXn3dLGSt7_UzB-Bqffx7ad4Soqx-1OYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3wa96uX9u-SMUTbRVH07nyIpXp8A%2526client%253Dca-pub-6593523210010154%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6593523210010154%26output%3Dhtml%26h%3D90%26slotname%3D9586219513%26adk%3D1165138949%26adf%3D4198790052%26pi%3Dt.ma~as.9586219513%26w%3D728%26format%3D728x90%26url%3Dhttps%253A%252F%252Fye-mek.net%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1686572614843%26bpp%3D1%26bdt%3D167%26idt%3D201%26shv%3Dr20230607%26mjsv%3Dm202306060101%26ptt%3D9%26saldr%3Daa%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7725164863994%26frm%3D8%26ife%3D1%26pv%3D1%26ga_vid%3D203484682.1686572615%26ga_sid%3D1686572615%26ga_hid%3D1844000573%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D728%26ish%3D90%26ifk%3D454473896%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759926%252C44759837%252C44759875%252C31075258%252C42531705%252C44785292%252C44785294%252C44788442%26oid%3D2%26pvsid%3D989115233521573%26tmod%3D1008808033%26uas%3D0%26nvt%3D1%26top%3Dhttps%253A%252F%252Fpcloak.blob.core.windows.net%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3D2.ayhqsc6aybs2%26fsb%3D1%26dtd%3D205&ancestorOrigins=null&random=1042048998513&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 -, , ASN (),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Content-Type
application/javascript; charset=utf-8
Date
Mon, 12 Jun 2023 12:23:36 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
X-IPLB-Request-ID
B9D59B83:889E_91EFC182:01BB_64870E48_139C1A4E:6DDA
link.html
track.webgains.com/ Frame 19B2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=31707400070838500951389012353009&nw=1
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.16.201 -, , ASN (),
Reverse DNS
Software
nginx / PHP/7.4.26
Resource Hash
c70ce6352a0a75958cdfd82ff1f0d43feff9169fd0931586ca36197b5665b098

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
last-modified
Mon, 12 Jun 2023 12:23:36 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Mon, 12 Jun 2023 12:24:36 GMT
request_content.php
hal90009.redintelligence.net/ Frame 0636 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request_content.php?s=31707400070838500951389012353009&a=fd3d4c3d
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=4e13d99930&subid=&uid=05b7abe038190176&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DiK3BDjR2WlO9kSjdvEbA8A%26exch_seat%3D20035004448%26mt_aid%3D6433905848362713098%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D52496487-0e47-4301-9c33-dda8d0188b52%26mt_cid%3D52496487-0e47-4301-9c33-dda8d0188b52%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCNFy_Rw6HZJydIOvmo9kP6qWH6AHPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02NTkzNTIzMjEwMDEwMTU0yAEJqAMBqgTVAU_QfsyEkyKQyMW3VWmywhisku1dzE3EIH76LUaWx90FEBQpUep-8gultx7kP2LYRaUYf-MB8qEs3nCA7UpQNk5kZI7KUsPekSLMMWT1uYXppiAigX6tGc89F6i_q_Uy6AfkZbDmC_Gn2cKxuswoZLTWxk_hc-Dhb0qC1SBqg5Gt1cqvYQhiBCx7MIYE-Q-_WvWas-L09FJ-11_LJkQPoZheHJyOTq9iI2TO7SwOGquVStmIHxK51TeUTbYlymAXn3dLGSt7_UzB-Bqffx7ad4Soqx-1OYAGvtTW_Nma6J2oAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3wa96uX9u-SMUTbRVH07nyIpXp8A%2526client%253Dca-pub-6593523210010154%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6593523210010154%26output%3Dhtml%26h%3D90%26slotname%3D9586219513%26adk%3D1165138949%26adf%3D4198790052%26pi%3Dt.ma~as.9586219513%26w%3D728%26format%3D728x90%26url%3Dhttps%253A%252F%252Fye-mek.net%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1686572614843%26bpp%3D1%26bdt%3D167%26idt%3D201%26shv%3Dr20230607%26mjsv%3Dm202306060101%26ptt%3D9%26saldr%3Daa%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7725164863994%26frm%3D8%26ife%3D1%26pv%3D1%26ga_vid%3D203484682.1686572615%26ga_sid%3D1686572615%26ga_hid%3D1844000573%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D728%26ish%3D90%26ifk%3D454473896%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759926%252C44759837%252C44759875%252C31075258%252C42531705%252C44785292%252C44785294%252C44788442%26oid%3D2%26pvsid%3D989115233521573%26tmod%3D1008808033%26uas%3D0%26nvt%3D1%26top%3Dhttps%253A%252F%252Fpcloak.blob.core.windows.net%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3D2.ayhqsc6aybs2%26fsb%3D1%26dtd%3D205&ancestorOrigins=null&random=1042048998513&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b6b10b7e4274b3875e32f26178b872c9057dcf2b7c7483486af6713811fe024b

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2082
Content-Type
text/html; charset=utf-8
Date
Mon, 12 Jun 2023 12:23:36 GMT
Expires
Mon, 12 Jun 2023 13:23:36 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 19B2
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=31707400070838500951389012353009&t=htlp&gdpr=1&consent=1&gdpr_consent=li
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=31707400070838500951389012353009&t=htlp&gdpr=1&consent=1&gdpr_consent=li
43 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=31707400070838500951389012353009&t=htlp&gdpr=1&consent=1&gdpr_consent=li
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
HTTP/1.1
Server
145.239.193.130 -, , ASN (),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:23:36 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59B83:889E_91EFC182:01BB_64870E48_139C1A5B:6DDA
X-IPLB-Instance
40027
Content-Type
image/gif
Keep-Alive
timeout=20
Content-Length
43
Proxy-Host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=31707400070838500951389012353009&t=htlp&gdpr=1&consent=1&gdpr_consent=li
date
Mon, 12 Jun 2023 12:23:36 GMT
server
nginx
content-length
154
content-type
text/html
inv.gif
img.tradedoubler.com/images/ Frame 19B2
Redirect Chain
  • https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(31707400070838500951389012353009)704315866
  • https://img.tradedoubler.com/images/inv.gif
43 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.tradedoubler.com/images/inv.gif
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
HTTP/1.1
Server
13.224.189.92 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 09 Jun 2023 11:35:17 GMT
Via
1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA2-C1
Age
262100
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 19 Nov 2004 15:35:04 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/gif
Accept-Ranges
bytes
X-Amz-Cf-Id
PsLDJHuPRxYg_jWaZaFwc1KMnZr371MaoKfM0oLY-ARe8YHA1s5KPA==

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:35 GMT
via
1.1 google
referrer-policy
origin
server
TXServerHttp
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
location
https://img.tradedoubler.com/images/inv.gif
access-control-allow-origin
*
content-type
text/html; charset=ISO-8859-1
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AF1B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Jun 2023 13:19:10 GMT
etag
48472445140208031
expires
Mon, 12 Jun 2023 13:19:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 81D5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:34 GMT
expires
Tue, 11 Jun 2024 12:23:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D19 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:34 GMT
expires
Tue, 11 Jun 2024 12:23:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 19B2 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03d91a18af2802b4c2c704cc475fe8ce31317891272cdeacede806c86edb2322

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 6234
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMJySqbbxU73FH4RaWMRlZc&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMJySqbbxU73FH4RaWMRlZc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUjtq1ejq9qrpjSRYBXEY_JlMBMVwMiMjSCIC6VMpjhyQAZvqoet0VWDrELli7V2pHcI1HKBUyPODG-kDjLfva207R_j4ZWOqAOd4261rMTA1Q_sOg8tDhzyFNfp9Kc_PyY4ZrQBgEOfwc_LDfcDFboO-vWgwzhjf-crP68xNm7HauQEFc
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Jun 2023 12:23:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMJySqbbxU73FH4RaWMRlZc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6234
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZIcOSL1YRLGYJiF4.u6X6gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMJySqbbxU73FH4RaWMRlZc&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMJySqbbxU73FH4RaWMRlZc&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUjtq1ejq9qrpjSRYBXEY_JlMBMVwMiMjSCIC6VMpjhyQAZvqoet0VWDrELli7V2pHcI1HKBUyPODG-kDjLfva207R_j4ZWOqAOd4261rMTA1Q_sOg8tDhzyFNfp9Kc_PyY4ZrQBgEOfwc_LDfcDFboO-vWgwzhjf-crP68xNm7HauQEFc
Protocol
HTTP/1.1
Server
185.80.39.216 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Jun 2023 12:23:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMJySqbbxU73FH4RaWMRlZc&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6234
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAASuUcGlBFOCldPZHg3kPs&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAASuUcGlBFOCldPZHg3kPs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUjtq1ejq9qrpjSRYBXEY_JlMBMVwMiMjSCIC6VMpjhyQAZvqoet0VWDrELli7V2pHcI1HKBUyPODG-kDjLfva207R_j4ZWOqAOd4261rMTA1Q_sOg8tDhzyFNfp9Kc_PyY4ZrQBgEOfwc_LDfcDFboO-vWgwzhjf-crP68xNm7HauQEFc
Protocol
HTTP/1.1
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Jun 2023 12:23:36 GMT
AN-X-Request-Uuid
b7a8a57f-3e45-4b1d-9a68-d92567b7a638
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.131; 185.213.155.131; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAASuUcGlBFOCldPZHg3kPs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6234
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk3NjQ0OTQzNzMzNDkzNDE3Mw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk3NjQ0OTQzNzMzNDkzNDE3Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUjtq1ejq9qrpjSRYBXEY_JlMBMVwMiMjSCIC6VMpjhyQAZvqoet0VWDrELli7V2pHcI1HKBUyPODG-kDjLfva207R_j4ZWOqAOd4261rMTA1Q_sOg8tDhzyFNfp9Kc_PyY4ZrQBgEOfwc_LDfcDFboO-vWgwzhjf-crP68xNm7HauQEFc
Protocol
H2
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Jun 2023 12:23:36 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.131; 185.213.155.131; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d862b2ed-b045-4292-a2bd-321ba7c8d48c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk3NjQ0OTQzNzMzNDkzNDE3Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ Frame 0636 		2 KB
843 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=31707400070838500951389012353009&a=fd3d4c3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 11:28:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Jun 2023 12:23:36 GMT
/
hal9000.redintelligence.net/scale/ Frame 0636 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/23333/creativesup/WW-Native-627x627.jpeg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=31707400070838500951389012353009&a=fd3d4c3d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
4f6df8dd90da2d79013654f7f9747ae2d69395d83441d621391d551e2294b1e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:23:36 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
8711
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 0636 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=31707400070838500951389012353009&a=fd3d4c3d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
edc1f19399fce960a7f0129930f6ba12ba28fe82c24600a8d58875b61a405ce2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:23:36 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
9249
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 0636 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_627x627.jpg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=31707400070838500951389012353009&a=fd3d4c3d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
884c477e72b86ab8a87ed1523228d9acbf1a894c37b8dc305d62dbc2f9e050d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:23:36 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
9325
Vary
Accept-Encoding
Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame 5170
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBTfZEqwOiXIdv95GmzCd_A&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBTfZEqwOiXIdv95GmzCd_A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCE4EIYv6qy4gEwAQ&v=APEucNVUdX_8dXSsfCR-iVH4lkA4v-33QB1ZsV4zYiQxTmH5g2CtCU3UuBwPNufT1Dia126yKvdQfO9q5Xj0M2DaBSKqZ-e5LD8Lb1bufQmGR_ja-0reXJf9ZxeU7ShJ6pUgVP0zGcmbYdJ_L6rbU7eqg_nbr5102iaWAx3kF6WHJZp0TmQN02Y
Protocol
H2
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBTfZEqwOiXIdv95GmzCd_A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 5170 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCE4EIYv6qy4gEwAQ&v=APEucNVUdX_8dXSsfCR-iVH4lkA4v-33QB1ZsV4zYiQxTmH5g2CtCU3UuBwPNufT1Dia126yKvdQfO9q5Xj0M2DaBSKqZ-e5LD8Lb1bufQmGR_ja-0reXJf9ZxeU7ShJ6pUgVP0zGcmbYdJ_L6rbU7eqg_nbr5102iaWAx3kF6WHJZp0TmQN02Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 5170
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOFqQq-O40dxMhFI-4D3y2w&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOFqQq-O40dxMhFI-4D3y2w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCE4EIYv6qy4gEwAQ&v=APEucNVUdX_8dXSsfCR-iVH4lkA4v-33QB1ZsV4zYiQxTmH5g2CtCU3UuBwPNufT1Dia126yKvdQfO9q5Xj0M2DaBSKqZ-e5LD8Lb1bufQmGR_ja-0reXJf9ZxeU7ShJ6pUgVP0zGcmbYdJ_L6rbU7eqg_nbr5102iaWAx3kF6WHJZp0TmQN02Y
Protocol
H2
Server
104.102.35.84 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Mon, 12 Jun 2023 12:23:36 GMT
pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEOFqQq-O40dxMhFI-4D3y2w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 5170 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCE4EIYv6qy4gEwAQ&v=APEucNVUdX_8dXSsfCR-iVH4lkA4v-33QB1ZsV4zYiQxTmH5g2CtCU3UuBwPNufT1Dia126yKvdQfO9q5Xj0M2DaBSKqZ-e5LD8Lb1bufQmGR_ja-0reXJf9ZxeU7ShJ6pUgVP0zGcmbYdJ_L6rbU7eqg_nbr5102iaWAx3kF6WHJZp0TmQN02Y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.35.84 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Mon, 12 Jun 2023 12:23:36 GMT
pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame C06D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6069913381032&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C06D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6069913381032&version=m202301230201&ct=76&x=1&cor=866101035818832600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C06D 		86 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ABQwjWw2rFKbiPslX3LgHhDD8G8Tfm_2zFPgiFiF0lF_U8y2hj9vXGkclx8Q1NytsWclv1bN7gOI92TL_JCHIVju3s7V65NnmKyRf1EioMiO0pD_0s-ZCkcLktOhChKLqyHfReJM-YLNkVyVtLZ-955IJn8BV3GaOv7ZuXyzmY2Ky9FcQ&dbm_d=AKAmf-CGR5_oWVANFdY6eIHuNj50es77wVkCNaDWnDzraggHQCYk_0bopslEKYY1qUUA3OBaTqMwRVHOG_Nf2_A0WXAhavgGUTmdQeScYYN5vHe8i-mB3T2GK2A-ZMcjqryaCqXIsHKQpQC1xelTapFxuj8WCK4gGBjx57XeSfd1Nwk_aVeULb4TQPpgiSIOCmGAikjmZLPkOr9qYdJfSMco0K0Tp65Rmv51iyGVaUv32Dtc_w3suz31ISJIoxCp_7qLfFjKahMNuzHkK_KAvHfm5i6StAaXIOabGFLMSnOvw9D5PeoHuhqeHZzSlpNvAvWRXUXvC8hVlix6IFb6w7P3h5UzS_WgBBWv2Tb9Ip9ODIjJj_xYBryVHxYdj-heN8gsjDoAsEUgPAv4LReJ3NQQpoElp-wFD5h0PmQrRLBM2e3sGOykqP6MYJqwk91TJAZtqD1l4JcjPxusH4bUwJTZK0jXCKm5s0t7UVakjongyRtZVcBFW7g_2fhBNaIA0bsdqkuLW48c4PfXPkZWbGcV2thR4Ts1yOhntiFZA2ljmJVn0EAIFpLfpSoXZvGh0eJaxv9QUM1oz_9hO8285u2EXQryQjcPvbY29GU-7h8hLTS30rZAAd3BWxPrr-mplf0O5eHvgWjDvcscAoFItsHgc5FToRYQu9_SvcqlfwPDNZRnMxB8kOc2lD0xTyniqE9Muu007RRvizIe2Y8mkG4P4MwgUy4h883roaI3WtNnre5dmph_tIBdYlznEn2wSJoc350DqWHG-6JnUwYAKAvADy8hzT7zkUD7c2D1sijcTNHdJrlQ6VRdDinqmbVZsN91cq_1Deryp--s463j0R3bH09JfBD-K8XNCCs6zt9zFTaF-wJffpae3xL90HLRxTgzG2SvaFs_BK2R42TsEBv2BP70NSmn0qk4cqufpWoKg8202mOK7o2lO-GPxCAdyM41NYIv0IrbvHt5QHHBsCs_XEJXHEyaRpl4AtDuHXjchxC1gbBXZbnTy0KOrnXcVAgMLU0lvVF_jAanrCA_rwS4xT67zWKsxJHxaUriZHogmsvhzvvbI32cuWewTlwaFgso0cV9B1bymI5D5jGbuz_lbI488LZaZcUmnIFnnN0-XQqJdPKSzld_leyGbN6wD0ICf0wpa5c4K6waRY1PCL8sk_tDeOYph-b9kfzKfRN4-L15XTg_8Wi-Sz8v5Nekaql-meq7bTdr8YPS-R9LUKSz4HeWRzQMg8tnxBzg_kQhxBklpEJOMUv-2zNxkLJ0KhIEpDaGY-9PEsmqF4Jz9m6g8lCzlP167n5jS97WCIG0NRAXdTop8JvS1nmFhDamJSwGowgNb6d95uAahEGgeaizqJUyU1e81RbHeJPRiAzbtq4QMoAJSicfFYpCKWYShFEG9Yr-FPuaE6-fXc55uwc-HDamST4lSXvT17IAxf9PdGtOc1GU5d7ah4_u9kMTIJrhDKb1eH1B7N3dRu24foiXSA7iXiEwRDXeoQxKSVsh4HWyjhD_4g9r8J3EdJ1usX0beye6xyrrGb6XRjgnEnTt6swFg9lQh5CJb7vK0yJi7GWgoOUwkVNXNTCTfMzi8abR_yzgNAJL8JASXhab4W6bgwkep6RjyNuhEzTB8KtCqopwhRNOdgTLnaKa8RvrilvvCH6sX4z-mS5-tR8o1cEeBqCZkKG_j4cPgRlhacHEQa8xdnHjNFt75sy6slcysZANNYVmhAMkhS4c6ottewlLL9DWap_HoAqVKR6rDBrywwTx8-whTLWWAhQKmIKCH4BEggm2ngpR6zNf8hb8s7FFyXeSThSeGznwLBq9M9kzgpJ_rEECu3st0m3YW9WfxiXdIsKioyGJw_DAHDcRkfJEy8YEuynatjMLPlu60uai3HXc83uNNi567QZwVjpOxCWKmwTpslHW7Qr4NmA52kRkQ7Q4UJO5ntnR6uoqMVCL7e0vSHDeF0_d1KMoMAH5JbpyGntvMJ-SVDhWMt3Ni2xPN5NMarTrOtde0pfeGXnaKZK7I01QHRCRnhy9Is6Tq4ebWV4BhDFR4aXeUbs75th0jFc4kqVPWLweZbstvGr2bbIjCKnTxZWfC5WGDFCtUZ5ibLhJerlnxJim9YGRRBGvndM1zoAO1668zmftqfJ9xtAkndROWNF6k4UVXnnaddJ4PQ6DUUzPcLgtnSnrE_2R-0wiXytjF_u438BULZ2EHej6fyzdAt6_Xi-fvqlp_Yzl35pEcQmpSYJE3dYLGTN-u9xGBjGmhpRK5LS6cPPa91DIcJ45o_JECC4J9_Y8u7jP7PaTn6jfQGcFbylX93-LQJCPpEAmtHHmDVJu8H4F-QfrIsQOHHpUQZVPvjkyn-pXPJnCxU-82Pri9NwGAB8JOVB0Gdp84u0eVZuozEcSSKzrdlhCdpin0nxEICTHC0rf91pWcOngWvSz4PoRnXsMVQp8QYBMLA6lBPGd8PFPJbvljcN3FnB1Kcn6bhB_ACjlUkEXAZLqHI00Oy9aNvbrpRB34BkoQQ9-1rn4HwqpzQaXa7afXoquTZGJxz6rn7W1NUu5RdQzd32dK-vHQ1GmHSiJpzvKpw2ueYUNnYgcH0Xd3izvAcZgH-NeSLBWQB2P6jjpkmBs3jqOrWHq_nUi6jQTu9P66e5l7NN2KqjpG6vmQZOx-Z4YXAXy7vyx_9-FafdGts4EDi5YX_lQmcFh_L20GnVyY2D9B2qNGw_Ik0PrSy22Pi428PU2fvFkfWBBSBggvQMy5rYZTusuIa2F8UVYHzEfXHHe10wvdvBRfITJJ907dkoIgLfszwFZvqszarAd0aIZfkBxCdW4H2MQJJReMRV5z4ggmwVokCQBKipk9_odp86CXpud6IbxjOTx2USi6yGdUjMEgIHnNAxU5zW5ueo2i4IM0YvdzHvKOVKyIpsrRgkn16kWaC7MDtUQ0S-W1uo7xAKdMSUc2RE1EBtvtcSSxfoulqhvtDfAuwhxFFi5JIeu-ovCWFOUWUf462ZckVIkHbbx_S27J-jJ82WTgAzdV-2y4mv6HLrIXk87CGW-WarzQLPHQw58K8R2Op836fUL9gTSymh8vigcA-iduVdOuZW-OgSCwVzljAodNwyhp1pH_fTDLEoEKsWy1zR-GPeTFkgPF1GWuXdmdiLqQKX66LJ9FjWCAaOJKW2ai00ElKoZODh6TH54F57wx_3Ydh1Wmu12Le5yHpMfnpa7SWlkbtJ9PiZXobHPmoU_Qb0aH0Pykrmr57kZbzevcfJgCr6XJq9RiR_hO9jFQ9kUC_2HncYVmjELKxJElQPZ4CqE3ja2a_uoLj6GtC-0hEWEDptpb7VkGe_0s6SPktHWv9GY4zhAKCIcFMsL0thJNStLz0L89LXEdTq3dIU9-4PqS23kFxCtsoytO2R_PWZlg0CEI8JqfNuJsbFGFi6mVVocXb9qMutn-AB4ohZS-_UkMXQj1-S9H8fzGlzyYi3LXnqfqGvncYcgjcUdu2kbP9KGgRA2ColD7S_h0eXfdhSvn0BIfZGPInyFmkL_rgYQ_Z5Ve5dwSqcgiQayWvm2m450axrc_-9qlIcWCkZWcSizf_pZl__xiO37qs1fm5bfNX4A7Wn47kiX-DNx81mGiERm4TBHqh9RtGtE6aOisilpG3aZqd1iv5vwj44CvDN2C8lViA&cid=CAQSOwBygQiDwS6VahPXNq2KzpoMFWK8dqQFFgfA3Oyd6PggcU028fHQcrF1RyqMlBLvqtn7chbXgC8a8tdxGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=866101035818832600&adk=3887872403&idt=92&cac=0&dtd=27
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c459e20e082f313e35413dd607b8c88b7f12fdda1142c5e201e4f9355c34eabe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36475
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame C667 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aadb1ed053ff8a74db916c5bf4f457fd01b0317e376983f04c495b94762cf43f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 03:01:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
33700
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13622
x-xss-protection
0
server
cafe
etag
12561890283913249334
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 03:01:56 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C667 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
341880
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 07 Jun 2024 13:25:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C667 		175 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55943
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686137816735621"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:23:36 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame C667 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 00:37:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
42359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9004
x-xss-protection
0
server
cafe
etag
17960421598201694375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 00:37:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame C667 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 09:32:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
10244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 09:32:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame C667 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 00:38:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
42309
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8202
x-xss-protection
0
server
cafe
etag
12977410716570951617
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 00:38:27 GMT
l
www.google.com/ads/measurement/ Frame C667 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwinx6sE6A3AlcNqiKtLGrroncsbpjmyAjrkxr9BEEhIIEljVPJT_O9IaPoex9wXDuIzOuigCWtPsLnTG7wiirYEUV1w
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
gtm.js
www.googletagmanager.com/ Frame 3267 		112 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
55dfebf1901d6c454f03c2c7a76eb7caeaa42f1be2ad4f8d607d844aa90da0b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44033
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Jun 2023 12:23:36 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 81D5 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aadb1ed053ff8a74db916c5bf4f457fd01b0317e376983f04c495b94762cf43f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 03:01:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
33700
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13622
x-xss-protection
0
server
cafe
etag
12561890283913249334
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 03:01:56 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 81D5 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
341880
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 07 Jun 2024 13:25:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 81D5 		175 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55943
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686137816735621"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:23:36 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 81D5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 00:37:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
42359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9004
x-xss-protection
0
server
cafe
etag
17960421598201694375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 00:37:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 81D5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 09:32:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
10244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 09:32:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 81D5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 00:38:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
42309
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8202
x-xss-protection
0
server
cafe
etag
12977410716570951617
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 00:38:27 GMT
l
www.google.com/ads/measurement/ Frame 81D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXCDyf4aqh254eJGdhMTi30QZucwVzhXrK7SDVmoDqLfg9UeaRsfKNQTnP8JMbnsyfJrR8EFimRJYuGL1GoLG3m_M_Qg
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AF1B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENkBPFO_q5aqYiDVYVTnpAU&google_cver=1&google_push=ATf1kGMAmkrzHAR9iwELA3Y8DweqfmJASDLL-HKhQlZ70ul8hhesnUBChBwtzTXR-RzGczpj9MrKrSTLbBRRrPpylHU79vh3sFufcg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODQ3NTUzMjcwODY0MTcxMzA1OA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENkBPFO_q5aqYiDVYVTnpAU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENkBPFO_q5aqYiDVYVTnpAU&google_cver=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Server
2001:678:cb4:bbbb::11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENkBPFO_q5aqYiDVYVTnpAU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame AF1B 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECkxzPiNIFqySRJSNwWDEkM&google_cver=1&google_push=ATf1kGN2Ci89J1ch601Q-vHMJQk40BNikVYt_lTy9ikyMVJQIPc5s2U0C0K_qY9H0UsE2evAJm9m0giS3d88xz4YUOxoIEFvrZgaYw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame AF1B 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAoACK2sWFOL-j6Q6eMxGDk&google_cver=1&google_push=ATf1kGPRO6SQqTdXPX-ToLbz1JS7SDvk98DXaSZUoD6upsEqdtuJKZszjaIb_9ibTBnG2ZGs0jFh-zej1DQO__DiYRSCTPO-cdsSiw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame AF1B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBrBlF9P0gpxpHL0bSks3mU&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBrBlF9P0gpxpHL0bSks3mU&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c01wd3RMb3MxUThHQTg1&google_gid=CAESEBrBlF9P0gpxpHL0bSks3mU&google_cver=1&google_push=ATf1kGPuRpIn0dm0neeJbxSf1NvmIVJVIg-fZwr5olANhH8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c01wd3RMb3MxUThHQTg1&google_gid=CAESEBrBlF9P0gpxpHL0bSks3mU&google_cver=1&google_push=ATf1kGPuRpIn0dm0neeJbxSf1NvmIVJVIg-fZwr5olANhH85va9PBLUV7DhPN_uV9EykVlrSnFUepAZgJy0LA16SfXL7M3VDEXBZjQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Jun 2023 12:23:36 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-778-gc59cb35#rel-ec2-master i-08be716de74acf898@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c01wd3RMb3MxUThHQTg1&google_gid=CAESEBrBlF9P0gpxpHL0bSks3mU&google_cver=1&google_push=ATf1kGPuRpIn0dm0neeJbxSf1NvmIVJVIg-fZwr5olANhH85va9PBLUV7DhPN_uV9EykVlrSnFUepAZgJy0LA16SfXL7M3VDEXBZjQ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AF1B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIGDEjmUPBLKBGCYlRTVF48&google_cver=1&google_push=ATf1kGOyjIHBCLWD8UFssN9EvGwVC0rKdR2GZkh2JPdN_YzbyzZgkEqBcMsjh2ndD-rK_ShN8bfpA44ngvs3UwucOSH2...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIGDEjmUPBLKBGCYlRTVF48&google_cver=1&google_push=ATf1kGOyjIHBCLWD8UFssN9EvGwVC0rKdR2GZkh2JPdN_YzbyzZgkEqBcMsjh2ndD-rK_ShN8bfpA44ngvs3Uw...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOyjIHBCLWD8UFssN9EvGwVC0rKdR2GZkh2JPdN_YzbyzZgkEqBcMsjh2ndD-rK_ShN8bfpA44ngvs3UwucOSH2PllILx7_OA&google_hm=Nf8FLe9xRUCpEYdljULUYw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOyjIHBCLWD8UFssN9EvGwVC0rKdR2GZkh2JPdN_YzbyzZgkEqBcMsjh2ndD-rK_ShN8bfpA44ngvs3UwucOSH2PllILx7_OA&google_hm=Nf8FLe9xRUCpEYdljULUYw==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOyjIHBCLWD8UFssN9EvGwVC0rKdR2GZkh2JPdN_YzbyzZgkEqBcMsjh2ndD-rK_ShN8bfpA44ngvs3UwucOSH2PllILx7_OA&google_hm=Nf8FLe9xRUCpEYdljULUYw==
date
Mon, 12 Jun 2023 12:23:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame AF1B 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESELMFhlYhUivaAtfk5OPVlUM&google_cver=1&google_push=ATf1kGNh760xZ58fgzfGAzdifhhjVMudIW1VeLfckG1dywDu_ggOlJnWMzxV-Xiu2vpKVPziCCTSQp8d9vn7W2OwBOF2yNJP58qASw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:35 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
276330
expires
Mon, 12 Jun 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AF1B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMTrvQmgeeWAws32p-RyMtU&google_cver=1&google_push=ATf1kGNve-7c4BLFdX2NuCBamF0wYCc3YhCPTDrLAUSKAZC4mssu5GmyBbdZQ7qe9h0fJaiKt-0bzunz3h5d...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNve-7c4BLFdX2NuCBamF0wYCc3YhCPTDrLAUSKAZC4mssu5GmyBbdZQ7qe9h0fJaiKt-0bzunz3h5d2QfWj4xCZY6aEunvyQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNve-7c4BLFdX2NuCBamF0wYCc3YhCPTDrLAUSKAZC4mssu5GmyBbdZQ7qe9h0fJaiKt-0bzunz3h5d2QfWj4xCZY6aEunvyQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNve-7c4BLFdX2NuCBamF0wYCc3YhCPTDrLAUSKAZC4mssu5GmyBbdZQ7qe9h0fJaiKt-0bzunz3h5d2QfWj4xCZY6aEunvyQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame AF1B 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KV_pTiTSCI-jiltOGYm3iffu3K3vB-g9uyen1TZBC8M9KNSWAzOgTTQc0jjHykNDzWW9pl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 0D19 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aadb1ed053ff8a74db916c5bf4f457fd01b0317e376983f04c495b94762cf43f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 03:01:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
33700
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13622
x-xss-protection
0
server
cafe
etag
12561890283913249334
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 03:01:56 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0D19 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
341880
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 07 Jun 2024 13:25:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0D19 		175 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55943
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686137816735621"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:23:36 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 0D19 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite_fy2021.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 00:37:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
42359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9004
x-xss-protection
0
server
cafe
etag
17960421598201694375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 00:37:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 0D19 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 09:32:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
10244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 09:32:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/ Frame 0D19 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230607/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 00:38:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
42309
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8202
x-xss-protection
0
server
cafe
etag
12977410716570951617
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 00:38:27 GMT
l
www.google.com/ads/measurement/ Frame 0D19 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTt8uXZpzzWuch7KhX2qFt_Tl48g63q3r4mQ2el10ADMOSeWJgtIZ98DUExNNuYvMqxwjh4CbADLviSGMxuRnAFbZegPg
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 275D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8960273749799&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 275D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8960273749799&version=m202301230201&ct=76&x=1&cor=12386242478710880000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 275D 		101 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-Qdd9GXES6htHBE7Kyxp6CVW3JyXN-1HqPRTCL1FgMdf05ShR65vXPkfo4AuqfczEYKnF7ioBKuTZGGLtEQgwcsXWRTJVYUBYR8GVPgs5LhRCPPY&cry=1&dbm_d=AKAmf-DcOX3eeDbOrbAJtC8xjMM78-kZP2bX4qJhB1_GLjzAO-aC7OMYfxY51Sqk0ag_-Lk9Ypa1OSGQqWXlJ2e1_TScDXzibEW33xBjZe7y7Z7oPZOpxqGRzRMLxZ5f6CcJ1ripBt1A_Qm0lHgXRWtCpCy1N8IPvajdXULLLYDb6J67vjP7_Hf9GMHpBm0ruQs9kn8tKasrNneOE_P70Q-cEd8JW4SLssblSeJPqAYIV_vcqxllAUOhs9TlQXhkLR3wdJJRjsA-XKFEhuWf64mTl2tpDAmcx3WBhPTWkXB2sFnnWP4_DG5OTGfFY37FOMbwcx1HBpOBuWND8Fst2BhSN-0z7y-S6n4A_8iZ6aH3AyzQOmqI0Bgf8HBq9aNL69F729sT5mXmAmT8vApwYWpIAt3jcDDFHzA26qXPfxXEaVkI3A7bEOIwJ8KzkR2qB_dC5Q6NZA_PXqWjPTBqhbQHTpGoMc91pZf9W6j7iKhha9AKZcKZkG7DTXCsaiSJlIVp81fe2bEI5-4IlyDIGndSSfZIBtv7KtwPMpf6t6NprKvV8vSgUYXwvhKGRFpNMSKfKzXquC7_GF8Bu9SiHsqoebmxVwSM1dFNmPmmqNN6STWvcpEz24eaNyLE4RBoaogroSQe2Gfo4kUVI8MIM2TbxHTwYUuLU-JIy2IQqBYkqlYqxsdPtjgB9xzlO-1PeWdH_1zp8Y0Uszzig_wYKZw6m6FciUkbNAv576jg-sPKoDAsm1RemMWZAxgUtLL5bj4yD9FGEarGDlwu3NowB4Zy_b9EW81isnVetOPnofNKmNSUMR211XOcBkgw9SQtjqE1rIlUoP__gFs0rW9NkmG6WDpPS2Wr9y_6UMGXlklUD-w58zKywgE4bWkdMELdSmmir3uwq5SqmszzFHNQvrR8hC1R1quMiE9eltXx5p-Rf18AmYgTTEQ9oAdhPmZ6kOeUjoj3J6VmHRP2lQqJkW5_FEN9iXhwQVVpNHh4GJjBLnvHALvfWhb4GPl4TUbZnhZUSPh8cB4wgXxVQAHylqs-OpqGrVokvgeBNn5KUh5QvZdfaI82Y5uwlF-TNkrzaBtQPK13ZDDbSKsgbPQJ7nmDsib2LrIA2yh55c1kImmwBxPAGBQudJ_BIyPTwB-bvGbO6ZrCAiA4JGtWLGG6gJ4-dYEjjnaPosPuvpbYiElZL9F-8cP4cwCtB4x28uv1TWuebswvzWa45ffYLLt1g5uGejXyCxxz7xj6rjkBIQGqDhwAdC9pFfnaQ6sJoDWzLEvnI61kbrFLMYnNkHC9O60NhuOoXQOErVFx_OLkBBXD-LmiA71QsrWrFPlSZDTV6w-xRFsERYo35vihEl5DMOy33DRITNl6NRT-0LLUX62vw0cZpXzyWNrVSBk3A4s16dfXDZaLrX_61QwihJ1wGfc60ZZ2EAwKs3FbGoGeM00NaV9To4a2syPkqDu3XAlI4eBbMfh01_dY0oKm9-J5Pjd1Zl3EoE6LR7c_aI2HMY0vaWOU0Q3o_ITwz7c37qOvGJ7B4L74IfnoDViQiK5JC_fLptvbblOiMsM7Tx6AvmXQLbBKXJ_pYIoZHgBwqFAcHX1avyKIKdJK4TysV2B-YnnOahlkhmVQ16OaIP0RR8HVFJV7o2ThNyywvEfu8U5gijRM3E-MRGozW3uIA_hWlMvDhATv9Rzv1CQAbqbRaZeEaYT8ZYEeoeiTcxjNs41Q-6trq0vH9tvdIFMqSGfUmPaIPfeY7oPBqAJkF1joY5_0PBgfurJuyc_PFvsJqkecbclcyz0LRtZT6_1e3H6E7qD1CpWcIyOg0Oqc75K4B-KfjPAITRnmYYDnIHK6lQSx5S3BGtb6-4dTcNGmsRh9_fTAYGYnyvt95Gh-NeUZZVlGozcA11NiEx4-3AIz2O9iW9Y_TIraD8jPtWvYXxYIl2Vc8wHeBJ3iCjFmUMLUL0qgtQ4yaXk8bVLvmjMbD7OIqnAjwMc8dLh3yNM9gXXp2vLp7hTwwTNzuOzQtqzhyyxgk6cS2dcD6B8OpulslyAzlLjfqYyuUeKwwLCDyssxe4h_KlrM5H40y8vD4TF9FYf87aSk1Eh7omQwnATpDNks7HCIWsT7KqfwY5HO_jwWNIFanHYlJu3TN5AFcxbNIvC1IYc7yDvhjW3vNA9E_uzQVrN760aWr44sVXmICtsBCN1rXJEucEfQXUNgeZHR9ZxuzIh2vDey0IOKirk73EQjbdLlK1sfeuqFj3pYqdgotDbSVHDZZYFQ3uUmqyM8uGJIXt-nWfgLoDfbfosnWmSS95IX6ZIVVbhbJhWWqu1cvhEq3Q3RDjaUSP-hNBIA-IXb0HYH3vYTDhaE9xGMlo33v-CUm8XZC73PtK0L5vT9yL6NVESF7cIAK8k0if7U0EEuyk158NdHigaSA_8bSbhT4k_wWpMA-KwWGt9NpU0z3RaA7s0KKGpARke5Sj-TkzK2PkORRqyKu-x-qMGWfNok6hzLHCYYEGQGXVsNhNKOeG7lLoNL5NHJzjPPsfmPcupWm8KAd6CuO_9teGeJOPzR6VXKx5jsA0gHTuCbDZZLMTOCap_rlyHN0w0m8uJi2Wjxnk_ltLfUrIiPcErUYLf9C6k5s5pG62ITyNgz58QW8G0ep_oVc9kXGoT9MqD4zw-IPR2y9Ee7pW62Qv9EbDhuOg-vlz5kniVGR0sNY538moOYu80TYSqDAN3r465T9231YONR0clJwYO2n_x8yMUBXjbkkeWwyyDUvrYVEB2X8iQw1xLYPJ6-MWMYJxXh6BpHIhURRcWEv9kkvvLF1yvxZ-pQDczitNCL83eFw4Si_DFvtxjq4HSC6hJJU95u5ASrvHSSsupTFiskOKTKcIrNU73AxLroo9UUNMznfKnQLSZ79_sdclelGjZVUlNmKQmkGPc-_KctcpVTBum7iDFI17w6HMMPN8J925RSKeQ2CUAik2YFPx6A6LLHPmuU5ZAky1mNy8k7rzxjIcFjzhqYhxyOr1yD7pyC4i6y5H3CiAQoJ__VwG0M1if_ar4gifz8MYxmkEoi5KvfFWJAU_d85EUpG0RlfGvm0sMliEcaG_1XpRlX_4iMwSg6s-oj_W0du_Xi8wOW_1pGEojyP2p9W6AjrbkyU1Q3j59d8B-WIVB2xXU5pF3VVGlM9TklNhcyQtMcgMYnc3D3SqqhQ8c0Rgr_CIHTacshiVI5kCQ3ERnL4d9GB0vzpoSFNPbkyfMvGSuT9IMDVc0ac6-mZUmd_H8Booh_VFMZU11rif4IhimdGCCLY2f21MelnB8cd-n8QxfMUFguU6mAO-mC4w_MhalsCP6ASZ4mnMynyVZmAxrwya719_7rzB4EY1cat53FIMNRMMwe_fRJCRqJOH2fbrnMrBulg-2ywr6rAtC_pLnpiPdXKs4tGep9oST_cJerdg_mk-nUpcXBrLZnvSl09EvQEPmUne1e&cid=CAQSOwBygQiDKdFZ7DmAXyd1MOVLrEl1V5WTcfR0um5OGeC06QvswmO2-2RUxM2_JqCZwHnocnw9ghdKavo7GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=12386242478710880000&adk=1599433117&idt=139&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e87633da23e2110ad5160a9cde1864af113cf344496a489fecffd107fcc319ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37959
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 19B2 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=31707400070838500951389012353009&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 14:02:22 GMT
content-encoding
gzip
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
80475
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
BpjY2fPjZO1PxFJZShgtQPclnrvxmG-ISZMfu_7AwmvAcNdglGtjWQ==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame 19B2 		85 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1686572916&Signature=gA9Ju2cgb8Dgi6PqL5eEbM9oJPqZz4Xo2ATvT2VWGG9eaN0l0p8RlFA6qE~4EftXdYeIkvc3MxV~e0TeLkwOVee6epSdXnKQSg6RGI8EUOjZ1-bnIkjWn7Gf4jum3ZsRMhFeKtZaLlicMpqGftWOt4E3WWwL57noRxg6gzrQ1p94TM7EbgI2ktwspNcebGUoIBCmmNFlLY5~VyNLs-bjzOt-F5YGULdG2ZGh7BVzivl0lwm6YctvMor7C7VAVFAnMQF29GI2L~v4onqoaskEc-O0KEb0vTfP8GcNf9Ilm1qGcOuhlyo8-WPQZry~qgX~ShQ8ax~S2o7J4zPBXRfkhA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572614843&bpp=1&bdt=167&idt=201&shv=r20230607&mjsv=m202306060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7725164863994&frm=8&ife=1&pv=1&ga_vid=203484682.1686572615&ga_sid=1686572615&ga_hid=1844000573&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=454473896&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075258%2C42531705%2C44785292%2C44785294%2C44788442&oid=2&pvsid=989115233521573&tmod=1008808033&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.ayhqsc6aybs2&fsb=1&dtd=205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.94 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 12 Jun 2023 03:12:57 GMT
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
33040
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
aJQiEiOSAeivq0xdeThK3aazlG4hvAEMNBwTlxFphwTMjJq_laBc5g==
10261972549777223277
s0.2mdn.net/simgad/ Frame C667 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10261972549777223277
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
25b451f3cad26104f57800c79546bf5a40295d0cecf5623e623f4479b94d0ddd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 17:53:50 GMT
x-content-type-options
nosniff
age
412186
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44765
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 13:36:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Jun 2024 17:53:50 GMT
7352296608196688721
s0.2mdn.net/simgad/ Frame C667 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7352296608196688721
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
2d3ebc5963c3ba449fc6f11b2d5ac883abaf7dbc046ac7c1b267518e0ca5fa27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 17:53:54 GMT
x-content-type-options
nosniff
age
412182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10020
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 13:36:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Jun 2024 17:53:54 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C667 		42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bzgv24yoNEbYHJcYxd6kmzy0nCovKSpKm3lf0d3O6-GhmQ6Eunv-A40Db7Npkj77kPDOoE3iZSOFz2QfrTQ4Nzm6AYfw5-_z_VbXs2-_wcNipm_-Fe8HL27ZCMkzxv9HI30aF-fruafZZqjFS4WqiEgIEp5w&dbm_d=AKAmf-BudmCQ3f6Z-MyVm52yGmff2kRDmqMisQoxdUmxMcez90KXYwXGaGhZY1e1xgxoGpdPqr5umb81ha2YH4lQ41_RKsAs6QaTz0vtkfgl8bmpPdjTuCqdvSkNaB-fuT4PKeaVi5O5VHciSvJsLUCdbhZiAjE-ucpsrmrqOlHkNj0FJQFBm0aRH_MB9pYllyEEUpRC0iZ5mxdS5zyvq7H2HalXqVQhZICS82TZq_oULwdlAhyNDTTNFhcHKuCdbtFHt9RxF2KoaPpTM2wK9JcqTSZQN5aVLMUB_lfBVwUk_ww-gd7circRvU2yEnKZYAgkCjc2-zUkrroy1AWwDDayRDHgGslOC6MGmDPVbJUUQVkj_jQn_bQi2FR0Z9nSGO2U6N629v2D478xMBYT1li4G3ARuKFa0y1rcbUs9cmlc9sgk6Oyjvtee9lSl3rUoqU9c3KNZ5YVpl4a4aWSsW9kSbxMKWhknyPeBLCfrH4b38E_fL3WOQI9iByQRyGmqmOSxVZ0sLCBJp1JfChyeZuF0m57PiEc4bTwInb_NOGemW6Ed0pPXQoshHbOmy-le2FcWpXroqMS975jUIs1oDq_dMVEtdwIIsWCwqbTwUl6uL3XL-o018lX-yGr9eWKdbIlt84R_r7-WY4bkqe-AW5wMK2zeOqNhwgdMPKxuHcsH8nw7OHXCsN3MSy0vWEmW2QpIEEdjrt6J8NlLjwRdKWEw8eEljTeuo_N60y_O-3oDN7-sf1LoipE-CHxJp4_V_QVSR01cu18UBFwmpLZrFrYvoKMKMGaG2E8stMEzDTOS6Pi0sgMEbci1GxAWjt6TC6lrHr66SSUP8zP0jRzyXIFJYkCoi3M4HIAmEWmiiPOJTWngdEmjweAus0An0kc_KGrbU4oSWHQn9KyizFpXet-wQrAGBzbDsYUprkzL9YyHN42CAXV5KQuQWhk1UMrdk6Zj1WHClZX_3SdjXqFPCs78kMOAdeF9e2fd8JgyNikId-G6T9bBJHgl9-8Rk_Q9dPf1Jl3vUoDQfNbZiQPKLkeO9LJ1R9-pu28URVNs28ABCCuP2NoIOTuIzMJQ6ii41kpxgzkWgAy35kTO5pvLpTno3ybr6pn0A5bTVSVpWlAXcIapbEvuUnGjjPmBstBEDrCbLsR2MtKsjmAZl7XLr4T5uamgNge_ScLGEhGBwAxqgu8_PItFa3QFXt7eUxcby8bzb2voXE7KsZ7zGLqf7c6oHnBO_8ealjYpa6wsv_EQ9JYD71TWndZjQlvaJfe-WRW9ZsiaLsMZY_PjgjBlFprFecePC3K-TROeq0P12fvVugpdbBQGxYhuoIMscb0tEnlOzUlXc4L4TVCIQkUi09TiDg6u7Pj_wnaUBMwU0Svg_GVNH-GTLDKEJI2xgmbMHM15ydJAt2SYIxnm75IHIFEaJTguan8b8bR3u-mIoX9cFbIVGTg7zSuexeliAa4Sexo8cfxOAVmLszU8Km9BGef9sj6abdPD0QpMhTUSc1VpliCUWjsEQL0R0dIGvmtd-UOTVL9WGbmEgvlYUkDmsiBVwrz8d1pbWAGR_olrhUIeEfU4GwCLdZSnW70GBvQJCVqprSYfJQYyOV-A9EAGgMgPG8d2IeZUX0PLgXSyYMTH5V7rJqdznrXDJ5h0qO5aWjVm3Revh_NgSadNcyaLz7sm7NR-RnB5LMPkEetlXLJo-gcgLNH0SjyIX5IrmzdHsGfhVxNrcb5PXo3WTrkYfci6HUuBcBj3om2FWqPXHWcGXIzf6abOz4XALXaMS6HzRIufHmGbq3Xj9GgoPSBhAWwxyty1agpmUblgVPLfsSdp10CWRfxYccDkhTcqVDbUqnwJik6NeZuACO3rZFZmlyP9K9Nwbp7faBFUgFoEyWZDlpBU5nrjF3UN8hcLFg41Np8Fr88LrddlFQmvQyMil3bFxBjQHzoTsdficWZzaYG-OfccgwXYoUVclHYTWYbmVf7eQP36I-8UMLh7foH5QNHn84wxrizAvraKps_wpjZvfkCnYY2LgYqbKje1JHE6tY7LMrmdVr5st4lw8sAhgBzclTOER-ic9OUuVbGU7tw7JaRJws6Ih_gZP13L8nWwEaZIz76nWyTF3BqFPrn4bV4U4TZ69kG2ru0hqB7rAUdbDxOE-M0gTyKMfb7qTDR61_kNT3Hrixu_aDBhPkVNVHIDoW1OVCvnLY2DxkZ3AoveRpKvZPkrKGlh4qX8vNel7-cHT2W0mwC_bH6Ku6znXTSPrtZqTXxpJQ0ubfyiDsC0R84UZMFvY4BlDv0xmVL0CHhsjTx465VMul2fH8O4adpxtx23Y5NAqELAVSaTT6uO4IXdEZLOyAwPTKvmOI2z4noNRpFMl3pobKatN8kDgjOz78GKFEG39mNf_GAvJOcguQ4w8Y2snpQvPj1UEjEdNYZNLL0xy3Ni2t2G66tcDNtyJ1PdDF025IHKfoUNt2CmhdHekoYb0qYexq5ViSu0r8LLWohiBkRyhmQ8yzu_FLT3es9oXlA7WAJH5fLMVjyrujYhYhjwq_VbyO1bqKXvS-cQPDXKpOgsIMIMNnFR1Ilr1Zpw4GpmHu6w1-1i0kHI22dwEyLpPezWP9vW1jh9qSvdBAUe2zcQxEc8b2Tze2Sum4VOg6PLOGYyGQsqBcO9OvTTj7iZWbN8KJmhUwk5Dt2ahh7uFRcP4OSAO6OGYPdVlPbKxJlZeLFIZ5cUmvN4-FZvW1AwW6-nGmWi-S1y0EmaAjkr7TIDTDcQ1eUvseCdhlEoBaxRRQMKopvK0F1T5gVAz5Lu7kGjzdSkkjGEJrTnXEpbrAOK2ruf1XqepWtju4ayHyurSG5fefKKJaboCW3hR-eQatVk4JXFMN5A1asWmI0oajVTTknzBZvn4-cosxG29ccAS6Otgz6p9UEA0SWO6zjWGqzwEsGeVG6VeRda3b2Ke1cRAAPIJ5d32hMAd9MZUW_Q1_FKtXAV1znFRKI03pAfp7RnLqZ1Eghqz-LUv5ySxRLhx4l-U1_-3aHWykmnl_pBnEsreUxxlBk9U86qkTKEFyrsQ6scGrJehTdZrWuPCd6IuCG4tA7ejKMWrKqq0F-0BvM7vaJrDtLIMQFzGv-3PzaYhSWsuhbKV7b75lSqLryVnt4pgjNb27LK3D1gmDO42cwBUOZlA_qzhanWQ-MfdClLmDVT-amPLqjTnMAkxLvhoEf77GduErfCpVIfeAbT6mc74hd2OkyENP3Tcq1_YZI2mPSlyxfHSBsdBxPMCWzr3ZCu8PjNGcm_rCTebZ9guOSoMsgFTA4kvLDgaJgrrkDyCyI-K_9t_YDeewkeZnKMmk2_K_STLJLck6tvyqNNtzFS9Db3sZE0Zb74imRgvX0PVWp7Qm0eW2f5qfAKAEi9nGM-vqAaVauqE3kh_Pc-OV0l9972zMlSVK_q8ODqfO0N6bUDtzBw8m1jRemlYphTPNwWvmh6PftXXpkzrAIdHPyWDE_CVTW3xYtezubM1QtThw7i4RmvHI47FTU-aAR&cid=CAQSOwBygQiD1klOwppQCmt6SVPznm3B1YPtB0OSxzpbqv01Ery5THQvC8W2IlIo3oF-PRet_Qe7ja7Q_xC1GAE&dc_exteid=31111773410646678440475076269407450&dc_pubid=4
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C667 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYkjPRw6HZIHiMMmagAf90YO4Btqxuf5wlO_CufkRjqq9n9k8EAEgwLKCa2CV4pCCoAegAdOp3fkCyAEGqQKQFKTl8BeyPqgDAaoE4AFP0NG-pru88352Je1gklmXgez5pF6y5LQrmd7AILue67y6PsM6XS6fMY7c3kkcp2pbm0Ju83FmFzCT_ADOk5IkbeUuIShljTB9Dm6ZcPpNMa8f0m1ivZn1XX10Id2ZivrZNO8dTM_M4VsEvx_J01aH0hiUQg0WSb-LoAHekfIM3R3VNATSz1KxDlvOddoVFHI1TrOV_E8fjDRRYd5uSrJ9rDXfAAMuLr1arEpX2Y0iHQf3dxa5wsPnlayu0x-ERZ0kWcHtgtu4vCrCS8EK2gmX01Qs61n0XJsOYT-UW_Ifn8AElJuD_sEE4AQDiAX42de5S5IFBggDEAIYAZIFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHldaihgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChC1lAYYpfXv7AHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsBsBP61NUTyBOXuoXjA9ATANgTDYgUBNgUAdAVAYAXAbIXHgocCAASFHB1Yi02NTkzNTIzMjEwMDEwMTU0GOrBbQ&sigh=K1nbYE2hz1o&uach_m=[UACH]&cid=CAQSOwBygQiD1klOwppQCmt6SVPznm3B1YPtB0OSxzpbqv01Ery5THQvC8W2IlIo3oF-PRet_Qe7ja7Q_xC1GAE&template_id=509&vt=10
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
viewability
hal90009.redintelligence.net/ Frame 0636 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/viewability?s=31707400070838500951389012353009&a=9eb21179&vb=m
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=31707400070838500951389012353009&a=fd3d4c3d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/request_content.php?s=31707400070838500951389012353009&a=fd3d4c3d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:23:36 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6E9E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C06D 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Origin
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 20:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58596
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 12 Jun 2023 20:07:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/elements/html/ Frame C06D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ABQwjWw2rFKbiPslX3LgHhDD8G8Tfm_2zFPgiFiF0lF_U8y2hj9vXGkclx8Q1NytsWclv1bN7gOI92TL_JCHIVju3s7V65NnmKyRf1EioMiO0pD_0s-ZCkcLktOhChKLqyHfReJM-YLNkVyVtLZ-955IJn8BV3GaOv7ZuXyzmY2Ky9FcQ&dbm_d=AKAmf-CGR5_oWVANFdY6eIHuNj50es77wVkCNaDWnDzraggHQCYk_0bopslEKYY1qUUA3OBaTqMwRVHOG_Nf2_A0WXAhavgGUTmdQeScYYN5vHe8i-mB3T2GK2A-ZMcjqryaCqXIsHKQpQC1xelTapFxuj8WCK4gGBjx57XeSfd1Nwk_aVeULb4TQPpgiSIOCmGAikjmZLPkOr9qYdJfSMco0K0Tp65Rmv51iyGVaUv32Dtc_w3suz31ISJIoxCp_7qLfFjKahMNuzHkK_KAvHfm5i6StAaXIOabGFLMSnOvw9D5PeoHuhqeHZzSlpNvAvWRXUXvC8hVlix6IFb6w7P3h5UzS_WgBBWv2Tb9Ip9ODIjJj_xYBryVHxYdj-heN8gsjDoAsEUgPAv4LReJ3NQQpoElp-wFD5h0PmQrRLBM2e3sGOykqP6MYJqwk91TJAZtqD1l4JcjPxusH4bUwJTZK0jXCKm5s0t7UVakjongyRtZVcBFW7g_2fhBNaIA0bsdqkuLW48c4PfXPkZWbGcV2thR4Ts1yOhntiFZA2ljmJVn0EAIFpLfpSoXZvGh0eJaxv9QUM1oz_9hO8285u2EXQryQjcPvbY29GU-7h8hLTS30rZAAd3BWxPrr-mplf0O5eHvgWjDvcscAoFItsHgc5FToRYQu9_SvcqlfwPDNZRnMxB8kOc2lD0xTyniqE9Muu007RRvizIe2Y8mkG4P4MwgUy4h883roaI3WtNnre5dmph_tIBdYlznEn2wSJoc350DqWHG-6JnUwYAKAvADy8hzT7zkUD7c2D1sijcTNHdJrlQ6VRdDinqmbVZsN91cq_1Deryp--s463j0R3bH09JfBD-K8XNCCs6zt9zFTaF-wJffpae3xL90HLRxTgzG2SvaFs_BK2R42TsEBv2BP70NSmn0qk4cqufpWoKg8202mOK7o2lO-GPxCAdyM41NYIv0IrbvHt5QHHBsCs_XEJXHEyaRpl4AtDuHXjchxC1gbBXZbnTy0KOrnXcVAgMLU0lvVF_jAanrCA_rwS4xT67zWKsxJHxaUriZHogmsvhzvvbI32cuWewTlwaFgso0cV9B1bymI5D5jGbuz_lbI488LZaZcUmnIFnnN0-XQqJdPKSzld_leyGbN6wD0ICf0wpa5c4K6waRY1PCL8sk_tDeOYph-b9kfzKfRN4-L15XTg_8Wi-Sz8v5Nekaql-meq7bTdr8YPS-R9LUKSz4HeWRzQMg8tnxBzg_kQhxBklpEJOMUv-2zNxkLJ0KhIEpDaGY-9PEsmqF4Jz9m6g8lCzlP167n5jS97WCIG0NRAXdTop8JvS1nmFhDamJSwGowgNb6d95uAahEGgeaizqJUyU1e81RbHeJPRiAzbtq4QMoAJSicfFYpCKWYShFEG9Yr-FPuaE6-fXc55uwc-HDamST4lSXvT17IAxf9PdGtOc1GU5d7ah4_u9kMTIJrhDKb1eH1B7N3dRu24foiXSA7iXiEwRDXeoQxKSVsh4HWyjhD_4g9r8J3EdJ1usX0beye6xyrrGb6XRjgnEnTt6swFg9lQh5CJb7vK0yJi7GWgoOUwkVNXNTCTfMzi8abR_yzgNAJL8JASXhab4W6bgwkep6RjyNuhEzTB8KtCqopwhRNOdgTLnaKa8RvrilvvCH6sX4z-mS5-tR8o1cEeBqCZkKG_j4cPgRlhacHEQa8xdnHjNFt75sy6slcysZANNYVmhAMkhS4c6ottewlLL9DWap_HoAqVKR6rDBrywwTx8-whTLWWAhQKmIKCH4BEggm2ngpR6zNf8hb8s7FFyXeSThSeGznwLBq9M9kzgpJ_rEECu3st0m3YW9WfxiXdIsKioyGJw_DAHDcRkfJEy8YEuynatjMLPlu60uai3HXc83uNNi567QZwVjpOxCWKmwTpslHW7Qr4NmA52kRkQ7Q4UJO5ntnR6uoqMVCL7e0vSHDeF0_d1KMoMAH5JbpyGntvMJ-SVDhWMt3Ni2xPN5NMarTrOtde0pfeGXnaKZK7I01QHRCRnhy9Is6Tq4ebWV4BhDFR4aXeUbs75th0jFc4kqVPWLweZbstvGr2bbIjCKnTxZWfC5WGDFCtUZ5ibLhJerlnxJim9YGRRBGvndM1zoAO1668zmftqfJ9xtAkndROWNF6k4UVXnnaddJ4PQ6DUUzPcLgtnSnrE_2R-0wiXytjF_u438BULZ2EHej6fyzdAt6_Xi-fvqlp_Yzl35pEcQmpSYJE3dYLGTN-u9xGBjGmhpRK5LS6cPPa91DIcJ45o_JECC4J9_Y8u7jP7PaTn6jfQGcFbylX93-LQJCPpEAmtHHmDVJu8H4F-QfrIsQOHHpUQZVPvjkyn-pXPJnCxU-82Pri9NwGAB8JOVB0Gdp84u0eVZuozEcSSKzrdlhCdpin0nxEICTHC0rf91pWcOngWvSz4PoRnXsMVQp8QYBMLA6lBPGd8PFPJbvljcN3FnB1Kcn6bhB_ACjlUkEXAZLqHI00Oy9aNvbrpRB34BkoQQ9-1rn4HwqpzQaXa7afXoquTZGJxz6rn7W1NUu5RdQzd32dK-vHQ1GmHSiJpzvKpw2ueYUNnYgcH0Xd3izvAcZgH-NeSLBWQB2P6jjpkmBs3jqOrWHq_nUi6jQTu9P66e5l7NN2KqjpG6vmQZOx-Z4YXAXy7vyx_9-FafdGts4EDi5YX_lQmcFh_L20GnVyY2D9B2qNGw_Ik0PrSy22Pi428PU2fvFkfWBBSBggvQMy5rYZTusuIa2F8UVYHzEfXHHe10wvdvBRfITJJ907dkoIgLfszwFZvqszarAd0aIZfkBxCdW4H2MQJJReMRV5z4ggmwVokCQBKipk9_odp86CXpud6IbxjOTx2USi6yGdUjMEgIHnNAxU5zW5ueo2i4IM0YvdzHvKOVKyIpsrRgkn16kWaC7MDtUQ0S-W1uo7xAKdMSUc2RE1EBtvtcSSxfoulqhvtDfAuwhxFFi5JIeu-ovCWFOUWUf462ZckVIkHbbx_S27J-jJ82WTgAzdV-2y4mv6HLrIXk87CGW-WarzQLPHQw58K8R2Op836fUL9gTSymh8vigcA-iduVdOuZW-OgSCwVzljAodNwyhp1pH_fTDLEoEKsWy1zR-GPeTFkgPF1GWuXdmdiLqQKX66LJ9FjWCAaOJKW2ai00ElKoZODh6TH54F57wx_3Ydh1Wmu12Le5yHpMfnpa7SWlkbtJ9PiZXobHPmoU_Qb0aH0Pykrmr57kZbzevcfJgCr6XJq9RiR_hO9jFQ9kUC_2HncYVmjELKxJElQPZ4CqE3ja2a_uoLj6GtC-0hEWEDptpb7VkGe_0s6SPktHWv9GY4zhAKCIcFMsL0thJNStLz0L89LXEdTq3dIU9-4PqS23kFxCtsoytO2R_PWZlg0CEI8JqfNuJsbFGFi6mVVocXb9qMutn-AB4ohZS-_UkMXQj1-S9H8fzGlzyYi3LXnqfqGvncYcgjcUdu2kbP9KGgRA2ColD7S_h0eXfdhSvn0BIfZGPInyFmkL_rgYQ_Z5Ve5dwSqcgiQayWvm2m450axrc_-9qlIcWCkZWcSizf_pZl__xiO37qs1fm5bfNX4A7Wn47kiX-DNx81mGiERm4TBHqh9RtGtE6aOisilpG3aZqd1iv5vwj44CvDN2C8lViA&cid=CAQSOwBygQiDwS6VahPXNq2KzpoMFWK8dqQFFgfA3Oyd6PggcU028fHQcrF1RyqMlBLvqtn7chbXgC8a8tdxGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=866101035818832600&adk=3887872403&idt=92&cac=0&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 00:43:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
41995
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
6053914914909336730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 00:43:41 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame C06D 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ABQwjWw2rFKbiPslX3LgHhDD8G8Tfm_2zFPgiFiF0lF_U8y2hj9vXGkclx8Q1NytsWclv1bN7gOI92TL_JCHIVju3s7V65NnmKyRf1EioMiO0pD_0s-ZCkcLktOhChKLqyHfReJM-YLNkVyVtLZ-955IJn8BV3GaOv7ZuXyzmY2Ky9FcQ&dbm_d=AKAmf-CGR5_oWVANFdY6eIHuNj50es77wVkCNaDWnDzraggHQCYk_0bopslEKYY1qUUA3OBaTqMwRVHOG_Nf2_A0WXAhavgGUTmdQeScYYN5vHe8i-mB3T2GK2A-ZMcjqryaCqXIsHKQpQC1xelTapFxuj8WCK4gGBjx57XeSfd1Nwk_aVeULb4TQPpgiSIOCmGAikjmZLPkOr9qYdJfSMco0K0Tp65Rmv51iyGVaUv32Dtc_w3suz31ISJIoxCp_7qLfFjKahMNuzHkK_KAvHfm5i6StAaXIOabGFLMSnOvw9D5PeoHuhqeHZzSlpNvAvWRXUXvC8hVlix6IFb6w7P3h5UzS_WgBBWv2Tb9Ip9ODIjJj_xYBryVHxYdj-heN8gsjDoAsEUgPAv4LReJ3NQQpoElp-wFD5h0PmQrRLBM2e3sGOykqP6MYJqwk91TJAZtqD1l4JcjPxusH4bUwJTZK0jXCKm5s0t7UVakjongyRtZVcBFW7g_2fhBNaIA0bsdqkuLW48c4PfXPkZWbGcV2thR4Ts1yOhntiFZA2ljmJVn0EAIFpLfpSoXZvGh0eJaxv9QUM1oz_9hO8285u2EXQryQjcPvbY29GU-7h8hLTS30rZAAd3BWxPrr-mplf0O5eHvgWjDvcscAoFItsHgc5FToRYQu9_SvcqlfwPDNZRnMxB8kOc2lD0xTyniqE9Muu007RRvizIe2Y8mkG4P4MwgUy4h883roaI3WtNnre5dmph_tIBdYlznEn2wSJoc350DqWHG-6JnUwYAKAvADy8hzT7zkUD7c2D1sijcTNHdJrlQ6VRdDinqmbVZsN91cq_1Deryp--s463j0R3bH09JfBD-K8XNCCs6zt9zFTaF-wJffpae3xL90HLRxTgzG2SvaFs_BK2R42TsEBv2BP70NSmn0qk4cqufpWoKg8202mOK7o2lO-GPxCAdyM41NYIv0IrbvHt5QHHBsCs_XEJXHEyaRpl4AtDuHXjchxC1gbBXZbnTy0KOrnXcVAgMLU0lvVF_jAanrCA_rwS4xT67zWKsxJHxaUriZHogmsvhzvvbI32cuWewTlwaFgso0cV9B1bymI5D5jGbuz_lbI488LZaZcUmnIFnnN0-XQqJdPKSzld_leyGbN6wD0ICf0wpa5c4K6waRY1PCL8sk_tDeOYph-b9kfzKfRN4-L15XTg_8Wi-Sz8v5Nekaql-meq7bTdr8YPS-R9LUKSz4HeWRzQMg8tnxBzg_kQhxBklpEJOMUv-2zNxkLJ0KhIEpDaGY-9PEsmqF4Jz9m6g8lCzlP167n5jS97WCIG0NRAXdTop8JvS1nmFhDamJSwGowgNb6d95uAahEGgeaizqJUyU1e81RbHeJPRiAzbtq4QMoAJSicfFYpCKWYShFEG9Yr-FPuaE6-fXc55uwc-HDamST4lSXvT17IAxf9PdGtOc1GU5d7ah4_u9kMTIJrhDKb1eH1B7N3dRu24foiXSA7iXiEwRDXeoQxKSVsh4HWyjhD_4g9r8J3EdJ1usX0beye6xyrrGb6XRjgnEnTt6swFg9lQh5CJb7vK0yJi7GWgoOUwkVNXNTCTfMzi8abR_yzgNAJL8JASXhab4W6bgwkep6RjyNuhEzTB8KtCqopwhRNOdgTLnaKa8RvrilvvCH6sX4z-mS5-tR8o1cEeBqCZkKG_j4cPgRlhacHEQa8xdnHjNFt75sy6slcysZANNYVmhAMkhS4c6ottewlLL9DWap_HoAqVKR6rDBrywwTx8-whTLWWAhQKmIKCH4BEggm2ngpR6zNf8hb8s7FFyXeSThSeGznwLBq9M9kzgpJ_rEECu3st0m3YW9WfxiXdIsKioyGJw_DAHDcRkfJEy8YEuynatjMLPlu60uai3HXc83uNNi567QZwVjpOxCWKmwTpslHW7Qr4NmA52kRkQ7Q4UJO5ntnR6uoqMVCL7e0vSHDeF0_d1KMoMAH5JbpyGntvMJ-SVDhWMt3Ni2xPN5NMarTrOtde0pfeGXnaKZK7I01QHRCRnhy9Is6Tq4ebWV4BhDFR4aXeUbs75th0jFc4kqVPWLweZbstvGr2bbIjCKnTxZWfC5WGDFCtUZ5ibLhJerlnxJim9YGRRBGvndM1zoAO1668zmftqfJ9xtAkndROWNF6k4UVXnnaddJ4PQ6DUUzPcLgtnSnrE_2R-0wiXytjF_u438BULZ2EHej6fyzdAt6_Xi-fvqlp_Yzl35pEcQmpSYJE3dYLGTN-u9xGBjGmhpRK5LS6cPPa91DIcJ45o_JECC4J9_Y8u7jP7PaTn6jfQGcFbylX93-LQJCPpEAmtHHmDVJu8H4F-QfrIsQOHHpUQZVPvjkyn-pXPJnCxU-82Pri9NwGAB8JOVB0Gdp84u0eVZuozEcSSKzrdlhCdpin0nxEICTHC0rf91pWcOngWvSz4PoRnXsMVQp8QYBMLA6lBPGd8PFPJbvljcN3FnB1Kcn6bhB_ACjlUkEXAZLqHI00Oy9aNvbrpRB34BkoQQ9-1rn4HwqpzQaXa7afXoquTZGJxz6rn7W1NUu5RdQzd32dK-vHQ1GmHSiJpzvKpw2ueYUNnYgcH0Xd3izvAcZgH-NeSLBWQB2P6jjpkmBs3jqOrWHq_nUi6jQTu9P66e5l7NN2KqjpG6vmQZOx-Z4YXAXy7vyx_9-FafdGts4EDi5YX_lQmcFh_L20GnVyY2D9B2qNGw_Ik0PrSy22Pi428PU2fvFkfWBBSBggvQMy5rYZTusuIa2F8UVYHzEfXHHe10wvdvBRfITJJ907dkoIgLfszwFZvqszarAd0aIZfkBxCdW4H2MQJJReMRV5z4ggmwVokCQBKipk9_odp86CXpud6IbxjOTx2USi6yGdUjMEgIHnNAxU5zW5ueo2i4IM0YvdzHvKOVKyIpsrRgkn16kWaC7MDtUQ0S-W1uo7xAKdMSUc2RE1EBtvtcSSxfoulqhvtDfAuwhxFFi5JIeu-ovCWFOUWUf462ZckVIkHbbx_S27J-jJ82WTgAzdV-2y4mv6HLrIXk87CGW-WarzQLPHQw58K8R2Op836fUL9gTSymh8vigcA-iduVdOuZW-OgSCwVzljAodNwyhp1pH_fTDLEoEKsWy1zR-GPeTFkgPF1GWuXdmdiLqQKX66LJ9FjWCAaOJKW2ai00ElKoZODh6TH54F57wx_3Ydh1Wmu12Le5yHpMfnpa7SWlkbtJ9PiZXobHPmoU_Qb0aH0Pykrmr57kZbzevcfJgCr6XJq9RiR_hO9jFQ9kUC_2HncYVmjELKxJElQPZ4CqE3ja2a_uoLj6GtC-0hEWEDptpb7VkGe_0s6SPktHWv9GY4zhAKCIcFMsL0thJNStLz0L89LXEdTq3dIU9-4PqS23kFxCtsoytO2R_PWZlg0CEI8JqfNuJsbFGFi6mVVocXb9qMutn-AB4ohZS-_UkMXQj1-S9H8fzGlzyYi3LXnqfqGvncYcgjcUdu2kbP9KGgRA2ColD7S_h0eXfdhSvn0BIfZGPInyFmkL_rgYQ_Z5Ve5dwSqcgiQayWvm2m450axrc_-9qlIcWCkZWcSizf_pZl__xiO37qs1fm5bfNX4A7Wn47kiX-DNx81mGiERm4TBHqh9RtGtE6aOisilpG3aZqd1iv5vwj44CvDN2C8lViA&cid=CAQSOwBygQiDwS6VahPXNq2KzpoMFWK8dqQFFgfA3Oyd6PggcU028fHQcrF1RyqMlBLvqtn7chbXgC8a8tdxGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=866101035818832600&adk=3887872403&idt=92&cac=0&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04dbb805cb77441ca3d2251f895f604f1487cd539eeb35e58f9d01fe1b8f1379
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 00:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
41922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11256
x-xss-protection
0
server
cafe
etag
10389968670829887652
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 00:44:54 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C06D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Jun 2024 13:19:10 GMT
10261972549777223277
s0.2mdn.net/simgad/ Frame 6E9E 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10261972549777223277
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
25b451f3cad26104f57800c79546bf5a40295d0cecf5623e623f4479b94d0ddd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 17:53:50 GMT
x-content-type-options
nosniff
age
412186
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44765
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 13:36:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Jun 2024 17:53:50 GMT
7352296608196688721
s0.2mdn.net/simgad/ Frame 6E9E 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7352296608196688721
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
2d3ebc5963c3ba449fc6f11b2d5ac883abaf7dbc046ac7c1b267518e0ca5fa27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 17:53:54 GMT
x-content-type-options
nosniff
age
412182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10020
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 13:36:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Jun 2024 17:53:54 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 47E5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Jun 2023 13:19:10 GMT
etag
48472445140208031
expires
Mon, 12 Jun 2023 13:19:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C06D 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d50d1efee86986a622695a7c9c37c36739ddff1a00ff2dbca15381505c5351b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame A037 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:16:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 017B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Jun 2023 13:19:10 GMT
etag
48472445140208031
expires
Mon, 12 Jun 2023 13:19:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C667 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59d4ff9751856d8f0a664ef16dd65ddaff0364004d1ac86b56ed3f74606933d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 275D 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Origin
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 05:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26253
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Jun 2023 05:06:03 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/elements/html/ Frame 275D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-Qdd9GXES6htHBE7Kyxp6CVW3JyXN-1HqPRTCL1FgMdf05ShR65vXPkfo4AuqfczEYKnF7ioBKuTZGGLtEQgwcsXWRTJVYUBYR8GVPgs5LhRCPPY&cry=1&dbm_d=AKAmf-DcOX3eeDbOrbAJtC8xjMM78-kZP2bX4qJhB1_GLjzAO-aC7OMYfxY51Sqk0ag_-Lk9Ypa1OSGQqWXlJ2e1_TScDXzibEW33xBjZe7y7Z7oPZOpxqGRzRMLxZ5f6CcJ1ripBt1A_Qm0lHgXRWtCpCy1N8IPvajdXULLLYDb6J67vjP7_Hf9GMHpBm0ruQs9kn8tKasrNneOE_P70Q-cEd8JW4SLssblSeJPqAYIV_vcqxllAUOhs9TlQXhkLR3wdJJRjsA-XKFEhuWf64mTl2tpDAmcx3WBhPTWkXB2sFnnWP4_DG5OTGfFY37FOMbwcx1HBpOBuWND8Fst2BhSN-0z7y-S6n4A_8iZ6aH3AyzQOmqI0Bgf8HBq9aNL69F729sT5mXmAmT8vApwYWpIAt3jcDDFHzA26qXPfxXEaVkI3A7bEOIwJ8KzkR2qB_dC5Q6NZA_PXqWjPTBqhbQHTpGoMc91pZf9W6j7iKhha9AKZcKZkG7DTXCsaiSJlIVp81fe2bEI5-4IlyDIGndSSfZIBtv7KtwPMpf6t6NprKvV8vSgUYXwvhKGRFpNMSKfKzXquC7_GF8Bu9SiHsqoebmxVwSM1dFNmPmmqNN6STWvcpEz24eaNyLE4RBoaogroSQe2Gfo4kUVI8MIM2TbxHTwYUuLU-JIy2IQqBYkqlYqxsdPtjgB9xzlO-1PeWdH_1zp8Y0Uszzig_wYKZw6m6FciUkbNAv576jg-sPKoDAsm1RemMWZAxgUtLL5bj4yD9FGEarGDlwu3NowB4Zy_b9EW81isnVetOPnofNKmNSUMR211XOcBkgw9SQtjqE1rIlUoP__gFs0rW9NkmG6WDpPS2Wr9y_6UMGXlklUD-w58zKywgE4bWkdMELdSmmir3uwq5SqmszzFHNQvrR8hC1R1quMiE9eltXx5p-Rf18AmYgTTEQ9oAdhPmZ6kOeUjoj3J6VmHRP2lQqJkW5_FEN9iXhwQVVpNHh4GJjBLnvHALvfWhb4GPl4TUbZnhZUSPh8cB4wgXxVQAHylqs-OpqGrVokvgeBNn5KUh5QvZdfaI82Y5uwlF-TNkrzaBtQPK13ZDDbSKsgbPQJ7nmDsib2LrIA2yh55c1kImmwBxPAGBQudJ_BIyPTwB-bvGbO6ZrCAiA4JGtWLGG6gJ4-dYEjjnaPosPuvpbYiElZL9F-8cP4cwCtB4x28uv1TWuebswvzWa45ffYLLt1g5uGejXyCxxz7xj6rjkBIQGqDhwAdC9pFfnaQ6sJoDWzLEvnI61kbrFLMYnNkHC9O60NhuOoXQOErVFx_OLkBBXD-LmiA71QsrWrFPlSZDTV6w-xRFsERYo35vihEl5DMOy33DRITNl6NRT-0LLUX62vw0cZpXzyWNrVSBk3A4s16dfXDZaLrX_61QwihJ1wGfc60ZZ2EAwKs3FbGoGeM00NaV9To4a2syPkqDu3XAlI4eBbMfh01_dY0oKm9-J5Pjd1Zl3EoE6LR7c_aI2HMY0vaWOU0Q3o_ITwz7c37qOvGJ7B4L74IfnoDViQiK5JC_fLptvbblOiMsM7Tx6AvmXQLbBKXJ_pYIoZHgBwqFAcHX1avyKIKdJK4TysV2B-YnnOahlkhmVQ16OaIP0RR8HVFJV7o2ThNyywvEfu8U5gijRM3E-MRGozW3uIA_hWlMvDhATv9Rzv1CQAbqbRaZeEaYT8ZYEeoeiTcxjNs41Q-6trq0vH9tvdIFMqSGfUmPaIPfeY7oPBqAJkF1joY5_0PBgfurJuyc_PFvsJqkecbclcyz0LRtZT6_1e3H6E7qD1CpWcIyOg0Oqc75K4B-KfjPAITRnmYYDnIHK6lQSx5S3BGtb6-4dTcNGmsRh9_fTAYGYnyvt95Gh-NeUZZVlGozcA11NiEx4-3AIz2O9iW9Y_TIraD8jPtWvYXxYIl2Vc8wHeBJ3iCjFmUMLUL0qgtQ4yaXk8bVLvmjMbD7OIqnAjwMc8dLh3yNM9gXXp2vLp7hTwwTNzuOzQtqzhyyxgk6cS2dcD6B8OpulslyAzlLjfqYyuUeKwwLCDyssxe4h_KlrM5H40y8vD4TF9FYf87aSk1Eh7omQwnATpDNks7HCIWsT7KqfwY5HO_jwWNIFanHYlJu3TN5AFcxbNIvC1IYc7yDvhjW3vNA9E_uzQVrN760aWr44sVXmICtsBCN1rXJEucEfQXUNgeZHR9ZxuzIh2vDey0IOKirk73EQjbdLlK1sfeuqFj3pYqdgotDbSVHDZZYFQ3uUmqyM8uGJIXt-nWfgLoDfbfosnWmSS95IX6ZIVVbhbJhWWqu1cvhEq3Q3RDjaUSP-hNBIA-IXb0HYH3vYTDhaE9xGMlo33v-CUm8XZC73PtK0L5vT9yL6NVESF7cIAK8k0if7U0EEuyk158NdHigaSA_8bSbhT4k_wWpMA-KwWGt9NpU0z3RaA7s0KKGpARke5Sj-TkzK2PkORRqyKu-x-qMGWfNok6hzLHCYYEGQGXVsNhNKOeG7lLoNL5NHJzjPPsfmPcupWm8KAd6CuO_9teGeJOPzR6VXKx5jsA0gHTuCbDZZLMTOCap_rlyHN0w0m8uJi2Wjxnk_ltLfUrIiPcErUYLf9C6k5s5pG62ITyNgz58QW8G0ep_oVc9kXGoT9MqD4zw-IPR2y9Ee7pW62Qv9EbDhuOg-vlz5kniVGR0sNY538moOYu80TYSqDAN3r465T9231YONR0clJwYO2n_x8yMUBXjbkkeWwyyDUvrYVEB2X8iQw1xLYPJ6-MWMYJxXh6BpHIhURRcWEv9kkvvLF1yvxZ-pQDczitNCL83eFw4Si_DFvtxjq4HSC6hJJU95u5ASrvHSSsupTFiskOKTKcIrNU73AxLroo9UUNMznfKnQLSZ79_sdclelGjZVUlNmKQmkGPc-_KctcpVTBum7iDFI17w6HMMPN8J925RSKeQ2CUAik2YFPx6A6LLHPmuU5ZAky1mNy8k7rzxjIcFjzhqYhxyOr1yD7pyC4i6y5H3CiAQoJ__VwG0M1if_ar4gifz8MYxmkEoi5KvfFWJAU_d85EUpG0RlfGvm0sMliEcaG_1XpRlX_4iMwSg6s-oj_W0du_Xi8wOW_1pGEojyP2p9W6AjrbkyU1Q3j59d8B-WIVB2xXU5pF3VVGlM9TklNhcyQtMcgMYnc3D3SqqhQ8c0Rgr_CIHTacshiVI5kCQ3ERnL4d9GB0vzpoSFNPbkyfMvGSuT9IMDVc0ac6-mZUmd_H8Booh_VFMZU11rif4IhimdGCCLY2f21MelnB8cd-n8QxfMUFguU6mAO-mC4w_MhalsCP6ASZ4mnMynyVZmAxrwya719_7rzB4EY1cat53FIMNRMMwe_fRJCRqJOH2fbrnMrBulg-2ywr6rAtC_pLnpiPdXKs4tGep9oST_cJerdg_mk-nUpcXBrLZnvSl09EvQEPmUne1e&cid=CAQSOwBygQiDKdFZ7DmAXyd1MOVLrEl1V5WTcfR0um5OGeC06QvswmO2-2RUxM2_JqCZwHnocnw9ghdKavo7GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=12386242478710880000&adk=1599433117&idt=139&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 00:43:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
41995
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
6053914914909336730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 00:43:41 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/ Frame 275D 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230607/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-Qdd9GXES6htHBE7Kyxp6CVW3JyXN-1HqPRTCL1FgMdf05ShR65vXPkfo4AuqfczEYKnF7ioBKuTZGGLtEQgwcsXWRTJVYUBYR8GVPgs5LhRCPPY&cry=1&dbm_d=AKAmf-DcOX3eeDbOrbAJtC8xjMM78-kZP2bX4qJhB1_GLjzAO-aC7OMYfxY51Sqk0ag_-Lk9Ypa1OSGQqWXlJ2e1_TScDXzibEW33xBjZe7y7Z7oPZOpxqGRzRMLxZ5f6CcJ1ripBt1A_Qm0lHgXRWtCpCy1N8IPvajdXULLLYDb6J67vjP7_Hf9GMHpBm0ruQs9kn8tKasrNneOE_P70Q-cEd8JW4SLssblSeJPqAYIV_vcqxllAUOhs9TlQXhkLR3wdJJRjsA-XKFEhuWf64mTl2tpDAmcx3WBhPTWkXB2sFnnWP4_DG5OTGfFY37FOMbwcx1HBpOBuWND8Fst2BhSN-0z7y-S6n4A_8iZ6aH3AyzQOmqI0Bgf8HBq9aNL69F729sT5mXmAmT8vApwYWpIAt3jcDDFHzA26qXPfxXEaVkI3A7bEOIwJ8KzkR2qB_dC5Q6NZA_PXqWjPTBqhbQHTpGoMc91pZf9W6j7iKhha9AKZcKZkG7DTXCsaiSJlIVp81fe2bEI5-4IlyDIGndSSfZIBtv7KtwPMpf6t6NprKvV8vSgUYXwvhKGRFpNMSKfKzXquC7_GF8Bu9SiHsqoebmxVwSM1dFNmPmmqNN6STWvcpEz24eaNyLE4RBoaogroSQe2Gfo4kUVI8MIM2TbxHTwYUuLU-JIy2IQqBYkqlYqxsdPtjgB9xzlO-1PeWdH_1zp8Y0Uszzig_wYKZw6m6FciUkbNAv576jg-sPKoDAsm1RemMWZAxgUtLL5bj4yD9FGEarGDlwu3NowB4Zy_b9EW81isnVetOPnofNKmNSUMR211XOcBkgw9SQtjqE1rIlUoP__gFs0rW9NkmG6WDpPS2Wr9y_6UMGXlklUD-w58zKywgE4bWkdMELdSmmir3uwq5SqmszzFHNQvrR8hC1R1quMiE9eltXx5p-Rf18AmYgTTEQ9oAdhPmZ6kOeUjoj3J6VmHRP2lQqJkW5_FEN9iXhwQVVpNHh4GJjBLnvHALvfWhb4GPl4TUbZnhZUSPh8cB4wgXxVQAHylqs-OpqGrVokvgeBNn5KUh5QvZdfaI82Y5uwlF-TNkrzaBtQPK13ZDDbSKsgbPQJ7nmDsib2LrIA2yh55c1kImmwBxPAGBQudJ_BIyPTwB-bvGbO6ZrCAiA4JGtWLGG6gJ4-dYEjjnaPosPuvpbYiElZL9F-8cP4cwCtB4x28uv1TWuebswvzWa45ffYLLt1g5uGejXyCxxz7xj6rjkBIQGqDhwAdC9pFfnaQ6sJoDWzLEvnI61kbrFLMYnNkHC9O60NhuOoXQOErVFx_OLkBBXD-LmiA71QsrWrFPlSZDTV6w-xRFsERYo35vihEl5DMOy33DRITNl6NRT-0LLUX62vw0cZpXzyWNrVSBk3A4s16dfXDZaLrX_61QwihJ1wGfc60ZZ2EAwKs3FbGoGeM00NaV9To4a2syPkqDu3XAlI4eBbMfh01_dY0oKm9-J5Pjd1Zl3EoE6LR7c_aI2HMY0vaWOU0Q3o_ITwz7c37qOvGJ7B4L74IfnoDViQiK5JC_fLptvbblOiMsM7Tx6AvmXQLbBKXJ_pYIoZHgBwqFAcHX1avyKIKdJK4TysV2B-YnnOahlkhmVQ16OaIP0RR8HVFJV7o2ThNyywvEfu8U5gijRM3E-MRGozW3uIA_hWlMvDhATv9Rzv1CQAbqbRaZeEaYT8ZYEeoeiTcxjNs41Q-6trq0vH9tvdIFMqSGfUmPaIPfeY7oPBqAJkF1joY5_0PBgfurJuyc_PFvsJqkecbclcyz0LRtZT6_1e3H6E7qD1CpWcIyOg0Oqc75K4B-KfjPAITRnmYYDnIHK6lQSx5S3BGtb6-4dTcNGmsRh9_fTAYGYnyvt95Gh-NeUZZVlGozcA11NiEx4-3AIz2O9iW9Y_TIraD8jPtWvYXxYIl2Vc8wHeBJ3iCjFmUMLUL0qgtQ4yaXk8bVLvmjMbD7OIqnAjwMc8dLh3yNM9gXXp2vLp7hTwwTNzuOzQtqzhyyxgk6cS2dcD6B8OpulslyAzlLjfqYyuUeKwwLCDyssxe4h_KlrM5H40y8vD4TF9FYf87aSk1Eh7omQwnATpDNks7HCIWsT7KqfwY5HO_jwWNIFanHYlJu3TN5AFcxbNIvC1IYc7yDvhjW3vNA9E_uzQVrN760aWr44sVXmICtsBCN1rXJEucEfQXUNgeZHR9ZxuzIh2vDey0IOKirk73EQjbdLlK1sfeuqFj3pYqdgotDbSVHDZZYFQ3uUmqyM8uGJIXt-nWfgLoDfbfosnWmSS95IX6ZIVVbhbJhWWqu1cvhEq3Q3RDjaUSP-hNBIA-IXb0HYH3vYTDhaE9xGMlo33v-CUm8XZC73PtK0L5vT9yL6NVESF7cIAK8k0if7U0EEuyk158NdHigaSA_8bSbhT4k_wWpMA-KwWGt9NpU0z3RaA7s0KKGpARke5Sj-TkzK2PkORRqyKu-x-qMGWfNok6hzLHCYYEGQGXVsNhNKOeG7lLoNL5NHJzjPPsfmPcupWm8KAd6CuO_9teGeJOPzR6VXKx5jsA0gHTuCbDZZLMTOCap_rlyHN0w0m8uJi2Wjxnk_ltLfUrIiPcErUYLf9C6k5s5pG62ITyNgz58QW8G0ep_oVc9kXGoT9MqD4zw-IPR2y9Ee7pW62Qv9EbDhuOg-vlz5kniVGR0sNY538moOYu80TYSqDAN3r465T9231YONR0clJwYO2n_x8yMUBXjbkkeWwyyDUvrYVEB2X8iQw1xLYPJ6-MWMYJxXh6BpHIhURRcWEv9kkvvLF1yvxZ-pQDczitNCL83eFw4Si_DFvtxjq4HSC6hJJU95u5ASrvHSSsupTFiskOKTKcIrNU73AxLroo9UUNMznfKnQLSZ79_sdclelGjZVUlNmKQmkGPc-_KctcpVTBum7iDFI17w6HMMPN8J925RSKeQ2CUAik2YFPx6A6LLHPmuU5ZAky1mNy8k7rzxjIcFjzhqYhxyOr1yD7pyC4i6y5H3CiAQoJ__VwG0M1if_ar4gifz8MYxmkEoi5KvfFWJAU_d85EUpG0RlfGvm0sMliEcaG_1XpRlX_4iMwSg6s-oj_W0du_Xi8wOW_1pGEojyP2p9W6AjrbkyU1Q3j59d8B-WIVB2xXU5pF3VVGlM9TklNhcyQtMcgMYnc3D3SqqhQ8c0Rgr_CIHTacshiVI5kCQ3ERnL4d9GB0vzpoSFNPbkyfMvGSuT9IMDVc0ac6-mZUmd_H8Booh_VFMZU11rif4IhimdGCCLY2f21MelnB8cd-n8QxfMUFguU6mAO-mC4w_MhalsCP6ASZ4mnMynyVZmAxrwya719_7rzB4EY1cat53FIMNRMMwe_fRJCRqJOH2fbrnMrBulg-2ywr6rAtC_pLnpiPdXKs4tGep9oST_cJerdg_mk-nUpcXBrLZnvSl09EvQEPmUne1e&cid=CAQSOwBygQiDKdFZ7DmAXyd1MOVLrEl1V5WTcfR0um5OGeC06QvswmO2-2RUxM2_JqCZwHnocnw9ghdKavo7GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=12386242478710880000&adk=1599433117&idt=139&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04dbb805cb77441ca3d2251f895f604f1487cd539eeb35e58f9d01fe1b8f1379
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 00:44:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
41922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11256
x-xss-protection
0
server
cafe
etag
10389968670829887652
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Jun 2023 00:44:54 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 275D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 13:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Jun 2024 13:19:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5E38 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Jun 2023 13:19:10 GMT
etag
48472445140208031
expires
Mon, 12 Jun 2023 13:19:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 275D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cce5330a862d7f0bcfe1cbabaa3d2253694aa6222dfc2a9928448f3498266af1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
11262302460425599708
s0.2mdn.net/simgad/ Frame 81D5 		261 KB
261 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11262302460425599708
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f0e2f6c277ff5d8359dec23dff73f2e1ea64f512f3cf966ba7432e76e90846fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 23:34:13 GMT
x-content-type-options
nosniff
age
305363
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
267179
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 12:40:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 07 Jun 2024 23:34:13 GMT
8682746528586002864
s0.2mdn.net/simgad/ Frame 81D5 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8682746528586002864
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
2d3ebc5963c3ba449fc6f11b2d5ac883abaf7dbc046ac7c1b267518e0ca5fa27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 07:42:37 GMT
x-content-type-options
nosniff
age
276059
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10020
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 12:40:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 08 Jun 2024 07:42:37 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 81D5 		42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CWGLpqkqPG5bU2Sf_uscyPHXHBKEptpGJ42sTzHqLIMATzPipmd4hdXn6dzvhqvkylkFTw6lLM13_UuWXmu_OKR4g_EG_VUmAj4LXLrCR7Ww3P5XcgcuuYY92Ks9JQ-jS3AqezMM8Z8gP0x2-50wkqGMs6nQ&dbm_d=AKAmf-Aar-re_BSD9Ce7Dhy5K0ZJV9EvUR0mn07xUv5mcwwrg4X2tZ8thAr_UzW8qu-rxOHdUGJYHUS9N0vsPgaYsId1xfRQcFlJ-HF4xwSkqClC42PLa-CiIl3T2NFVP5qC7tMalPx4RaiH77QezffyrXTpqcj3Jj5ypLXbQfhwq7g79m9C2yJFcXNW52kRaiwUcke8DXlc3cUlsWKk-TkGUftLpYimzppQQ0gXZ7HJbZ1iRFNPponCNHuWphVWlzJ5kicmKIHvEvUWlmKizit_kIv56XslUvgfEHVPIQxBdtqkrmtBt0yWKhCTKH5VxKvE5K64ve3QHhwKWx15XLrRJxvqASMQcCDpV2bW0jdKlFMuDqwOj6UrWcfNr0OhkWsC8eYco9DHjWEIr2nrlucAK3NwnguxVBKSeTCmabpB7rrufY_RDjR2nQRFwW-hglhqQ2TEcb7xwp4uGhj1k-0jhAOj2OWBJRrPpySwpZAlujUaI2bGYxw7F62PN_a-uPrOpbI4eL51BE4aqo2nY1imqIzvPg4itsqpSKK2iBO-3t596lnuWGxard06EBJjeP1m1Odwa2kBVyj-NdqM_j74X3xHX1gdI_Ygr1C1w_kYD7ajJ1uSLLJ8PVRvynmK9CYR3PQNWfeu2WOt0YD5C3YdAsQ20ubI7ufc7-jgejYwiS6Ql_VR0aV2uu0ggUhtcTqDQ8XPNQl_c4bQR4RqKTErXuP2UCTkv0eR_tvssIISZnov9T2u2Vz5_2hWP-9G3D54GbszleUkOZ5vBNR-fKkSyB5pvootF70aPhBNsuW3UThi9DAXxdYbIyZDynwTELiKBhIYFYuC5qvxiY2bQc_-DklBQ1zjS7Wxr60EJIrzhd_kqMb-UzCS3c8B8_ZMptpmEGx8v9m4HP0yAhFnZCaVhnzgl1UDsVJT9V-sL-qmqLzTPZrRIE9URG3zslAPLZuZQHTE8Fe-4z5yakr0_Dec6-6HJVDqIHtX1v4c5nZsaki086M_-mn9UTH2xqi555q1_K7C8DkcManwG5xDYRZNXTH0lCk-QEGtj4ijfxlEtqvLAoAwjLVPxIZZ1n0am3I4RPl1OJ1zd49FTNDbDr4Ta-Hq1FzCAn163YSrnKUF0uFjoWOuGdsCmfIgmuYk0Vg4fHJBgssZ7evAGXOVzSPAjDzQos-QH3wsqRXYazAwcNiuoRSBxbWTWk_jSSd3Z-x2odV1bRD10Bi2OTcHyicDds-oAK9lKmK_sakOz4pBl-iOU1k1u4lKDL5rNSgbjuBtP2XPIhyd7seVIHgD6g5eABD0KHpYTmaZ3c81oteEH67Pq2l2B-5i4ATghIrYaao2G-s7QU1mqUMo_pmIRy6XaFR9Fpe4bqBn2zqmlhCXGbePpLv7VcH1pbydWQDoroso6wHHO_zYZ0CY4-oDE7Pf0LLbuAkGSHDEJwZH7jQ6JoaPfXLUYkWQGVok0RXSB3f2CSjZLVyVHVepf78xKsxXy68_6dkEVH5XAB8Ofr-cqw3-rneuZUaWOnDh3aYiXY-TaEwpw4pLZYjbQFwtY-2XlzItWWC-SOKabefJ7Q4o7dgwgE_gVrhmWUWR_k8Vchvp7dNALSWJj8dhUwa7GHEfOCioxtiSJlbWnGkmhrLjQ99uxNN7ry9k7y0bZzFnhlA8eYGR82bqet-nJVRpsWdFKGR2t3arD7KtRCHmHgmw4ZOk2rdGgBgLyXY3c7nZj2WnO8zqPbprQepPQ5VzDRFKTSm0_fBP516waDnw7GGxr0u6Y6OT65PvVUhV0Kq9TLvrCqmSG-hYwlG9Ml4T_KTd1hOEy9i7nNkMcBM8cb9S0VuJZr0h8pygkQ8Eumgii7tFf49SjuTxsBxHYzvz0My48jFKI7YnZqlX3-TgAyb0YZmFWPflptz9Lc9FTQQSDu0XiCU2CHim1VhqF9twwTc5VlceysU5ZnjpYc1IqDp3P7Sk--aXLVz3GfYUoZTKhEseScbA2LW15pQxsyTOtYwlZuANGMnzXHE_nS8XDV0J1rZRwSvngR8gKIc7shnxUjc2C94RPz-Ma_tYNPrWGXLLTWD-cQCbY6kwp9rNYw2uP2ZOZVQXIRSThShHnqUONt4_vx98DjBcDo7QOeZja_KBvc2z9OMNmMEBosjR5HrmE21QgAWmCWWP5Wsp_f_plWUzDd-3tXAnss9EvEkvdEgdxSxEXZ5npNNLdXN1xREoQ0di_ILiEJOh0PnknMzPqtIvwPLzCWCew0f_Qg2VK0sdeQo8fUwQkxyxZ0qeO2LEnZ8GvB6cwIV9sylYq5tA_13BuVmRyNdsv_PCwIN1VePXPkxH98i6hEIkc2wbMS65cFKJoGZrmhv0bKs7YR2gALWpY9cGgNiq8UsOCW_xYP8Hb7L7Iazn0gxFMTNWJlRJT_F8I9VF4KpBdDJIqT6SVp-AspLxAWhSiDIxaCWfwojAR8ehRPJJ72rnwZSPxLJ6T0BdTLSUie4mfHJ5pT5AJiD_m9lrwi3c7-xkLafLYlQXx4IksHXnAD3FKXOHd4FCIVSEySAzeulfXQfEMRT628Pw91p7GGdShoR-AezznoTBJ-Tvp3RwK1DrPTseGmfI9sJYNrZlFXMFRknz99OiGSoTQSbHIU-WyKXJa0ngMSPIIrOj91Wrcfz4YDSkuNuB2huWDweJ55ksW_c9XRy6gsA2jM__VAbpfa1Y0FW2LIGL5W30fnQDnAqFrGaaEBF0pRp2qU2DURr2UIzeV67oWfNKVSuAWfZ0iKfjWofQDEWCEJIVowyONL69oPVaoJzw43EmnZeiFRrtddt9rBxjfxhHSGCR4G1IZv_TiXwt_UbTjY-CpqB_rRHe-xhL6v0CZS4SFsRQac7jECuDGneDu46Ed0kEiZt-zmb7xUYu0qNkJGSoZ-IajdW6TLC77gvUy9QknfU2OkWeeYdTE5Pt558-3a3pzwLc5iXf6GcXdrTwbWjWquZilMcpVdpYQlwp7TR9QdJY5VIVIQ187k-HrPxpwim_TsNt2zafKmwM_PrggiW4UnDDzHwm10vNiljOhffOHGc4VnHmOq3Aoi5KKPkBqSix5Uy4uzRguz_V6AyACfchcWFl6Rh7l1GBUg1lGCo3p_zaGqOd2IEJxfnBaKQWWZjiFORlvIq-45vu_jHfeh46czyyiDWQDrYrNTykc7J4h3lw64MHNeUXenJWovSA5Ibp7uzsFDo0eXbXe6Cr1eDsKgp-cSG9qjTJo17nkhBBtGecRMyJL4vRqolhH_iMthb1LX0bIU_iGFBH8I16cQetNPjQLFcE83uLp0Vk0KW-l3xv6ETHK002xzHUIcnNcjoDJPtsJDP13GiunyEDpvds3lz2T5dxUEYuy2lrN6cS3KcFR6VHcOMKwVfbI4ZVLuyII1aVS1T8pYcDPAdkKBEtawLa3n99zbvBhsDoNt8N6gZCnUTZA2r8XbbxUDJcX1VTqjx5&cid=CAQSOwBygQiDBRFGa5CyDDKlsug3GyCnGfuf2pOYHCF_k7VLTrACG1Cy30VgZy-9NX1AAMDwam0aEMIdCvfiGAE&dc_exteid=31111773411519357009088633331665221&dc_pubid=4
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 81D5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C7flURw6HZIuEMZnPgAeu_L6oDpHR6OVvrbvYio8RpIWTwLABEAEgwLKCa2CV4pCCoAegAdOp3fkCyAEGqQKQFKTl8BeyPqgDAaoE3wFP0Nu4phipTvGm1OsJWLgMUnejkU0Qda5GWQsFxkqnwrssL6mdi5rB7qBIrfTsSryx8h-ZbDOKez2C0toWO2HrvijXU-lmnQjg0Tcq5KcE6pM8kQApqTZZ0ZKfSppgs30OYIWnLYlA0yfAxL4lc2nX5ekvbOqkK8gHNpuh0kgTBTIPXBXpqgT6RU0aSxpCyb_4KGNgT_lzVMrQKnitGXY7bNk2r7RKWxHKNsZ87wG2E65pIIc2BUv3fxjb9Tasco-QBxgFddITsYOQ8QolqB2h8dKQqAufDc9zNrP6DcGfwASBo77SowTgBAOIBbr3m5VKkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAeV1qKGAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcKEIbaBhjD1unlAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgPICwGwE4D1vhPIE5vtjuID0BMA2BMNiBQC2BQB0BUBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=5ekz6nARkW0&uach_m=[UACH]&cid=CAQSOwBygQiDBRFGa5CyDDKlsug3GyCnGfuf2pOYHCF_k7VLTrACG1Cy30VgZy-9NX1AAMDwam0aEMIdCvfiGAE&template_id=509&vt=10
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
10261972549777223277
s0.2mdn.net/simgad/ Frame 0D19 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10261972549777223277
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
25b451f3cad26104f57800c79546bf5a40295d0cecf5623e623f4479b94d0ddd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 17:53:50 GMT
x-content-type-options
nosniff
age
412186
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44765
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 13:36:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Jun 2024 17:53:50 GMT
7352296608196688721
s0.2mdn.net/simgad/ Frame 0D19 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7352296608196688721
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
2d3ebc5963c3ba449fc6f11b2d5ac883abaf7dbc046ac7c1b267518e0ca5fa27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 17:53:54 GMT
x-content-type-options
nosniff
age
412182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10020
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 13:36:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Jun 2024 17:53:54 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0D19 		42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsJ6-NAILxUAox6YCD061f1OfmUF9Jsettw3mEf8YTv3Avgb0TNX2VmL8ZB8HDkNpVevWjfcJvk8hflt4aa1K1AQUMbp6EKgjMwcNNpD8CAoleQBtyZ84w4B9cWhM86IT20kYBj4rCRpwpZ2egV8QC_F-1HQ&dbm_d=AKAmf-D0dy_uq9h3N3laFEJ8ry8GniW_vurGzucF3WU-SjJmdVgpue8U1uJioHv49H70mscmWnF1niSOX-j2ZscAnij9Rc2pOwRoMG2SkiTlkbsyp-y3zTozCJgOUuHgwoD99zVjToI5mjCkENdBE6xOWZYjIEUqzepygw0oiuSg_zjuCLV9glkdKt0TXODZCQdBr-12on4InozUDSxHgCjATFh524eydoQLRQLxlHQ4gHXoFvuKL7bU8Ze0UO-T9XHkBne_tFZFLS4uyiAnsGDZnOpl-CXd8y5DT4yMe1Swu3siCwpRI1UAdLzIL-CDmsJDrCWVqOJLy3rQfd1OR4roELVK057cS0JXizwqMIE5x2n_xS6-c0KjRgXcJCVHKTPerEHYYWySedcD_74CcOZCr7fm8X5vHhH71ad67OX62a2nkrvsP6_7gSTYsORNkPB_UDurhhf_JNb_kYxzKdvnHH0ou_mjSvcnRRkA5eh7rVDaO4daJi5R6__C4AJdswbIe2jXEWvW3l5rhZt_EVai-0YrUOmtU5TWIiXaPnDNWCqB4ETEpnf5O-eQV8tLzt12loBFZUNZVzNoLIns9vup7YqLK8lyueehZFqOH77ToHy5EU2dbDVZm-vmn7Qw6FIW-lCcr1jjysbZiRAH-_xnTp_L-kzVi80UxYP0CtJBHNcnISir1e43AOYpT51PT5dSRbuRDo5FFul1kLhSCWqGgmD3A2WQzVI4c7dJzcfJL8Llap-4MnrjYMsleFx9cBUobx3o-o407vOF35-x73G5oTCQR1AuINVCcsToI1lyDni3AZv5wMZvrapr7TzhMbCSz4U76zkxJy6iU7k7ahPrHi5a7PRDfkdGSx7AW-hIaRIg1AplChOaNJe6xt4lyjHF6Z3-wrMYf-_HWd9hHdBvIILuMgtyPKVP5JFFSjEW8Qcz-A7Tnig54d8yKzNeLEeg9W55VqALCpI6sZxfGFdKfrnTLhNb-HMSUhwEMwJomJx5b_9q2Ufd-uhH6qO18hMN1iE6RIT1N2tVXfw3AlGqNwEMEplN4bk9oH1lyRax8PtdJ-WCyTRCOKXtCciysPxkgVy_Fuz7mfOkCIVv_Z9HQDE_2YYvrFsTuvGXJFujtqByGU0QrmXvsxnreMUhkt1RlEPvWt6stOlbSjAIF4KzkgyXi2_PrAzNYM11TgJOsfFDjFRFgSYpWcwhWCPRAOw_mPVLl_5n-aSl-Asbp0VWA6YN0kneBCDr0guWyB2y-jeq4uTj7AMy7cJPFpsFJMyDkzBJj9lwDZCrm531wzJh5B0e6kjpi5qS5aadiJXt75HBqrj4tP-ZMVIZgOF9se82b3H6ZfwBZWnCBDimxuPGiRvPxLUTLRF0b44WbNW4BPLMSmkhYpW9rKVmm1f5tHSUwUaiGQmCa0eQ60aj1jTcJP6uYxf8IR9LRBwOeY4LSkEq0R9-CMNO9eCcq9sg1fUev8QTvq0td0Pz4iA2t4L71aEr7regYAuyNHzUfst0lj7UgEEj9NHwGfJtwYpJCHneVGQpc_R8RiJsqUAYOWLGbeLvQGnarKeETt4P-ZdfrC-lWJgft4y4T--Qi-0uZEDjUOJn-kEQOh00exbi7bEiQYBW2Z8y2hkf4XE9XjpN9VCqLo7RmA7cUFUi5_oCuq7LuJ50NWIJHc2k0B5NVpJHoephyUBIHWSbPPWiJoFypBqZ3yP1U30oOanvQ4322EK1aKPd9kCUgTf9-eqwI4wK2_8_kZOQIPRqY9uEHdu-7eAVyLyO3sqoWc0w49mrVgh09YtcatrwwCc-tj-AkynlF4isf3MXmIyoFCFjlq_Y-sjwkOvBgIRaujuiukT8BVpwJsgNLntAWf8yKkay-ZE_52h1VzXc813ZLpN-SsnLkLf4vJlin2i1okTsXz4N5Pv41_SKJuWzKa23fv-vIT-vRoy1ogkhq_Yr2Jtsofl33Zg66R7tyd17EKr55k-X78Tkx9uLOpGyf-hHnQ95ByeJkcSW3IDfmWzkxHXHE60ZM6ekxw3J7l8c7g-Ym0kLp2UOpR8shWn-IG4w_fBpxDTXEO56DlF1_mUxFLqIGnJ-k2mNEccSIs9MV-S6Uchtzv9CalXYoJkVpWo5NcXmdoKBw-tG-jlr7t3h-RWFy4V3KqtyPV6ovYA3HPjY4jvAyFB47wyENJ1wSsekmkOCv4SCDJ566GsRkuaBjSy_kS-x6ZC0w2c1Kb8nC_w6pyTw9t1ZlvQ_2CZg0b5iOc23ywQ3yx-ajPlUdQoTpsDM9CrTk8lhYzMklYoZWuZlUCLFhHf52Vl6FXJNiKPPJiC7ZI9ezD87qhJUxT15YERkV5Np2MPCxQNRAk-HMru0Y6_C6BBoClC4ty6B8qWwLrDO8qge51w6oByLiEPM2sqeU38jHB02eyiSfxnBdq57dg1Z9H7-1-_xr_qtsaew3wdmHRp7s9DDQwOG7d1YH8Sil2tmqhARwNTE9UDRFvBtcaXtoCExJtuJYrhIQSDPBvqkVA75sovm--1nzVhbGr59qhX9MixBHHGHPa6wJn6ULjx13wsboeGZ670UGr679SVxPLNMQ9bOdO2X5ls18Rqo3fRsEEwd3xPssULWniUBy4549RX4b8lnmTYeFiURNUbsXUUSscfd3-nvBjEEnYhG9tFkpGrfwm2zgXZjUsBmlyx2dAC_caAiVROZ0oCzvK-qrF16FsheY1ofoCEj1a5mKSf5UF0QupOLo_nNkSZqgBRGMBBE1U1iW_SikZPFX0arrbHrsqcre92XArTCDOzHyDiZnOOsgL0cKIjSKxgXwQ73eF_rt9x_IDpwHoERDB1HMxP7BsGbAxKkZcXixNtuyGE-oBkA_vb_Fao9PeHhTTWU3oVTRCm2aZ4akF6k-PkB0rza3xdMYM-sNYtFKlRdtnbRaoXHuf5-lqriHh5Z1jVEUEDGn-Jf8xOqxKvz7PbibNXsC9rEAr2uzPOquPCcswFFtbxHCtPijl2NfZqHwkaOLN7jlRqZyhV7UvuqKVW1sz6VGPXK7aOGFx4CKp8HcIhpeJsEczk1RnYjZQ3xpA-hySqIn8RlSxU6wK1UmVSOdxVFb3dmXYyNYg_poC6uNrWwc0k9sK0Z2leTYfl-dgN3f4i89_Pe2-bN2b_3q9cvJ98G06YejuBz0IB9oKTbrtncedel1mTPrtLmIq_RkxpjuncmSWV-l0cALcGBStsQ22j_3Yn6QrJwqxc3BB0geQWr6_d-FHxgnYH_ZpZQQA9S38kh-Aos2xQrApjPsCt5I8yYOmnkhlNshqiWOEmeFYy5ZbG1fmQ5qWlfcTtq3fBNNnl2_L4y2C9wuvCzc-CTuw_WH23hnQZu90ZR1pgS_jACtRWXX6s6Ynxc0fif_RgtFGhTC5nEdE2VCaQng09Ko7sGOJflvhUj-xy4XHgPtBnMXygLCmnMoSgjr3E1QC-cCUaXyoGiddtjZOIILN4Zoo1lpS544L5sYn0YZbebtZoxP5JN9SDWWuetnF4QkfpxyfQQKszL4qP0&cid=CAQSOwBygQiDE25YN4ugM06yUqlq0AP9bsxBOy95UCCdIK14hTzdTOzq-ChaUVwHseSVE7YO39E0S7JrT1MTGAE&dc_exteid=31111773411230573230619747592543393&dc_pubid=4
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0D19 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CM8pIRw6HZKiTMYqk-gat8YuIB9qxuf5wlO_CufkRjqq9n9k8EAEgwLKCa2CV4pCCoAegAdOp3fkCyAEGqQLnpdReQAmyPqgDAaoE3wFP0Lyl84nRmqJcoP06HbTm7oxCuC0Q4yGrQw0Aky6p9hWTTsicZLGL6CH_8vjri5NLa4Pd1lswKh2yghYekw6TAmwSfKfgduvqU1rtfDJHiDDwQGHCdTt04mCDBz07GhJUu_7fbVTAekXU0bZOJ-Jf9ugP5rV16MwMu4gByVG6XyC7nCSM4t4jiZtzWLLRtWOiPZSYus6ipZl70VW532JhpsGkyJErevqgfHVmeV1A4Y6aD630LuVYZgApc0xvHYIwiM4mqUFnfVJ4hKm6eSOreoLhDyE7yjXZS7A9eF7bwASUm4P-wQTgBAOIBfjZ17lLkgUGCAMQAhgBkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAeV1qKGAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcKEPOvBRil9e_sAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgPICwGwE_rU1RPIE5e6heMD0BMA2BMNiBQE2BQB0BUBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=qeUQjpcCg6k&uach_m=[UACH]&cid=CAQSOwBygQiDE25YN4ugM06yUqlq0AP9bsxBOy95UCCdIK14hTzdTOzq-ChaUVwHseSVE7YO39E0S7JrT1MTGAE&template_id=509&vt=10
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
index.html
s0.2mdn.net/sadbundle/2643589595411275818/ Frame 9A47 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
934e4c5bf691cb219893679833277e4f7e475523532e0d123afe9b154507e76b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
161899
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1505
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Jun 2023 15:25:17 GMT
expires
Sun, 09 Jun 2024 15:25:17 GMT
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C06D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsufcw1Y30XswJR6akl_CHeK3lkghxsTkLUGn_vwiy9TZ_KtB6dgb-BWiW7nsnRtsNCePN0ALXwH9j7bTsa-VcuW2L8iS0f3W1pPZtdPkbItC3xFCn75MHub_wnlHq6vCLdV9CzSJXuobJxrrU1idxtz2c751DKJvwLltXUVLS4yTrEbf3u5nQ3tnGM6Kl73Dse4avnQUgMHCafPQpb7ZDGv7f-x6yOgdk19tX6Fy_sL0Z6wqBGv-pCkexv3emIGgwAD5NjUxFkcO2DdVzu3FFVp390ma2D7B82MTdBNcD0YZDmu_03mq7YwJqy6C4s-cjck26q2hpk-Ptm3miyXi6zoYazq61E2X7cgFyGsQLgU4DLsTXAyOvgFvmp-qA0GuUTEBz0Z6k8c52cBI3BlNI55V4HzLW2jNmrdD-fVRom1O363XMu4Viz1FTrbk57Bb6p8EekAmA0ueJh_Uf9N6BZZeGoG5CfGRNHm8x8NoeJl-OHrBMVITzyj_O6pTrRULqYtsr2v8HZ-ocYWQC8Dq8cRIE-CqeA-jKeN4PzacKsLcy-Oc340ir6reMOhSPQS7G9DRXuXXBMyi75wa_jnSvHwA_pl9YASZbxqYzejHTN7OvACBBXQm5neARO7N33PsbFt18Ec8wt4fz_ywkOHE2hPXLo6b5rLuydYiu7LkJs-hhSzryi3m7L8CLHEA6E8qewMtsysS-LKS6RV7vhKgYXbEFA8aNVZYZ4oPYKHmoMGf1_DIgahyhflEtcb411mn_2Y2rboUGohwRSS66ybajs0c2-2M2n1aR7cafKzt1hJigcl55na_OxMeSHsKYWzx05vz12D6OAWaBiZELtMKwD7gaWhC3kdVbXz6ENmY68eJ5ghK-wUWmHlop3yOkz_dYs23nz0H6_b1QRLrUKmicrufyyluj1JarbZ57YJkzrTlAvUcTvzcAHYrR2krlCUGBSJMgIPKfoyTicrUZEVyYpYuzQnGi7oDSgCVcG0PXdHrwvCMpk0dRTNHVACYqwpXD8u0NF59QZ2rxKb1via6RMpymFz-1J5kAQ1db4mMX9NUdofJQNVQBApKSOl5Miuetc1glo_hTHYI3yCaSgsjDZWYD46HOPE36ncjuq9wVQj6RJxphjHVubMUWxXnEAE3QqCN31qH3YdTZM93L1M6F28NRwsau2de4wVcb_wA5vjgOhXp4m2GBNY3Y0fPwA8O-HWXglpjtaRwicM0uTV90rKOpx1X9rCyNPDG4SjePI7s44C_0qY7hblpcqCYVV2w6bydq8mUJip1DSgVitLKYHndP0qvBb1&sai=AMfl-YQ7mOzpB1VaCX5bilra7Zij3wDSrMOKAInmc6jEMoEC1euyJFNAu1Vk6rUzBjOuCFIpS7EmFHjhAJeyOkMLVwA1O-CuVqPzlLEQOByz4Pq99ycXm28guan7MrdyihE0VzYFLchtOlkB386qydyzCq39JKTmCXo77J6tzIsWIVFE1hmTaJqakJlIJvr2pLAUMnszP6nbJZiXxvgMZ7zKIJ8EA1ofckjLTfRdnEm0BHDFrTSXkOefUZD35sI8zB13bi5D&sig=Cg0ArKJSzOqwXaAoP84tEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=195&cbvp=1&cstd=192&cisv=r20230607.48544&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:23:36 GMT
px.gif
d.adtriba.com/ Frame C06D
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202210_es_hunger_dv_pros_347628237&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
3.126.58.194 -, , ASN (),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:23:36 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Mon, 12 Jun 2023 12:23:36 GMT
Last-Modified
Mon, 12 Jun 2023 12:23:36 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3916 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvC5z3F3zAuXxaCYODPOyM79KnP8Zfy_LzP5YggHBcjXKnFkxvhL_P9pJhPG00CSuCG-3bSiqNM7w6gINkVRgKf-zcIXay5v1hBPdXF-0kgaEhnAnkwZU7GbEEqmPPByX29Z9xv5U19ArAs_a-HcX8j9Pe_HaG2rsdMJUGhFY4u9CyTg7PutCeUgq0XKi1T_RAdQ-nGvJk8n4mpTgqud2JUGqsI3RTRfbR8RcoZBcbxfhAk-PnETohmRI5s5WKEFfSlJlYWUjr88wWuCXai27km2JtypcD7a4j_Si_bl-kAQcyftEYGTt8EFb20WkJR_o73rNJXPDMZ-0FcYYMh5vPBguZI7afDflhSo0tCnVFDRFUIzl-fB0rDi8s-&sai=AMfl-YQGlRDo7hc8r5p9P6tbAduGBs0UVyrC8FXnkuPgHgj80STDUp2ATm3W-lI9y3C3ficQKgbr9mvY6UWhPN2MPunEq8CKpXakN7Fh_aLohRA&sig=Cg0ArKJSzLCeA5D2-H_uEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 12 Jun 2023 12:23:36 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3916 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230607&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c84654ba81c9df7ab553e3fbfb56add887abf48b9d75c83ce5ac1fb35eded572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11204
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 47E5
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECkxzPiNIFqySRJSNwWDEkM&google_cver=1&google_push=ATf1kGOVGwJwrU2Hdc75hEUA7s6ZRX-J8QDhi33SDXhu781qO3bAXYNZPw...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOVGwJwrU2Hdc75hEUA7s6ZRX-J8QDhi33SDXhu781qO3bAXYNZPwrqPtzafVfJghqV7Cy4fr45IMGz2z5wKd1CS5q_KVc6Ag&google_hm=-UpnHDZCa2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOVGwJwrU2Hdc75hEUA7s6ZRX-J8QDhi33SDXhu781qO3bAXYNZPwrqPtzafVfJghqV7Cy4fr45IMGz2z5wKd1CS5q_KVc6Ag&google_hm=-UpnHDZCa2I4dDV4K-4QrQ
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOVGwJwrU2Hdc75hEUA7s6ZRX-J8QDhi33SDXhu781qO3bAXYNZPwrqPtzafVfJghqV7Cy4fr45IMGz2z5wKd1CS5q_KVc6Ag&google_hm=-UpnHDZCa2I4dDV4K-4QrQ
pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 47E5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN7Q5MrWpm__RwVD-UvmJN0&google_cver=1&google_push=ATf1kGPgMzG4eejUYLzhqJpMEy27we0WcAiv2CBcsI_iAfCSLjDgFyAg2ui5oMUrAoVeoS7xtuk7i34a...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN7Q5MrWpm__RwVD-UvmJN0&google_cver=1&google_push=ATf1kGPgMzG4eejUYLzhqJpMEy27we0WcAiv2CBcsI_iAfCSLjDgFyAg2ui5oMUrAoVeoS7xtuk...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE4MTM0MTkxNjc1OTc0OTY3Ng&google_push=ATf1kGPgMzG4eejUYLzhqJpMEy27we0WcAiv2CBcsI_iAfCSLjDgFyAg2ui5oMUrAoVeoS7xtuk7i3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE4MTM0MTkxNjc1OTc0OTY3Ng&google_push=ATf1kGPgMzG4eejUYLzhqJpMEy27we0WcAiv2CBcsI_iAfCSLjDgFyAg2ui5oMUrAoVeoS7xtuk7i34aXJVT25slN1GS3ZC7QGJB
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE4MTM0MTkxNjc1OTc0OTY3Ng&google_push=ATf1kGPgMzG4eejUYLzhqJpMEy27we0WcAiv2CBcsI_iAfCSLjDgFyAg2ui5oMUrAoVeoS7xtuk7i34aXJVT25slN1GS3ZC7QGJB
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 47E5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA9HosoRPP7nBVpln5ihCA8&google_cver=1&google_push=ATf1kGO_y2bzqKNzuF1tuKzmCR2nQuksozcFLdvnmZWLkac-d8udmBtWfpGaOBGKnawPXG8vSbY...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElTVFNEV0ktMUItQjlRQQ==&google_push=ATf1kGO_y2bzqKNzuF1tuKzmCR2nQuksozcFLdvnmZWLkac-d8udmBtWfpGaOBGKnawPXG8vSbYCmHqsLksEfeYaq8UV4rpz77bFEw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElTVFNEV0ktMUItQjlRQQ==&google_push=ATf1kGO_y2bzqKNzuF1tuKzmCR2nQuksozcFLdvnmZWLkac-d8udmBtWfpGaOBGKnawPXG8vSbYCmHqsLksEfeYaq8UV4rpz77bFEw
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElTVFNEV0ktMUItQjlRQQ==&google_push=ATf1kGO_y2bzqKNzuF1tuKzmCR2nQuksozcFLdvnmZWLkac-d8udmBtWfpGaOBGKnawPXG8vSbYCmHqsLksEfeYaq8UV4rpz77bFEw
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame 47E5
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEO3blkK9DUVutkgKeI8Sy4E&google_cver=1&google_push=ATf1kGOY-xo3u1mV0EeGvhrr3Z3lKQG09dZkgKRYZPQobc2Ftqva8J0OI_lA7eD162u80oEBsCBRWpayRAC3t-Vn...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOY-xo3u1mV0EeGvhrr3Z3lKQG09dZkgKRYZPQobc2Ftqva8J0OI_lA7eD162u80oEBsCBRWpayRAC3t-VngPzuE-vEtTCj
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOY-xo3u1mV0EeGvhrr3Z3lKQG09dZkgKRYZPQobc2Ftqva8J0OI_lA7eD162u80oEBsCBRWpayRAC3t-VngPzuE-vEtTCj
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Jun 2023 12:23:36 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGOY-xo3u1mV0EeGvhrr3Z3lKQG09dZkgKRYZPQobc2Ftqva8J0OI_lA7eD162u80oEBsCBRWpayRAC3t-VngPzuE-vEtTCj
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
SwhXRVQv6_hGcq2JGuBZjKa7SwCv5Ix-aaO4sB8IEX_4isE92lA91Q==
pixel
cm.g.doubleclick.net/ Frame 47E5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMTrvQmgeeWAws32p-RyMtU&google_cver=1&google_push=ATf1kGNBZ3sFdUIP6QKWgO_JREWxyvBbBTgYWcQ5uzhWu_DBnchAHgSVqeHiXLz_qC862zKJyW6v5H5qg2Iy...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNBZ3sFdUIP6QKWgO_JREWxyvBbBTgYWcQ5uzhWu_DBnchAHgSVqeHiXLz_qC862zKJyW6v5H5qg2IyP6XY3HsosnOIj18DRg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNBZ3sFdUIP6QKWgO_JREWxyvBbBTgYWcQ5uzhWu_DBnchAHgSVqeHiXLz_qC862zKJyW6v5H5qg2IyP6XY3HsosnOIj18DRg
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNBZ3sFdUIP6QKWgO_JREWxyvBbBTgYWcQ5uzhWu_DBnchAHgSVqeHiXLz_qC862zKJyW6v5H5qg2IyP6XY3HsosnOIj18DRg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 47E5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGPX8v66O2_xrezhsi_IWkiTn8GyHZwKQ546JR2vNXpCl1SWVSk6Iiz7U2qJy7DFp1QQ05QKA480Av9CofiDFbQypLubkkFMeg&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-53b9ccea-a419-44c2-83a3-61e45c1d27d9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGPX8v66O2_xrezhsi_IW...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPX8v66O2_xrezhsi_IWkiTn8GyHZwKQ546JR2vNXpCl1SWVSk6Iiz7U2qJy7DFp1QQ05QKA480Av9CofiDFbQypLubkkFMeg&google_hm=A1O5zOqkGUTCg6Nh5FwdJ9k
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPX8v66O2_xrezhsi_IWkiTn8GyHZwKQ546JR2vNXpCl1SWVSk6Iiz7U2qJy7DFp1QQ05QKA480Av9CofiDFbQypLubkkFMeg&google_hm=A1O5zOqkGUTCg6Nh5FwdJ9k
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPX8v66O2_xrezhsi_IWkiTn8GyHZwKQ546JR2vNXpCl1SWVSk6Iiz7U2qJy7DFp1QQ05QKA480Av9CofiDFbQypLubkkFMeg&google_hm=A1O5zOqkGUTCg6Nh5FwdJ9k
date
Mon, 12 Jun 2023 12:23:36 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX53b9cceaa41944c283a361e45c1d27d9003
content-type
text/html
sync
ssbsync.smartadserver.com/api/ Frame 47E5 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOKy2ibjP_V_fqRqc-D5dn0&google_cver=1&google_push=ATf1kGMOmzGQ4FoBCgudblxmmgJR1JUu2MjcMKFmjYUOQT8QnUq4Id7lSlicuLIbnP-cI01pxRpPpsGQYPRtS-8TgMoYfKKggkWK
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 47E5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JdVvmxAqmyx33eS_54nixxOKcfPVLvMVrRk1LnJub3_98HpI0nH6MAaDGzl4BRPipwa7Ch
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2273 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
342173
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jun 2023 13:20:43 GMT
expires
Fri, 07 Jun 2024 13:20:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 017B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENkBPFO_q5aqYiDVYVTnpAU&google_cver=1&google_push=ATf1kGP0uacxo1ULA6G6WcLD0iql7rIzOJtIPw3htilah1tPiw-Q5IVS3jUxu5aA-zhSkovSOYLZizVgHPKvl0jjMTMFvcRsps6C
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODQ3NTUzMjcwODY0MTcxMzA1OA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENkBPFO_q5aqYiDVYVTnpAU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENkBPFO_q5aqYiDVYVTnpAU&google_cver=1
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENkBPFO_q5aqYiDVYVTnpAU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 017B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGOxCbx4WvyFcIQN6dSld73O6uPoOBvddhs7K-xu4PGex2RSmle3gs3RdNs37ZkniQwLHeDMwEyE-sNnUZb907_iEaBh3og&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGOxCbx4WvyFcIQN6dSld73O6uPoOBvddhs7K-xu4PGex2RSmle3gs3RdNs37ZkniQwLHeDMwEyE-sNnUZb907_iEaBh3og...
43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGOxCbx4WvyFcIQN6dSld73O6uPoOBvddhs7K-xu4PGex2RSmle3gs3RdNs37ZkniQwLHeDMwEyE-sNnUZb907_iEaBh3og&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOxCbx4WvyFcIQN6dSld73O6uPoOBvddhs7K-xu4PGex2RSmle3gs3RdNs37ZkniQwLHeDMwEyE-sNnUZb907_iEaBh3og%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Server
2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:37 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d6210e869ad9250-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
85
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGOxCbx4WvyFcIQN6dSld73O6uPoOBvddhs7K-xu4PGex2RSmle3gs3RdNs37ZkniQwLHeDMwEyE-sNnUZb907_iEaBh3og&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGOxCbx4WvyFcIQN6dSld73O6uPoOBvddhs7K-xu4PGex2RSmle3gs3RdNs37ZkniQwLHeDMwEyE-sNnUZb907_iEaBh3og%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d6210e70fff9250-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 017B
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMcxQumpZZNPJgRviAq_fPo&google_cver=1&google_push=ATf1kGO82WPNIsBV_uJYzQ8zsoGRxhpCaMOwRpvldmwWAMUWluSlAmvLlJWzVd4TKMinL78QLcO7CXd3Uhxx9d9p...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=fJ4jgA_SRJeoOR-r0CBhtg2&google_push=ATf1kGO82WPNIsBV_uJYzQ8zsoGRxhpCaMOwRpvldmwWAMUWluSlAmvLlJWzVd4TKMinL78QLcO7CXd3Uhxx9d9p3Wjr7p5A_4h9
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=fJ4jgA_SRJeoOR-r0CBhtg2&google_push=ATf1kGO82WPNIsBV_uJYzQ8zsoGRxhpCaMOwRpvldmwWAMUWluSlAmvLlJWzVd4TKMinL78QLcO7CXd3Uhxx9d9p3Wjr7p5A_4h9
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Jun 2023 12:23:36 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=fJ4jgA_SRJeoOR-r0CBhtg2&google_push=ATf1kGO82WPNIsBV_uJYzQ8zsoGRxhpCaMOwRpvldmwWAMUWluSlAmvLlJWzVd4TKMinL78QLcO7CXd3Uhxx9d9p3Wjr7p5A_4h9
x-host
tde-deliveryengine-production-768c8bf7ff-5s82v
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 017B
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHiAFcL83pSKb_QWxB9P7tw&google_cver=1&google_push=ATf1kGOg19Ai76mLk2_8_2X7DsAotNNVNrZLjVYO6wslFFcyM087y7BSiM4jNmcLoTIm-L3xlH5Rt7y37Pjmh2hmH...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHiAFcL83pSKb_QWxB9P7tw&google_cver=1&google_push=ATf1kGOg19Ai76mLk2_8_2X7DsAotNNVNrZLjVYO6wslFFcyM087y7BSiM4jNmcLoTIm-L3xlH5Rt7y37Pjmh2hmH...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOg19Ai76mLk2_8_2X7DsAotNNVNrZLjVYO6wslFFcyM087y7BSiM4jNmcLoTIm-L3xlH5Rt7y37Pjmh2hmH1oszNsbSfLC&google_hm=GzanvGZHTWdq7QrzTCmW8zZd
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOg19Ai76mLk2_8_2X7DsAotNNVNrZLjVYO6wslFFcyM087y7BSiM4jNmcLoTIm-L3xlH5Rt7y37Pjmh2hmH1oszNsbSfLC&google_hm=GzanvGZHTWdq7QrzTCmW8zZd
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Jun 2023 12:23:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOg19Ai76mLk2_8_2X7DsAotNNVNrZLjVYO6wslFFcyM087y7BSiM4jNmcLoTIm-L3xlH5Rt7y37Pjmh2hmH1oszNsbSfLC&google_hm=GzanvGZHTWdq7QrzTCmW8zZd
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 017B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMTrvQmgeeWAws32p-RyMtU&google_cver=1&google_push=ATf1kGM8M7Xv0XMi4-jPs4nykkMPTSn25xxinYTenkEKU9IuyWRZXmR29WWIcbgZvZzCiEny8vSQt8dFnt0B...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGM8M7Xv0XMi4-jPs4nykkMPTSn25xxinYTenkEKU9IuyWRZXmR29WWIcbgZvZzCiEny8vSQt8dFnt0Bad0DKy8KUUjsmk3O
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGM8M7Xv0XMi4-jPs4nykkMPTSn25xxinYTenkEKU9IuyWRZXmR29WWIcbgZvZzCiEny8vSQt8dFnt0Bad0DKy8KUUjsmk3O
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGM8M7Xv0XMi4-jPs4nykkMPTSn25xxinYTenkEKU9IuyWRZXmR29WWIcbgZvZzCiEny8vSQt8dFnt0Bad0DKy8KUUjsmk3O
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 017B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIG65DxU6W33J3seL-8pr70&google_cver=1&google_push=ATf1kGNqa5tSRGyX2FPkBMJ790NgfP6GhHmyMOJKgGPFxsuYD3zlGAuPfZrNUmugvz4OntMU2A...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIG65DxU6W33J3seL-8pr70&google_cver=1&google_push=ATf1kGNqa5tSRGyX2FPkBMJ790NgfP6GhHmyMOJKgGPFxsuYD3zlGAuPfZrNUmugvz4OntMU2A...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS16RlB0cXYxRTJ1RWhoLk11aGFzcExvSVJndlo2QkExan5B&google_push=ATf1kGNqa5tSRGyX2FPkBMJ790NgfP6GhHmyMOJKgGPFxsuYD3zlGAuPf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS16RlB0cXYxRTJ1RWhoLk11aGFzcExvSVJndlo2QkExan5B&google_push=ATf1kGNqa5tSRGyX2FPkBMJ790NgfP6GhHmyMOJKgGPFxsuYD3zlGAuPfZrNUmugvz4OntMU2AJbm6OmW2VZ02qAtWosGktNr5MDRg
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS16RlB0cXYxRTJ1RWhoLk11aGFzcExvSVJndlo2QkExan5B&google_push=ATf1kGNqa5tSRGyX2FPkBMJ790NgfP6GhHmyMOJKgGPFxsuYD3zlGAuPfZrNUmugvz4OntMU2AJbm6OmW2VZ02qAtWosGktNr5MDRg
date
Mon, 12 Jun 2023 12:23:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0.gif
id5-sync.com/i/495/ Frame 017B
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEPQh1YZzy9Qz_lEML_aLJS8&google_cver=1&google_push=ATf1kGMn1BiZdER7TepFCXxDII2kBfSf_lokTVib2dKlgpg_nPTk00e6L1XVX2XxEDE0_P4AfLbf4Cfq_kOqqRhd5ydSQ7uOuHjcnQ
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMn1BiZdER7TepFCXxDII2kBfSf_lokTVib2dKlgpg_...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMn1BiZdER7TepFCXxDII2kBfSf_lokTVib2dKlgpg_nPTk00e6L1XVX2XxEDE0_P4AfLbf4Cfq_kOqqRhd5ydSQ7uOuHjcnQ
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Server
162.19.138.120 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 12 Jun 2023 12:23:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Mon, 12 Jun 2023 12:23:37 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMn1BiZdER7TepFCXxDII2kBfSf_lokTVib2dKlgpg_nPTk00e6L1XVX2XxEDE0_P4AfLbf4Cfq_kOqqRhd5ydSQ7uOuHjcnQ
x-download-options
noopen
vary
Accept
content-length
273
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 017B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J966zdXsS1cy9THV9RTWbXOJLRcY1jj9zcygGyWfr_u-hMc--0a72jgiDpZdswH_RrWZ2IP0I
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
i.match
s.tribalfusion.com/z/ Frame 5E38
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGO1ygH4-nGOgCTsTYMkXcUOaHpLE0sI9ts_7-FR8vPK8hPK13TfKCZy6llGOabEs1utfeV1t8vfVkRK7mxd65erydJS4yI&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGO1ygH4-nGOgCTsTYMkXcUOaHpLE0sI9ts_7-FR8vPK8hPK13TfKCZy6llGOabEs1utfeV1t8vfVkRK7mxd65erydJS4yI...
43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGO1ygH4-nGOgCTsTYMkXcUOaHpLE0sI9ts_7-FR8vPK8hPK13TfKCZy6llGOabEs1utfeV1t8vfVkRK7mxd65erydJS4yI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO1ygH4-nGOgCTsTYMkXcUOaHpLE0sI9ts_7-FR8vPK8hPK13TfKCZy6llGOabEs1utfeV1t8vfVkRK7mxd65erydJS4yI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:37 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d6210e869ae9250-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
448
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGO1ygH4-nGOgCTsTYMkXcUOaHpLE0sI9ts_7-FR8vPK8hPK13TfKCZy6llGOabEs1utfeV1t8vfVkRK7mxd65erydJS4yI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO1ygH4-nGOgCTsTYMkXcUOaHpLE0sI9ts_7-FR8vPK8hPK13TfKCZy6llGOabEs1utfeV1t8vfVkRK7mxd65erydJS4yI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d6210e708009250-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5E38
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEN8JfJBvdWota7VACBlP0go&google_cver=1&google_push=ATf1kGOIUFCTZwmVszb-8pvJfSOk8v1_3VEQgg_S9zzw6HpJI4var5yW74xrpr_hwbu4BNeIUSd2H_jIw0I...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGOIUFCTZwmVszb-8pvJfSOk8v1_3VEQgg_S9zzw6HpJI4var5yW74xrpr_hwbu4BNeIUSd2H_jIw0ISM4A5y9cXrey-2Mk&google_hm=NJiJM9S1TLmL-_labj8J7YM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGOIUFCTZwmVszb-8pvJfSOk8v1_3VEQgg_S9zzw6HpJI4var5yW74xrpr_hwbu4BNeIUSd2H_jIw0ISM4A5y9cXrey-2Mk&google_hm=NJiJM9S1TLmL-_labj8J7YM
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:35 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGOIUFCTZwmVszb-8pvJfSOk8v1_3VEQgg_S9zzw6HpJI4var5yW74xrpr_hwbu4BNeIUSd2H_jIw0ISM4A5y9cXrey-2Mk&google_hm=NJiJM9S1TLmL-_labj8J7YM
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5E38
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMcxQumpZZNPJgRviAq_fPo&google_cver=1&google_push=ATf1kGNqil8KVkJ5iuTnTvvqSfshxz0zJ7NPvGiMOoeihyoH-TkSMfdT7itNwdppxwST8rGsivcSnK_gvrywUJw7...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=r2WyuPTqRtmu9836XnSNXw2&google_push=ATf1kGNqil8KVkJ5iuTnTvvqSfshxz0zJ7NPvGiMOoeihyoH-TkSMfdT7itNwdppxwST8rGsivcSnK_gvrywUJw7PaNemoNcQwgM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=r2WyuPTqRtmu9836XnSNXw2&google_push=ATf1kGNqil8KVkJ5iuTnTvvqSfshxz0zJ7NPvGiMOoeihyoH-TkSMfdT7itNwdppxwST8rGsivcSnK_gvrywUJw7PaNemoNcQwgM
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Jun 2023 12:23:36 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=r2WyuPTqRtmu9836XnSNXw2&google_push=ATf1kGNqil8KVkJ5iuTnTvvqSfshxz0zJ7NPvGiMOoeihyoH-TkSMfdT7itNwdppxwST8rGsivcSnK_gvrywUJw7PaNemoNcQwgM
x-host
tde-deliveryengine-production-768c8bf7ff-856ht
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5E38
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIGDEjmUPBLKBGCYlRTVF48&google_cver=1&google_push=ATf1kGPCdBUEAVvjql3oRgJ3Gcvc3many9cjwZVmGq1p-ah21butVOqmyCygyF_nyanQ6ZZvHT1VuAVMUp_VXFJMSDOK...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685628058804016&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPCdBUEAVvjql3oRgJ3Gcvc3many9cjwZVmGq1p-ah21butVOqmyCygyF_nyanQ6ZZvHT1VuAVMUp_VXFJMSDOKkOhokDxX&google_hm=Nf8FLe9xRUCpEYdljULUYw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPCdBUEAVvjql3oRgJ3Gcvc3many9cjwZVmGq1p-ah21butVOqmyCygyF_nyanQ6ZZvHT1VuAVMUp_VXFJMSDOKkOhokDxX&google_hm=Nf8FLe9xRUCpEYdljULUYw==
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPCdBUEAVvjql3oRgJ3Gcvc3many9cjwZVmGq1p-ah21butVOqmyCygyF_nyanQ6ZZvHT1VuAVMUp_VXFJMSDOKkOhokDxX&google_hm=Nf8FLe9xRUCpEYdljULUYw==
date
Mon, 12 Jun 2023 12:23:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5E38
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEBVtUH8S2gqba7A48XRkVjk&google_cver=1&google_push=ATf1kGPX07HxUihbkmA1L4V5pnRySA52LWz27LbbAqQ7PclNjj-GhMnRuokuvsBPbXVmG_hwp18pMwi1FzSqbhJ0gPxzOk...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBVtUH8S2gqba7A48XRkVjk&google_cver=1&google_push=ATf1kGPX07HxUihbkmA1L4V5pnRySA52LWz27LbbAqQ7PclNjj-GhMnRuokuvsBPbXVmG_hwp18pMwi1FzSqbhJ0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=wW_RqhNcTRuAVIHjNolQ-g&google_push=ATf1kGPX07HxUihbkmA1L4V5pnRySA52LWz27LbbAqQ7PclNjj-GhMnRuokuvsBPbXVmG_hwp18pMwi1FzSqbhJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=wW_RqhNcTRuAVIHjNolQ-g&google_push=ATf1kGPX07HxUihbkmA1L4V5pnRySA52LWz27LbbAqQ7PclNjj-GhMnRuokuvsBPbXVmG_hwp18pMwi1FzSqbhJ0gPxzOk-fmP0_
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=wW_RqhNcTRuAVIHjNolQ-g&google_push=ATf1kGPX07HxUihbkmA1L4V5pnRySA52LWz27LbbAqQ7PclNjj-GhMnRuokuvsBPbXVmG_hwp18pMwi1FzSqbhJ0gPxzOk-fmP0_
access-control-allow-origin
*
date
Mon, 12 Jun 2023 12:23:36 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 5E38
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGPCxo3WoeT1NYXBmrz44fbM-XhpUK25v6Op-X8u3ijmJiHeNM4QvRFQp0NfSHuoWujcgvWJnHE3ts8kEkHQcl1DvRl9248z&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-53b9ccea-a419-44c2-83a3-61e45c1d27d9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGPCxo3WoeT1NYXBmrz44...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPCxo3WoeT1NYXBmrz44fbM-XhpUK25v6Op-X8u3ijmJiHeNM4QvRFQp0NfSHuoWujcgvWJnHE3ts8kEkHQcl1DvRl9248z&google_hm=A1O5zOqkGUTCg6Nh5FwdJ9k
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPCxo3WoeT1NYXBmrz44fbM-XhpUK25v6Op-X8u3ijmJiHeNM4QvRFQp0NfSHuoWujcgvWJnHE3ts8kEkHQcl1DvRl9248z&google_hm=A1O5zOqkGUTCg6Nh5FwdJ9k
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPCxo3WoeT1NYXBmrz44fbM-XhpUK25v6Op-X8u3ijmJiHeNM4QvRFQp0NfSHuoWujcgvWJnHE3ts8kEkHQcl1DvRl9248z&google_hm=A1O5zOqkGUTCg6Nh5FwdJ9k
date
Mon, 12 Jun 2023 12:23:36 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX53b9cceaa41944c283a361e45c1d27d9003
content-type
text/html
0.gif
id5-sync.com/i/495/ Frame 5E38
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEPQh1YZzy9Qz_lEML_aLJS8&google_cver=1&google_push=ATf1kGO8e2cxsj4O0d5LuW4mUiSLtZUwO-fWOYNZckrRZgkJl0q8c1WPX4ZUQpyTdBkpYsnY0zdI185xHp2Aapbq18ZzWOCFcc7TYQ
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGO8e2cxsj4O0d5LuW4mUiSLtZUwO-fWOYNZckrRZgkJ...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGO8e2cxsj4O0d5LuW4mUiSLtZUwO-fWOYNZckrRZgkJl0q8c1WPX4ZUQpyTdBkpYsnY0zdI185xHp2Aapbq18ZzWOCFcc7TYQ
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Server
162.19.138.120 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 12 Jun 2023 12:23:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Mon, 12 Jun 2023 12:23:37 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGO8e2cxsj4O0d5LuW4mUiSLtZUwO-fWOYNZckrRZgkJl0q8c1WPX4ZUQpyTdBkpYsnY0zdI185xHp2Aapbq18ZzWOCFcc7TYQ
x-download-options
noopen
vary
Accept
content-length
273
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 5E38 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KzcmKXAI9R_jku7qwVIZRfautMnH-33Zha7AhXg3r0QrKobmCbwNpvoOb3voOxFhP-cuR1kQ
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F67C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
342173
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jun 2023 13:20:43 GMT
expires
Fri, 07 Jun 2024 13:20:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0FB2 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:16:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3EA6 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Jun 2023 13:19:10 GMT
etag
48472445140208031
expires
Mon, 12 Jun 2023 13:19:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 81D5 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
934b933e2a34376018b12f0b01823e860c6652cb37af7eec8fd0db8f81780895

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame FE0A 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
421
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:16:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D609 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Jun 2023 13:19:10 GMT
etag
48472445140208031
expires
Mon, 12 Jun 2023 13:19:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0D19 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5435d7a091349fc59fabf3f2e317ed55c528fce9f3d77b8e85e0ed919ae520cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
styles.css
s0.2mdn.net/sadbundle/2643589595411275818/ Frame 9A47 		829 B
431 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
6c3294ef598667c6169398d34721280ddbc9dffcba5bc3ac190357374f841347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 05:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
458211
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
402
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Jun 2024 05:06:45 GMT
tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9A47 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37530
x-xss-protection
0
last-modified
Tue, 06 Sep 2016 20:51:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 12 Jun 2023 12:23:36 GMT
main.js
s0.2mdn.net/sadbundle/2643589595411275818/ Frame 9A47 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f66701275896763806723b24a98618b5ae17e48da67fea9132b98f31aaab60ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 09:29:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356032
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1399
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 07 Jun 2024 09:29:44 GMT
5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame EC09 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1686572613750&userId=vnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 12 Jun 2023 12:23:36 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
creative.html
s0.2mdn.net/sadbundle/2667980365141901312/ Frame 1267 		1 KB
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4317cf568ce364f433b3d3654bd15634c4e32ab44c4691b3ae41bbde15ae2b7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
445
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:36 GMT
expires
Tue, 11 Jun 2024 12:23:36 GMT
last-modified
Tue, 11 Apr 2023 11:24:13 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 275D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu4eIEBJVTQAxzpYU-X4XpwV3qk40DhtFfgHLdzWt3BDr3HVpx8x4WcRoz1eCAQp28lTN_REg3cTN4lD-pDbU1L7dUeeDpDqUzPa4pl88MQoXIj03iD9dZvnsdQD9jS4tpO7Z-3rEulqIwzhEz2jY6cijK14cnN6u2DSdqxq9_lGvCQSftbTvMqMS1kE5LNawMd82ZLf5c29IB_kiXjt6r_HVKZdT1yN6VR2AQPOFZL_GhBuW_5Z_blKZYqBNDQYgXrbcCbWHv3Dk_zNTZ6ghcFtbNXEUlGCk2H20BZ6gYA17Q66eVvAXgF_oBABFIuTJKfRsc6EbAg_I5OBOEOIMqfanTFdGtsu7a5lmxyFqFHzZgiPMUQk54rfSl7-6fa_vBDJqohdruQ0VEgv0aHnPdS6WTEA-9u6lxw3poVttRmXemdhgD5dUFO_CuvQRnI_FCBZuOtfQR5Slw8QSmVeyIBOLZrYKJSh3oJ2n8YM37rKBrVg9Jt6OtwAmjNQGD_6rB_1rFp7U0Dfba0KGv1VZBOG2T9m17HVtP92TVVLSMARaNf8L_2NETfjPUbaqmMAJc80Y-QY1hvOjr1IWB1JQkhclVLkzqmKd3xXpHLn5c7Ir8JSlde0oQ-HXdGTCJZLBiuJLKxFNWcY7m9wbYlQbAIb4mMx6ffHLOz_0haWy79YC92BGwfTjnNfb9fidA00AaB24ozQWHMbu17-k229ZD-XwBWbjOsSKmbVsE7ZrMRZHTQ7MYcpCgaGQdpljmWR0__wvnhP4hlpVUMEOeDviIkXKls3urexo3oISbNp8mdRYcN5oxHRwzRw1K9cRbd66KVenEXTsaNYpl932GH_NzL7jX8yzR3Drm4TtUyKMsDX2ID6jCm3-DzDlfc-5Nd7H92iWySACBpqp3SNbUp9WhhebQ0IN4fS4I-K4XkDtWfytAPYIy852GAyvEO31L75yVExaqPNKd0TTXq35tltnTT6RdEi_OsxUvWL-nI0gVl1je9HAl4j8dqnxIA_IZjZLpmQuPp2a0dVV7HXPV_gdzAl7tKaEicmBxTh50Acv7S2Snie1qSW6fQQDL5ohkK8gIQ6WP40WwcAlTBXOQ2W0kMxcUECHLCrMx47mL56k4AG5Cy7VK6xARXev6CpPBsK_khtYJ67SrLayekF-LfmZXwz-99JrO1td-3cW5aeeuN5lj9-ARm1squHk_ExvZd6ZAhSq90PR3vPi5TKP96QS25MO62B5EG8FluNq7iWsjxbELf4pLYdNg&sai=AMfl-YSmhXE3H27IUVIraylCvIdqOhZj1_HYx8thW5_lL0Hu4BJQMy6vNlEIWjvBY3-Dg1yif4uX1G3HqQHNeIdmUkKhFcpG4WJOtqxz41lQqWFjdbKnXInarip-Rj7vahhYBpMoKW2y8Na_z6il-ixdOPU7yDCv-v30x4FPhbnf3DrZcn6ED5jUIuJwdHBTvX76LhXUDYp_VkuyxsovXPzAmlRWcEViNvj08uvIh8DXmDbbKkeyAHoKTL-qPUC1fBZ2qc7D&sig=Cg0ArKJSzAGaayPdFqqVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=202&cbvp=1&cstd=194&cisv=r20230607.45878&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 12 Jun 2023 12:23:36 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A037
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:36 GMT
expires
Mon, 12 Jun 2023 12:23:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:36 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3916 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Jun 2023 12:23:36 GMT
i.match
s.tribalfusion.com/z/ Frame 3EA6
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGNHg-8CFIcoCyOKCUHTRPOcTU4oMfgslZPdVs_cHnexmpg2oL82qyOWd9pms4Ek0n43fRJLbbJOOAfjpvJ71vHp9-F_sRpP&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGNHg-8CFIcoCyOKCUHTRPOcTU4oMfgslZPdVs_cHnexmpg2oL82qyOWd9pms4Ek0n43fRJLbbJOOAfjpvJ71vHp9-F_sRp...
43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGNHg-8CFIcoCyOKCUHTRPOcTU4oMfgslZPdVs_cHnexmpg2oL82qyOWd9pms4Ek0n43fRJLbbJOOAfjpvJ71vHp9-F_sRpP&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNHg-8CFIcoCyOKCUHTRPOcTU4oMfgslZPdVs_cHnexmpg2oL82qyOWd9pms4Ek0n43fRJLbbJOOAfjpvJ71vHp9-F_sRpP%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Server
2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:37 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d6210e8a9fc9250-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:37 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
95
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB3HtHyENVHgb9qYHBf4J0A&google_cver=1&google_push=ATf1kGNHg-8CFIcoCyOKCUHTRPOcTU4oMfgslZPdVs_cHnexmpg2oL82qyOWd9pms4Ek0n43fRJLbbJOOAfjpvJ71vHp9-F_sRpP&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNHg-8CFIcoCyOKCUHTRPOcTU4oMfgslZPdVs_cHnexmpg2oL82qyOWd9pms4Ek0n43fRJLbbJOOAfjpvJ71vHp9-F_sRpP%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d6210e7687f9250-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3EA6
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELgB5ZIXQSeUTjKedJQ9RyA&google_cver=1&google_push=ATf1kGOMJXhJru0r7Zdh8UBTi7kvtq9KJzfvaPYHbH2ZfOkQw0KYio9lINwe8_VpwkOtyNR52MavBdgu2YsZjNsbHoL5L9wgiutP
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EE246F487F2042A78EF98B8728CECC19&google_push=ATf1kGOMJXhJru0r7Zdh8UBTi7kvtq9KJzfvaPYHbH2ZfOkQw0KYio9lINwe8_VpwkOtyNR52MavBdgu2YsZjNs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EE246F487F2042A78EF98B8728CECC19&google_push=ATf1kGOMJXhJru0r7Zdh8UBTi7kvtq9KJzfvaPYHbH2ZfOkQw0KYio9lINwe8_VpwkOtyNR52MavBdgu2YsZjNsbHoL5L9wgiutP
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Jun 2023 12:23:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EE246F487F2042A78EF98B8728CECC19&google_push=ATf1kGOMJXhJru0r7Zdh8UBTi7kvtq9KJzfvaPYHbH2ZfOkQw0KYio9lINwe8_VpwkOtyNR52MavBdgu2YsZjNsbHoL5L9wgiutP
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 11 Jun 2023 12:23:36 GMT
google
match.adsrvr.org/track/cmf/ Frame 3EA6 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESELKpXwLzKPKKcIsMfGuoS0E&google_cver=1&google_push=ATf1kGMYd7qXWIJnn-BZVwNMMaRP11_mrG5sjHOMFdftGkOz9HoMYqKVh4o3trRQr6LN5YddCAxjTpsDBLfu9Y_iBa7NFSEX6fGn
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3EA6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN7Q5MrWpm__RwVD-UvmJN0&google_cver=1&google_push=ATf1kGPFajOIFOLfpIsXrmcehfWnbs5dpNg1ioVASQNMAns0814ufwCDZBWktw3nA-XkwFFpyiQd0p4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE4MTM0MTkxNjc1OTc0OTY3Ng&google_push=ATf1kGPFajOIFOLfpIsXrmcehfWnbs5dpNg1ioVASQNMAns0814ufwCDZBWktw3nA-XkwFFpyiQd0p...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE4MTM0MTkxNjc1OTc0OTY3Ng&google_push=ATf1kGPFajOIFOLfpIsXrmcehfWnbs5dpNg1ioVASQNMAns0814ufwCDZBWktw3nA-XkwFFpyiQd0p4ePDdNO7bHYXbUtuj6Ui3_
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE4MTM0MTkxNjc1OTc0OTY3Ng&google_push=ATf1kGPFajOIFOLfpIsXrmcehfWnbs5dpNg1ioVASQNMAns0814ufwCDZBWktw3nA-XkwFFpyiQd0p4ePDdNO7bHYXbUtuj6Ui3_
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 3EA6 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEJGJzmV4jwJ4uTo1_P4ACnM&google_cver=1&google_push=ATf1kGPHdFkp5Qmjh4Yg52YFONK51pQulh-4MpAMjzDfFpXjq5NYcO3-8omzIEVjvifkZyopAOCnpb7Z28fqlqP_Kzn--xMXc2bX
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
sync
ssbsync.smartadserver.com/api/ Frame 3EA6 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOKy2ibjP_V_fqRqc-D5dn0&google_cver=1&google_push=ATf1kGPwKFZMq5hjMRU8d4lJj9roLajzec0uG3JRbyhzMJj3r7wjhPogV-U8ntTdeFgg9sIRHgM6AvC0QV-DPLyzFQxAsvcGn9Rs
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
content-length
0
0.gif
id5-sync.com/i/495/ Frame 3EA6
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEPQh1YZzy9Qz_lEML_aLJS8&google_cver=1&google_push=ATf1kGOROtICyDbvKEjEe6AX7RBVidlfYM25yHMBS6T1ojAVZb0j7BzG4xWAL0U6YaVFy4e5ePpuHorSYJrdNNcWQ3XN0Z2wV2ASZw
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGOROtICyDbvKEjEe6AX7RBVidlfYM25yHMBS6T1ojAV...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGOROtICyDbvKEjEe6AX7RBVidlfYM25yHMBS6T1ojAVZb0j7BzG4xWAL0U6YaVFy4e5ePpuHorSYJrdNNcWQ3XN0Z2wV2ASZw
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
HTTP/1.1
Server
162.19.138.120 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 12 Jun 2023 12:23:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Mon, 12 Jun 2023 12:23:37 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGOROtICyDbvKEjEe6AX7RBVidlfYM25yHMBS6T1ojAVZb0j7BzG4xWAL0U6YaVFy4e5ePpuHorSYJrdNNcWQ3XN0Z2wV2ASZw
x-download-options
noopen
vary
Accept
content-length
273
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 3EA6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFrexFOn73PcuzgUK0NyeLIvbNrCiPx0PMG8QE9771P-Tb8XG1sKcyEq_dWlynKTUiKN3hhw
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
pagead2.googlesyndication.com/bg/ Frame 2273 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 14:44:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
164336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14492
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Jun 2024 14:44:40 GMT
pixel
cm.g.doubleclick.net/ Frame D609
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMcxQumpZZNPJgRviAq_fPo&google_cver=1&google_push=ATf1kGPcoHq7goTd53aDOJlKKZ9FgFOQMUImRqo7PKsPskrcRlkCgjc-y-jCtXQkXfywHi_yl3VWhsX09AJb8BQJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=r2WyuPTqRtmu9836XnSNXw2&google_push=ATf1kGPcoHq7goTd53aDOJlKKZ9FgFOQMUImRqo7PKsPskrcRlkCgjc-y-jCtXQkXfywHi_yl3VWhsX09AJb8BQJ-UkbVndK8mxc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=r2WyuPTqRtmu9836XnSNXw2&google_push=ATf1kGPcoHq7goTd53aDOJlKKZ9FgFOQMUImRqo7PKsPskrcRlkCgjc-y-jCtXQkXfywHi_yl3VWhsX09AJb8BQJ-UkbVndK8mxc
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Jun 2023 12:23:36 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=r2WyuPTqRtmu9836XnSNXw2&google_push=ATf1kGPcoHq7goTd53aDOJlKKZ9FgFOQMUImRqo7PKsPskrcRlkCgjc-y-jCtXQkXfywHi_yl3VWhsX09AJb8BQJ-UkbVndK8mxc
x-host
tde-deliveryengine-production-768c8bf7ff-856ht
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame D609
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN7Q5MrWpm__RwVD-UvmJN0&google_cver=1&google_push=ATf1kGMZjPakts8d0phG_Pm8RgahJCXhIpZGcY2BaiLedvUZ1ac0e30zCi1iCfoTTSaQTw8ggQaPmpV8...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE4MTM0MTkxNjc1OTc0OTY3Ng&google_push=ATf1kGMZjPakts8d0phG_Pm8RgahJCXhIpZGcY2BaiLedvUZ1ac0e30zCi1iCfoTTSaQTw8ggQaPmp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE4MTM0MTkxNjc1OTc0OTY3Ng&google_push=ATf1kGMZjPakts8d0phG_Pm8RgahJCXhIpZGcY2BaiLedvUZ1ac0e30zCi1iCfoTTSaQTw8ggQaPmpV8vTOV69QMDcqNRLa6o8rf
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE4MTM0MTkxNjc1OTc0OTY3Ng&google_push=ATf1kGMZjPakts8d0phG_Pm8RgahJCXhIpZGcY2BaiLedvUZ1ac0e30zCi1iCfoTTSaQTw8ggQaPmpV8vTOV69QMDcqNRLa6o8rf
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame D609
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VdPX6MojQ62L0PIOA9acXA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VdPX6MojQ62L0PIOA9acXA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOEFlr_nENWfHX6wIf84Fe-01QoxUlmWhk2NZ3L2oAc9ZwKa4Od8ltcFKeBU_eymH_SCLyotB4O5P9mp0Mfd9fY8vn_TTwj
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VdPX6MojQ62L0PIOA9acXA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGOEFlr_nENWfHX6wIf84Fe-01QoxUlmWhk2NZ3L2oAc9ZwKa4Od8ltcFKeBU_eymH_SCLyotB4O5P9mp0Mfd9fY8vn_TTwj
date
Mon, 12 Jun 2023 12:23:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D609
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHiAFcL83pSKb_QWxB9P7tw&google_cver=1&google_push=ATf1kGNv1ejoTrgyTi0og8RnirkSOxHrW-YzORYkNazjNYzXRHdFTjsIPoRuo5Ira-mbSB-JlKKqQYO3M_QdTpWks...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNv1ejoTrgyTi0og8RnirkSOxHrW-YzORYkNazjNYzXRHdFTjsIPoRuo5Ira-mbSB-JlKKqQYO3M_QdTpWksFdP-rcaTNJU&google_hm=GzanvGZHTWdq7QrzTCmW8zZd
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNv1ejoTrgyTi0og8RnirkSOxHrW-YzORYkNazjNYzXRHdFTjsIPoRuo5Ira-mbSB-JlKKqQYO3M_QdTpWksFdP-rcaTNJU&google_hm=GzanvGZHTWdq7QrzTCmW8zZd
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Jun 2023 12:23:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNv1ejoTrgyTi0og8RnirkSOxHrW-YzORYkNazjNYzXRHdFTjsIPoRuo5Ira-mbSB-JlKKqQYO3M_QdTpWksFdP-rcaTNJU&google_hm=GzanvGZHTWdq7QrzTCmW8zZd
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame D609
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
  • https://sync.targeting.unrulymedia.com/csync/RX-53b9ccea-a419-44c2-83a3-61e45c1d27d9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGP6h559_WYHSBTk5M1ZN...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP6h559_WYHSBTk5M1ZNRdGhRmTUF1Kw_smOCAZQTsOTzSQcqdRkGmoJOLMpl60-FlRGuvq2dllH6BQ2XCxZJsHrS_TQuQZ&google_hm=A1O5zOqkGUTCg6Nh5FwdJ9k
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP6h559_WYHSBTk5M1ZNRdGhRmTUF1Kw_smOCAZQTsOTzSQcqdRkGmoJOLMpl60-FlRGuvq2dllH6BQ2XCxZJsHrS_TQuQZ&google_hm=A1O5zOqkGUTCg6Nh5FwdJ9k
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP6h559_WYHSBTk5M1ZNRdGhRmTUF1Kw_smOCAZQTsOTzSQcqdRkGmoJOLMpl60-FlRGuvq2dllH6BQ2XCxZJsHrS_TQuQZ&google_hm=A1O5zOqkGUTCg6Nh5FwdJ9k
date
Mon, 12 Jun 2023 12:23:36 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX53b9cceaa41944c283a361e45c1d27d9003
content-type
text/html
report
sync.teads.tv/um/ Frame D609
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEOYy_BZ8r7Ns5eyABtZ7aI&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGNm4LdzrWF4W7X5EtM5zMF9Rm42bI7jwlc9CpP8wc4QzX4mV1RjY6YCVrtln5vR5ZBlLOdkgiVQR2cAzj0A3oI6grU-UPJgNw
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Server
104.102.35.84 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Mon, 12 Jun 2023 12:23:37 GMT
pragma
no-cache
date
Mon, 12 Jun 2023 12:23:37 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D609
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFKIQs24-ThhUKClV-oaO-Y&google_cver=1&google_push=ATf1kGM8OBO2gKGQu...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTk3NjQ0OTQzNzMzNDkzNDE3Mw%3D%3D&google_gid=CAESEFKIQs24-ThhUKClV-oaO-Y&google_cver=1&google_push=ATf1kGM8OBO2gKGQu0W9wNAPLVMNub4L14...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTk3NjQ0OTQzNzMzNDkzNDE3Mw%3D%3D&google_gid=CAESEFKIQs24-ThhUKClV-oaO-Y&google_cver=1&google_push=ATf1kGM8OBO2gKGQu0W9wNAPLVMNub4L14jIZrCgIx0SOAT8PnN3E_WhF63UoyYY0vjm48FARRlVO3CyHsE8UuO2xK8S1MzKnNKCLQ
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Jun 2023 12:23:36 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.131; 185.213.155.131; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
90fabcc5-7c9c-4a35-a0d4-bc7b03fab229
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTk3NjQ0OTQzNzMzNDkzNDE3Mw%3D%3D&google_gid=CAESEFKIQs24-ThhUKClV-oaO-Y&google_cver=1&google_push=ATf1kGM8OBO2gKGQu0W9wNAPLVMNub4L14jIZrCgIx0SOAT8PnN3E_WhF63UoyYY0vjm48FARRlVO3CyHsE8UuO2xK8S1MzKnNKCLQ
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D609 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J5Fevpx5McXpr7MOoa8F2in1mjL0s0HWdkSmLn7PSK_BsDILHeGkXRHvcJvr6pYGK7OnVXOU8
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
pagead2.googlesyndication.com/bg/ Frame F67C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 14:44:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
164336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14492
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Jun 2024 14:44:40 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0FB2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:36 GMT
expires
Mon, 12 Jun 2023 12:23:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:36 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
initial.css
s0.2mdn.net/sadbundle/2667980365141901312/assets/css/ Frame 1267 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2667980365141901312/assets/css/initial.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
beee53adafbc60e3db6e6a5687997644ccbe64ba8f1ea73287debd663e271fb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 18:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152468
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1027
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 11:24:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 18:02:28 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 1267 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 10:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Jun 2023 10:36:21 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame 1267 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 04:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jun 2024 04:17:39 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ Frame 1267 		233 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 22:34:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63865
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 22:34:16 GMT
initial.js
s0.2mdn.net/sadbundle/2667980365141901312/assets/js/ Frame 1267 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2667980365141901312/assets/js/initial.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4d0545960d6ef260bb87b548d42c91da3ba474568edbf04faf158ed880c328d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 04:41:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200509
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2923
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 11:24:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 04:41:47 GMT
logo.jpg
s0.2mdn.net/sadbundle/2667980365141901312/assets/images/ Frame 1267 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2667980365141901312/assets/images/logo.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 06:49:03 GMT
x-content-type-options
nosniff
age
192873
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2754
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 11:24:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 06:49:03 GMT
spinner.gif
s0.2mdn.net/sadbundle/2667980365141901312/assets/images/ Frame 1267 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2667980365141901312/assets/images/spinner.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 05:12:16 GMT
x-content-type-options
nosniff
age
457881
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6841
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 11:24:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Jun 2024 05:12:16 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame FE0A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:36 GMT
expires
Mon, 12 Jun 2023 12:23:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:36 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bg.jpg
s0.2mdn.net/sadbundle/2643589595411275818/ Frame 9A47 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/bg.jpg
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c970c612c80d853bb998750b1cccf9aedbb8bb1108406a525c61b7a0e6b19a46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 16:18:00 GMT
x-content-type-options
nosniff
age
158736
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32240
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 16:18:00 GMT
band.png
s0.2mdn.net/sadbundle/2643589595411275818/ Frame 9A47 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/band.png
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
147154470a9824945cb7ec7b51309b8d52066bc8c27bacafeb2d0a49a65d26e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 17:23:16 GMT
x-content-type-options
nosniff
age
241220
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3410
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 08 Jun 2024 17:23:16 GMT
text2.png
s0.2mdn.net/sadbundle/2643589595411275818/ Frame 9A47 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/text2.png
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7e97639114954ac5d65f5065c56d92d777ed1592dd283b3009959fa5473218cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 15:12:41 GMT
x-content-type-options
nosniff
age
162655
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6323
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 15:12:41 GMT
text3.png
s0.2mdn.net/sadbundle/2643589595411275818/ Frame 9A47 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/text3.png
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
209756ca5d587e33595747af61be5d7a42c1e20a78dc02d9526186c46bbbe0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 23:11:06 GMT
x-content-type-options
nosniff
age
133950
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4639
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 23:11:06 GMT
cta.png
s0.2mdn.net/sadbundle/2643589595411275818/ Frame 9A47 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/cta.png
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d6c6699a632aac7b20247601a044bcb1151bcf638d9b435ef4c29aac1d911b3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 17:23:16 GMT
x-content-type-options
nosniff
age
241220
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2416
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 08 Jun 2024 17:23:16 GMT
logo.png
s0.2mdn.net/sadbundle/2643589595411275818/ Frame 9A47 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/logo.png
Requested by
Host: 0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
URL: https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ca5186c45c8b98fd128a56f0778172c5088be7086f94ab4d9c0fc0657081f29e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 23:52:15 GMT
x-content-type-options
nosniff
age
131481
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2635
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 23:52:15 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C06D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsufcw1Y30XswJR6akl_CHeK3lkghxsTkLUGn_vwiy9TZ_KtB6dgb-BWiW7nsnRtsNCePN0ALXwH9j7bTsa-VcuW2L8iS0f3W1pPZtdPkbItC3xFCn75MHub_wnlHq6vCLdV9CzSJXuobJxrrU1idxtz2c751DKJvwLltXUVLS4yTrEbf3u5nQ3tnGM6Kl73Dse4avnQUgMHCafPQpb7ZDGv7f-x6yOgdk19tX6Fy_sL0Z6wqBGv-pCkexv3emIGgwAD5NjUxFkcO2DdVzu3FFVp390ma2D7B82MTdBNcD0YZDmu_03mq7YwJqy6C4s-cjck26q2hpk-Ptm3miyXi6zoYazq61E2X7cgFyGsQLgU4DLsTXAyOvgFvmp-qA0GuUTEBz0Z6k8c52cBI3BlNI55V4HzLW2jNmrdD-fVRom1O363XMu4Viz1FTrbk57Bb6p8EekAmA0ueJh_Uf9N6BZZeGoG5CfGRNHm8x8NoeJl-OHrBMVITzyj_O6pTrRULqYtsr2v8HZ-ocYWQC8Dq8cRIE-CqeA-jKeN4PzacKsLcy-Oc340ir6reMOhSPQS7G9DRXuXXBMyi75wa_jnSvHwA_pl9YASZbxqYzejHTN7OvACBBXQm5neARO7N33PsbFt18Ec8wt4fz_ywkOHE2hPXLo6b5rLuydYiu7LkJs-hhSzryi3m7L8CLHEA6E8qewMtsysS-LKS6RV7vhKgYXbEFA8aNVZYZ4oPYKHmoMGf1_DIgahyhflEtcb411mn_2Y2rboUGohwRSS66ybajs0c2-2M2n1aR7cafKzt1hJigcl55na_OxMeSHsKYWzx05vz12D6OAWaBiZELtMKwD7gaWhC3kdVbXz6ENmY68eJ5ghK-wUWmHlop3yOkz_dYs23nz0H6_b1QRLrUKmicrufyyluj1JarbZ57YJkzrTlAvUcTvzcAHYrR2krlCUGBSJMgIPKfoyTicrUZEVyYpYuzQnGi7oDSgCVcG0PXdHrwvCMpk0dRTNHVACYqwpXD8u0NF59QZ2rxKb1via6RMpymFz-1J5kAQ1db4mMX9NUdofJQNVQBApKSOl5Miuetc1glo_hTHYI3yCaSgsjDZWYD46HOPE36ncjuq9wVQj6RJxphjHVubMUWxXnEAE3QqCN31qH3YdTZM93L1M6F28NRwsau2de4wVcb_wA5vjgOhXp4m2GBNY3Y0fPwA8O-HWXglpjtaRwicM0uTV90rKOpx1X9rCyNPDG4SjePI7s44C_0qY7hblpcqCYVV2w6bydq8mUJip1DSgVitLKYHndP0qvBb1&sai=AMfl-YQ7mOzpB1VaCX5bilra7Zij3wDSrMOKAInmc6jEMoEC1euyJFNAu1Vk6rUzBjOuCFIpS7EmFHjhAJeyOkMLVwA1O-CuVqPzlLEQOByz4Pq99ycXm28guan7MrdyihE0VzYFLchtOlkB386qydyzCq39JKTmCXo77J6tzIsWIVFE1hmTaJqakJlIJvr2pLAUMnszP6nbJZiXxvgMZ7zKIJ8EA1ofckjLTfRdnEm0BHDFrTSXkOefUZD35sI8zB13bi5D&sig=Cg0ArKJSzOqwXaAoP84tEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=419&vt=11&dtpt=224&dett=3&cstd=192&cisv=r20230607.48544&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 12 Jun 2023 12:23:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF01 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
10237
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 09:33:00 GMT
expires
Tue, 11 Jun 2024 09:33:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DA94 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
e5e79204644bd6710a983fc383ab94f5f27ce7f455af62a91b0ebc99d214affd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GcwfbLyfqziNdkJe52-rug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-GcwfbLyfqziNdkJe52-rug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:37 GMT
expires
Mon, 12 Jun 2023 12:23:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
5ed7638be4b07a92411bbffe
ng.virgul.com/tck/i_vb2/ Frame EC09 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed7638be4b07a92411bbffe?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1686572617063&userId=vnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 12 Jun 2023 12:23:37 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame EC09 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1686572617064&userId=vnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 12 Jun 2023 12:23:37 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame EC09 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1686572617064&userId=vnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 12 Jun 2023 12:23:37 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame EC09 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1686572617064&userId=vnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Mon, 12 Jun 2023 12:23:37 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
view
googleads4.g.doubleclick.net/pcs/ Frame 275D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu4eIEBJVTQAxzpYU-X4XpwV3qk40DhtFfgHLdzWt3BDr3HVpx8x4WcRoz1eCAQp28lTN_REg3cTN4lD-pDbU1L7dUeeDpDqUzPa4pl88MQoXIj03iD9dZvnsdQD9jS4tpO7Z-3rEulqIwzhEz2jY6cijK14cnN6u2DSdqxq9_lGvCQSftbTvMqMS1kE5LNawMd82ZLf5c29IB_kiXjt6r_HVKZdT1yN6VR2AQPOFZL_GhBuW_5Z_blKZYqBNDQYgXrbcCbWHv3Dk_zNTZ6ghcFtbNXEUlGCk2H20BZ6gYA17Q66eVvAXgF_oBABFIuTJKfRsc6EbAg_I5OBOEOIMqfanTFdGtsu7a5lmxyFqFHzZgiPMUQk54rfSl7-6fa_vBDJqohdruQ0VEgv0aHnPdS6WTEA-9u6lxw3poVttRmXemdhgD5dUFO_CuvQRnI_FCBZuOtfQR5Slw8QSmVeyIBOLZrYKJSh3oJ2n8YM37rKBrVg9Jt6OtwAmjNQGD_6rB_1rFp7U0Dfba0KGv1VZBOG2T9m17HVtP92TVVLSMARaNf8L_2NETfjPUbaqmMAJc80Y-QY1hvOjr1IWB1JQkhclVLkzqmKd3xXpHLn5c7Ir8JSlde0oQ-HXdGTCJZLBiuJLKxFNWcY7m9wbYlQbAIb4mMx6ffHLOz_0haWy79YC92BGwfTjnNfb9fidA00AaB24ozQWHMbu17-k229ZD-XwBWbjOsSKmbVsE7ZrMRZHTQ7MYcpCgaGQdpljmWR0__wvnhP4hlpVUMEOeDviIkXKls3urexo3oISbNp8mdRYcN5oxHRwzRw1K9cRbd66KVenEXTsaNYpl932GH_NzL7jX8yzR3Drm4TtUyKMsDX2ID6jCm3-DzDlfc-5Nd7H92iWySACBpqp3SNbUp9WhhebQ0IN4fS4I-K4XkDtWfytAPYIy852GAyvEO31L75yVExaqPNKd0TTXq35tltnTT6RdEi_OsxUvWL-nI0gVl1je9HAl4j8dqnxIA_IZjZLpmQuPp2a0dVV7HXPV_gdzAl7tKaEicmBxTh50Acv7S2Snie1qSW6fQQDL5ohkK8gIQ6WP40WwcAlTBXOQ2W0kMxcUECHLCrMx47mL56k4AG5Cy7VK6xARXev6CpPBsK_khtYJ67SrLayekF-LfmZXwz-99JrO1td-3cW5aeeuN5lj9-ARm1squHk_ExvZd6ZAhSq90PR3vPi5TKP96QS25MO62B5EG8FluNq7iWsjxbELf4pLYdNg&sai=AMfl-YSmhXE3H27IUVIraylCvIdqOhZj1_HYx8thW5_lL0Hu4BJQMy6vNlEIWjvBY3-Dg1yif4uX1G3HqQHNeIdmUkKhFcpG4WJOtqxz41lQqWFjdbKnXInarip-Rj7vahhYBpMoKW2y8Na_z6il-ixdOPU7yDCv-v30x4FPhbnf3DrZcn6ED5jUIuJwdHBTvX76LhXUDYp_VkuyxsovXPzAmlRWcEViNvj08uvIh8DXmDbbKkeyAHoKTL-qPUC1fBZ2qc7D&sig=Cg0ArKJSzAGaayPdFqqVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=488&vt=11&dtpt=286&dett=3&cstd=194&cisv=r20230607.45878&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 12 Jun 2023 12:23:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1267 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe96dfdcd29d3061144b04317526a8d48d320872e00fa5a1d74c71df006513e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5603
x-xss-protection
0
style.css
s0.2mdn.net/sadbundle/2667980365141901312/assets/css/ Frame 1267 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2667980365141901312/assets/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2667980365141901312/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f30abeb3c6379b80b540b8eb96fe5b3a4d83a1603db68cb1dd4c3259c4999914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 04:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113085
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2154
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 11:24:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 10 Jun 2024 04:58:52 GMT
jquery.textfit.min.js
s0.2mdn.net/sadbundle/2667980365141901312/assets/js/ Frame 1267 		1 KB
686 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2667980365141901312/assets/js/jquery.textfit.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2667980365141901312/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e2c5aae989ebecc48aa3e455d9e066b4f90add7ecafef55cef8fce5a5823a735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 04:00:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116571
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
648
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 11:24:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 10 Jun 2024 04:00:46 GMT
nhdynamic.js
s0.2mdn.net/sadbundle/2667980365141901312/assets/js/ Frame 1267 		33 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2667980365141901312/assets/js/nhdynamic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2667980365141901312/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
19d87eafea67aa82b5b990da2019228128e34afea0237c5e9d63c3c9b24781bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 17:21:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
500500
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5500
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 11:24:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 05 Jun 2024 17:21:57 GMT
youtubeApi.js
s0.2mdn.net/sadbundle/2667980365141901312/assets/js/ Frame 1267 		1 KB
482 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2667980365141901312/assets/js/youtubeApi.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2667980365141901312/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 04:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113085
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
445
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 11:24:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 10 Jun 2024 04:58:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame EC09 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306070101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbd5fc966c4a208d6f128f43417ff545e9a7491d12694a713d81264b1d9c3bf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11148
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 2E8F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:36 GMT
server
Kestrel
server-processing-duration-in-ticks
481649
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame DA94 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230607&jk=989115233521573&rc=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2273 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXWVeSA6HZLyAFv-WjuwP1_ybwAsAAAAAOAHgBAI&bg=!AQKlAlbNAAaGYqkwpmI7ADkAdvg8WgD104SQ137j0cjjgkeip3t6_GsX80zsDz3obKp8OHJHDnt9adgUHSZn7XbyAEiE-ETlpOUCAAAA2VIAAAADaAEHmQNOngNCDDn0nMgjz2ubfbfN47SwQKceh7bDfCxZyTwTBAtkeIyGozrytAA3pKvJriMDNnVxopjxdahYK-tq7hk9dCWjmOSNGr3lZtoU_jjXoNAToqA49y26ikt3pGNcQO2Za1_ej-rUUrobZgSWNuC3WNTuGYNM_BkcXG_cmn0KQk65IoVqw0gcMK4IwskAGtq5Usw35FAVNs8Fq-akWasnpUvjvPSJLTkvFoKDqIlCqV8zqtFGVxehfBgdWUbM6b23619OhPtpQ0Jr-cDGi5nwQt8YUJgyGGMFkIeaMaAu3x4woGOEipr2CfXbaGVKye8deMxl3emeRKWJyVywFffZ8k4hjWgc3nB6sicbjh8cWYPacPH7lFpE5dJXZGLYEEStcELIGWGkMS16jrSqO-jgJtbKyYFHEbyWN9JT-JFXj1IL-KYd-bCDJSyJTQJYQJApA2tb_zfiArJR1sSSu_9HgIEOWW1pv7dxPPUlRaLWgk2IXIDUFz7TZnF61USqXDxD8gS_vhYj6aCQIuCepIE0sx2pExvDfMytg6JilmncxCmUFQ3u_zlJb_LPuP9XaHCOL60g-aaPSUPnIxiEFctg8DQEoIh_95AR4D1V__dibJYlFV87c4_2VLyJZsTNbvOlCnilofJpg0zlqXmZjLDx06p8LVVqm_ctdS3UV4gShdCKAbsSuR27WqsXy4HWs28OZ87Bg8BDQ-qVws3pYVu-A3illN_4TGeawShW5N96dTu1NnNNJ9E49caAIeDT94a6hqSQZFzDtLky4q9sBJiGGi-i0q3fM2Xfd8lk6KrKW6RjcnR7q92D1tUQUTIrUw0Yl06pYbHUsiyH67Zp6M4SYbzkbG9A39zV5TfPEYTxMnARWl5QViQ-m0Fk2kxCjmOoU0zsX68tqWJ4MF27I6QGLd1-M450ejFuBbai58mA2i6N9AYESKqCI85jSJG6icJSgUixTAe7jXanoL4T9jXSTnsMmPni9k89p006SDVNCUa76_TF9gB9jOmZkjQjPEMkr0ZrcLAI9lK8pmu9kh91CV6Z-WUjUvtXe9VF642k97rVCeR0bH9kUIyVQ0-YbF29P1J5DppItJtzJGUhup-DvO_DoSn6E7rExB2u3znQ
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1267 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Jun 2023 12:23:37 GMT
TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
pagead2.googlesyndication.com/bg/ Frame CF01 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 14:44:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
164337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14492
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Jun 2024 14:44:40 GMT
iframe_api
www.youtube.com/ Frame 1267 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2667980365141901312/assets/js/youtubeApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
45a58a31401b8ad37166629c0595966c3612fcc795266378c1ebaf1ff6982d01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Mon, 12 Jun 2023 12:23:37 GMT
63009_20230604123348291_background_160x600_1.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 1267 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20230604123348291_background_160x600_1.jpg
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
63b7b0462faafdf2bc8c55adf37d1bd850522fd97e8ce960e0d8e530d95bd8be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 04:00:25 GMT
x-content-type-options
nosniff
age
30192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57228
x-xss-protection
0
last-modified
Sun, 04 Jun 2023 19:33:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Jun 2023 04:00:25 GMT
63009_20230604123352259_background_160x600_2.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 1267 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20230604123352259_background_160x600_2.jpg
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
63b7b0462faafdf2bc8c55adf37d1bd850522fd97e8ce960e0d8e530d95bd8be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 04:00:28 GMT
x-content-type-options
nosniff
age
30189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57228
x-xss-protection
0
last-modified
Sun, 04 Jun 2023 19:33:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Jun 2023 04:00:28 GMT
63009_20230604123356566_background_160x600_3.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 1267 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20230604123356566_background_160x600_3.jpg
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
63b7b0462faafdf2bc8c55adf37d1bd850522fd97e8ce960e0d8e530d95bd8be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 04:00:28 GMT
x-content-type-options
nosniff
age
30189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57228
x-xss-protection
0
last-modified
Sun, 04 Jun 2023 19:33:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Jun 2023 04:00:28 GMT
63009_20230203014752383_background_160x600_4_en.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 1267 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20230203014752383_background_160x600_4_en.jpg
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
931fd885249a4bedf42de51c7b5b3f32af1b4f7f0be99e88eb8f92cc7bf710a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 05:04:02 GMT
x-content-type-options
nosniff
age
26375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33343
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 09:47:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Jun 2023 05:04:02 GMT
GothamNarrow-Medium.woff
s0.2mdn.net/sadbundle/2667980365141901312/assets/fonts/ Frame 1267 		81 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2667980365141901312/assets/fonts/GothamNarrow-Medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2667980365141901312/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/2667980365141901312/assets/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 04:57:34 GMT
x-content-type-options
nosniff
age
113163
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82744
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 11:24:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 10 Jun 2024 04:57:34 GMT
GothamNarrow-Bold.woff
s0.2mdn.net/sadbundle/2667980365141901312/assets/fonts/ Frame 1267 		80 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2667980365141901312/assets/fonts/GothamNarrow-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2667980365141901312/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/2667980365141901312/assets/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 04:00:46 GMT
x-content-type-options
nosniff
age
116571
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81884
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 11:24:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 10 Jun 2024 04:00:46 GMT
flecha.png
s0.2mdn.net/sadbundle/2667980365141901312/assets/images/ Frame 1267 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2667980365141901312/assets/images/flecha.png
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c105e09261837014bfa09a76c87ebcb5dc83606c1ce6f8bae7049b6037c6bed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2667980365141901312/creative.html?e=69&leftOffset=0&topOffset=0&c=v3nrvyJDrz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 09:05:20 GMT
x-content-type-options
nosniff
age
184697
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1061
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 11:24:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 09:05:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F67C 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiaJjSA6HZP7mGuCPjuwPtry4yAUAAAAAOAHgBAI&bg=!VValVgLNAAaGYqkwpmI7ADkAdvg8Wuj-mz8Sgx18MnwR61Rd2v1Cq6YHGLcdjgnbL52yiOgCgTLUOxcggoU2PKDgl6IQ20wZNg4CAAAA4VIAAAACaAEHmQNCREI0aDH7UjXxLu7K6N73jN_oQXFUr9wMPUkdonsJazKy_t61WnqbVKq5Xqopr-sT4gttxLjUffR4ZSEJxn1NB8Q0cEJwjAtVFHJvofA470GDDJvSUr2CHkrjKar1xslnR7ZYWVwlRmGC3QlV0EKjRB4dNYOdIxFAvdPAJP8oH-Cb0kZNiCNOEnfGWiobBLgomyGHeZB-R6bEs0PhenzyUa3NoWj8q4Xkr1fPXN0ZjNlGKnB8TEBurwULX6lRfe18k7YHBB1m1UlFmeXpyzyyHlPWEMHMcPH8CbDRk4HSc3Gyf99UtCq3JOmKZpgCZvtit6ThTsSppaXuQk7qfSxEkM6vJEDX3mbbfKSSJsbE0DSRX2ytn3O6r5gF1QUL1xRgI_e8hXe8JZHmGTGjBX5WXORcLZbq9G1YS7_xkBTuS3g9y1vEfWCHm2x5qdrC2gUIsLIrpJL8rlay0tjlU9blEFajwIvbsXXEPeJejDe50PiG9gu2Kj-pcrMDEdspvRg-_oj97hbkXPD2Et-PypqXDw4qmbUWLIRSUJLcR3OOqLhDe-sfVIdk7oyOv5NGdTtY9BWObmhsRjSJ9qEIAKllP2AXceSW1VHi4FUBfSI9IdXPQ1mMoyLdF4Divv5tg7ss1zSd4I9NpQVYRw75oUEskQ-rZ6NHdD1J4RoW90xSQHbLg16CKJorEPr-vSSjT4GJVWwbeCM0HlChclI5Oc3SBboGof96NlLwOkWHXiSPRUh3wnEmjEVmnIUiipSec3kPIVs8OrwEOTdJx-jOzETQP2ghffPqMM6KMFsQmgZ03o-I0c_JyXQfZb0jylgkl7x9bAh8UyPKsUNK75IxtwoU9Qv93gICcf-1uyinfJRq1vwFxDwdOePBQsFVvQoGgpwY1NThhHtsVACHCsH3HYwmu1CHm9lZI7c0Gi72jNSpfSD8lKD9A397CbwoSRxQIcFdL0M2PpQjor8QwzAgWHcl8p-19IjLvsN9pEgA5Q8X2eNhf4jwXNXSpKNyTGCTcXw1V0LP8HXGLpAbbuCt6aIpah4_ZZrj9lqbIAqhckgqV3LyOFpsSoEoRZzEftpZFy7nt1Crv98LvfkoujIciTgK-MtS
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EC09 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 12 Jun 2023 12:23:37 GMT
sid
mug.criteo.com/ Frame 2E8F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=TToDy3x5WFhJUktDa0xJTzJvMXFnQVIzRDVKbWZCUk4zOFZ0Q2x2Z25TcXpxZ0g4SWN2eTVxVWRzV1Vwd29PbXZ4cGtKYzBoZ0did2RCRjd3MEo2OUZ6TnhONC85SUQvRWkrZUJlMU5hUlgxY0xHUnNNckxyUm1kS0tNcD...
417 B
647 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=TToDy3x5WFhJUktDa0xJTzJvMXFnQVIzRDVKbWZCUk4zOFZ0Q2x2Z25TcXpxZ0g4SWN2eTVxVWRzV1Vwd29PbXZ4cGtKYzBoZ0did2RCRjd3MEo2OUZ6TnhONC85SUQvRWkrZUJlMU5hUlgxY0xHUnNNckxyUm1kS0tNcDZaSnZWMEFkRXlPd2pubFovdER5bXF0bENIZlErYzA2Z1AvaUR0TUF3TmV3RURobW9tRWIyZlhCK2xib2ZhVFg3ajlGQkIrQXZyVDB3bFZjaEg4QUpOOHRXN290ZWJSTUxVNThRcXZWbHZiVkZFdHVkL1podytlVURRUHByQW9qdUIvbUZlQ3NCRWJXSnFlSjNON2FlNlloZlF2QWNLSFN3aHBEajVjeU5DL2t2NXI1RElNQT18&cppv=2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H2
Server
178.250.1.11 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
073ad0e58ba386ced739ff99a2914ff811e066ee48b5e7b8f281aacc7334a04c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1362203
expires
0

Redirect headers

pragma
no-cache
date
Mon, 12 Jun 2023 12:23:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=TToDy3x5WFhJUktDa0xJTzJvMXFnQVIzRDVKbWZCUk4zOFZ0Q2x2Z25TcXpxZ0g4SWN2eTVxVWRzV1Vwd29PbXZ4cGtKYzBoZ0did2RCRjd3MEo2OUZ6TnhONC85SUQvRWkrZUJlMU5hUlgxY0xHUnNNckxyUm1kS0tNcDZaSnZWMEFkRXlPd2pubFovdER5bXF0bENIZlErYzA2Z1AvaUR0TUF3TmV3RURobW9tRWIyZlhCK2xib2ZhVFg3ajlGQkIrQXZyVDB3bFZjaEg4QUpOOHRXN290ZWJSTUxVNThRcXZWbHZiVkZFdHVkL1podytlVURRUHByQW9qdUIvbUZlQ3NCRWJXSnFlSjNON2FlNlloZlF2QWNLSFN3aHBEajVjeU5DL2t2NXI1RElNQT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
275204
content-length
0
expires
0
tracking-event
api.webgains.io/ Frame 19B2 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.219.7 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Jun 2023 12:23:37 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.219.7 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Mon, 12 Jun 2023 12:23:37 GMT
server
nginx
www-widgetapi.js
www.youtube.com/s/player/8c7583ff/www-widgetapi.vflset/ Frame 1267 		197 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8c7583ff/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c73c62a197d10f93d2d8663b63d56760220a60c7a1d1fe38f847742e2da06b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:08:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
925
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62449
x-xss-protection
0
last-modified
Wed, 07 Jun 2023 02:05:35 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 11 Jun 2024 12:08:12 GMT
TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
pagead2.googlesyndication.com/bg/ Frame B3EA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 14:44:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
164337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14492
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Jun 2024 14:44:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E2D5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
10237
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 09:33:00 GMT
expires
Tue, 11 Jun 2024 09:33:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FCF8 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
98a24269aa1c277a6c908cbe4c07e25fbca14a139088524072cdb8da26439ef3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BADfi0LXFcOk-JW7f8neXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-BADfi0LXFcOk-JW7f8neXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jun 2023 12:23:37 GMT
expires
Mon, 12 Jun 2023 12:23:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame CF01 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?HPmiHQ
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:23:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame FCF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306070101&jk=548481982940284&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers
TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
pagead2.googlesyndication.com/bg/ Frame E2D5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 14:44:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
164337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14492
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 09 Jun 2024 14:44:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C667 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6E9E 		0
0
5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame EC09 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=1500&ts=1686572614165&src=pbjs
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZ2pPbT7HpeQdne8LPB5yqUgszKK0SMnWM9cZTj3u470acBSy1OH6EGE-ouB8qzQXjNscAauPfyZqdLyjRNMWjKCbnAJ4R7whLuqGfiNw437elCVm_MMDNgq06NDNBw0kz7qG7Nd1fBIBH&sai=AMfl-YSK4YQMW2EosvlC-9GRTruplM-4pM1mI-MhVvkwo-JLWmu1j75uHUm7-qlhPUrlQMWCvv11dFpdmTOGufrbdM2P3fpu74cSIUXmVkO64i78wy3E5oSbEbZbrxs&sig=Cg0ArKJSzBttx7qV4rstEAE&cid=CAQSOwBygQiD1klOwppQCmt6SVPznm3B1YPtB0OSxzpbqv01Ery5THQvC8W2IlIo3oF-PRet_Qe7ja7Q_xC1GAE&id=lidar2&mcvt=1000&p=1,1,213.953125,301&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230607&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=9&adk=3050045420&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686572616191&rpt=377&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0andYF7mUP8O_bTqXqy-XieOgNwv4qKLugnt_doSetsuI0BaUaiP_vRKjeRIEixO9-SsOVyVF-qr2Uw0jVEMz-YdRQh0EcdMefcsAs6liQ3ZhfoK_Rw9q2XfqdikqQXygtB_QL_O2mfOK&sai=AMfl-YQmh41KicuX65IFXGOdnQrskSZgMDbguUcKe87OlgrOx_KWw8D3Q9sp92tv8kjXV_CcqH2-w3z1RPROXCBnV7AdKdpoii9_iZI4ifuFNntS5jCDcSMNUcSMeDk&sig=Cg0ArKJSzKzi01CcXm7sEAE&cid=CAQSOwBygQiDW0dLfD-T8x1O_ZpzJWaxazQBWSFtG0k0Onq3OwL29JuR4mntYkk870Zw6UhfCD14SG3Nsp-LGAE&id=ampim&o=0,229&d=160,228&ss=1600,1200&bs=160,228&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=413&tls=1414&g=100&h=100&tt=1414&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Domain
ng2.virgul.com
URL
https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1686572613750&userId=vnet48545b5c-8932-4b08-9bc2-e71e7fbad8fa

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| cloakan string| data object| xmlHttp number| data2 string| hash object| ifrm

4 Cookies

Domain/Path Name / Value
.rubiconproject.com/ Name: khaos
Value: LISTSDWI-1B-B9QA
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrHDfiyjvTbBj5APvdogVCbaTd6KyMQnau+SmvwaNDOng6uRekv6PkCDqDbQAwtYdFN+011ZXQEx2pNjxJ85LHdsqlSNZOaaDQ=
.doubleclick.net/ Name: IDE
Value: AHWqTUnrjl6fOfqR60-4lLQpgg4kIP2x33uZHahMppZtzSk4reb7cKIsNtz6uHUG11w
.mathtag.com/ Name: uuid
Value: 52496487-0e47-4301-9c33-dda8d0188b52

3 Console Messages

Source Level URL
Text
network error URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript error URL: https://ye-mek.net/(Line 39)
Message:
Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x69807j0b5.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686572613988&bpp=3&bdt=939&idt=278&shv=r20230607&mjsv=m202306070101&ptt=9&saldr=aa&nras=1&correlator=6496900150640&frm=24&ife=1&pv=2&ga_vid=285724483.1686572614&ga_sid=1686572614&ga_hid=677360343&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759927%2C44759876%2C44792109%2C31075205%2C44788442&oid=2&pvsid=548481982940284&tmod=1057530013&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.aj9escs46kz6&fsb=1&dtd=290
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0dbb1d1be48b38d30d185affddcbe8fe.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
aax.amazon-adsystem.com
ad.turn.com
ads.travelaudience.com
adservice.google.com
adv.office-partner.de
adx.adform.net
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cdn.ampproject.org
cdn.track.production.webgains.team
cdn.ye-mek.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cpm.programattik.com
d.adtriba.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
fastlane.rubiconproject.com
feed.pghub.io
fonts.googleapis.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90009.redintelligence.net
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
img.tradedoubler.com
impfr.tradedoubler.com
match.360yield.com
match.adsrvr.org
medialead.de
mp.4dex.io
mug.criteo.com
ng.virgul.com
ng2.virgul.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pghub.io
pixel.mathtag.com
pixel.rubiconproject.com
pm.w55c.net
prebid-server.rubiconproject.com
pv.medialead.de
r.turn.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.criteo.net
static.virgul.com
sync.1rx.io
sync.inmobi.com
sync.targeting.unrulymedia.com
sync.teads.tv
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.cloakan.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
ye-mek.net
hb.emxdgt.com
ng2.virgul.com
pagead2.googlesyndication.com
104.102.35.84
108.138.1.25
13.224.189.92
138.201.63.149
142.250.184.194
142.250.186.34
145.239.193.130
151.139.128.10
162.19.138.120
178.250.1.11
178.250.1.9
18.130.16.201
18.159.217.158
18.66.147.120
185.29.134.249
185.64.189.112
185.7.176.222
185.7.176.223
185.80.39.216
185.86.138.154
185.89.211.132
193.0.160.131
198.47.127.19
2.19.224.115
20.127.253.7
20.60.220.36
2001:678:cb4:bbbb::11
213.19.147.45
216.52.2.39
23.52.122.195
2600:9000:2057:8400:1b:5138:8a40:93a1
2602:803:c003:200::41
2606:4700:20::681a:9a9
2606:4700::6812:19ad
2606:4700::6812:272
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:801::2002
2a00:1450:4001:806::2008
2a00:1450:4001:809::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2006
2a00:1450:4001:827::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:d::d
2a02:6ea0:c700::19
2a02:fa8:8806:20::2040
2a03:2880:f084:d:face:b00c:0:3
2a0b:4d07:101::1
3.126.58.194
3.33.220.150
3.66.39.176
3.71.149.231
3.8.219.7
34.102.243.38
34.98.64.218
35.157.43.161
35.186.193.173
35.186.231.97
35.190.0.66
35.204.74.118
35.227.252.103
35.241.45.217
37.157.5.84
51.89.9.251
52.213.96.27
52.222.253.136
69.173.144.165
77.245.159.14
78.46.90.238
85.111.6.48
94.138.206.83
94.23.99.218
95.101.149.35
99.86.4.94
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03d91a18af2802b4c2c704cc475fe8ce31317891272cdeacede806c86edb2322
0403acf352d97f4125629cb0d42e156490c93962f561f94d7f3c2f4816c8f415
04dbb805cb77441ca3d2251f895f604f1487cd539eeb35e58f9d01fe1b8f1379
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
073ad0e58ba386ced739ff99a2914ff811e066ee48b5e7b8f281aacc7334a04c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
089371c2d0c637c172d5af2ba670a229c49df18790fa29a8c9a3d4af7796f2c7
09d46eb1397a55833670832dcac4edf7f7e1d2b170b3eb7c11557cadcfe0a784
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8812f5547b313d30ae9c9b712b8fc50eafb19ab00a1658b484a35de8f78fba
0e211e56d9d3cf2a0c97d380a2213a8953c6695f805572cf28cb73820865048a
0e94a20d204c5b7a88cabbb14a268a7032581384fce94211e9213db730dc8551
0ffc2b5053becd181a15bf01a1cb3b959ca9e406a6557db62579dacd96defb5a
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
1223d352430065cc6ee6ecfe6c3ed6e1e4b2f5714817dcf8967ffca08f192c1a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147154470a9824945cb7ec7b51309b8d52066bc8c27bacafeb2d0a49a65d26e7
14bdb1813769bdeaa9977b91d6c2446e569e41f3e3ef864cc748fb133f43e549
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19d87eafea67aa82b5b990da2019228128e34afea0237c5e9d63c3c9b24781bb
19eb8aa79e13101d907ddd5ef9d291cbc5d166d22b4c4961359e00f452f1621a
1c67a7d5bd4eeea4dac61fdb402693f5ecce11630369d396bd6ec60516bda492
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
209756ca5d587e33595747af61be5d7a42c1e20a78dc02d9526186c46bbbe0c5
209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28
2214a9c42ac416d027c9814595f62b198356d64ee8eebd6cef1ab5ba1def247d
234b6c7d490b86839fbe2fe4fdd30a24c6ba6a58cb757148fe889b03aabf79b4
24762ab428a6fcf11ff285c267ba773b0a63638dcee78a5cc3ea8406f092ad58
25a120a3830417d169351a3985042dc4bcf6e490fbbe75794190d73794836ebe
25b451f3cad26104f57800c79546bf5a40295d0cecf5623e623f4479b94d0ddd
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
27b521443caa2567c561c9a2bd377929f40cf7fb68113ccbc4b42669c6841e79
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
2a28a80a026ccdd5ee4d2054a9f5fe71d0a84e1de06353b55538f53a5a1e72e1
2a310ddfcf1e42d46b52386190c180a326b58ab663fbe05a1c9e9ba7849df6a5
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2d3ebc5963c3ba449fc6f11b2d5ac883abaf7dbc046ac7c1b267518e0ca5fa27
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3243bcbeef62e146f23e134145103eabf746360684d732d26a55954f6d3f6156
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
35b21209877b5b74adcb3a1bd21f8fd45a5ee0ea13d754f7d69bad34147800bf
36b02c2d09a7d444675aff75bd0a98a875450f76e44dfe11bfeafde1b0c1aabf
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
37696e118071c7484a8001f32a4e80edaab20322d5c8ae8e2b1f48a1c45baad9
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3a0fad2a356f8d50d02af3a5886e30e159cfa1474984f6fa5ae08d4639e9897f
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
3f5baf734dcce745e20e25520282ce3bac49c617d40afd57d1e793f3d3d900e4
4317cf568ce364f433b3d3654bd15634c4e32ab44c4691b3ae41bbde15ae2b7d
44d8ce2ad3c417e438b4d477b4ce7790e5844d351a4466c68c189364cc00a274
4532ed97c8ec16da3c9275a5345ba6406647074a9c078e609aa9f56c1a40f76b
45a58a31401b8ad37166629c0595966c3612fcc795266378c1ebaf1ff6982d01
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
489f45ce2ab8539db8d510b0b5b7f646d9f0b6d41a396d9afbe487ffdaab19f8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bff962fb085bc7a7d81b7a59a2dceb2a6dd7f44a6d25af7040fd62f86393a05
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
4d0545960d6ef260bb87b548d42c91da3ba474568edbf04faf158ed880c328d2
4dabf9aaccb56f50059e983ef701b4c4f0199fe9ebcc57b2c0c74b5960c87711
4daf38a37358da6ba33e9260e8381f7d678a26351b7a368bcff17b79f3c38ac5
4dc180e4363e40ec91aa2a80cac20cb838eee194c5e2e4e1d88240f4eb27a9bb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8ff724da4925363fd2393c43cf7ff37a16d9bb274e4627f9395461d36cc24e
4f6df8dd90da2d79013654f7f9747ae2d69395d83441d621391d551e2294b1e6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d3681e6849a5716734c9632a1a2a017e020073e71f4b5ccc79cc23a54560e6
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5435d7a091349fc59fabf3f2e317ed55c528fce9f3d77b8e85e0ed919ae520cf
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55dfebf1901d6c454f03c2c7a76eb7caeaa42f1be2ad4f8d607d844aa90da0b6
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b
59641e17cbf2747c31456e5ac08ddd332816ebb6b9fc9273ed4989ef979ca5cc
59d4ff9751856d8f0a664ef16dd65ddaff0364004d1ac86b56ed3f74606933d8
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
5c43ed02f9d0a2a773e7f13c481df34f9de77c425c368f5cb3398d7e67152e68
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b7b0462faafdf2bc8c55adf37d1bd850522fd97e8ce960e0d8e530d95bd8be
63d492638d445ece5c5162c245202c7a7a8db0fcc12c438e020c5128bd2164cf
63e74470c65e1b2e02dbff00d73259bfb6ae5ef874121a2c4e4ddfd4fc16e920
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
681ab93dd0600e24018acefe10a3a2c960a04646fc477eb45f13088f9a8a65d8
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a
6c3294ef598667c6169398d34721280ddbc9dffcba5bc3ac190357374f841347
6ce801c9b5a18d6e9a2b6914f7fcbb927cacf7199e21c2318ac42e594102e2a1
6d4b039e13080924553d42c56051ec773abb13dd903a5ea542eb3d23702a821a
7205777014978e168136f841b00836b5a9fa6c9dcc0674336483adfa571da005
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75f2b3e1739c7ed8ee367a6990d7f5abdb0fd1040724273ee5a5f87489a41228
794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb
7a297205e39569af001a36b1936b8347626da35716a3d845e0d5f359a322e712
7e97639114954ac5d65f5065c56d92d777ed1592dd283b3009959fa5473218cf
7f110b2b70f2c639be70232be838b5bb1230022484a318236a8fac983940a6fd
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
82e72e90d076eb6c68c64839f15f87442e097158efb6afcde6c1773020045c14
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
884c477e72b86ab8a87ed1523228d9acbf1a894c37b8dc305d62dbc2f9e050d2
89413dda23a1651bfe71b1bc7cc3f7ede648a093d8a8770f5477004b34d3812a
8b94c4b099000cda49ad143f948373d5485f91decba08a0bd3eb455c9d0ab6b4
8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8
8cb597de905c1c182df5bca289de9ce34f87d064d97860c3378a7d8fae736ab1
8d50d1efee86986a622695a7c9c37c36739ddff1a00ff2dbca15381505c5351b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
931fd885249a4bedf42de51c7b5b3f32af1b4f7f0be99e88eb8f92cc7bf710a3
934b933e2a34376018b12f0b01823e860c6652cb37af7eec8fd0db8f81780895
934e4c5bf691cb219893679833277e4f7e475523532e0d123afe9b154507e76b
942de6560858b96de85e3bc16524236a37df964cbc33b73a962db73165e22b15
96da7cbd165c265c74e140817dda609aab677ad3738efac98ce863665dc3512b
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97831ff1642b67d43154d0b76a95e26b0fd8ec1533c4ba30c37ea1c0bdfb30e5
98a24269aa1c277a6c908cbe4c07e25fbca14a139088524072cdb8da26439ef3
9971c0a9e4d487abeaf7f2396426a237081c2271bc17cdcd6883495ff43b3fc1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa15f3d270011a0d81029fc96091ebec29d9cd93a32ffb12eda6e0db7649665
9bd27faa78313193eed6415c1364d42285bdfb16d79e5531190e2a04a7f49bc4
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9edb23e141fe20aa066d445f9933b24561e461ab1f90a02d40dd2027023a94cc
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a89f7bfa14110d591435cd4944c46084d2eacf435adf24032626b6caebe8738f
aadb1ed053ff8a74db916c5bf4f457fd01b0317e376983f04c495b94762cf43f
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17f4c082b272213f4da075af5c73893db6c70f060c8441ff6e70f7251324ff9
b3865ecb84a848fe88ecf52734a7559ce55046d94447bfa38c0981f5abc3cd4f
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b63a58867ee310ab9e72e6afd83cd36a2c8cd0684e9b6d772d6eb122ae8d71b9
b6b10b7e4274b3875e32f26178b872c9057dcf2b7c7483486af6713811fe024b
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
bbd5fc966c4a208d6f128f43417ff545e9a7491d12694a713d81264b1d9c3bf3
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c
beee53adafbc60e3db6e6a5687997644ccbe64ba8f1ea73287debd663e271fb7
c105e09261837014bfa09a76c87ebcb5dc83606c1ce6f8bae7049b6037c6bed8
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c459e20e082f313e35413dd607b8c88b7f12fdda1142c5e201e4f9355c34eabe
c682503cceca1b904b22355c3303d0065985fd83992209d6d65f1ca4546033b9
c70ce6352a0a75958cdfd82ff1f0d43feff9169fd0931586ca36197b5665b098
c73c62a197d10f93d2d8663b63d56760220a60c7a1d1fe38f847742e2da06b1a
c84654ba81c9df7ab553e3fbfb56add887abf48b9d75c83ce5ac1fb35eded572
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c970c612c80d853bb998750b1cccf9aedbb8bb1108406a525c61b7a0e6b19a46
c9f0d58bfa4a06dfe46ca39b3f3aaeafea15acd2b32ecff16df4795806d82da1
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
ca5186c45c8b98fd128a56f0778172c5088be7086f94ab4d9c0fc0657081f29e
cce5330a862d7f0bcfe1cbabaa3d2253694aa6222dfc2a9928448f3498266af1
cceab971a6189a6e8b63f0e18dc3217355f15f6585392d7954ac5b7dbb0cf111
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d01397e6937781e826ccb86a43f1b1ca02e2b31cfbf6072d73690b979bf91ba7
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
d389d4e827b1df5e191df76750ebe767b7d290eaafc03264964e576b11b43cb6
d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f
d6c6699a632aac7b20247601a044bcb1151bcf638d9b435ef4c29aac1d911b3f
d6f5aedf67284aeeaaaa0c532e71c40757fa449038d89d63c5e90a1ded226643
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
de828c1de3b057a2132f7e790523411695d4c0189b0eaeb5f0f4f3d92462a540
df5a79057ca1b922f0ae35af7965fbd0c0612b2f677cd66b26a2ca182da7d446
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e13e3754fe0004ef5cd1c4f831f6f89549527c0071c1e36fb301497015621b78
e248fc933bd5b08289fa46b3e2629d9d6199a3e711b0d8e109aaf9f57541796d
e2c5aae989ebecc48aa3e455d9e066b4f90add7ecafef55cef8fce5a5823a735
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e79204644bd6710a983fc383ab94f5f27ce7f455af62a91b0ebc99d214affd
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e83a6e6d3b514c443964ced040878fe12d03f326240804355adc29084ed7ca8c
e87633da23e2110ad5160a9cde1864af113cf344496a489fecffd107fcc319ca
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e95ae6bc878c84c98ce8435e7546c02b847773de6053b098709bd28fce89dc0c
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec5725d4053198fbf31e6d9122e875de3dc5434a7f80748fb848704caf82b322
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
edc1f19399fce960a7f0129930f6ba12ba28fe82c24600a8d58875b61a405ce2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa58e6c55e790f1c83deaa0e2b30bb1a075acc2ed6ec0f50f928c0d42dbc472
f0e2f6c277ff5d8359dec23dff73f2e1ea64f512f3cf966ba7432e76e90846fb
f1ef7a65c2d948bd893d34b0fe416ab3dbe7f282e0110cb458dc1a3fd64ca0bb
f30abeb3c6379b80b540b8eb96fe5b3a4d83a1603db68cb1dd4c3259c4999914
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f66701275896763806723b24a98618b5ae17e48da67fea9132b98f31aaab60ae
f7e23615e93523d47ef48c044bcb86f5aa8ea4784b276332704958e3c0055f9c
fd43e77a53a6f23550f59802f51a31a5886a2ecc9716e5a9ceaf0078da7dc2e6
fe96dfdcd29d3061144b04317526a8d48d320872e00fa5a1d74c71df006513e7