pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Submission: On June 01 via api (June 1st 2023, 11:43:42 pm UTC) from TR — Scanned from DE

Summary HTTP 351 Redirects Behaviour Indicators

Summary

This website contacted 81 IPs in 7 countries across 68 domains to perform 351 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
3	94.138.206.83 94.138.206.83	49126 (AS49126) (AS49126)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
40	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	23.206.208.114 23.206.208.114	16625 (AKAMAI-AS) (AKAMAI-AS)
19	185.7.176.223 185.7.176.223	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 5	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	85.111.6.48 85.111.6.48	9121 (TTNET) (TTNET)
5	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.125.195.44 3.125.195.44	16509 (AMAZON-02) (AMAZON-02)
6	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
2	185.7.176.221 185.7.176.221	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:76b9::	() ()
24	2606:4700:20:... 2606:4700:20::ac43:4a81	() ()
1	178.250.1.11 178.250.1.11	() ()
1	13.32.121.66 13.32.121.66	() ()
1	76.223.26.175 76.223.26.175	() ()
1	108.138.15.119 108.138.15.119	() ()
2	2602:803:c003... 2602:803:c003:200::57	() ()
7 25	142.250.181.226 142.250.181.226	() ()
2 4	185.80.39.216 185.80.39.216	() ()
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	() ()
2 2	37.157.5.133 37.157.5.133	() ()
2	35.227.252.103 35.227.252.103	() ()
1 1	51.89.9.251 51.89.9.251	() ()
4 4	76.223.111.18 76.223.111.18	() ()
1 1	20.127.253.7 20.127.253.7	() ()
1	162.19.138.117 162.19.138.117	() ()
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	() ()
1 1	185.29.134.244 185.29.134.244	() ()
2	3.33.220.150 3.33.220.150	() ()
1 1	85.114.159.93 85.114.159.93	() ()
3 3	213.19.147.44 213.19.147.44	() ()
3 3	3.77.69.115 3.77.69.115	() ()
3	37.157.5.71 37.157.5.71	() ()
1	23.45.237.121 23.45.237.121	() ()
1	37.157.4.24 37.157.4.24	() ()
4	23.56.202.187 23.56.202.187	() ()
15	2a00:1450:400... 2a00:1450:4001:828::2006	() ()
2	2606:4700:20:... 2606:4700:20::681a:71b	() ()
6	216.58.212.162 216.58.212.162	() ()
1 2	2606:4700::68... 2606:4700::6812:19ad	() ()
1	98.98.134.241 98.98.134.241	() ()
2 2	213.155.156.167 213.155.156.167	() ()
2 2	198.47.127.19 198.47.127.19	() ()
1 1	37.252.171.21 37.252.171.21	() ()
4 5	142.250.186.70 142.250.186.70	() ()
4	2606:4700:20:... 2606:4700:20::681a:bd1	() ()
7 9	69.173.144.138 69.173.144.138	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
2 3	67.220.224.144 67.220.224.144	() ()
2 3	52.46.155.104 52.46.155.104	() ()
1 1	2a05:d018:d29... 2a05:d018:d29:3602:6ae3:6657:23ce:d6ec	() ()
1 3	23.56.205.163 23.56.205.163	() ()
1	2606:4700::68... 2606:4700::6812:7e05	() ()
4 4	84.200.5.215 84.200.5.215	() ()
2	167.233.13.224 167.233.13.224	() ()
1	18.135.173.74 18.135.173.74	() ()
4	2606:4700::68... 2606:4700::6810:5068	() ()
1	18.66.147.52 18.66.147.52	() ()
1	99.86.4.52 99.86.4.52	() ()
6	52.222.214.123 52.222.214.123	() ()
1	13.69.68.15 13.69.68.15	() ()
351	81

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)

ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.208.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns2.ttidc.com.tr

cpm.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.195.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-195-44.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (None, )

ASN- ()

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::ac43:4a81 (None, )

ASN- ()

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.66 (None, )

ASN- ()

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.26.175 (None, )

ASN- ()

de1-bid.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (None, )

ASN- ()

ad.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::57 (None, )

ASN- ()

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.181.226 (None, ) 7 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (None, ) 2 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (None, )

ASN- ()

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.133 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (None, )

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (None, ) 1 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.18 (None, ) 4 redirects

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (None, ) 1 redirects

ASN- ()

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (None, ) 3 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.77.69.115 (None, ) 3 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.71 (None, )

ASN- ()

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.237.121 (None, )

ASN- ()

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.24 (None, )

ASN- ()

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.56.202.187 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:71b (None, )

ASN- ()

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.162 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (None, )

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (None, ) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.21 (None, ) 1 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.70 (None, ) 4 redirects

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:bd1 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.138 (None, ) 7 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.224.144 (None, ) 2 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.155.104 (None, ) 2 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:6ae3:6657:23ce:d6ec (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.56.205.163 (None, ) 1 redirects

ASN- ()

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e05 (None, )

ASN- ()

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (None, ) 4 redirects

ASN- ()

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.233.13.224 (None, )

ASN- ()

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.135.173.74 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5068 (None, )

ASN- ()

cdn.bannerflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comeon-comeon.bannerflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.52 (None, )

ASN- ()

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.52 (None, )

ASN- ()

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.222.214.123 (None, )

ASN- ()

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.69.68.15 (None, )

ASN- ()

5565bd4af50b9835bcfbc864.tracker.bannerflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	486 KB
61	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221 googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 cm.g.doubleclick.net googleads4.g.doubleclick.net ad.doubleclick.net	343 KB
43	ye-mek.net ye-mek.net — Cisco Umbrella Rank: 437805 cdn.ye-mek.net	632 KB
28	ad4m.at as.ad4m.at ad4m.at assets.ad4m.at	1 MB
22	rubiconproject.com 7 redirects prebid-server.rubiconproject.com — Cisco Umbrella Rank: 975 fastlane.rubiconproject.com — Cisco Umbrella Rank: 523 beacon-ams3.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	41 KB
19	virgul.com static.virgul.com — Cisco Umbrella Rank: 56516 ng.virgul.com — Cisco Umbrella Rank: 49823 ng2.virgul.com — Cisco Umbrella Rank: 54223	231 KB
15	2mdn.net s0.2mdn.net	414 KB
11	adform.net 2 redirects adx.adform.net — Cisco Umbrella Rank: 4102 c1.adform.net track.adform.net s1.adform.net cm.adform.net	68 KB
10	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 348 aax.amazon-adsystem.com — Cisco Umbrella Rank: 440 aax-eu.amazon-adsystem.com s.amazon-adsystem.com	64 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	398 KB
6	trustarc.com choices.trustarc.com	19 KB
6	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 239 secure.adnxs.com	6 KB
5	bannerflow.com cdn.bannerflow.com comeon-comeon.bannerflow.com 5565bd4af50b9835bcfbc864.tracker.bannerflow.com	45 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 366	110 KB
4	3lift.com 4 redirects eb2.3lift.com	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	3 KB
4	adsrvr.org de1-bid.adsrvr.org ad.adsrvr.org match.adsrvr.org	225 KB
4	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	7 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 748 gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com	8 KB
4	programattik.com cpm.programattik.com — Cisco Umbrella Rank: 52678	569 B
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 3	2 KB
4	windows.net pcloak.blob.core.windows.net	3 KB
3	awin1.com 1 redirects www.awin1.com	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 367	78 KB
3	pubmatic.com 2 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 541 image6.pubmatic.com	7 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1494 mp.4dex.io — Cisco Umbrella Rank: 2461	25 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 398 fonts.googleapis.com — Cisco Umbrella Rank: 66 imasdk.googleapis.com — Cisco Umbrella Rank: 486	154 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net	734 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de	514 B
2	de17a.com 2 redirects d5p.de17a.com	651 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	1rx.io 2 redirects sync.1rx.io	2 KB
2	openx.net rtb.openx.net	348 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 569	59 KB
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 93434	131 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8155	698 B
2	pghub.io pghub.io — Cisco Umbrella Rank: 1962 feed.pghub.io — Cisco Umbrella Rank: 8248	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	89 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 12805	6 KB
2	cloakan.co www.cloakan.co	1 KB
1	webgains.team cdn.track.production.webgains.team	15 KB
1	webgains.io analytics.webgains.io	31 KB
1	webgains.com track.webgains.com	2 KB
1	blau.de partner.blau.de	1 KB
1	o2online.de partner.o2online.de	1 KB
1	conrad.de www.conrad.de	471 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	617 B
1	linkedin.com px.ads.linkedin.com	649 B
1	sitescout.com pixel-sync.sitescout.com	187 B
1	yieldlab.net ad.yieldlab.net	400 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	572 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	582 B
1	mathtag.com 1 redirects sync.mathtag.com	871 B
1	quantserve.com cms.quantserve.com	465 B
1	id5-sync.com id5-sync.com	1 KB
1	inmobi.com 1 redirects sync.inmobi.com	710 B
1	onetag-sys.com 1 redirects onetag-sys.com	336 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	truste.com choices.truste.com	10 KB
1	gstatic.com fonts.gstatic.com	34 KB
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1450	379 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 718	495 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2020
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	47 KB
0	demdex.net Failed unilever.demdex.net Failed
0	emxdgt.com Failed hb.emxdgt.com Failed cs.emxdgt.com Failed
351	68

	Domain	Requested by
40	cdn.ye-mek.net	ye-mek.net cdn.ye-mek.net
39	pagead2.googlesyndication.com	static.virgul.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com pcloak.blob.core.windows.net googleads.g.doubleclick.net ad.doubleclick.net s0.2mdn.net www.googletagservices.com
25	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
20	tpc.googlesyndication.com	ye-mek.net securepubads.g.doubleclick.net tpc.googlesyndication.com ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com pcloak.blob.core.windows.net googleads.g.doubleclick.net s0.2mdn.net
18	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net ye-mek.net pcloak.blob.core.windows.net www.googletagservices.com
15	s0.2mdn.net	pcloak.blob.core.windows.net ye-mek.net s0.2mdn.net
12	assets.ad4m.at	as.ad4m.at
9	www.googletagservices.com	securepubads.g.doubleclick.net ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com s1.adform.net www.googletagservices.com s0.2mdn.net
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com as.ad4m.at ad4m.at
8	ng.virgul.com	static.virgul.com ye-mek.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com ye-mek.net ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com pcloak.blob.core.windows.net
7	static.virgul.com	ye-mek.net static.virgul.com pcloak.blob.core.windows.net
6	choices.trustarc.com	choices.truste.com choices.trustarc.com
6	googleads4.g.doubleclick.net	googleads.g.doubleclick.net pcloak.blob.core.windows.net
6	fastlane.rubiconproject.com	static.virgul.com
5	pixel.rubiconproject.com	3 redirects
5	ad.doubleclick.net	4 redirects www.googletagservices.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	ib.adnxs.com	2 redirects static.virgul.com googleads.g.doubleclick.net
4	token.rubiconproject.com	4 redirects
4	eus.rubiconproject.com	ye-mek.net eus.rubiconproject.com
4	eb2.3lift.com	4 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	ng2.virgul.com
4	cpm.programattik.com	static.virgul.com
4	ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	comeon-comeon.bannerflow.com	cdn.bannerflow.com comeon-comeon.bannerflow.com
3	www.awin1.com	1 redirects as.ad4m.at
3	s.amazon-adsystem.com	2 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	s1.adform.net	static.virgul.com track.adform.net s1.adform.net
3	track.adform.net	static.virgul.com s1.adform.net
3	x.bidswitch.net	3 redirects
3	cdn.jsdelivr.net	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
3	ye-mek.net	www.cloakan.co ye-mek.net
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	image6.pubmatic.com	2 redirects
2	d5p.de17a.com	2 redirects
2	static-de.ad4mat.net	as.ad4m.at
2	sync.1rx.io	2 redirects
2	match.adsrvr.org	ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
2	rtb.openx.net	ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
2	c1.adform.net	2 redirects
2	beacon-ams3.rubiconproject.com	ye-mek.net pcloak.blob.core.windows.net
2	prod-rtb.ad4mat.net	pcloak.blob.core.windows.net
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	static.virgul.com static.criteo.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
2	adx.adform.net	static.virgul.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	script.4dex.io	static.virgul.com script.4dex.io
2	connect.facebook.net	ye-mek.net connect.facebook.net
2	images.dmca.com	ye-mek.net
2	www.cloakan.co	pcloak.blob.core.windows.net
1	5565bd4af50b9835bcfbc864.tracker.bannerflow.com	comeon-comeon.bannerflow.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	cdn.bannerflow.com	s0.2mdn.net
1	track.webgains.com	as.ad4m.at
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	secure.adnxs.com	1 redirects
1	pixel-sync.sitescout.com	ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
1	s.tribalfusion.com	ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	cm.adform.net	googleads.g.doubleclick.net
1	ad.yieldlab.net	googleads.g.doubleclick.net
1	sync.targeting.unrulymedia.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	sync.mathtag.com	1 redirects
1	cms.quantserve.com	ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
1	id5-sync.com	ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
1	sync.inmobi.com	1 redirects
1	onetag-sys.com	1 redirects
1	dclk-match.dotomi.com	ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
1	ad.adsrvr.org	pcloak.blob.core.windows.net
1	de1-bid.adsrvr.org	pcloak.blob.core.windows.net
1	choices.truste.com	pcloak.blob.core.windows.net
1	mug.criteo.com
1	imasdk.googleapis.com	c1.imgiz.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	feed.pghub.io	pghub.io
1	prebid-server.rubiconproject.com	static.virgul.com
1	bidder.criteo.com	static.virgul.com
1	hbopenbid.pubmatic.com	static.virgul.com
1	mp.4dex.io	static.virgul.com
1	a.teads.tv	static.virgul.com
1	ap.lijit.com	static.virgul.com
1	pghub.io	static.virgul.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	www.google-analytics.com	www.googletagmanager.com
1	s7.addthis.com	ye-mek.net
1	www.googletagmanager.com	ye-mek.net
1	ajax.googleapis.com	ye-mek.net
0	unilever.demdex.net Failed
0	cs.emxdgt.com Failed	ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
0	hb.emxdgt.com Failed	static.virgul.com
351	107

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
www.ye-mek.net RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-29` - `2023-07-07`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
1099124734.rsc.cdn77.org R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
images.dmca.com R3	`2023-05-13` - `2023-08-11`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-09-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-11` - `2023-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-31` - `2023-08-31`	a year	crt.sh
*.programattik.com GeoTrust RSA CA 2018	`2022-10-25` - `2023-10-25`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-27` - `2023-09-09`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.truste.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-16`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh
*.tracker.bannerflow.com R3	`2023-05-29` - `2023-08-27`	3 months	crt.sh

This page contains 38 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Frame ID: 1F0CBFCBB5C2E45043EB26E0B9548EB8
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: 4400BD8B113F6660CD5BE0B1A40E0662
Requests: 121 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: F0F3FCCB5049CE4C416FBB3F511DF403
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20190131/zrt_lookup.html
Frame ID: AF914184468D1694C0102E2ED3494730
Requests: 1 HTTP requests in this frame

Frame: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E38896A2A632A7EF770F926D01075A76
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685663017739&bpp=4&bdt=717&idt=310&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&nras=1&correlator=8786959146304&frm=24&ife=1&pv=2&ga_vid=288053228.1685663017&ga_sid=1685663018&ga_hid=190282803&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44788442&oid=2&pvsid=3034555866243605&tmod=1937465561&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.xjee1ntxe87k&fsb=1&dtd=326
Frame ID: 9061F7546DED0A0A50691BE909A36E44
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 28D4FA02D8FC29ECD3B717FAB9046DB2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022305221508000/amp4ads-v0.mjs
Frame ID: E1E7A5BD2662C2226B50C00270C639DD
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 09B75B13F385EC105B1DBE48D38EA13F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 765AE4DC455E37CE61272854D4CFA6CD
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: 0F6C8ECEC5F174D179296169E031CD42
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxcRMIi4PxdFyXtwkVaQpxTmaomgSXZ7y6Tu67PPC6nWvlQBRYM0TtYq17ZyjzjtZ-JFr9bw1O9uJ9w1jRryxqo-2XOfPKzR9oqVB3jkorh--j5suaAMi3RYHgjJpZY5a5_vIJG6ldBrOUsJOtmF8r0THHjA_pAObVkXYoNW6C4eiO0ZUW3lU7hG0vhA1TkvfSfSuuJoyeoaZODMjAnWiVZ-C3DFs5mycUJ4Xi24cKBPfrkgzX9N7BpH2DwUSxpdJOB4iIjhhxjCXCeFYn6oh0XrhbzuTxAMFXfzAD6hZ2rv-ZV2WsDHSLXPHBsOHvkLHiF5x0FaPWNUc&sai=AMfl-YS6Huw4rfpiQ00LcifhWfE2e2OD_JQ73OUCPVUv8gO1939Z7dYMs0HpAVLpK6_E8EuPlT7klKFnK-b0oBnytIs1VmQ5YxddcnrF4_hR95-OAbx7ZxMmGiEDulOiNA&sig=Cg0ArKJSzFKQlzPIo6QUEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F897728940354301A185CF0C854C082F
Requests: 14 HTTP requests in this frame

Frame: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1105B30C5690B5835F752B183F0CC377
Requests: 8 HTTP requests in this frame

Frame: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: AEE5A39A87641E1E17F55C5203264868
Requests: 9 HTTP requests in this frame

Frame: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4BA64011DC1E559BE9824C111A9DAE80
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8vusookwgepMvQRK_ri5h0HKe3xlBijAdULGeO5gx78kOFlupMc94tknb0SFdf8kYQy0mVG4KLyaY0EKKsEbocPxP_Rek9LccRdi6nO_zN88ozqTCp_v0Zer5TSGbJYdeS-RMQWJlsif0kAVbSWn_G6tT_uQGxanyrKbVl8E2noVTa2mVjcxTbcPPCBv8Gn4vOsAAZQdSYzb-ttUQk9Bkbnhkw5uzn1V9mvp7xtWURuip7063XTfWL4kj4uxisdlgdpSSm7cnFofVbTlly9xpdxQNje7rVgAtAxKUvGp2IPAXOhYEtNz7VpBKkTnyrGUCWsA11ACGRW5qqSc&sai=AMfl-YTVZ6wT2xY0Wt6B1oxSI8yke9wuo-E1egnH4KJOgyUftUGPjzzQLHCpZvQpT_6h87McCHMgXQ5FZxZLeUP7Dm_Kdkd8Zv4b9_ubuNn-Vic5gncaRlip_G7NoYKiWQ&sig=Cg0ArKJSzLxaKjOkrBZMEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 51E40585B304B61E405E562A233E58B6
Requests: 21 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kbyrqmej76jaqcya7wetq1t9kvkpntq7tfeq6excjg8avmxpnfy5vfwgw5k286zh1hm76327s21zjqgg79k6jenqxqv2ragg6cs3tfsrstabnggx5arcyr4syzcqwwkbnmdezaq9asaevz065r9dr5t963pcebd2eqjgkb9cxw7w139znby1h3ja6pt946m63mq2dasfw625kp9x7ytwhbtzkwznxpasynsgan1vz5pg669qm1ft4vtpsqbht78v5qg4yctns9nsqr01wvdfzrc3fxhppwxc3bt05vmkpz9z0c1vc8kab01ged51pv83nxwye51dgrc5wth3x7nqxt1trksw7zs6tb6t9am078b3n5gbzntxj3nvr2yt4zzcgcjnyckcvb3qxrsbw0m07y636q69zrvgswrskybde2eha32k7vm8xy84m17ajmfnkzbeard1c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%26client%3Dca-pub-7983651257838282%26adurl%3D
Frame ID: 4A1E544C2418A6E0DC011909C5B447E1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9E33EBC62BDFD47ABBF8DEBE9D2E65AF
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hcvd9367dxd51e1dk3mkfpdrx59bgsvqnm7ytpcewgtn1ced5aqxx5a0wm7bq5fm0sgh80vhm9a6fswp37zhp7nkehkg6mqtxtwm07v7x81mg4y995v27trxq1pz6222vjq8rv53aksjgas331s8c0y0dd25e6f8fwrct10pg195qc307pdhz9y130x6m6wap8jf7yekqmj2kssq3zxpf3kef2k2sgn3gxhg556rme75bwjw92wnzqt5d337ry7ej92ksdr5vccc66d46173bhwc82evkt0r6c06bdxr00dj4qk8qmwnj8f806nw64rcezpcn05374rxfa3zspv9f7kcjrmsm7zqzvcashz2865cnj68nyk1xk7srw6dpchd2bnv244f40yxs6wd17kw38bptvyawcmrgn6a2s4v714styaasbg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Frame ID: E0FFB14E27643F4345744748D844109E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DC4124245A97DB9AC4D2541C796B9508
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARi167HlATAB&v=APEucNVag_GpD6vraXLgspzn7SAD8AMlHui5PQDlRWR2p7VBvdoNbsjTU3yYtHACNr5f_nkkAmUaXnjt7Cu_L0j3aT36ScZu5_6GOQnCrDO0hN-qhFnldufbTDFD94mCDd-YLdeYvN06pYtHFRZMrAoTuUGe8OICYURiOH33d36FP3rMYBon-Xs
Frame ID: CA98C7D36201A371076AA3D02BD23BD8
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvR4GuVq6Xk9L59GoqnFAHbmB2fTz7cGpqPTMOhCWE-v96PN8KGoIGTwmw-4ZQZikZo50DTgXpvuMB2NuoJZn3lvanwdTFmJU1pshTe56-jGmguVWRrnoWzeTuQluqUgUXjLrizi0kMqjTqv0ydQ2PEMWUb47paJjhsbLpuF3A4z2N_ditVWCQROei5YaR9blGonOlKNOCekSuMWFtiI42wB2I75XwTBA6LymY1tXTlhnEXQYydKrM3rgvw8fvtsZ4gtV1Lue9vl8Zpyx5EWeBZA6Il57W3BfkFOkL3QepXBBmTvA8IvuPy34rSEEtoXacIjUKIvzmFVPEuho-Sy2k2uwlJeUGXtaYthU3MWQ&sai=AMfl-YQDvHUJtyXniKuM3M1tpbWqtMOWZbThDRcYE1U1Cnjc9VsES0uHamJs_gH4YwqLDRub1dquorAIm0IxK2Iib1-STOQ8887OMuvypS2vmfYfPSoxB0CzXsXNVJqv1A&sig=Cg0ArKJSzEoIRaJ0IL_7EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 637455E44EF0B6198E897427B16779F5
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYmd_x5gEwAQ&v=APEucNX5eDWB0Q81wKiL-jmGZRLy5jYHDsVXmM7HFXFWZX2j4ztckf74yliwTWG__f6sOUY4OMiBc-I66DDHRcqvEXhCAn6Q_yRG7QZ-Tf1kL_eI83-KOr9slbXm4pvpaHdLqQx0-b_D4151IqA1Hnkoo6ZUcCD_h-9KY2wzVMZakOlQsC_PoUk
Frame ID: D035B3C676ABC8ACB50D92D9A615E36E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 77D3620041221FB3B947576AEFF07A22
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C6AAC0CA70998D62A2483CAFD446C396
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: D525BB20666E877B35630F148E3CF4A6
Requests: 10 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8E50EFB1FFCD5239D3EA063B172F05A7
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: BA776B32882E9BA2DD1395274F958D53
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 49B1772E4DBBAEE9EFB32B1A1D7811B9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0EBA65ECFE018F51ED6689A1C2895068
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MLk1GFzwcL&t=1&renderingType=2&ev=01_250
Frame ID: EB6E049EBD9CC7E18CF34FA77FC88031
Requests: 12 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=728&d=90&e=&g=2f1158fc991c25af1e19f705482bfafd%2F2321417586194464727&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685663021011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnssdrexzwrvk550v7byadesefwr151qd1b1ttqbnvnwpswhpsyveq04c3mf5n1y193kj2x0epzgfajtej05msb839mf7aaqr0hkbysac9cgpzrhftahcc6kava2y8ay82g2mhe8ax8a3hv1jb13r51z69xx5rx79cjbj7sssq2qmh9arsdkwcz2m774vcdrfwq0kwjjjhz7t7ktbb49v47cd0x10tppceevkxcyhans96504k6wrd1yjmrz54e6vg6gf74p8abrad0cfs0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Frame ID: BFFC05B99333E68D04026F6CDCA5600F
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=98ee16c764ac1be3f2c5a400ca932306%2F4715799845315985016&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685663021012&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdp53vktf3p893wfmpssbbnr1hdqd726sjj3wnbyf0r1xtet3m0b8tdb8xz0x8gba9v45y68fyfaanhjsah7d115kwdc9zz4vw2rc14m54mk200bz59859bksrj7gw648739g0nnq3344rg9csdfbbc6c7sst3sdepm6thnv501ekke56az0wefk576wv2dj2skzawsx5bdezp7jfz7nk5360k5r88kfq5j8zrvgdf0g8yngzwkgy8q5qsaw0t4afv0dx9n5wmdqjkp9c82csfj94%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Frame ID: 22FA1602CD15140BEF640F0BF0AA48C4
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 27198CE6E3F1847DE18F2B2665E993D6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: 5FD988DE2049ABFF8DCA053563A3962E
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1088030921086468096/Copy-of-Acquisition-creatives-May-2023-728x90-German-animated-638207132505238367-6470d6227402c1a238e01a67.html?ev=01_250
Frame ID: 1A5E3DFED8F0366B6D3B33E3494BF68A
Requests: 4 HTTP requests in this frame

Frame: https://comeon-comeon.bannerflow.com/bf-banners/6470d441ca6f177304c9f375.S6215quGrb5i.html?cb=638207197529081769&clickpixel=%2F%2F5565bd4af50b9835bcfbc864.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522comeon%2522%252C%2522brand%2522%253A%25225565bd4af50b9835bcfbc864%2522%252C%2522placement%2522%253A%25226470d6227402c1a238e01a67%2522%252C%2522ad%2522%253A%25226470d441ca6f177304c9f376%2522%252C%2522bannerset%2522%253A%25226470d438ca6f177304c9f341%2522%252C%2522banner%2522%253A%25226470d441ca6f177304c9f375%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25226470d441ca6f177304c9f375%2522%257D&targeturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsua49mUdl0h7bIxH0YAfNCtzYvfM9wyZfruKM002FQm1_Ys_aRax18oPJ7NVmKHEo2lhwctLagOxr0vw6bIyiE84TjuwAXUPFbNB7dqv5It3tbZ7LNKQ5JZpQFP_DXnUiVaREV5kUFuC4A8aCk9_ulrSiO98CRFNqYvLA3NGZ-k6iW7etYV%26sai%3DAMfl-YRFnYhKMkYO7iBFY-uFZkD7RVto_wTloAqJlLpn3CIPYya_Z6ltqdSpmKls-qnra4sVbbq41otPW8vTCZZ6MfMy-OwW--IHNkG8dA%26sig%3DCg0ArKJSzJgYHEHyEeVKEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D8607329%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%253Fbn%253D65010876%253Bcrtbwp%253D4bxct4KBIgNBwtnLLgxn0KzboUFQG3yp0%253Bcrtbdata%253DGDo4Ja9BKivdzl-qTJ3MfGpC-brmsP1QCyPm_XRLlFfw0NyRASa0c7SidME9_Qej89XHWrqMa8YQBwD72PpBsrbnyq3qf0ZBUJJo-ufrbEFy6hrPGmOyPjBAddEPUmj7RyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3jwvrS9T0J1WMzjR4oz79rmAkImYqO1g3DkUvmkmCPSoHsUeW1F3wxGRV-QcE45NG9CfmT8bPwR3V3fMpVJAh1rhQW6FXjSrzw2%253Bccsid%253D81917%253Badfibeg%253D0%253Bcdata%253D25lFo2cIA9k4jpqAWpNe6DjCCV49w96ZTWGpS2_jFVElJUwa1DvnauC60wOI4CueBDQXR1kV9P6FwxG81lm5RB0G2j45OeLjM6HJXZqMiH2neRoFZXgSBBqpldGk7Grgwi6CD4TuYfgehfIN0_NVdAZUl8eRshIqWDKaf-jmd0Mr_PhiGXzP-MMt4hcvbA_Yt-Q8R0qhOUmy6EyEHynWQxLw3Ubh3IIg79RmYeSqToI2td1sRlzlHqoy4RunXhqLy1hB3xpLdZbc-LGMNH8YYLp0CLdWSp35N4r89vsOAqWEFBH4i0cXBfhxcn9wHRGkNPNAiokZ0sWuFqwhPKLxp1hI0NIOrq7ZYaJU2uM20Nn_opJd3eAZ9fJCHhrkY29ePchNFTaqWXwgfQuHuRVUBSTvO_Fq2i9mu2nUSVhDZuAkJ8o-FDJHmfmbHRSvXIbGldK-PFDm6p7tIO8SnwQnMzrFXmPeEND5qK7XOvQn-hdB4SKZKGrNxw2%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fpcloak.blob.core.windows.net%253BC%253D1%253Bcpdir%253Dhttps%253A%252F%252Fwww.sunmaker.de%252Fde%252Fslots%252Fexplore%253Fsidebar%253Dregister%2526dclid%253D%2525edclid!%2526aff%253D100769&targetwindow=_blank&ref=https%3A%2F%2Fpcloak.blob.core.windows.net
Frame ID: 01328A44B6541795D609DAC827E3952F
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: E2B5B72982057BA552C04BBE0C2095EC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

351
Requests

90 %
HTTPS

40 %
IPv6

68
Domains

107
Subdomains

81
IPs

7
Countries

4915 kB
Transfer

10195 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 119

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 166

https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=S8M7tHxvQkhocU5wOVBjN3M1Z1NDN1RMZ01hU1l5bkhMb3JHdHpIdkp6d2Vjd2ZOaGlhZnNVVVFVS0NIUXBtb1BEbTJVOVdEUHJsUWlzbURLeGtkcEpKVFZCUWc3R05XL00wQ2F4MFdoZlY1WTRkMUxmOFRvL3F0Y2RKd2lqQkEwUDI3MWY0dGROMmZWU0wraU5Cam1SWUJIYWdRVlR3SnF5RWhkV3p5VFBEblg1bkZUTEI5VmpFUy9ZQm1STEZmSkU3akVRazMyeGFvSVBSdnpHeVJxTDRIT3RDR0t0cThXQ1hQR05SNW9sdUtMazVwM0puV0dNZk1jRmVHd3RGSjJ6cDg2T3Q0Y0VSVThCZ3FrcGZmNHU2c1UwZzUyTCt2MEltam96aDYzNmRNSndnQT18&cppv=2

Request Chain 186

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO6QssTx0n5oD0hRUhFq4QQ&google_cver=1

Request Chain 187

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHktLLPFnPf5-tykeJar3wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO6QssTx0n5oD0hRUhFq4QQ&google_cver=1

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENR_XL_MEU_Jup7pwgzc2vg&google_cver=1

Request Chain 189

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc5NjQ5NTM2MTk0NTg3Nzg5OA%3D%3D

Request Chain 193

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIlq9rZAVnfLFX19y2CLn3A&google_cver=1&google_push=ATf1kGPS2OhtQi4d3wRhYFW8jTptd4HwOJBtYfjFRXI6Gvk6310nzXSBmjZwhKGMaEaAVwBMFwlS9GX47Dgjq_Sg_ah0YZsBWf6m HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIlq9rZAVnfLFX19y2CLn3A&google_cver=1&google_push=ATf1kGPS2OhtQi4d3wRhYFW8jTptd4HwOJBtYfjFRXI6Gvk6310nzXSBmjZwhKGMaEaAVwBMFwlS9GX47Dgjq_Sg_ah0YZsBWf6m HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk3NDE3MTcxMzEwMzQ5NTczNA&google_push=ATf1kGPS2OhtQi4d3wRhYFW8jTptd4HwOJBtYfjFRXI6Gvk6310nzXSBmjZwhKGMaEaAVwBMFwlS9GX47Dgjq_Sg_ah0YZsBWf6m

Request Chain 195

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEN6BuP5Y9yT20205k76UJoU&google_cver=1&google_push=ATf1kGM4wrLFCgSK9IjCApGSdkwWujRJcNaRGvtYZzgWb5zTURxFmSqGAkO3FN3BBjazoJIL9hGnEbYNnO7jAKweC53lbNSwOlUy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGM4wrLFCgSK9IjCApGSdkwWujRJcNaRGvtYZzgWb5zTURxFmSqGAkO3FN3BBjazoJIL9hGnEbYNnO7jAKweC53lbNSwOlUy

Request Chain 196

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED5o0SEWRfvkznwz12XSi1g&google_cver=1&google_push=ATf1kGPXkLjASMAyrvRLoNSSzAajFP4eRRWrwvbUDaPCip517Av4XZmeg8WhwJGHG3PdUSST8gybFb4-TkjyINfU7A0SMtKLVaI HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGPXkLjASMAyrvRLoNSSzAajFP4eRRWrwvbUDaPCip517Av4XZmeg8WhwJGHG3PdUSST8gybFb4-TkjyINfU7A0SMtKLVaI&google_gid=CAESED5o0SEWRfvkznwz12XSi1g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1NzgwNzMwNTM4NjE0NTQ3OTQ4Nw%3D%3D&google_push=ATf1kGPXkLjASMAyrvRLoNSSzAajFP4eRRWrwvbUDaPCip517Av4XZmeg8WhwJGHG3PdUSST8gybFb4-TkjyINfU7A0SMtKLVaI

Request Chain 197

https://sync.inmobi.com/gob?google_gid=CAESEHfP5liyeMQk1dA1PFcg2WA&google_cver=1&google_push=ATf1kGMtXU1j0gSsadGHLdbZhNYq6VER6HTq_yjHGiPd6qrmdsJU3dEtmNEt7w0o-7kmRzf97k4Q-hh9kr_X2TuWg3i5bfCOHO3DkQ HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMtXU1j0gSsadGHLdbZhNYq6VER6HTq_yjHGiPd6qrmdsJU3dEtmNEt7w0o-7kmRzf97k4Q-hh9kr_X2TuWg3i5bfCOHO3DkQ

Request Chain 203

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO7EJQttxQry1HFR2X5SJTk&google_cver=1&google_push=ATf1kGOEBBnJ4wxPekA0mJ2Xrue4jbzHsI_chYOr_b-wdnszF677owAZwe-KWlZ-6jxqqOvfRew07OYbZGbz4WmDf0dP3O-vCA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOEBBnJ4wxPekA0mJ2Xrue4jbzHsI_chYOr_b-wdnszF677owAZwe-KWlZ-6jxqqOvfRew07OYbZGbz4WmDf0dP3O-vCA

Request Chain 205

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA87znU3vEeNdOa8MKLtcDM&google_cver=1&google_push=ATf1kGOD1zKnUsHpQNicdhVaUU5Ty4hXFu31KRtofA9EWuVU-QvGEwf6he3pYcdcAUE7r-lmbklBxGMoXpeyFSW--GFkxhK6xw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzOTg2NzU0Mjk4MDUyNDE4MA%3D%3D&google_push=ATf1kGOD1zKnUsHpQNicdhVaUU5Ty4hXFu31KRtofA9EWuVU-QvGEwf6he3pYcdcAUE7r-lmbklBxGMoXpeyFSW--GFkxhK6xw

Request Chain 206

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED2pic5OqGoS255LuH4Tr7k&google_cver=1&google_push=ATf1kGOiaXb6BD2aHZR25f4fYwLHsW5h4hCF7lw4iXExdrjIXNiEAgreExyVjRQRy-0J-ONFGGf098nqPuk6r0FtHDl7scoPOQ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGOiaXb6BD2aHZR25f4fYwLHsW5h4hCF7lw4iXExdrjIXNiEAgreExyVjRQRy-0J-ONFGGf098nqPuk6r0FtHDl7scoPOQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1685663020180 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-dd885a79-2b42-453c-9ede-329d704a38c0-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGOiaXb6BD2aHZR25f4fYwLHsW5h4hCF7lw4iXExdrjIXNiEAgreExyVjRQRy-0J-ONFGGf098nqPuk6r0FtHDl7scoPOQ%26google_hm%3DA92IWnkrQkU8nt4ynXBKOMA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGOiaXb6BD2aHZR25f4fYwLHsW5h4hCF7lw4iXExdrjIXNiEAgreExyVjRQRy-0J-ONFGGf098nqPuk6r0FtHDl7scoPOQ&google_hm=A92IWnkrQkU8nt4ynXBKOMA

Request Chain 207

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED5o0SEWRfvkznwz12XSi1g&google_cver=1&google_push=ATf1kGMhcUGtutiY7EYKHDbmeBThbXWqVlsA6HUuU2er99Pq998wCKZ09N0DXPvc639KWHr1k3gg1lwI6MkA-aqxDpB9RlTAMA HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGMhcUGtutiY7EYKHDbmeBThbXWqVlsA6HUuU2er99Pq998wCKZ09N0DXPvc639KWHr1k3gg1lwI6MkA-aqxDpB9RlTAMA&google_gid=CAESED5o0SEWRfvkznwz12XSi1g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1NzgwNzMwNTM4NjE0NTQ3OTQ4Nw%3D%3D&google_push=ATf1kGMhcUGtutiY7EYKHDbmeBThbXWqVlsA6HUuU2er99Pq998wCKZ09N0DXPvc639KWHr1k3gg1lwI6MkA-aqxDpB9RlTAMA

Request Chain 208

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOmq-BUy_3CRh3X5QHuVNgs&google_cver=1&google_push=ATf1kGMREGI4AHCdbGqpfA7I36Acli1Dl9rvvCHVmLbhs_3DDvcfgm35jo8Vue22rwMv43vN5qAlOLgqklZKyL22fl1jFu0GFpFR HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOmq-BUy_3CRh3X5QHuVNgs&google_cver=1&google_push=ATf1kGMREGI4AHCdbGqpfA7I36Acli1Dl9rvvCHVmLbhs_3DDvcfgm35jo8Vue22rwMv43vN5qAlOLgqklZKyL22fl1jFu0GFpFR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=214844e6-f355-4f00-9120-f835efb2d8ef&%%GOOGLE_PUSH_PAIR%%

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEOx0MBEP67-w220rcCfshzM&google_cver=1

Request Chain 217

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEAoWkUj8FUUO2ImtMqAyed8&google_cver=1&adform_v=1

Request Chain 253

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAqIKo3r-QW4D6obfzAE-0Q&google_cver=1&google_push=ATf1kGMEArfpGSRsx2TLm4IwAQ2IvCgZW4GgFTcJ2IlaY9uehRi7xFCX7-RUaIr1clyXpCyFY-0iVnuT5grcTWqyEuPqD_1ZKHHFOA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMEArfpGSRsx2TLm4IwAQ2IvCgZW4GgFTcJ2IlaY9uehRi7xFCX7-RUaIr1clyXpCyFY-0iVnuT5grcTWqyEuPqD_1ZKHHFOA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAqIKo3r-QW4D6obfzAE-0Q&google_cver=1&google_push=ATf1kGMEArfpGSRsx2TLm4IwAQ2IvCgZW4GgFTcJ2IlaY9uehRi7xFCX7-RUaIr1clyXpCyFY-0iVnuT5grcTWqyEuPqD_1ZKHHFOA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMEArfpGSRsx2TLm4IwAQ2IvCgZW4GgFTcJ2IlaY9uehRi7xFCX7-RUaIr1clyXpCyFY-0iVnuT5grcTWqyEuPqD_1ZKHHFOA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 255

https://d5p.de17a.com/cookies/google?google_gid=CAESEJAfKZlVsZINekr1MRytGkM&google_cver=1&google_push=ATf1kGMACsVf5siZJqnKwhcIp_e_plbRMya-NFoo2A-9VrCFkpfkuPymv_NMQELP-L8HH321XNAF6C6yeyzAUl4s18eiEOmUcGKQ_Q HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJAfKZlVsZINekr1MRytGkM&google_cver=1&google_push=ATf1kGMACsVf5siZJqnKwhcIp_e_plbRMya-NFoo2A-9VrCFkpfkuPymv_NMQELP-L8HH321XNAF6C6yeyzAUl4s18eiEOmUcGKQ_Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMACsVf5siZJqnKwhcIp_e_plbRMya-NFoo2A-9VrCFkpfkuPymv_NMQELP-L8HH321XNAF6C6yeyzAUl4s18eiEOmUcGKQ_Q

Request Chain 257

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGzwEu0ZhkXm6eRB1fyh3l8&google_cver=1&google_push=ATf1kGP9lPinK6b-EEK1ilo6kr7Shf-6-aPhCzMgGVvJJyny1RuMtPliaWPH2CL7_-mmQNkbOtM3gTNhGSKEsq6h-3CObfpsoUfg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGzwEu0ZhkXm6eRB1fyh3l8&google_cver=1&google_push=ATf1kGP9lPinK6b-EEK1ilo6kr7Shf-6-aPhCzMgGVvJJyny1RuMtPliaWPH2CL7_-mmQNkbOtM3gTNhGSKEsq6h-3CObfpsoUfg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NtxoPrXySYWdS6GOfaicmg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGP9lPinK6b-EEK1ilo6kr7Shf-6-aPhCzMgGVvJJyny1RuMtPliaWPH2CL7_-mmQNkbOtM3gTNhGSKEsq6h-3CObfpsoUfg

Request Chain 258

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOyVlZNv6ohv_ZNFH6TK5Yg&google_cver=1&google_push=ATf1kGNrjlI7CjkoF2PMCzwIbw31HoJvSn8MCLi8hVAIASErunWSbM1Or5R-SQZo1DDdAeY6f-a2_ZYdlCq9x_Q9dLT_Pw_LHwbizmQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTc5NjQ5NTM2MTk0NTg3Nzg5OA%3D%3D&google_gid=CAESEOyVlZNv6ohv_ZNFH6TK5Yg&google_cver=1&google_push=ATf1kGNrjlI7CjkoF2PMCzwIbw31HoJvSn8MCLi8hVAIASErunWSbM1Or5R-SQZo1DDdAeY6f-a2_ZYdlCq9x_Q9dLT_Pw_LHwbizmQ

Request Chain 259

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOmq-BUy_3CRh3X5QHuVNgs&google_cver=1&google_push=ATf1kGNqDFk207tdbjlcwK2z1nDgFeubPZ7EFFHjDy4rfhfLtVf7embFrQqmNgAPHQQgwn2sVHgamHu3lb60L5WSIysCb3gqbOkxSQM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=214844e6-f355-4f00-9120-f835efb2d8ef&%%GOOGLE_PUSH_PAIR%%

Request Chain 280

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIDS8L4P-17-IYKZ

Request Chain 281

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=h09IkGWdRe-atBys891umw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=h09IkGWdRe-atBys891umw

Request Chain 283

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xQBa27u6SneAbygAfoFy8A&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xQBa27u6SneAbygAfoFy8A

Request Chain 284

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2I4NWQ1MWJjYWM5MTliNzI2MzE1OTQ0NGE0NGZjNDkxYmY2ZWM3ZQ

Request Chain 285

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/9MD91GFFrLRlKJRWFXSV48n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-W11.mMJE2oJew_jJvcVCWyjzIJniLeM5GRk4gA--~A

Request Chain 288

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJvhe7rYXbbDfp6-jXcXm4U&google_cver=1

Request Chain 289

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElEUzhMNFAtMTctSVlLWg== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECbIARURgBtTgS-aXYXFqvA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElEUzhMNFAtMTctSVlLWg==&google_push=

Request Chain 309

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1685663021_23767070-00d6-11ee-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 312

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKrW3Iygo_8CFRjvEQgdrPIDRw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023060201434185523008087X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023060201434185523008087X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

Request Chain 315

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3Dviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CK7X3Iygo_8CFaDsEQgdQScDhA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3Dviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023060201434185523008085X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0

351 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x6uf5z9e3262.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 513ms
146ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1324
Content-MD5: XPHdOVCmWyxrVVstkB9xGw==
Content-Type: text/html
Date: Thu, 01 Jun 2023 23:43:35 GMT
ETag: 0x8DB5ED08476F0C5
Last-Modified: Sat, 27 May 2023 16:36:27 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 252b6064-601e-0028-35e2-9423a5000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 107ms
107ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-request-id: 252b60f8-601e-0028-35e2-9423a5000000
Date: Thu, 01 Jun 2023 23:43:35 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 327ms
111ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 01 Jun 2023 23:43:35 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: 252b61d1-601e-0028-78e2-9423a5000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 216ms
108ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 01 Jun 2023 23:43:35 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: 252b6150-601e-0028-04e2-9423a5000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 743 B
682 B 415ms
155ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x6uf5z9e3262
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:36 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 404

GET
H2 200 nv.php Show response
www.cloakan.co/ 232 B
386 B 243ms
110ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:36 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 112

GET
H2 200 / Show response
ye-mek.net/ Frame 4400 77 KB
77 KB 356ms
76ms Document
text/html 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/
Requested by: Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8c911e08d44dd204ab6b8d9d9d1f74658176977075a7bf651e6b42a963c1a98d

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 78689
content-type: text/html; charset=utf-8
date: Thu, 01 Jun 2023 23:43:36 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 4400 90 KB
33 KB 65ms
19ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 18:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 May 2024 18:01:58 GMT

GET
H2 200 yemeknet.js Show response
ye-mek.net/js/ Frame 4400 10 KB
2 KB 120ms
120ms Script
application/javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/js/yemeknet.js?v=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Thu, 01 Jun 2023 23:43:36 GMT
content-encoding: br
last-modified: Tue, 20 Aug 2019 13:15:54 GMT
server: Microsoft-IIS/10.0
etag: "0a144655957d51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2179

GET
H2 200 maincss.css
cdn.ye-mek.net/ Frame 4400 40 KB
12 KB 198ms
34ms Stylesheet
text/css 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ye-mek.net/maincss.css?v=434
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 3853575
x-accel-date: 1681809442
x-77-nzt: AcO1ryd3sMz/B806AA
x-accel-expires: @1713345442
last-modified: Tue, 24 Nov 2020 00:00:32 GMT
server: CDN77-Turbo
etag: W/"5fbc4d20-9e5b"
x-77-nzt-ray: 25b02131b7383f30292d79647452b20b
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 4400 119 KB
47 KB 80ms
32ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

268d2ed9429d7595bbc18c4f44374c6916a3d44ac0c878b3616d85caebdcc5f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47380
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:56:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Jun 2023 23:43:37 GMT

GET
H2 200 WebResource.axd Show response
ye-mek.net/ Frame 4400 23 KB
23 KB 64ms
63ms Script
application/x-javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/WebResource.axd?d=YeedoL8dFzo5gymDuarFXngFaaXpLN8jYlixY-HzMyr_r8lEwXsCQefYQgi2kFzYfrVacpu_9us1eVTBWQamZuI0ynrH9LDfafZF-A5wZF41&t=637811837229275428
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Thu, 01 Jun 2023 23:43:36 GMT
last-modified: Wed, 23 Feb 2022 00:28:42 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/x-javascript
cache-control: public
content-length: 23063
expires: Sat, 04 May 2024 23:14:43 GMT

GET
H2 200 searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame 4400 542 B
896 B 46ms
46ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3853617
x-accel-date: 1681809400
content-length: 542
x-77-nzt: AcO1rye65Bz/Mc06AA
x-accel-expires: @1713345400
last-modified: Sat, 22 Oct 2022 20:00:57 GMT
server: CDN77-Turbo
etag: "63544bf9-21e"
x-77-nzt-ray: 25b02131b7383f30292d79644539550e
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ara.png
cdn.ye-mek.net/App_UI/Img/ Frame 4400 2 KB
2 KB 45ms
36ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3853576
x-accel-date: 1681809441
content-length: 1651
x-77-nzt: AcO1rye9jSz/CM06AA
x-accel-expires: @1713345441
last-modified: Mon, 14 May 2018 22:41:08 GMT
server: CDN77-Turbo
etag: "5afa1084-673"
x-77-nzt-ray: 25b02131b7383f30292d79648fafd00e
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 citir-tavuk-kanatlari-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 4400 15 KB
16 KB 58ms
47ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/citir-tavuk-kanatlari-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3c2fc0614d14f19c7b68d795bbd361ec0baa28f2f72f7fd645cb7967f380af07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6892
x-accel-date: 1685656125
content-length: 15552
x-77-nzt: AcO1ryfQtzD/7BoAAA
x-accel-expires: @1717192125
last-modified: Thu, 01 Jun 2023 21:24:53 GMT
server: CDN77-Turbo
etag: "64790ca5-3cc0"
x-77-nzt-ray: 25b02131b7383f30292d7964f6da150f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 lor-peyniri-salatasi-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 4400 19 KB
20 KB 71ms
61ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/lor-peyniri-salatasi-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d2d887515bbff324e166602e4a4f70f620adc7da103204fc31d8fd3d0253ac62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 92467
x-accel-date: 1685570550
content-length: 19754
x-77-nzt: AcO1rycya9z/M2kBAA
x-accel-expires: @1717106550
last-modified: Wed, 31 May 2023 21:52:11 GMT
server: CDN77-Turbo
etag: "6477c18b-4d2a"
x-77-nzt-ray: 25b02131b7383f30292d7964e7021e0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ic-baklali-bulgur-pilavi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 4400 18 KB
18 KB 92ms
82ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ic-baklali-bulgur-pilavi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a1755361ebea5c38443a4e30f7c334868e54ed383f2ea73dc412c665d0dc6f4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 180681
x-accel-date: 1685482336
content-length: 18151
x-77-nzt: AcO1ryfqQhz/ycECAA
x-accel-expires: @1717018336
last-modified: Tue, 30 May 2023 13:33:43 GMT
server: CDN77-Turbo
etag: "6475fb37-46e7"
x-77-nzt-ray: 25b02131b7383f30292d79644117220f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sut-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 4400 11 KB
11 KB 106ms
96ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/sut-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f8851656c76b34d0b68710739e01ccf4592fcbf41a901b9f75709abf6b117151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 263634
x-accel-date: 1685399383
content-length: 10814
x-77-nzt: AcO1ryctQHv/0gUEAA
x-accel-expires: @1716935383
last-modified: Mon, 29 May 2023 22:06:16 GMT
server: CDN77-Turbo
etag: "647521d8-2a3e"
x-77-nzt-ray: 25b02131b7383f30292d7964db0f250f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ic-pilavli-tavuk-dolmasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/08/ Frame 4400 15 KB
15 KB 106ms
96ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/08/ic-pilavli-tavuk-dolmasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: bbed5424f2f97c210ccba4c2050a216711a997c49a8cef4051db16386e7a1b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3852957
x-accel-date: 1681810060
content-length: 15494
x-77-nzt: AcO1ryeL3gn/nco6AA
x-accel-expires: @1713346060
last-modified: Wed, 01 May 2019 22:46:18 GMT
server: CDN77-Turbo
etag: "5cca21ba-3c86"
x-77-nzt-ray: 25b02131b7383f30292d79645d6b290f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-pirasa-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/12/ Frame 4400 11 KB
11 KB 106ms
96ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/12/firinda-pirasa-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 46f0e1ce5f1bc9e08e3dc864c6d65fb7bde761cdde2e8ca86780c539991badf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3852631
x-accel-date: 1681810386
content-length: 11396
x-77-nzt: AcO1ryfISZD/V8k6AA
x-accel-expires: @1713346386
last-modified: Wed, 01 May 2019 23:10:04 GMT
server: CDN77-Turbo
etag: "5cca274c-2c84"
x-77-nzt-ray: 25b02131b7383f30292d7964866c2b0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 acem-koftesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/03/ Frame 4400 14 KB
14 KB 106ms
96ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/03/acem-koftesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b0a9edd9406b9e846d2613b16def49dca3d2307816622cb274acc4d0d2314245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3853503
x-accel-date: 1681809514
content-length: 14065
x-77-nzt: AcO1ryd3Tgj/v8w6AA
x-accel-expires: @1713345514
last-modified: Sun, 15 Mar 2020 20:02:10 GMT
server: CDN77-Turbo
etag: "5e6e89c2-36f1"
x-77-nzt-ray: 25b02131b7383f30292d79649155310f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tencerede-etli-patlican-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/08/ Frame 4400 13 KB
13 KB 106ms
97ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/08/tencerede-etli-patlican-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8e2b2033aae5f2ebbc9b92291c3cdfa7a084429d21d85b382e39dfbd875b5f55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3848617
x-accel-date: 1681814400
content-length: 13086
x-77-nzt: AcO1ryfas5H/qbk6AA
x-accel-expires: @1713350400
last-modified: Wed, 01 May 2019 23:03:11 GMT
server: CDN77-Turbo
etag: "5cca25af-331e"
x-77-nzt-ray: 25b02131b7383f30292d79641f4ab80f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mahluta-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/11/ Frame 4400 12 KB
13 KB 106ms
97ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/11/mahluta-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 837d63620657b055c980948022e01ba5c63c986d3d08ca7db80558411eab45d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3851290
x-accel-date: 1681811727
content-length: 12542
x-77-nzt: AcO1rycsNRb/GsQ6AA
x-accel-expires: @1713347727
last-modified: Wed, 01 May 2019 23:07:46 GMT
server: CDN77-Turbo
etag: "5cca26c2-30fe"
x-77-nzt-ray: 25b02131b7383f30292d79641033c20f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 dalyan-kofte-rosto-kofte-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/02/ Frame 4400 11 KB
11 KB 106ms
97ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/02/dalyan-kofte-rosto-kofte-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 22c974ca84d1beebef37b4c95335f8ae6f597563bbb9246eed2f4f647a176128

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3853507
x-accel-date: 1681809510
content-length: 11371
x-77-nzt: AcO1rycXfWP/w8w6AA
x-accel-expires: @1713345510
last-modified: Wed, 01 May 2019 22:37:27 GMT
server: CDN77-Turbo
etag: "5cca1fa7-2c6b"
x-77-nzt-ray: 25b02131b7383f30292d79648d79db0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 patlican-cigirtma-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/12/ Frame 4400 12 KB
12 KB 106ms
97ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/12/patlican-cigirtma-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9ca119586f3ba8e6a4a1dacf83852d3275071d2501de033ba04673b4efde1ac3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3853109
x-accel-date: 1681809908
content-length: 12336
x-77-nzt: AcO1ryc+q4n/Ncs6AA
x-accel-expires: @1713345908
last-modified: Sat, 07 Dec 2019 20:51:53 GMT
server: CDN77-Turbo
etag: "5dec10e9-3030"
x-77-nzt-ray: 25b02131b7383f30292d79641c3de10f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tas-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/10/ Frame 4400 11 KB
11 KB 106ms
97ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/10/tas-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3852098
x-accel-date: 1681810919
content-length: 10807
x-77-nzt: AcO1rycg7a3/Qsc6AA
x-accel-expires: @1713346919
last-modified: Wed, 01 May 2019 23:24:41 GMT
server: CDN77-Turbo
etag: "5cca2ab9-2a37"
x-77-nzt-ray: 25b02131b7383f30292d796456bee50f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tencerede-patlican-oturtma-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/05/ Frame 4400 13 KB
14 KB 106ms
97ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/05/tencerede-patlican-oturtma-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 42c600c9293359a7e6a9506e5dc30ca74845321a0849e8aa0cc5d2d52a7b5a94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3851066
x-accel-date: 1681811951
content-length: 13490
x-77-nzt: AcO1rye4LxL/OsM6AA
x-accel-expires: @1713347951
last-modified: Fri, 17 May 2019 22:50:00 GMT
server: CDN77-Turbo
etag: "5cdf3a98-34b2"
x-77-nzt-ray: 25b02131b7383f30292d7964d638ef0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kofteli-patates-dizmesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 4400 16 KB
16 KB 106ms
98ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/kofteli-patates-dizmesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 089371c2d0c637c172d5af2ba670a229c49df18790fa29a8c9a3d4af7796f2c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3853251
x-accel-date: 1681809766
content-length: 16315
x-77-nzt: AcO1rydPYOj/w8s6AA
x-accel-expires: @1713345766
last-modified: Fri, 22 May 2020 22:51:08 GMT
server: CDN77-Turbo
etag: "5ec8575c-3fbb"
x-77-nzt-ray: 25b02131b7383f30292d7964cdc2f50f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tepsi-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2014/06/ Frame 4400 15 KB
16 KB 106ms
98ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2014/06/tepsi-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 565b56a04b0c14fbb67f85831742be7801516ffc8d4f8737eb702caf6abc64c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3852825
x-accel-date: 1681810192
content-length: 15566
x-77-nzt: AcO1ryfy4Ib/Gco6AA
x-accel-expires: @1713346192
last-modified: Wed, 01 May 2019 22:25:10 GMT
server: CDN77-Turbo
etag: "5cca1cc6-3cce"
x-77-nzt-ray: 25b02131b7383f30292d7964ec20f80f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 hamburger-koftesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 4400 10 KB
11 KB 107ms
98ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/hamburger-koftesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: db725e2f455d418fe503bf105ae1f43045035eb576fa2f667e21a8c290e06d17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3853250
x-accel-date: 1681809767
content-length: 10591
x-77-nzt: AcO1ryfYHwz/wss6AA
x-accel-expires: @1713345767
last-modified: Tue, 26 May 2020 22:36:22 GMT
server: CDN77-Turbo
etag: "5ecd99e6-295f"
x-77-nzt-ray: 25b02131b7383f30292d79644855fc0f
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 yogurt-soslu-tavuk-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/06/ Frame 4400 16 KB
17 KB 107ms
98ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/06/yogurt-soslu-tavuk-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 772de1eb224033fdc2d4f895698a95d01249b3e95be8f99991e8f9099c985df0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3844645
x-accel-date: 1681818372
content-length: 16582
x-77-nzt: AcO1rycRVYn/Jao6AA
x-accel-expires: @1713354372
last-modified: Thu, 09 Jun 2022 23:02:22 GMT
server: CDN77-Turbo
etag: "62a27bfe-40c6"
x-77-nzt-ray: 25b02131b7383f30292d796475f20310
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuklu-sehzade-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/04/ Frame 4400 16 KB
16 KB 107ms
98ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/04/tavuklu-sehzade-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7d7862e6fbf2d69229da6a29919581daccb5fda185e6d92171147b42184eb460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3852968
x-accel-date: 1681810049
content-length: 16490
x-77-nzt: AcO1ryc0u5//qMo6AA
x-accel-expires: @1713346049
last-modified: Thu, 29 Apr 2021 23:52:25 GMT
server: CDN77-Turbo
etag: "608b46b9-406a"
x-77-nzt-ray: 25b02131b7383f30292d7964c24d0e10
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-tavuk-pirzola-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/06/ Frame 4400 12 KB
13 KB 107ms
99ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/06/firinda-tavuk-pirzola-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 09d46eb1397a55833670832dcac4edf7f7e1d2b170b3eb7c11557cadcfe0a784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3851522
x-accel-date: 1681811495
content-length: 12609
x-77-nzt: AcO1rycRbPD/AsU6AA
x-accel-expires: @1713347495
last-modified: Wed, 01 May 2019 23:19:17 GMT
server: CDN77-Turbo
etag: "5cca2975-3141"
x-77-nzt-ray: 25b02131b7383f30292d79648c1a1810
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pilic-tava-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/12/ Frame 4400 15 KB
15 KB 107ms
99ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/12/pilic-tava-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2c481ccdb6e10e0136132ac25c732c873df15b1cf23a063a714f63606159551e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 1514964
x-accel-date: 1684148053
content-length: 15498
x-77-nzt: AcO1ryf7ZPj/1B0XAA
x-accel-expires: @1715684053
last-modified: Fri, 30 Dec 2022 22:50:02 GMT
server: CDN77-Turbo
etag: "63af6b1a-3c8a"
x-77-nzt-ray: 25b02131b7383f30292d796426171f10
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mantarli-ispanak-kavurmasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/03/ Frame 4400 16 KB
16 KB 107ms
99ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/03/mantarli-ispanak-kavurmasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e685a897e3b552fe45551a3223b135ce7cb62521f32759e30f657e1028edd94e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3852502
x-accel-date: 1681810515
content-length: 15886
x-77-nzt: AcO1rydtvoT/1sg6AA
x-accel-expires: @1713346515
last-modified: Sat, 27 Mar 2021 22:13:41 GMT
server: CDN77-Turbo
etag: "605fae15-3e0e"
x-77-nzt-ray: 25b02131b7383f30292d7964174f2610
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 bakla-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/05/ Frame 4400 16 KB
17 KB 107ms
99ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/05/bakla-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 63e2084cf59c4f68f8346a17541d1cf44755745ec160e6bc3cfd9d1651424640

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3851329
x-accel-date: 1681811688
content-length: 16621
x-77-nzt: AcO1ryewhcL/QcQ6AA
x-accel-expires: @1713347688
last-modified: Wed, 18 May 2022 23:46:24 GMT
server: CDN77-Turbo
etag: "62858550-40ed"
x-77-nzt-ray: 25b02131b7383f30292d7964c2e72c10
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 brokoli-mucver-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/02/ Frame 4400 13 KB
13 KB 107ms
99ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/02/brokoli-mucver-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a9f2bdacd4951b5e28dcd417c660d0e84dd2d82c09b81d4ff3f22e0bd3b20cb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3849984
x-accel-date: 1681813033
content-length: 13059
x-77-nzt: AcO1ryf6+qv/AL86AA
x-accel-expires: @1713349033
last-modified: Wed, 01 May 2019 23:31:01 GMT
server: CDN77-Turbo
etag: "5cca2c35-3303"
x-77-nzt-ray: 25b02131b7383f30292d79640f163110
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-karnabahar-koftesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/04/ Frame 4400 14 KB
14 KB 107ms
99ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/04/firinda-karnabahar-koftesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8d61d212045611c2b5a7956db31bf8ccf7f53515c48f85d6851be4c66a1cd9f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3852996
x-accel-date: 1681810021
content-length: 14263
x-77-nzt: AcO1rydaPDH/xMo6AA
x-accel-expires: @1713346021
last-modified: Wed, 01 May 2019 22:57:43 GMT
server: CDN77-Turbo
etag: "5cca2467-37b7"
x-77-nzt-ray: 25b02131b7383f30292d7964c6983a10
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 yogurtlu-topalak-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/08/ Frame 4400 11 KB
11 KB 107ms
100ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/08/yogurtlu-topalak-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c2398f7cd250e7f74a174468329a3f1cb829032998f0ed4c0034672aa5f3ffeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3851501
x-accel-date: 1681811516
content-length: 11010
x-77-nzt: AcO1ryfKOBP/7cQ6AA
x-accel-expires: @1713347516
last-modified: Mon, 03 Aug 2020 22:25:24 GMT
server: CDN77-Turbo
etag: "5f288ed4-2b02"
x-77-nzt-ray: 25b02131b7383f30292d7964120a4310
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 terbiyeli-kereviz-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/01/ Frame 4400 11 KB
11 KB 107ms
100ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/01/terbiyeli-kereviz-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4e4809916d0077b67c97480fbf143ebdd652c583f4158a97505547db40bed655

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3852880
x-accel-date: 1681810137
content-length: 11038
x-77-nzt: AcO1ryf3ZlH/UMo6AA
x-accel-expires: @1713346137
last-modified: Sat, 22 Jan 2022 21:04:29 GMT
server: CDN77-Turbo
etag: "61ec715d-2b1e"
x-77-nzt-ray: 25b02131b7383f30292d7964aa824810
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 para-para-corbasi-resimli-yemek-tarifi(24).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/02/ Frame 4400 12 KB
13 KB 107ms
100ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/02/para-para-corbasi-resimli-yemek-tarifi(24).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b358220e5b27c2715f2afcdc4c02c448766bb9d81b959f877a0026aaf60c6f86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3850293
x-accel-date: 1681812724
content-length: 12508
x-77-nzt: AcO1ryfcTyD/NcA6AA
x-accel-expires: @1713348724
last-modified: Wed, 01 May 2019 22:36:35 GMT
server: CDN77-Turbo
etag: "5cca1f73-30dc"
x-77-nzt-ray: 25b02131b7383f30292d796465655010
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 yogurtlu-tarhana-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/09/ Frame 4400 10 KB
10 KB 107ms
100ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/09/yogurtlu-tarhana-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8b9df28f59076afb3f8ebca8d01cf67f27a2172705e582d8824af82e4a293494

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3852926
x-accel-date: 1681810091
content-length: 9741
x-77-nzt: AcO1rye8XLj/fso6AA
x-accel-expires: @1713346091
last-modified: Tue, 07 Sep 2021 22:07:23 GMT
server: CDN77-Turbo
etag: "6137e29b-260d"
x-77-nzt-ray: 25b02131b7383f30292d7964cb3f5910
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 cilekli-pasta-resimli-yemek-tarifi(24).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/05/ Frame 4400 11 KB
11 KB 107ms
100ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/05/cilekli-pasta-resimli-yemek-tarifi(24).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 881557cf62ae6459da90e17bdb7c608c646010d308e4c0feb9cda80cca82d59b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3851514
x-accel-date: 1681811503
content-length: 11337
x-77-nzt: AcO1ryfHCJX/+sQ6AA
x-accel-expires: @1713347503
last-modified: Wed, 01 May 2019 23:34:55 GMT
server: CDN77-Turbo
etag: "5cca2d1f-2c49"
x-77-nzt-ray: 25b02131b7383f30292d7964ae906010
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 cikolata-soslu-pudingli-mozaik-pasta-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/11/ Frame 4400 16 KB
17 KB 113ms
106ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/11/cikolata-soslu-pudingli-mozaik-pasta-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0bb6011ca0dbc5ca0ec9f0cf68f65fb93b324b359d0aa3c1986bc5c60b04b875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3850150
x-accel-date: 1681812867
content-length: 16545
x-77-nzt: AcO1ryfy9gH/pr86AA
x-accel-expires: @1713348867
last-modified: Wed, 27 Nov 2019 22:39:06 GMT
server: CDN77-Turbo
etag: "5ddefb0a-40a1"
x-77-nzt-ray: 25b02131b7383f30292d796439ff0a11
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kokostar-cocostar-pasta-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/07/ Frame 4400 13 KB
14 KB 113ms
107ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/07/kokostar-cocostar-pasta-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a6cc789aba8ac76bed3b32f93c97b5848d1e04c2866c15a0cbe39d9c25783af9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3849366
x-accel-date: 1681813651
content-length: 13783
x-77-nzt: AcO1ryeIxXr/lrw6AA
x-accel-expires: @1713349651
last-modified: Wed, 01 May 2019 23:02:27 GMT
server: CDN77-Turbo
etag: "5cca2583-35d7"
x-77-nzt-ray: 25b02131b7383f30292d796431b41311
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mozaik-pasta-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/04/ Frame 4400 14 KB
14 KB 113ms
107ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2013/04/mozaik-pasta-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f35fb700ba1c9f6aa2b682cbc9307da3918e9e7281fe35caff1d4a298b8bf046

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3850956
x-accel-date: 1681812061
content-length: 14119
x-77-nzt: AcO1ryfo61v/zMI6AA
x-accel-expires: @1713348061
last-modified: Wed, 01 May 2019 22:13:35 GMT
server: CDN77-Turbo
etag: "5cca1a0f-3727"
x-77-nzt-ray: 25b02131b7383f30292d79649a221b11
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kirma-zeytin-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/09/ Frame 4400 13 KB
14 KB 113ms
107ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/09/kirma-zeytin-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9c1d5eead33fb63bd3a19b2444461953449797f909ef408e9aef9bf572546736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3851714
x-accel-date: 1681811303
content-length: 13694
x-77-nzt: AcO1ryeP+RP/wsU6AA
x-accel-expires: @1713347303
last-modified: Sun, 18 Sep 2022 23:21:14 GMT
server: CDN77-Turbo
etag: "6327a7ea-357e"
x-77-nzt-ray: 25b02131b7383f30292d796492902311
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 dilim-pogaca-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/04/ Frame 4400 12 KB
13 KB 113ms
107ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/04/dilim-pogaca-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c2af72a404720105529c263fd93cd0193b920a7098a0e8c068c7fa9e6c35754c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3850173
x-accel-date: 1681812844
content-length: 12721
x-77-nzt: AcO1rydoigj/vb86AA
x-accel-expires: @1713348844
last-modified: Wed, 01 May 2019 23:16:19 GMT
server: CDN77-Turbo
etag: "5cca28c3-31b1"
x-77-nzt-ray: 25b02131b7383f30292d79645a1e4d11
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 az-malzemeli-pogaca-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/07/ Frame 4400 11 KB
11 KB 113ms
107ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/07/az-malzemeli-pogaca-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: af27ff8e0ffae533f2ae54cf3d9372c0979b4d1691a2573af76d426a9488a545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3844978
x-accel-date: 1681818039
content-length: 11383
x-77-nzt: AcO1ryejn0r/cqs6AA
x-accel-expires: @1713354039
last-modified: Wed, 01 May 2019 23:21:25 GMT
server: CDN77-Turbo
etag: "5cca29f5-2c77"
x-77-nzt-ray: 25b02131b7383f30292d7964166f5611
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 koy-ekmegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/03/ Frame 4400 12 KB
12 KB 113ms
107ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/03/koy-ekmegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9fe178b3a246dfa8391758b6964ea91fa324fc0942c9d3fb8e7c652a47ab23da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 4383
x-accel-date: 1685658634
content-length: 12085
x-77-nzt: AcO1ryekLKz/HxEAAA
x-accel-expires: @1717194634
last-modified: Sat, 21 Mar 2020 22:47:47 GMT
server: CDN77-Turbo
etag: "5e769993-2f35"
x-77-nzt-ray: 25b02131b7383f30292d796457fd5f11
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 _dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame 4400 5 KB
6 KB 82ms
20ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:37 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "8ae3cdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1685663017.cds326.fr8.hn,1685663017.cds153.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length: 5605

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame 4400 0
0 1104ms
24ms Script
text/plain 23.206.208.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/js/300/addthis_widget.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-208-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ Frame 4400 465 B
585 B 85ms
23ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:37 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1685663017.cds326.fr8.hn,1685663017.cds057.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ Frame 4400 74 KB
26 KB 281ms
61ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19509
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e83a6e6d3b514c443964ced040878fe12d03f326240804355adc29084ed7ca8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:37 GMT
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 17:43:14 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 4400 3 KB
3 KB 80ms
19ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9819547cd26c610ba3d15895e8ed81e8a5661421fb2a144064345cd9fb94a0e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Jun 2023 23:43:37 GMT
content-md5: T23mrnKH9ekOlJuE/BPkAA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: Xb8zvEHToq63G5GiwZwGYm7d4+JrDlumsyaMYn2l+pB9aN7607nxlZn4SArsBQZOPgaf5c8zR24eOva1CHQAMg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 95297478e8c651a67a0ff23ebc2ede1e
cross-origin-opener-policy: same-origin-allow-popups
etag: "006540df050b57e79537ad23fa05591c"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 02 Jun 2023 00:01:21 GMT

GET
H2 200 sprite_3.png
cdn.ye-mek.net/grafik/ Frame 4400 21 KB
21 KB 110ms
108ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by: Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ye-mek.net/maincss.css?v=434
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jun 2023 23:43:37 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 3853575
x-accel-date: 1681809442
content-length: 21525
x-77-nzt: AcO1ryc6q6b/B806AA
x-accel-expires: @1713345442
last-modified: Mon, 14 May 2018 20:55:05 GMT
server: CDN77-Turbo
etag: "5af9f7a9-5415"
x-77-nzt-ray: 25b02131b7383f30292d796402ef6811
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 4400 51 KB
21 KB 76ms
18ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Jun 2023 22:35:34 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4083
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 02 Jun 2023 00:35:34 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 4400 307 KB
87 KB 46ms
20ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=66a03810e0a5871c2b2d14a10cdc2505

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca4860813ea837436a0040ad52750556d2d80f33d287607f6542cf662d88ab97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Jun 2023 23:43:37 GMT
content-md5: qi5GGY8ofEDDeNjLzTae7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88757
x-fb-rlafr: 0
x-fb-debug: F7Lga0ziX6UijrtXf86hzyeLbs9Kj/BcJrw0muGp2b9aTs07UPJHJuSXF7ar+Vqrcmf5kEeXXNyLUAJCOWbNrA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 3bbe70fa9413a967c37f94c4c19c487e
cross-origin-opener-policy: same-origin-allow-popups
etag: "55781d12501a9a8f6dd4b7e8142d51fe"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 31 May 2024 22:02:43 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 4400 75 KB
25 KB 106ms
32ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19509

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d101a2dfc5de49f2797353ac141b404b96ec5d1b3e1a6e84ec97b76264b8886f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25209
x-xss-protection: 0
server: cafe
etag: 103 / 19509 / 31075036 / config-hash: 16570649736917194917
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 23:43:37 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 4400 120 B
307 B 59ms
58ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:37 GMT
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame F0F3 891 B
1 KB 59ms
58ms Document
text/html 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Thu, 01 Jun 2023 23:43:37 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4400 137 KB
47 KB 108ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19509

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c236871c166be8d9b18d525e6bba93edcf88bfb1b79d54c3013a67b17ca5fea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47531
x-xss-protection: 0
server: cafe
etag: 4777816661928110068
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 23:43:37 GMT

GET
H2 200 prebid7.38.0.js Show response
static.virgul.com/theme/mockups/outside/ Frame 4400 489 KB
182 KB 65ms
65ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:37 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:56:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 4400 228 KB
56 KB 89ms
23ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19509
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:17:20 GMT
content-encoding: gzip
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 19:17:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 1578
x-amz-server-side-encryption: AES256
etag: W/"d18b57a80b57082ffb531a2e077b3016"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: nKYEEY2sRCPAeK7NlAcLDgX5Pe4DGIEhNcpQN6SSxVLLuMAOZKC6Eg==

GET
H2 200 pageview Show response
ng.virgul.com/ Frame 4400 33 KB
5 KB 189ms
94ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1685663017589&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.04185516859963001
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: add6f28e8fa3fd84fd02879774862b9144cfd6a3966d17055e2f9744893079ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:37 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/fallback/ Frame 4400 12 KB
2 KB 58ms
58ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19509
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:37 GMT
content-encoding: gzip
last-modified: Wed, 31 May 2023 14:14:23 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 hb Show response
ng.virgul.com/ Frame 4400 49 KB
5 KB 176ms
85ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=468239
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a7729e83a2a31ee567f3eaab3ee5eb1becedb839188fcb59fffd34667fa4bb3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:37 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 4400 0
307 B 20ms
20ms XHR
text/plain 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 20:55:43 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 10074
x-cache: Hit from cloudfront
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: IK1G-H6KJtVoKrkEwZcpgRaYNrgrFpsaZXco3ZbjTAMlT5s_PF1Aew==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4400 6 KB
3 KB 60ms
21ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding: gzip
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
date: Thu, 01 Jun 2023 02:00:59 GMT
x-amz-cf-pop: FRA56-P3
age: 79486
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 01:35:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: hToYMrzPSWWlAbjDgeGh-E9Nogbs5o7eHewfassbfQWFUQCbh5QEDA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/ Frame 4400 406 KB
126 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e36af7b80897b61ec68d3c4e222b6367a4fea0143dbca2c6884aa4623feb040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 10:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47215
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128353
x-xss-protection: 0
server: cafe
etag: 2840082887590536516
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 31 May 2024 10:36:42 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/ Frame 4400 350 KB
118 KB 106ms
65ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f09b0318aff3af0d9800468abe10528cc754efdc123700533cddc1183ec05dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120480
x-xss-protection: 0
server: cafe
etag: 14953747463930459118
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 23:43:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230530/r20190131/ Frame AF91 10 KB
5 KB 91ms
20ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230530/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 20:06:55 GMT
etag: 15057649708203361565
expires: Thu, 15 Jun 2023 20:06:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 empowerwebplayer3.js Show response
static.virgul.com/theme/mockups/outside/ Frame 4400 9 KB
3 KB 60ms
59ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:37 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 09:38:48 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 4400 483 B
1 KB 115ms
27ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 23:43:37 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 970391
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69uQVLNVXKSyszeGFkak17W7kOCNY27soXE76z1p6SXQh8WUCpoLWC7h39%2BEBPDhiMMy%2FWfu5O%2Bdd2HcOCjU%2FyS2bn%2FjVQiGYagJt%2Fo7ibljQpYjFp6hmd9TmQ8zcVn%2B8njKSk%2BYrVdJqrlE"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7d0b51e64c9f9243-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 4400 23 B
462 B 160ms
54ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=JXkknvQxHIQ6g&cb=0&ws=1600x1200&v=23.517.1921&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:38 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: XJF8PR39M7CFBRMYX5JF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 1WrcXDMZTHbBHLtM4_wfFL_5lwvTfGjh_2Eg5Fm4C634GHcSx9HPdg==

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/sites/ Frame 4400 11 KB
5 KB 59ms
59ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=468239
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:37 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 09:08:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ Frame 4400 17 KB
5 KB 92ms
21ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19509
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:11:19 GMT
content-encoding: gzip
age: 1938
x-guploader-uploadid: ADPycds3PPT9iRtbs_tBV0mDiSkm_2QPLUrnVfcegYHsmJHx3gaqsVVPww5lRG9SJzwdFYlX8k7ZfrKKDjssqdvQbZ8J-xs3Mmvp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
last-modified: Fri, 20 Jan 2023 18:31:19 GMT
server: UploadServer
etag: "b3517e216253857ea8c4209cb84004df"
vary: Accept-Encoding
x-goog-generation: 1674239479122517
x-goog-hash: crc32c=rClt4g==, md5=s1F+IWJThX6oxCCcuEAE3w==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 4955
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ Frame 4400 0
210 B 60ms
59ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1685663017841&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnetefd0516c-3240-4949-b137-84feadc2adc9&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.5277805173746533
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Thu, 01 Jun 2023 23:43:37 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4400 107 B
532 B 123ms
27ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4400 107 B
457 B 128ms
28ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4400 61 KB
13 KB 330ms
329ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3034555866243605&correlator=2452873209368276&eid=31072019%2C31074985%2C31074987%2C31075025%2C31075036%2C31074732&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685663017589%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetefd0516c-3240-4949-b137-84feadc2adc9%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetefd0516c32404949b13784feadc2adc9&sc=1&cdm=ye-mek.net&abxe=1&dt=1685663017915&lmt=1685663017&dlt=1685663017023&idt=794&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=8jrodetaiegb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=288053228.1685663017&ga_sid=1685663018&ga_hid=190282803&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f72c90ac0456372cb5ce96f7364eb4d76c7f33b85ae17a777267d4334a20fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13647
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E388 6 KB
3 KB 120ms
26ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:43:38 GMT
expires: Fri, 31 May 2024 23:43:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 4400 94 B
495 B 185ms
95ms XHR
application/json 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.38.0
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: ff9f858ac817d1e04708aca4e81f4d6d060bb2d82d8d6057c655b22bfc439427

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 01 Jun 2023 23:43:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ye-mek.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4400 19 B
824 B 83ms
21ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 23:43:38 GMT
AN-X-Request-Uuid: b467a392-6e8d-405f-90e3-a94feeb456b0
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ Frame 4400 16 B
379 B 134ms
56ms XHR
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:38 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 01 Jun 2023 23:43:38 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4400 19 B
824 B 80ms
21ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 23:43:38 GMT
AN-X-Request-Uuid: 56fb31b9-a929-4142-a1f5-b05b58f09c70
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ye-mek.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 prebid Show response
mp.4dex.io/ Frame 4400 0
282 B 107ms
52ms XHR
text/plain 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:38 GMT
x-err: Parsing the Prebid Request. adrequest and manager domains do not match
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7d0b51e6e8936967-FRA
expires: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 4400 0
143 B 241ms
68ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=43&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Thu, 01 Jun 2023 23:43:38 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 4400 0
142 B 241ms
69ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=45&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Thu, 01 Jun 2023 23:43:38 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 4400 0
142 B 241ms
70ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=44&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Thu, 01 Jun 2023 23:43:38 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 hb Show response
cpm.programattik.com/ Frame 4400 0
142 B 241ms
69ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=80&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
pragma: no-cache
date: Thu, 01 Jun 2023 23:43:38 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 4400 0
529 B 193ms
87ms XHR
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 4400 2 KB
2 KB 201ms
95ms XHR
application/json 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8b043c00ac1abc4518fc711f5e932aaabd63da8ccc59464de65c454ea2ff01b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Jun 2023 23:43:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://ye-mek.net
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST /
hb.emxdgt.com/ Frame 4400 0
0

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ Frame 4400 12 KB
6 KB 171ms
90ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 3bb3896616eef75a1a5ee9ccd3ab95d5faf92c122a3f7c3a5c4320b303ab5a31

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
date: Thu, 01 Jun 2023 23:43:36 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-openrtb-version: 2.3
content-encoding: gzip
content-type: application/json

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 4400 0
189 B 128ms
36ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.38.0&cb=49111153670&lsavail=0

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ye-mek.net
date: Thu, 01 Jun 2023 23:43:37 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 4400 173 B
401 B 108ms
20ms XHR
application/json 3.125.195.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-195-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 176c8c0668e7e1fa94e294393467b5df4e0b2ead46c874d1c6921d8b8242030a

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:38 GMT
content-encoding: gzip
x-prebid: pbs-java/1.119.0
content-type: application/json
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4400 416 B
966 B 285ms
84ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862172&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2329a837-0c33-48ba-addf-e48c1bcf51a0%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&tk_flint=pbjs_lite_v7.38.0&x_source.tid=88a8efed-0afe-440a-aebd-e855cf3560b2&l_pb_bid_id=60a377db30de81d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2962621177297269
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: dd147215c433cf11cf795f86d20e08e98be616b4ccdaf99e394d47035988325c

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:38 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 416
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4400 410 B
735 B 303ms
103ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862174&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2329a837-0c33-48ba-addf-e48c1bcf51a0%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&tk_flint=pbjs_lite_v7.38.0&x_source.tid=22c97074-66d1-478f-be26-3cb1631f4577&l_pb_bid_id=61fe764c6c16094&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06969274940241155
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 26702ae7a960c8f250350ccde8b196f350fc03ccfbbe8d801938d810ff7d3945

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:38 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 410
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4400 5 KB
3 KB 323ms
123ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746578&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C55%2C57&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2329a837-0c33-48ba-addf-e48c1bcf51a0%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead&tk_flint=pbjs_lite_v7.38.0&x_source.tid=a8a37a8c-6f6d-4f76-85d2-d33ce916b6ba&l_pb_bid_id=623cd18cc3a06a4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3522819281492726
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 39b36742155c7a34c0a5004d3ac152d07ecca8f8482e0939f6a9014a29f5fe77

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:38 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4400 12 KB
6 KB 308ms
108ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746730&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2329a837-0c33-48ba-addf-e48c1bcf51a0%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=fa9bd551-a634-4223-8bfb-ae7b6081f18a&l_pb_bid_id=635d95dd3e64f99&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.44246294849496204
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c4c25bf6b4460d191982c4b8c17324bb992e42dacb53f0d7dd51cf11fc24c6ec

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:38 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4400 12 KB
6 KB 305ms
105ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746580&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2329a837-0c33-48ba-addf-e48c1bcf51a0%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=a1532ecf-ec94-47f8-98e0-cab751d51cc1&l_pb_bid_id=64f24d41261240d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7619620451687441
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 03a01ad5e8143a1ea639e78c7f2201a74a9ea74d2fc9c1b03a55b820c7839ee5

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:38 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4400 408 B
732 B 294ms
95ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862158&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=2329a837-0c33-48ba-addf-e48c1bcf51a0%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&tk_flint=pbjs_lite_v7.38.0&x_source.tid=46f0d528-f5f9-4e4a-bd0d-65a886a1fad8&l_pb_bid_id=66a4e1edf081bde&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10029371636882356
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ad71bc506a9cd91e1716a582328ccaf3c955d4848963329c96eb435d872cdc4b

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:38 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 408
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ Frame 4400 7 KB
3 KB 460ms
58ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19509
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:38 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Thu, 08 Jun 2023 23:43:38 GMT

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9061 603 B
219 B 69ms
68ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685663017739&bpp=4&bdt=717&idt=310&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&nras=1&correlator=8786959146304&frm=24&ife=1&pv=2&ga_vid=288053228.1685663017&ga_sid=1685663018&ga_hid=190282803&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44788442&oid=2&pvsid=3034555866243605&tmod=1937465561&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.xjee1ntxe87k&fsb=1&dtd=326

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:43:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 4400 74 KB
23 KB 65ms
26ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 23:43:38 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2307126
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmodRXuBoRg9kF%2Bke8VMnCXy8LpbTHcOEYjCnGxfzF%2BkC6GyjswLQeth7HzvA%2B4LHOh%2F7Sj3HhLVEfdZjJlfaSzZ486Jw94ULTx4OGWHDYjL6gxSbow7JCku3GilzkTt8FNtTAIxJazibzrx"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7d0b51e74f739a17-FRA

GET
H2 200 zoneview
ng.virgul.com/ Frame 4400 0
210 B 60ms
60ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1685663018083&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnetefd0516c-3240-4949-b137-84feadc2adc9&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.3493194068476764
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Thu, 01 Jun 2023 23:43:38 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 tag Show response
feed.pghub.io/ Frame 28D4 13 B
258 B 112ms
33ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Thu, 01 Jun 2023 23:43:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022305221508000/ Frame E1E7 222 KB
61 KB 101ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022305221508000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d38d3575be56d128dcaebb0d6013e528e67048b2a47393a7122248f51bbf1a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 May 2023 22:17:35 GMT
age: 177963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61811
x-xss-protection: 0
server: sffe
etag: "fe5a329ea36c66a8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 May 2024 22:17:35 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022305221508000/v0/ Frame E1E7 15 KB
5 KB 139ms
58ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022305221508000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 May 2023 22:17:35 GMT
age: 177963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "68ea093d80ab2def"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 May 2024 22:17:35 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022305221508000/v0/ Frame E1E7 94 KB
28 KB 132ms
51ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022305221508000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 May 2023 22:17:35 GMT
age: 177963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28884
x-xss-protection: 0
server: sffe
etag: "52a0fa5b1f73dc96"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 May 2024 22:17:35 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022305221508000/v0/ Frame E1E7 5 KB
2 KB 143ms
62ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022305221508000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 May 2023 22:17:35 GMT
age: 177963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1912
x-xss-protection: 0
server: sffe
etag: "64a18d292337e38c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 May 2024 22:17:35 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022305221508000/v0/ Frame E1E7 40 KB
13 KB 140ms
59ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022305221508000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 May 2023 22:17:35 GMT
age: 177963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "4886bdcdd7fc48e5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 May 2024 22:17:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E1E7 14 KB
2 KB 72ms
27ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 23:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jun 2023 23:43:38 GMT

GET
H2 200 tr_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E1E7 3 KB
3 KB 83ms
22ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr_bl.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb8e687f8ef4d4838ea77f88aa15f238529f8273aa2d22b7efc8ff18460f7757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 12:03:37 GMT
x-content-type-options: nosniff
server: cafe
age: 42001
etag: 2395455429816220802
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3040
x-xss-protection: 0
expires: Fri, 02 Jun 2023 12:03:37 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E1E7 344 B
714 B 83ms
21ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 16789
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Fri, 02 Jun 2023 19:03:49 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E1E7 0
0 67ms
67ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgUjUKS15ZPb1PJqg9u8Pi92IiAWvmLL2cJKRx8PFEeiqtpWLAxABIMCygmtglYKAgJgHoAHY9piBKcgBBqkC-7Y1czgOsj7gAgCoAwGqBIwCT9D05u36TSmHXZT0n5yJ2UKZefkgScLLUMc59S1PDUOJrbTfQhivNZibu_7oYskYYHfwAQYGOXl80Lb0l9DwwzOYyfM_luaskVt8mKPd5LdKDIm-XhqL6FR2A9CRKRKtQOTy388puxX_2O_kriZ4Ks98WRR-gvNK7Q6tkuYDvh4u_SVgoWxmBXYdXPkdaBjKKePUv7QWwcQEibYTPuO7JucD9PTAwl4hO9kepGlZbGEft-4ytbWWXyefJ8AW6WmRDWHdI4WtaQqq3EnijC5HHz7SCEXeft2pT-SqtPzSZS4IBaXY5MRn3En90xqof7R00fLMmrE9da9nJY_KIvJezyjrh_PJ_OcnHGFFD8AEse69ubcE4AQBkgUECAQYAZIFBAgFGASAB9iu6eADqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ4GTSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTY1OTM1MjMyMTAwMTAxNTQY6sFt&sigh=VuLnG-KHK0s&uach_m=[UACH]&cid=CAQSLQBygQiDa_R7_A9B1E3GEUTOF3NpeEdTIzFi4xWkZ4_f-bqXayz8TQJ6PFKqZRgB&template_id=492
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame E1E7 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E1E7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6320eac3bb550a7a53c651faeee209aa87962dce52566b90109585216f0e380

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E1E7 33 KB
34 KB 67ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 189261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 19:09:17 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E1E7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

29ms
28ms

Image
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Redirect headers

date: Thu, 01 Jun 2023 23:43:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 4400 358 KB
120 KB 43ms
29ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19509

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1f7d57c54a2f168df796106063e89d2c6dc208ceeb2fca5257ed9297ec2bf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122262
x-xss-protection: 0
expires: Thu, 01 Jun 2023 23:43:38 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ Frame 4400 398 KB
128 KB 65ms
65ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=6/1/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:38 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2023 18:51:56 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Thu, 08 Jun 2023 23:43:38 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4400 14 KB
11 KB 36ms
35ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ab8b99dcad680b96c31500f2e0bec3978813df45c359f0c01d01f49e5b197e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11109
x-xss-protection: 0

GET
H2 200 5ed7638be4b07a92411bbffe
ng2.virgul.com/tck/imp/ Frame 4400 0
210 B 192ms
58ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7638be4b07a92411bbffe?g=1&t=gb&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685663017589&userId=vnetefd0516c-3240-4949-b137-84feadc2adc9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Thu, 01 Jun 2023 23:43:38 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4400 17 KB
7 KB 800ms
799ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 23:43:39 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4400 107 B
166 B 29ms
27ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4400 107 B
166 B 27ms
26ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4400 27 KB
11 KB 252ms
251ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3034555866243605&correlator=3980121147830752&eid=31072019%2C31074985%2C31074987%2C31075025%2C31075036%2C31074732%2C31074824&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160%7C640x205&fluid=height&ifi=3&adks=3050045420&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D1.46%26hb_adid%3D720c5a0f393a0ed%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D970x250%26hb_pb_rubicon%3D1.46%26hb_adid_rubicon%3D720c5a0f393a0ed%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D1.46&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685663017589%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetefd0516c-3240-4949-b137-84feadc2adc9%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetefd0516c32404949b13784feadc2adc9&sc=1&cdm=ye-mek.net&abxe=1&dt=1685663019506&lmt=1685663019&dlt=1685663017023&idt=794&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=51mx4qyrc4p2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=996x0&msz=996x0&fws=388&ohw=1600&ga_vid=288053228.1685663017&ga_sid=1685663018&ga_hid=190282803&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbe94db022e5f7fcbf99255693dae29db2e2c03174fbbcc56b0cb6d9b9b9bb6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11629
x-xss-protection: 0
google-lineitem-id: 5616789334
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339352911
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4400 24 KB
11 KB 295ms
293ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3034555866243605&correlator=2875826807470365&eid=31072019%2C31074985%2C31074987%2C31075025%2C31075036%2C31074732%2C31074824&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=4&adks=3299242717&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D2.87%26hb_adid%3D7044a5c255cc5b7%26hb_bidder%3Drubicon%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D160x600%26hb_pb_rubicon%3D2.87%26hb_adid_rubicon%3D7044a5c255cc5b7%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D2.87&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685663017589%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetefd0516c-3240-4949-b137-84feadc2adc9%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetefd0516c32404949b13784feadc2adc9&sc=1&cdm=ye-mek.net&abxe=1&dt=1685663019513&lmt=1685663019&dlt=1685663017023&idt=794&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=kjk0jco2z5mi&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&ga_vid=288053228.1685663017&ga_sid=1685663018&ga_hid=190282803&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2312a8ca2aaa918b94c448545a36676abee3f7be212ff5c3e207db0ab7a9281e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11464
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4400 32 KB
13 KB 269ms
267ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3034555866243605&correlator=1514901049395124&eid=31072019%2C31074985%2C31074987%2C31075025%2C31075036%2C31074732%2C31074824&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=5&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685663017589%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetefd0516c-3240-4949-b137-84feadc2adc9%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetefd0516c32404949b13784feadc2adc9&sc=1&cdm=ye-mek.net&abxe=1&dt=1685663019518&lmt=1685663019&dlt=1685663017023&idt=794&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=jn5i6egfunxl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=288053228.1685663017&ga_sid=1685663018&ga_hid=190282803&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4099a8ee3293b603e4cc68ebc163b8328b4f7d45041b1237cc80e353db92bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13618
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4400 32 KB
13 KB 262ms
260ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3034555866243605&correlator=545489255447965&eid=31072019%2C31074985%2C31074987%2C31075025%2C31075036%2C31074732%2C31074824&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=6&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685663017589%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetefd0516c-3240-4949-b137-84feadc2adc9%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetefd0516c32404949b13784feadc2adc9&sc=1&cdm=ye-mek.net&abxe=1&dt=1685663019524&lmt=1685663019&dlt=1685663017023&idt=794&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ykobn48a5pkh&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=288053228.1685663017&ga_sid=1685663018&ga_hid=190282803&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fb4740b294fde30baedbdbb62af5521176842bcfb6c7b64d967962ed4eac753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13415
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4400 28 KB
11 KB 328ms
326ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3034555866243605&correlator=330665737084053&eid=31072019%2C31074985%2C31074987%2C31075025%2C31075036%2C31074732%2C31074824&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=7&adks=3203893797&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D2.23%26hb_adid%3D71d4628255d45e7%26hb_bidder%3Drubicon%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D300x600%26hb_pb_pubmatic%3D0.75%26hb_adid_pubmatic%3D68d46ec88bf0a8e%26hb_bidder_pubmatic%3Dpubmatic%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D160x600%26hb_pb_rubicon%3D2.23%26hb_adid_rubicon%3D71d4628255d45e7%26hb_bidder_rubicon%3Drubicon%26hg_pb%3D2.23&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685663017589%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetefd0516c-3240-4949-b137-84feadc2adc9%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetefd0516c32404949b13784feadc2adc9&sc=1&cdm=ye-mek.net&abxe=1&dt=1685663019530&lmt=1685663019&dlt=1685663017023&idt=794&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=liol2jomwe1m&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&ga_vid=288053228.1685663017&ga_sid=1685663018&ga_hid=190282803&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ccc84485ec58c3e6bd06279633d98e9f85a9a186fa550852b1d00a2d3716f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11712
x-xss-protection: 0
google-lineitem-id: 5617221983
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339352911
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4400 27 KB
11 KB 407ms
405ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3034555866243605&correlator=4215564599970811&eid=31072019%2C31074985%2C31074987%2C31075025%2C31075036%2C31074732%2C31074824&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=8&adks=345722362&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D6.14%26hb_adid%3D69ba2d106e5ec2e%26hb_bidder%3Dadf%26hb_format_adf%3Dbanner%26hb_size_adf%3D728x90%26hb_pb_adf%3D6.14%26hb_adid_adf%3D69ba2d106e5ec2e%26hb_bidder_adf%3Dadf%26hg_pb%3D6.14&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1685663017589%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetefd0516c-3240-4949-b137-84feadc2adc9%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetefd0516c32404949b13784feadc2adc9&sc=1&cdm=ye-mek.net&abxe=1&dt=1685663019534&lmt=1685663019&dlt=1685663017023&idt=794&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=xm6fcae6rh2i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=288053228.1685663017&ga_sid=1685663018&ga_hid=190282803&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

587405ff5b3e5c040e4d5f24ae63b93b12c7438cca34ca28f313a104df8e8468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11714
x-xss-protection: 0
google-lineitem-id: 5615625753
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339352911
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ Frame 4400 89 KB
29 KB 142ms
70ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Jun 2023 23:43:39 GMT

GET
H2 200 5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame 4400 0
210 B 59ms
58ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685663017589&userId=vnetefd0516c-3240-4949-b137-84feadc2adc9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Thu, 01 Jun 2023 23:43:39 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 09B7 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 22:24:43 GMT
expires: Fri, 31 May 2024 22:24:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 765A 783 B
972 B 30ms
29ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da8da9a8b17a97d2ed230ad4f7441ebaa25c984ebfbdc8acd4ae6553ad9ce5f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-brjgG1n1S00xADGBQNELfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-brjgG1n1S00xADGBQNELfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:43:39 GMT
expires: Thu, 01 Jun 2023 23:43:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0F6C 15 KB
6 KB 143ms
33ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:43:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 411667
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 4400 93 KB
30 KB 138ms
68ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 02 Jun 2023 23:43:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 765A 0
0 52ms
52ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305310101&jk=3034555866243605&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 09B7 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 22:00:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 22:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F897 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxcRMIi4PxdFyXtwkVaQpxTmaomgSXZ7y6Tu67PPC6nWvlQBRYM0TtYq17ZyjzjtZ-JFr9bw1O9uJ9w1jRryxqo-2XOfPKzR9oqVB3jkorh--j5suaAMi3RYHgjJpZY5a5_vIJG6ldBrOUsJOtmF8r0THHjA_pAObVkXYoNW6C4eiO0ZUW3lU7hG0vhA1TkvfSfSuuJoyeoaZODMjAnWiVZ-C3DFs5mycUJ4Xi24cKBPfrkgzX9N7BpH2DwUSxpdJOB4iIjhhxjCXCeFYn6oh0XrhbzuTxAMFXfzAD6hZ2rv-ZV2WsDHSLXPHBsOHvkLHiF5x0FaPWNUc&sai=AMfl-YS6Huw4rfpiQ00LcifhWfE2e2OD_JQ73OUCPVUv8gO1939Z7dYMs0HpAVLpK6_E8EuPlT7klKFnK-b0oBnytIs1VmQ5YxddcnrF4_hR95-OAbx7ZxMmGiEDulOiNA&sig=Cg0ArKJSzFKQlzPIo6QUEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame F897 26 KB
26 KB 79ms
18ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 01 Jun 2023 23:43:39 GMT
x-content-type-options: nosniff
age: 38519
x-jsd-version: 1.15.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26200
x-served-by: cache-fra-etou8220072-FRA
x-jsd-version-type: version
etag: W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F897 171 KB
54 KB 91ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 23:43:39 GMT

GET
H2 200 container.html Show response
ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1105 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:43:38 GMT
expires: Fri, 31 May 2024 23:43:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AEE5 6 KB
3 KB 19ms
18ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:43:38 GMT
expires: Fri, 31 May 2024 23:43:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4BA6 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:43:38 GMT
expires: Fri, 31 May 2024 23:43:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 51E4 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8vusookwgepMvQRK_ri5h0HKe3xlBijAdULGeO5gx78kOFlupMc94tknb0SFdf8kYQy0mVG4KLyaY0EKKsEbocPxP_Rek9LccRdi6nO_zN88ozqTCp_v0Zer5TSGbJYdeS-RMQWJlsif0kAVbSWn_G6tT_uQGxanyrKbVl8E2noVTa2mVjcxTbcPPCBv8Gn4vOsAAZQdSYzb-ttUQk9Bkbnhkw5uzn1V9mvp7xtWURuip7063XTfWL4kj4uxisdlgdpSSm7cnFofVbTlly9xpdxQNje7rVgAtAxKUvGp2IPAXOhYEtNz7VpBKkTnyrGUCWsA11ACGRW5qqSc&sai=AMfl-YTVZ6wT2xY0Wt6B1oxSI8yke9wuo-E1egnH4KJOgyUftUGPjzzQLHCpZvQpT_6h87McCHMgXQ5FZxZLeUP7Dm_Kdkd8Zv4b9_ubuNn-Vic5gncaRlip_G7NoYKiWQ&sig=Cg0ArKJSzLxaKjOkrBZMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 51E4 26 KB
26 KB 22ms
20ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 01 Jun 2023 23:43:39 GMT
x-content-type-options: nosniff
age: 38519
x-jsd-version: 1.15.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26200
x-served-by: cache-fra-etou8220072-FRA
x-jsd-version-type: version
etag: W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 51E4 171 KB
53 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 23:43:39 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1105 0
0 68ms
67ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNTrmKy15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEoQJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAkbpW9uLCE6TbXa1a9bPtGHlnCDnOHtV53q6O34aNeyWgqtiNUit4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=KWfjFnEh96g&uach_m=[UACH]&cid=CAQSOwBygQiDAhJPKdu1-1PRCEUDDZck-Be7ybPnPJQNFrjLRj43s-xXNYqe-bikrsHBm5DjXBE17op5l_55GAE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 1105 0
0 105ms
36ms Fetch
image/gif 2600:1901:0:76b9::

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kjrjs6yhayny77qem50whjzyr0gjy0njyrmc4932x3v1wvea9k989jem5eq5665drt0pm2amz0qkwc4xwmb8ee6ryk3wfq06qe32t2jp8ws4sj2m39cvcq1tbap2qr2qbj3w4y6xf8nc6w2be2x5ztbkz5jjw78556cde64jaakctzd9erdjc61c4pcbjkwjzg457ag45mt26wjb9r4sy04wxggbztvc70gr514wcf8emr3sd7bn6fgvwvq8q0casfjhkx8z76kmgwh7cwbz2gkkn5xmy9585g1wcydstah66xh13mvfr21gw0fejajsr84rmmrbvfhrj1mjmh7czmh29h3v5w9sbsdzfb88xctcdgehtmk5zzazt9n54a9286q8g93zmv2fgq7&b=ZHktKwAJIcUIu8-gAAa3F8hdjGXTgJJPGCjABQ
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 01 Jun 2023 23:43:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 4A1E 2 KB
3 KB 104ms
49ms Document
text/html 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kbyrqmej76jaqcya7wetq1t9kvkpntq7tfeq6excjg8avmxpnfy5vfwgw5k286zh1hm76327s21zjqgg79k6jenqxqv2ragg6cs3tfsrstabnggx5arcyr4syzcqwwkbnmdezaq9asaevz065r9dr5t963pcebd2eqjgkb9cxw7w139znby1h3ja6pt946m63mq2dasfw625kp9x7ytwhbtzkwznxpasynsgan1vz5pg669qm1ft4vtpsqbht78v5qg4yctns9nsqr01wvdfzrc3fxhppwxc3bt05vmkpz9z0c1vc8kab01ged51pv83nxwye51dgrc5wth3x7nqxt1trksw7zs6tb6t9am078b3n5gbzntxj3nvr2yt4zzcgcjnyckcvb3qxrsbw0m07y636q69zrvgswrskybde2eha32k7vm8xy84m17ajmfnkzbeard1c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%26client%3Dca-pub-7983651257838282%26adurl%3D

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

5c06ddc90e3ff457f4354a37e4499333226dd0204742c07a892104a9c9d45520

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d0b51f2ddb11c20-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:43:39 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 1105 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 21:59:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 21:59:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9E33 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19708
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 18:15:11 GMT
etag: 48472445140208031
expires: Fri, 02 Jun 2023 18:15:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 1105 19 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 14:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 14:02:29 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1105 24 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 08:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 228311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 29 May 2024 08:18:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1105 171 KB
53 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 23:43:39 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AEE5 0
0 66ms
66ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeGRTKy15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEmwJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE6XFoeGCfbL3ets6C_SjMabERjege3wIbkv-lnswhwwQWkqA4lG_4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=IfPsoNLDHeU&uach_m=[UACH]&cid=CAQSOwBygQiDTqO266LlTCYzt4AvY71KiBqMMeFfG969xVLQ_vLZYOgx_iiILKn9RV85QJfvdX5ZKHM-dQF5GAE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame AEE5 0
0 87ms
37ms Fetch
image/gif 2600:1901:0:76b9::

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kk81n3g9fzym40dkg513t5ng7ee2wqy6zf5wsx4d58b85acbk2wb7999h79e8det65rz300aarcevge5amr00tt4f71rfbv7bqcy3vk6s5319arpmztfjszsz3vc1v1fqh0w88wff2nsb9vq2zycbhhr79cph1gswpdktp43m1hvgpcsm10810vm265nmbke1sqb0rk42v83c9xk4jr9h3w4mb44dt1gc0q2wbg4r0bqdb23kzcystrdq61g8ggbp7a1y998zcmt7b4cbevay2ksgcex6exaj86wttm9036g2pbv5m1e877v711dd11kak47w4918m8h2sxay8w8bsr8zpzymg9rstrk83pqega3sjc8qf40dmfv4k5qdenfw2cetrdn8&b=ZHktKwAJKKsIu9F0AAzOQvKtXUhs5vNhaWcBTw
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 01 Jun 2023 23:43:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame E0FF 2 KB
2 KB 88ms
50ms Document
text/html 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hcvd9367dxd51e1dk3mkfpdrx59bgsvqnm7ytpcewgtn1ced5aqxx5a0wm7bq5fm0sgh80vhm9a6fswp37zhp7nkehkg6mqtxtwm07v7x81mg4y995v27trxq1pz6222vjq8rv53aksjgas331s8c0y0dd25e6f8fwrct10pg195qc307pdhz9y130x6m6wap8jf7yekqmj2kssq3zxpf3kef2k2sgn3gxhg556rme75bwjw92wnzqt5d337ry7ej92ksdr5vccc66d46173bhwc82evkt0r6c06bdxr00dj4qk8qmwnj8f806nw64rcezpcn05374rxfa3zspv9f7kcjrmsm7zqzvcashz2865cnj68nyk1xk7srw6dpchd2bnv244f40yxs6wd17kw38bptvyawcmrgn6a2s4v714styaasbg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%26client%3Dca-pub-7983651257838282%26adurl%3D

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2cc5de34e8914d3f4a740635837c49f638743d85682d7e0037ea9fdc7b659993

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d0b51f2ddb31c20-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:43:39 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame AEE5 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 21:59:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 21:59:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DC41 1 KB
643 B 25ms
19ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19708
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 18:15:11 GMT
etag: 48472445140208031
expires: Fri, 02 Jun 2023 18:15:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame AEE5 19 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 14:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 14:02:29 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AEE5 24 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 08:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 228311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 29 May 2024 08:18:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AEE5 171 KB
53 KB 33ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 23:43:39 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0F6C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=S8M7tHxvQkhocU5wOVBjN3M1Z1NDN1RMZ01hU1l5bkhMb3JHdHpIdkp6d2Vjd2ZOaGlhZnNVVVFVS0NIUXBtb1BEbTJVOVdEUHJsUWlzbURLeGtkcEpKVFZCUWc3R05XL00wQ2F4MFdoZlY1WTRkMUxmOFRvL3F0Y2RKd2...

433 B
651 B

133ms
27ms

Fetch
application/json

178.250.1.11

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=S8M7tHxvQkhocU5wOVBjN3M1Z1NDN1RMZ01hU1l5bkhMb3JHdHpIdkp6d2Vjd2ZOaGlhZnNVVVFVS0NIUXBtb1BEbTJVOVdEUHJsUWlzbURLeGtkcEpKVFZCUWc3R05XL00wQ2F4MFdoZlY1WTRkMUxmOFRvL3F0Y2RKd2lqQkEwUDI3MWY0dGROMmZWU0wraU5Cam1SWUJIYWdRVlR3SnF5RWhkV3p5VFBEblg1bkZUTEI5VmpFUy9ZQm1STEZmSkU3akVRazMyeGFvSVBSdnpHeVJxTDRIT3RDR0t0cThXQ1hQR05SNW9sdUtMazVwM0puV0dNZk1jRmVHd3RGSjJ6cDg2T3Q0Y0VSVThCZ3FrcGZmNHU2c1UwZzUyTCt2MEltam96aDYzNmRNSndnQT18&cppv=2

Protocol

Server

178.250.1.11 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

d9820cbdfa51ec6677bf026fa786d1ca93dd0dd9e4e3ab8c3a2a855386194e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:39 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1451218
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=S8M7tHxvQkhocU5wOVBjN3M1Z1NDN1RMZ01hU1l5bkhMb3JHdHpIdkp6d2Vjd2ZOaGlhZnNVVVFVS0NIUXBtb1BEbTJVOVdEUHJsUWlzbURLeGtkcEpKVFZCUWc3R05XL00wQ2F4MFdoZlY1WTRkMUxmOFRvL3F0Y2RKd2lqQkEwUDI3MWY0dGROMmZWU0wraU5Cam1SWUJIYWdRVlR3SnF5RWhkV3p5VFBEblg1bkZUTEI5VmpFUy9ZQm1STEZmSkU3akVRazMyeGFvSVBSdnpHeVJxTDRIT3RDR0t0cThXQ1hQR05SNW9sdUtMazVwM0puV0dNZk1jRmVHd3RGSjJ6cDg2T3Q0Y0VSVThCZ3FrcGZmNHU2c1UwZzUyTCt2MEltam96aDYzNmRNSndnQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 289040
content-length: 0
expires: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CA98 624 B
242 B 37ms
35ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARi167HlATAB&v=APEucNVag_GpD6vraXLgspzn7SAD8AMlHui5PQDlRWR2p7VBvdoNbsjTU3yYtHACNr5f_nkkAmUaXnjt7Cu_L0j3aT36ScZu5_6GOQnCrDO0hN-qhFnldufbTDFD94mCDd-YLdeYvN06pYtHFRZMrAoTuUGe8OICYURiOH33d36FP3rMYBon-Xs

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:43:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4BA6 78 KB
27 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 23:43:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BA6 42 B
63 B 62ms
60ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BgszMG5YChAxgKZ7SMptIb3eOek9s7qKRv6nbtUw4XBK2E6mURfDLmAv_BOxWeNNzUzeua0HW7xmjRPUxhWdPobs6PsToKBd_zRitxNeqMotyWXRo

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BA6 0
20 B 64ms
62ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6700015120537499259&x=1&ct=76

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 4BA6 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 21:59:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 21:59:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 4BA6 19 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 14:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 14:02:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BA6 171 KB
53 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 23:43:39 GMT

GET
H2 200 ca Show response
choices.truste.com/ Frame F897 27 KB
10 KB 120ms
26ms Script
text/javascript 13.32.121.66

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=46h40h0_ji7q872_lgqypybz&c=tradedesk01cont1&js=pmw0&w=970&h=250&sid=0

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.66 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

11f2f6707f9738ef32cbf188862e30bf5c0b64bc3532abfbff56e79c2c1bc2c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 05:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop: FRA60-P1
cross-origin-embedder-policy: unsafe-none
age: 67072
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: XsVKlzb8-eZKYK3sw_Z3-0FTjoErJ6KuulIx-2OtbUrBfCpcuKsuJA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK rubicon
de1-bid.adsrvr.org/bid/feedback/ Frame F897 807 B
1 KB 101ms
22ms Image
image/gif 76.223.26.175

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de1-bid.adsrvr.org/bid/feedback/rubicon?t=1&iid=b5629419-ae33-48c0-b032-6cc2909f9d05&crid=lgqypybz&wp=9FF368CA70923281&aid=1&wpc=USD&sfe=16b0ad2a&puid=&tdid=&pid=d0oyyor&ag=ji7q872&adv=fas3qh7&sig=1lPIScwED4jWayMz9CiUZzo0a5FrDl4QCeKKKUGAYYMk.&bp=0.271545436572606&cf=4907937&fq=0&td_s=ye-mek.net&rcats=7gr,5rf,hmy,d3i,qn2,7sp,hp6,e7y,2ic,3c6,2gy,cdz,hhr,y29,zm4,usw,3oc,26o,enb,jba,pmr,tmc&mste=&mfld=4&mssi=&mfsi=&uhow=121&agsa=&rgz=99084&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=de&mlang=&svpid=13760&did=&rcxt=Other&lat=50.970000&lon=11.030000&tmpc=11.210000000000036&daid=&vp=0&osi=&osv=&bffi=41&mk=Google&mdl=Chrome%20-%20Windows&c=CgdHZXJtYW55EglUaHVyaW5naWEaACIGRXJmdXJ0OAJQAYABAIgBAZABAbABAMABu6kG0AG7qQaSAj9kaXYtZ3B0LWFkLTE0NTU3ODMxMjYxNzQtMTUzMzY2MjE3MjgxMjk2MjN3ZWJfeWVtZWtuZXRfbWFzdGhlYWQ.&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..&durs=AuzKvO&crrelr=&fpa=396&pcm=3&vc=3&said=dcb044113f5c7abdec076cdbdb1f2c006df7ba70&ict=Unknown&auct=1&im=1&mc=f699d0f7-cc42-47ff-86ff-56fe2b8e43f8&abr=89dee073-3232-4aac-babe-2c94be8afc26&tail=1
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 76.223.26.175 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:39 GMT
server: Kestrel
transfer-encoding: chunked
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type: image/gif
cache-control: must-revalidate, no-cache
x-connection: close

GET
H2 200 lgqypybz_970x250.jpg
ad.adsrvr.org/d0oyyor/fas3qh7/ Frame F897 223 KB
224 KB 120ms
27ms Image
image/jpg 108.138.15.119

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adsrvr.org/d0oyyor/fas3qh7/lgqypybz_970x250.jpg?cb=861497
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0486b7f66d01f751ad3df7479383308281d81fe258795a4b55f016776e9ed5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 19:29:05 GMT
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
last-modified: Tue, 23 May 2023 14:53:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 29079
x-amz-server-side-encryption: AES256
etag: "9136ac83e52fbb9ad9dfff788093714c"
x-cache: Hit from cloudfront
content-type: image/jpg
accept-ranges: bytes
content-length: 228275
x-amz-cf-id: dyB1i5gR4dtHGv0DT615RU4drX6CUTWhCbTZdD6A7zp1DYISkwvZfQ==

GET
H2 200 d7987ecc-90ce-4abc-9bdd-acfe25e31f1a
beacon-ams3.rubiconproject.com/beacon/d/ Frame F897 43 B
228 B 171ms
35ms Image
image/avif 2602:803:c003:200::57

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/d7987ecc-90ce-4abc-9bdd-acfe25e31f1a?oo=0&accountId=13760&siteId=333016&zoneId=1746578&sizeId=57&e=6A1E40E384DA563B01E2533C6FC5F13A2B8D2DAAC28FD92AC3C3290358DC6827248E86D87F3A817461F4BC787E5C25165ABF4BC26238BE18308E6406F6BFAE134B4FAB26C89FA0E28DB70DA02D1440A564FACA64AED73C11B58BE5C5F8794E425D90EBECA4D8D29AD40F0573B4CDB021B7C44909DE86C205844DACC54796FFDA2605645952F601788EDCA310ED281F79EA6AB5F4A94032EB5795B61318386AA62683F8E8F92E391805C3D9D96E5F5570291AB8D0F4C215FD

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::57 -, , ASN (),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:39 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6374 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvR4GuVq6Xk9L59GoqnFAHbmB2fTz7cGpqPTMOhCWE-v96PN8KGoIGTwmw-4ZQZikZo50DTgXpvuMB2NuoJZn3lvanwdTFmJU1pshTe56-jGmguVWRrnoWzeTuQluqUgUXjLrizi0kMqjTqv0ydQ2PEMWUb47paJjhsbLpuF3A4z2N_ditVWCQROei5YaR9blGonOlKNOCekSuMWFtiI42wB2I75XwTBA6LymY1tXTlhnEXQYydKrM3rgvw8fvtsZ4gtV1Lue9vl8Zpyx5EWeBZA6Il57W3BfkFOkL3QepXBBmTvA8IvuPy34rSEEtoXacIjUKIvzmFVPEuho-Sy2k2uwlJeUGXtaYthU3MWQ&sai=AMfl-YQDvHUJtyXniKuM3M1tpbWqtMOWZbThDRcYE1U1Cnjc9VsES0uHamJs_gH4YwqLDRub1dquorAIm0IxK2Iib1-STOQ8887OMuvypS2vmfYfPSoxB0CzXsXNVJqv1A&sig=Cg0ArKJSzEoIRaJ0IL_7EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 6374 26 KB
26 KB 36ms
36ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 01 Jun 2023 23:43:39 GMT
x-content-type-options: nosniff
age: 38519
x-jsd-version: 1.15.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26200
x-served-by: cache-fra-etou8220077-FRA
x-jsd-version-type: version
etag: W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6374 171 KB
53 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 23:43:40 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D035 261 B
122 B 55ms
33ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYmd_x5gEwAQ&v=APEucNX5eDWB0Q81wKiL-jmGZRLy5jYHDsVXmM7HFXFWZX2j4ztckf74yliwTWG__f6sOUY4OMiBc-I66DDHRcqvEXhCAn6Q_yRG7QZ-Tf1kL_eI83-KOr9slbXm4pvpaHdLqQx0-b_D4151IqA1Hnkoo6ZUcCD_h-9KY2wzVMZakOlQsC_PoUk

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:43:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 51E4 78 KB
27 KB 45ms
33ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 23:43:40 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51E4 42 B
63 B 80ms
68ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DomOOaoM_rK5MtqTJZK4Ybv64rC6tHAPSoAQJkLPn-zJfSpOf1rgvSnVW_8wiBfwW64Izdh_9deVTxX_VpjAGawRUHMAR8NKZ1RUA0__RjHh9ZsvI

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51E4 0
20 B 80ms
68ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5231338625520799577&x=8&ct=2

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 90daf3ca-eb00-4691-a57c-b1b16369606e
beacon-ams3.rubiconproject.com/beacon/d/ Frame 51E4 43 B
75 B 123ms
36ms Image
image/avif 2602:803:c003:200::57

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/90daf3ca-eb00-4691-a57c-b1b16369606e?oo=0&accountId=13760&siteId=333016&zoneId=1746730&sizeId=9&e=6A1E40E384DA563B58F6FE3506984F59E0A1DF98294744036E46B93F32A40EB81F8E0CD2031AC7E88E41C795306CF0B15ABF4BC26238BE18EEBC8FA412BAC6774B4FAB26C89FA0E28DB70DA02D1440A50C4C746A2AB17547562A83D018AC62FC154498E67F9F5A30EBD5378E60586E9066FACD5B79BD79BB28A1161659B94A832605645952F601782779CEAECCA3D273FF3AB94952CFDA0FFF2EB25E4FC9A2E899E3936409ED47302E49DD65923229E57179131E77415421E82A954C1004678A

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::57 -, , ASN (),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:39 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CA98
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO6QssTx0n5oD0hRUhFq4QQ&google_cver=1

43 B
766 B

33ms
19ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO6QssTx0n5oD0hRUhFq4QQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARi167HlATAB&v=APEucNVag_GpD6vraXLgspzn7SAD8AMlHui5PQDlRWR2p7VBvdoNbsjTU3yYtHACNr5f_nkkAmUaXnjt7Cu_L0j3aT36ScZu5_6GOQnCrDO0hN-qhFnldufbTDFD94mCDd-YLdeYvN06pYtHFRZMrAoTuUGe8OICYURiOH33d36FP3rMYBon-Xs
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 23:43:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO6QssTx0n5oD0hRUhFq4QQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CA98
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHktLLPFnPf5-tykeJar3wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO6QssTx0n5oD0hRUhFq4QQ&google_cver=1

43 B
766 B

20ms
19ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO6QssTx0n5oD0hRUhFq4QQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARi167HlATAB&v=APEucNVag_GpD6vraXLgspzn7SAD8AMlHui5PQDlRWR2p7VBvdoNbsjTU3yYtHACNr5f_nkkAmUaXnjt7Cu_L0j3aT36ScZu5_6GOQnCrDO0hN-qhFnldufbTDFD94mCDd-YLdeYvN06pYtHFRZMrAoTuUGe8OICYURiOH33d36FP3rMYBon-Xs
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 23:43:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO6QssTx0n5oD0hRUhFq4QQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CA98
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENR_XL_MEU_Jup7pwgzc2vg&google_cver=1

43 B
1 KB

20ms
19ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENR_XL_MEU_Jup7pwgzc2vg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARi167HlATAB&v=APEucNVag_GpD6vraXLgspzn7SAD8AMlHui5PQDlRWR2p7VBvdoNbsjTU3yYtHACNr5f_nkkAmUaXnjt7Cu_L0j3aT36ScZu5_6GOQnCrDO0hN-qhFnldufbTDFD94mCDd-YLdeYvN06pYtHFRZMrAoTuUGe8OICYURiOH33d36FP3rMYBon-Xs

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 23:43:40 GMT
AN-X-Request-Uuid: 1a0a871f-b10a-423b-a43b-fb8b1bd02228
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENR_XL_MEU_Jup7pwgzc2vg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA98
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc5NjQ5NTM2MTk0NTg3Nzg5OA%3D%3D

170 B
188 B

30ms
29ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc5NjQ5NTM2MTk0NTg3Nzg5OA%3D%3D

Requested by

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 01 Jun 2023 23:43:40 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f86a191a-1a98-495d-aded-948b4f693568
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc5NjQ5NTM2MTk0NTg3Nzg5OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 4A1E 103 KB
13 KB 35ms
33ms Stylesheet
text/css 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kbyrqmej76jaqcya7wetq1t9kvkpntq7tfeq6excjg8avmxpnfy5vfwgw5k286zh1hm76327s21zjqgg79k6jenqxqv2ragg6cs3tfsrstabnggx5arcyr4syzcqwwkbnmdezaq9asaevz065r9dr5t963pcebd2eqjgkb9cxw7w139znby1h3ja6pt946m63mq2dasfw625kp9x7ytwhbtzkwznxpasynsgan1vz5pg669qm1ft4vtpsqbht78v5qg4yctns9nsqr01wvdfzrc3fxhppwxc3bt05vmkpz9z0c1vc8kab01ged51pv83nxwye51dgrc5wth3x7nqxt1trksw7zs6tb6t9am078b3n5gbzntxj3nvr2yt4zzcgcjnyckcvb3qxrsbw0m07y636q69zrvgswrskybde2eha32k7vm8xy84m17ajmfnkzbeard1c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kbyrqmej76jaqcya7wetq1t9kvkpntq7tfeq6excjg8avmxpnfy5vfwgw5k286zh1hm76327s21zjqgg79k6jenqxqv2ragg6cs3tfsrstabnggx5arcyr4syzcqwwkbnmdezaq9asaevz065r9dr5t963pcebd2eqjgkb9cxw7w139znby1h3ja6pt946m63mq2dasfw625kp9x7ytwhbtzkwznxpasynsgan1vz5pg669qm1ft4vtpsqbht78v5qg4yctns9nsqr01wvdfzrc3fxhppwxc3bt05vmkpz9z0c1vc8kab01ged51pv83nxwye51dgrc5wth3x7nqxt1trksw7zs6tb6t9am078b3n5gbzntxj3nvr2yt4zzcgcjnyckcvb3qxrsbw0m07y636q69zrvgswrskybde2eha32k7vm8xy84m17ajmfnkzbeard1c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%26client%3Dca-pub-7983651257838282%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 893062
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iht%2FuMP9WuaVgf9Udan365VJKI9g28uSHbMq1xxtP8%2BfcScq8FEbij1Wb8JPFvbQglw6tJ1ZAA8btFEw9%2FnMiDVERtT1NYQBYRr9JJCPySUct%2BIhZ8wakrOyfex4BWJc05D%2FKGB6c%2Bo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7d0b51f37e511c20-FRA
expires: Fri, 02 Jun 2023 00:43:40 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4A1E 25 KB
10 KB 39ms
28ms Script
application/javascript 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kbyrqmej76jaqcya7wetq1t9kvkpntq7tfeq6excjg8avmxpnfy5vfwgw5k286zh1hm76327s21zjqgg79k6jenqxqv2ragg6cs3tfsrstabnggx5arcyr4syzcqwwkbnmdezaq9asaevz065r9dr5t963pcebd2eqjgkb9cxw7w139znby1h3ja6pt946m63mq2dasfw625kp9x7ytwhbtzkwznxpasynsgan1vz5pg669qm1ft4vtpsqbht78v5qg4yctns9nsqr01wvdfzrc3fxhppwxc3bt05vmkpz9z0c1vc8kab01ged51pv83nxwye51dgrc5wth3x7nqxt1trksw7zs6tb6t9am078b3n5gbzntxj3nvr2yt4zzcgcjnyckcvb3qxrsbw0m07y636q69zrvgswrskybde2eha32k7vm8xy84m17ajmfnkzbeard1c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16659
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kr73zxhz19Fk0WnX2UOWi2UFA6VuqcLm08kQJTJhDCuwOInghAaVsfS7LRncIUs8ybC0L2yQcYSESPcQ%2FxaFbHnDRPt4inY4%2BhXHWcZP9dCGRqrxKeDQYcyimzChVtaFNDCQXtw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7d0b51f38e5f1c20-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 May 2023 13:46:11 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 9E33 0
104 B 208ms
81ms Image
text/plain 2a02:fa8:8806:20::2010

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHfK2YC83tGoG9faH3H5hXc&google_cver=1&google_push=ATf1kGPvm_WnrpcaqUEVI-UHB7bLEqQgbOSXI4UMXWh2l-N0xrO4rtX3jpgF3K3jO-HEu2Bi1aTWJxIRED8dqZUvALN33TD_PG5Q
Requested by: Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E33
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIlq9rZAVnfLFX19y2CLn3A&google_cver=1&google_push=ATf1kGPS2OhtQi4d3wRhYFW8jTptd4HwOJBtYfjFRXI6Gvk6310nzXSBmjZwhKGMaEaAVwBMFwlS9GX4...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIlq9rZAVnfLFX19y2CLn3A&google_cver=1&google_push=ATf1kGPS2OhtQi4d3wRhYFW8jTptd4HwOJBtYfjFRXI6Gvk6310nzXSBmjZwhKGMaEaAVwBMFwl...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk3NDE3MTcxMzEwMzQ5NTczNA&google_push=ATf1kGPS2OhtQi4d3wRhYFW8jTptd4HwOJBtYfjFRXI6Gvk6310nzXSBmjZwhKGMaEaAVwBMFwlS9G...

170 B
188 B

29ms
29ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk3NDE3MTcxMzEwMzQ5NTczNA&google_push=ATf1kGPS2OhtQi4d3wRhYFW8jTptd4HwOJBtYfjFRXI6Gvk6310nzXSBmjZwhKGMaEaAVwBMFwlS9GX47Dgjq_Sg_ah0YZsBWf6m

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk3NDE3MTcxMzEwMzQ5NTczNA&google_push=ATf1kGPS2OhtQi4d3wRhYFW8jTptd4HwOJBtYfjFRXI6Gvk6310nzXSBmjZwhKGMaEaAVwBMFwlS9GX47Dgjq_Sg_ah0YZsBWf6m
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 9E33 43 B
245 B 103ms
28ms Image
image/gif 35.227.252.103

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPd__e60t-P5yeKIKVW1C1Y&google_cver=1&google_push=ATf1kGMaHuDCJdzyFvq6yk09LhuXramSgp0o72Q4zY3I_2PT7-yBxe93ZhmKiKcL8h3OfnRBNjFzTt6c3lKkJE8D-PiMQuhoIi8
Requested by: Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E33
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEN6BuP5Y9yT20205k76UJoU&google_cver=1&google_push=ATf1kGM4wrLFCgSK9IjCApGSdkwWujRJcNaRGvtYZzgWb5zTURxFmSqGAkO3FN3BBjazoJIL9hGnEbYNnO7j...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGM4wrLFCgSK9IjCApGSdkwWujRJcNaRGvtYZzgWb5zTURxFmSqGAkO3FN3BBjazoJIL9hGnEbYNnO7jAKweC53lbNSwOlUy

170 B
188 B

29ms
29ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGM4wrLFCgSK9IjCApGSdkwWujRJcNaRGvtYZzgWb5zTURxFmSqGAkO3FN3BBjazoJIL9hGnEbYNnO7jAKweC53lbNSwOlUy

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGM4wrLFCgSK9IjCApGSdkwWujRJcNaRGvtYZzgWb5zTURxFmSqGAkO3FN3BBjazoJIL9hGnEbYNnO7jAKweC53lbNSwOlUy
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9E33
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED5o0SEWRfvkznwz12XSi1g&google_cver=1&google_push=ATf1kGPXkLjASMAyrvRLoNSSzAajFP4eRRWrwvbUDaPCip517Av4XZmeg8WhwJGHG3PdUSST8gybFb4-TkjyINfU7A0SMtKLVaI
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGPXkLjASMAyrvRLoNSSzAajFP4eRRWrwvbUDaPCip517Av4XZmeg8WhwJGHG3PdUSST8gybFb4-TkjyINfU7A0SMtKLVaI...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1NzgwNzMwNTM4NjE0NTQ3OTQ4Nw%3D%3D&google_push=ATf1kGPXkLjASMAyrvRLoNSSzAajFP4eRRWrwvbUDaPCip517Av4XZme...

170 B
188 B

30ms
29ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1NzgwNzMwNTM4NjE0NTQ3OTQ4Nw%3D%3D&google_push=ATf1kGPXkLjASMAyrvRLoNSSzAajFP4eRRWrwvbUDaPCip517Av4XZmeg8WhwJGHG3PdUSST8gybFb4-TkjyINfU7A0SMtKLVaI

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1NzgwNzMwNTM4NjE0NTQ3OTQ4Nw%3D%3D&google_push=ATf1kGPXkLjASMAyrvRLoNSSzAajFP4eRRWrwvbUDaPCip517Av4XZmeg8WhwJGHG3PdUSST8gybFb4-TkjyINfU7A0SMtKLVaI
date: Thu, 01 Jun 2023 23:43:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 9E33
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEHfP5liyeMQk1dA1PFcg2WA&google_cver=1&google_push=ATf1kGMtXU1j0gSsadGHLdbZhNYq6VER6HTq_yjHGiPd6qrmdsJU3dEtmNEt7w0o-7kmRzf97k4Q-hh9kr_X2TuWg3i5bfCOHO3DkQ
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMtXU1j0gSsadGHLdbZhNYq6VER6HTq_yjHGiPd6qrm...

43 B
1 KB

170ms
22ms

Image
image/gif

162.19.138.117

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMtXU1j0gSsadGHLdbZhNYq6VER6HTq_yjHGiPd6qrmdsJU3dEtmNEt7w0o-7kmRzf97k4Q-hh9kr_X2TuWg3i5bfCOHO3DkQ

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

HTTP/1.1

Server

162.19.138.117 -, , ASN (),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 01 Jun 2023 23:43:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Thu, 01 Jun 2023 23:43:40 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMtXU1j0gSsadGHLdbZhNYq6VER6HTq_yjHGiPd6qrmdsJU3dEtmNEt7w0o-7kmRzf97k4Q-hh9kr_X2TuWg3i5bfCOHO3DkQ
x-download-options: noopen
vary: Accept
content-length: 273
x-xss-protection: 0

GET um
cs.emxdgt.com/ Frame 9E33 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9E33 0
139 B 85ms
28ms Image
text/html 142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LO0qZ3xh_GHoCwNk_rkIa3s4tcAqCQxXVk5CwHgpHhJMfW7rMpfTvrVOLk8U0yhODmdNOd9V0

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame E0FF 103 KB
12 KB 36ms
36ms Stylesheet
text/css 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hcvd9367dxd51e1dk3mkfpdrx59bgsvqnm7ytpcewgtn1ced5aqxx5a0wm7bq5fm0sgh80vhm9a6fswp37zhp7nkehkg6mqtxtwm07v7x81mg4y995v27trxq1pz6222vjq8rv53aksjgas331s8c0y0dd25e6f8fwrct10pg195qc307pdhz9y130x6m6wap8jf7yekqmj2kssq3zxpf3kef2k2sgn3gxhg556rme75bwjw92wnzqt5d337ry7ej92ksdr5vccc66d46173bhwc82evkt0r6c06bdxr00dj4qk8qmwnj8f806nw64rcezpcn05374rxfa3zspv9f7kcjrmsm7zqzvcashz2865cnj68nyk1xk7srw6dpchd2bnv244f40yxs6wd17kw38bptvyawcmrgn6a2s4v714styaasbg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hcvd9367dxd51e1dk3mkfpdrx59bgsvqnm7ytpcewgtn1ced5aqxx5a0wm7bq5fm0sgh80vhm9a6fswp37zhp7nkehkg6mqtxtwm07v7x81mg4y995v27trxq1pz6222vjq8rv53aksjgas331s8c0y0dd25e6f8fwrct10pg195qc307pdhz9y130x6m6wap8jf7yekqmj2kssq3zxpf3kef2k2sgn3gxhg556rme75bwjw92wnzqt5d337ry7ej92ksdr5vccc66d46173bhwc82evkt0r6c06bdxr00dj4qk8qmwnj8f806nw64rcezpcn05374rxfa3zspv9f7kcjrmsm7zqzvcashz2865cnj68nyk1xk7srw6dpchd2bnv244f40yxs6wd17kw38bptvyawcmrgn6a2s4v714styaasbg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%26client%3Dca-pub-7983651257838282%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 893062
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oK225nbespzUrQzXI2OLgn98WBawaWgDnVcIANX%2F4e7TCKUNUoM4zfe5aj85Z7%2Fs%2FqgdOsR5zeLWW%2FtAPcf%2FgbUSTnylUFsawHpzrXmfzbcrmpX3eFgweWZnPXmKDVTUzhwZ2UteyPw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7d0b51f38e611c20-FRA
expires: Fri, 02 Jun 2023 00:43:40 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame E0FF 25 KB
10 KB 40ms
39ms Script
application/javascript 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hcvd9367dxd51e1dk3mkfpdrx59bgsvqnm7ytpcewgtn1ced5aqxx5a0wm7bq5fm0sgh80vhm9a6fswp37zhp7nkehkg6mqtxtwm07v7x81mg4y995v27trxq1pz6222vjq8rv53aksjgas331s8c0y0dd25e6f8fwrct10pg195qc307pdhz9y130x6m6wap8jf7yekqmj2kssq3zxpf3kef2k2sgn3gxhg556rme75bwjw92wnzqt5d337ry7ej92ksdr5vccc66d46173bhwc82evkt0r6c06bdxr00dj4qk8qmwnj8f806nw64rcezpcn05374rxfa3zspv9f7kcjrmsm7zqzvcashz2865cnj68nyk1xk7srw6dpchd2bnv244f40yxs6wd17kw38bptvyawcmrgn6a2s4v714styaasbg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16659
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UNj%2FXbMGzaPYQwsNISaxxd978Dea1GLlx1t5%2B3CbFEK8Ti5fw47ar7YInzlhvbUq9c6vgu%2BaJULxYwltajM%2BexhgCtSQUl9hyTnCTh9za9YsptJ4xwyUI%2BJnkByn%2FABxnFaox4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7d0b51f38e621c20-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 30 May 2023 13:46:11 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame DC41 35 B
465 B 94ms
19ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECWr2s9U0BTX9uHiVvHcGs4&google_cver=1&google_push=ATf1kGPoMARf6Zxsa3BOnthwCxXoE8aU7vohxYeQqGjNW9nApP-yMi5C1KVKBETDxr80IiOsKSM23ARjBLlaBm0z7STH4fdpfiI

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC41
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO7EJQttxQry1HFR2X5SJTk&google_cver=1&google_push=ATf1kGOEBBnJ4wxPekA0mJ2Xrue4jbzHsI_chYOr_b-wdnszF677owAZwe-KWlZ-6jxqqOvfRew07OYbZGbz4WmD...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOEBBnJ4wxPekA0mJ2Xrue4jbzHsI_chYOr_b-wdnszF677owAZwe-KWlZ-6jxqqOvfRew07OYbZGbz4WmDf0dP3O-vCA

170 B
188 B

30ms
30ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOEBBnJ4wxPekA0mJ2Xrue4jbzHsI_chYOr_b-wdnszF677owAZwe-KWlZ-6jxqqOvfRew07OYbZGbz4WmDf0dP3O-vCA

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 01 Jun 2023 23:43:40 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x33 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOEBBnJ4wxPekA0mJ2Xrue4jbzHsI_chYOr_b-wdnszF677owAZwe-KWlZ-6jxqqOvfRew07OYbZGbz4WmDf0dP3O-vCA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 01 Jun 2023 23:43:39 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame DC41 70 B
265 B 157ms
43ms Image
image/gif 3.33.220.150

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAAe4LiOEgLCHmoYe6rtJfM&google_cver=1&google_push=ATf1kGOG1bbdQw7H5rj0teuXcaO4ryuqHUrkO3_CjmBBBcTyaNE04KRFColuakJ8cn1-08-LzdMjxpnwvUKnpeO3_FpNNKAiq3E
Requested by: Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC41
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA87znU3vEeNdOa8MKLtcDM&google_cver=1&google_push=ATf1kGOD1zKnUsHpQNicdhVaUU5Ty4hXFu31KRtofA9EWuVU-QvGEwf6he3pYcdcAUE7r-lmbklBxGMoXpeyFS...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzOTg2NzU0Mjk4MDUyNDE4MA%3D%3D&google_push=ATf1kGOD1zKnUsHpQNicdhVaUU5Ty4hXFu31KRtofA9EWuVU-QvGEwf6he3pYcdcAUE7r-lmbklBxGMoXpeyFSW--G...

170 B
188 B

30ms
30ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzOTg2NzU0Mjk4MDUyNDE4MA%3D%3D&google_push=ATf1kGOD1zKnUsHpQNicdhVaUU5Ty4hXFu31KRtofA9EWuVU-QvGEwf6he3pYcdcAUE7r-lmbklBxGMoXpeyFSW--GFkxhK6xw

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzOTg2NzU0Mjk4MDUyNDE4MA%3D%3D&google_push=ATf1kGOD1zKnUsHpQNicdhVaUU5Ty4hXFu31KRtofA9EWuVU-QvGEwf6he3pYcdcAUE7r-lmbklBxGMoXpeyFSW--GFkxhK6xw
Date: Thu, 01 Jun 2023 23:43:40 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC41
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGOiaXb6BD2aHZR25f4fYwLHsW5h4hCF7lw4iXExdrjIXNiEAgreExyVjRQRy-0J-ONFGGf098nqPuk6r0FtHDl7scoPOQ&redir=https%3A%2F%2Fcm.g.doublec...
https://sync.targeting.unrulymedia.com/csync/RX-dd885a79-2b42-453c-9ede-329d704a38c0-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGOiaXb6BD2aHZR25f4fY...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGOiaXb6BD2aHZR25f4fYwLHsW5h4hCF7lw4iXExdrjIXNiEAgreExyVjRQRy-0J-ONFGGf098nqPuk6r0FtHDl7scoPOQ&google_hm=A92IWnkrQkU8nt4ynXBKOMA

170 B
188 B

29ms
29ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGOiaXb6BD2aHZR25f4fYwLHsW5h4hCF7lw4iXExdrjIXNiEAgreExyVjRQRy-0J-ONFGGf098nqPuk6r0FtHDl7scoPOQ&google_hm=A92IWnkrQkU8nt4ynXBKOMA

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGOiaXb6BD2aHZR25f4fYwLHsW5h4hCF7lw4iXExdrjIXNiEAgreExyVjRQRy-0J-ONFGGf098nqPuk6r0FtHDl7scoPOQ&google_hm=A92IWnkrQkU8nt4ynXBKOMA
date: Thu, 01 Jun 2023 23:43:40 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXdd885a792b42453c9ede329d704a38c0003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC41
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED5o0SEWRfvkznwz12XSi1g&google_cver=1&google_push=ATf1kGMhcUGtutiY7EYKHDbmeBThbXWqVlsA6HUuU2er99Pq998wCKZ09N0DXPvc639KWHr1k3gg1lwI6MkA-aqxDpB9RlTAMA
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGMhcUGtutiY7EYKHDbmeBThbXWqVlsA6HUuU2er99Pq998wCKZ09N0DXPvc639KWHr1k3gg1lwI6MkA-aqxDpB9RlTAMA&...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1NzgwNzMwNTM4NjE0NTQ3OTQ4Nw%3D%3D&google_push=ATf1kGMhcUGtutiY7EYKHDbmeBThbXWqVlsA6HUuU2er99Pq998wCKZ0...

170 B
188 B

30ms
30ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1NzgwNzMwNTM4NjE0NTQ3OTQ4Nw%3D%3D&google_push=ATf1kGMhcUGtutiY7EYKHDbmeBThbXWqVlsA6HUuU2er99Pq998wCKZ09N0DXPvc639KWHr1k3gg1lwI6MkA-aqxDpB9RlTAMA

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1NzgwNzMwNTM4NjE0NTQ3OTQ4Nw%3D%3D&google_push=ATf1kGMhcUGtutiY7EYKHDbmeBThbXWqVlsA6HUuU2er99Pq998wCKZ09N0DXPvc639KWHr1k3gg1lwI6MkA-aqxDpB9RlTAMA
date: Thu, 01 Jun 2023 23:43:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC41
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOmq-BUy_...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOm...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=214844e6-f355-4f00-9120-f835efb2d8ef&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

31ms
31ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=214844e6-f355-4f00-9120-f835efb2d8ef&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=214844e6-f355-4f00-9120-f835efb2d8ef&%%GOOGLE_PUSH_PAIR%%
date: Thu, 01 Jun 2023 23:43:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DC41 0
49 B 61ms
28ms Image
text/html 142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iog2nJE4ABX6qLEP3xW_RJWszz7PxzKWQdc9rwJWF93GzQHJIrtH5FTUeAKdLcMmV8W6RmiQ

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BA6 0
20 B 63ms
54ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7411219401763&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BA6 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7411219401763&version=m202301230201&ct=76&x=1&cor=6700015120537500000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4BA6 85 KB
36 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUzcNgy5pkaGrP9KZBk4GnW90quyIZsvX8EQVPQiNNmcd9hUoRtdN2uCTwHpVw4b3R80bshaVgM7BJpzPjV66B5Yefkv3wxwto_1SZLuiB47-T9fWD1M4joovUuxY9WSERDnjz1qImDSjQ1uAWVOd2vY5l1PN6S93ENnFHfBgjvFwTc_g&dbm_d=AKAmf-CUYkI0IEFufnvWB1nEjWa46g4K1P1P0bvpUMIt6YACrX0tKBirMN70DDu8_wx4xedDxQIwdOXyy5rOZuOMUrqUtFO4y_lgIZNo1r5vLvsl2nIN_5InoIjBH9f1GeNryH_ouG5ZkuSVruPW3djYntXu0A2aEu0bZXsPRlNP8D8blW69xZVd4vGMMdTUgOjo95i33uccjTOW-S3_LVJAUFiLacuKm6DJYFO038A6z1ZUErX3gWNBOHPTVvuxzFXBmvlDDrPRmvTqIdCs6D0Xsc8IlnI1INctATfWG7_N165P8nfLasmgSCJnVQJ_xa8S51HykvCM1BtWA6DB7iR8nCGrwHo8p_nlEIBme6lv3g5zHzZ_AwKkG6bAvsKzsTupTV5-oW20BziUbqzm_FmKujU7cn1Cp-29BqrC8UWHyIdStrc1PxKFDtKh-QE-9FY9NPAF6Lt92ysur3E-hnQ52EKzh-YxFlyx590Be4VBBBysvShv_kw339pNbZQ1CFJ8_THahmhm-0oJI7U5Ilt7abDPpEeXsUxIjzbr1ebncRp5QQZ05Wuxdtdm3oMNubMVVaexeLo07mXkqV1owaQolq41n-8A3Tj_9YR29--WZ7Q5-KaOC7N67EqAXiNUV_R026gp6m9IyaekhIJ1DNbOE_1QGNO4HfiTjf2lP12ECp-qfUpAakUrZ3q3YMCzL9zW4Q34I0FCO3idb_ek3NUf8mL5U2se_RXjbSOQuJB3-Oeu_sqajSRe8GUCwe47jL71IEDKx6V_-pFT7-d2SLMLJGC5lhPOhghLOL3LIBtRtmhs-U0aIeHlyRRko3EG_ZL6xUUd4klj34hpX-2HRN6o45vEyDueq4K8WURBXmi8usLlSfGlVqsX8gN4DrG90RAIwzmofKXqh_Rmf-CH2HxhhzB5xPxIxd_TwaNaqTRJPv3YlYHZGHf79Jfe3E0ZQFEUppaHtocLf-7-6gzywKKd4uJu6Nlg1zifBUSd-CZW-_xjD_3azfTEq6ud69Oe2-HaAH9Qg1WpT4ZnUeFT-8-V99JH4QR5MslH7AzqTHBzIH8HKX0XCFErWY6LX4aMdqPyMx5I4wKtB2pk9vvYP-ivHf2DMQl5abwqLMMBMsVIkcWywbsvzkUzPVIHwpuy5PNefyXOX7KpJBtLEIn7Psp7kKRjGp-2doWlBg9I5Z_b3Yg_WSF4xHZcvukzzesr613C1kuvLJ8xRnGuUTdWOhbWe6wfkz-41eMErDZ8kiZB8FovstNRRn7uRBlaDFlEily1PBLzdtpH9t194Q9r-IwjYKiydKTSedLN1uKyhKz_PlkA_R2WuX_b_c2DE8wdlvIKF7mgMnKUJeJz3XXbKpNDQrP4QO-B6isvf-kHHtieORVzScCY-PKe5r1dru2BPMGfICZGlSK_cyrKuk7SJGX4A4c68WFmICVvx_eeB5YWHYD-TvgurI2hRVZX1ZkXpWqqJ8xKFCWjELq1uvqIBWrgf2vPpDZLXO6Gz0iQracgE-uY_C5YLmVZGxHonl-5pUTveIUihbKN-EdmBFJ-D59rBfp118TPlLbIuf2Bhzi9mMOgrSbhzIE3hG5NZD-sB8LSuPvQvv7-c3-c2TDaEeckIY01hjN9JcCAt6F0bXtWWSIhjlnahhxolOCXjcUnuWwt9MlJ8zL8SeQ8QyuOy3DMiq10Evshh4GaDgR-WKe5FV-gNUcpzmxM9FqX2pVRdmjPR6wceAUHHLy3BmlKZy3rEzI_wgHcm5bq4rGm144XMt_--xvfQ8DTRvXfROmMdv7cxBEhUXVFX6FLuD43Px6VzteHTO-zwJWQja1CvjlMaj9yrgzC_aNAi9zeZzWpETbtgbB-mZ2XY_ctV3rPT-18lZnplx0E1zsMicprbeTFd95wkjYMG8mJ_iRhcSWpfVYU9030IfXIqRmllFUYbEeDH7Mfa73JDqx69M6n2KWIAenghzXhFjVIIO_Bdp0arKWznNEYnK4-0ef8UaZjfprfZs3R5QycZmwWaUbGdfG730b5MOdjIrRURtGrelDIrNk8HZjSqacYAaxfxXcpM65RXJJcPmVrj_q6hASgvWfDD5KFEyJjqPW4Yj5plS_RPwPhvHR2yGEfDQbckoSXftcAI62NptwICSmO3L2dSvDJqQdhVvvOs1IftNMdxPP6RLx2BmH-Y6BI9plc3qDdh1bWEzN01YX3WT-iMHgohae7GX8Ui0tTpCMVI27lXJBD814zp86YFk7Bavcbu-NF2V10iQoFs6-v5-QCUFMGbrpunl52LkeipayNw152w4INw1CMc6BBYoy6-HyAC2_squI4RXeJp3hKPX6VwzguSm2YBrHfBMUnRSuudNXlCCqNn5EhL-FKjuZ-tv7U7QYwbHyRrzxrk8DT0Nyodju7OqbCDkw-32_favA8g5eETcbXTtyrVVxFKGojm55lIi9aB3pZBhc6s8KtLm_M1bQhGBEZ1IqpahzJDZZCuPJoXL3jtkQiQtBYlcjQZQkAh64FhnodpPbduXNExxsjF3VobEbZkqVMgF4_OcuNJ3GgDqgawjEFIFcH06pXAAv6pt3dgg1yEaeUkNF9n5BvESjeb3wiUXKdXE8g7a47KhbGpxj-JTABsR3BpLqQkwtmph-nRWYH9G118u9zXg_tclbin6Hr8gGPRfbB-TvMqz6mWQvc6eZQA9sBepCWGPQPIcN5Qq2O6SKmC35LnXo1R0DEdssLjDSazkNtgEJZLdCul07RvIXLZO1FM1j65Pz0uSyy5h0l64_0JvE3n4xewPUIcg_k6H7GUw0oGKtDUkULoN8liNjm_1Qy6nANmQITadkWeAwLtraCseE3hfQndhuEbJYO8oqroEvHRfivtGtu1SdvX5y9Z2F8Ba32bgbj1hpVw-T3n0w7rdMwNW_2RbYMtL16f6G6pMxhkV29BP2FyMvhO_Ok1gwTB-p-ZXxrfSk4foZFeZweZsE80pZr49L-8nahSOXkivibLvOGIw5_iF0rLGtcYHP5T_TbJn7pAMPHWYcfWiMHo3IWDm7MdAeBjEr-iWW-vNF3ASkh9GsFK33zKFmycWGMZMzjZR93rERw3Wm6RC0g3LDnvfc0p_9rgj2pmZa6D9YdeZZFdwwXK0UFphfnQsVUKN2tQQWkbglucAQ1HBpsZC1fVa7DfIMnc-pX9F5i2VGAStn6LLKgODz9kKyXXM2-faBNiqBqkRULR0_Mvi7pxWADvJuhyOT3ft_IBuCSi1zqCfkevP_GnjwCUDaOIMl9fqyRsWpVgc_6vFh0WBMcuXVTKDoSSg709Y26uRyHL0qUBUPusFeP-C8jjyFUILlufxPyqL0USUAHpCac63jXtCfU11WN9qNnXM4uMh6VUhi2x5VLREVMorA4d0xBew7C8teng4EfSsFzTnyiMdwxvHIvouGWP3UG5aTaPjpiVwa3lSaDvRfiVIbaBIbqM4Juc6YJ8WF8d7t0xeLKxBnaim5oShr9jdXfhy18Gg4aykZFzSGti-M-3cgPPpSaOZGCYvXS72MQG9iEJRq35JtOs-BGcLGHByxlKvpQhWc2ABrmUR2f9-W_Kmu5ex9fOii6nyrQG9yBUeRS3zdNLnrIJqxi4Nk5fbE8ntTFQUK5GErApDiBceIT-rmtbdiYUB9e9xSnT8mtbBzfl-C3a9601UF9BUojJYoffjiTqWiwfzLRPLu8gvL_bV-Zw_Sc023Dw52t&cid=CAQSOwBygQiDN46SoSb-vq_1SI7RETBTZOBk03tDrjaNdczrexJ5Bh5Ibk6ujjtiE28-MxmGvfLDDBj5fW7BGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=6700015120537500000&adk=3860319555&idt=57&cac=0&dtd=60

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23a94822c53a89bd37e99e85cfa9b7d5fbe7a435687624e8b3870230899fbc81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36467
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 6374 1 KB
2 KB 39ms
31ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=65010876;rtbwp=4bxct4KBIgNBwtnLLgxn0KzboUFQG3yp0;rtbdata=GDo4Ja9BKivdzl-qTJ3MfGpC-brmsP1QCyPm_XRLlFfw0NyRASa0c7SidME9_Qej89XHWrqMa8YQBwD72PpBsrbnyq3qf0ZBUJJo-ufrbEFy6hrPGmOyPjBAddEPUmj7RyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3jwvrS9T0J1WMzjR4oz79rmAkImYqO1g3DkUvmkmCPSoHsUeW1F3wxGRV-QcE45NG9CfmT8bPwR3V3fMpVJAh1rhQW6FXjSrzw2;csid=81917;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=KnTB0wTnfLN42u1ywTJ-2lvUG1M9t63qxgY_CyhV6i_GoLmUX_gCvZG4dWAZeGGwqpz1ZCDj3wQD803PKYJIdaH3rZQT8N4U3zkiSGsJ7Ih2G-h9goVtuaAWqbntrVNMmZZoi8xw8fboTo00h-sZ1KP1JJeoPeQKhTSXk_0PY31XuvP3-ye_moy1YG-aYPNt6YrNLUb_tkxV2MDN2nuLFrAcbPoHp0nX0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEqYXbye9b_jEA3kRsnI1poXXnenT7SaicAvfQyF5Uf8CTGGT_0J7dD96vWmW1dlSa0;

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d7d89a85ca36ba2b8a4b0a736f4facec28380bce18c6dc81912efeea9e08e393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1307
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 6374 62 KB
26 KB 178ms
61ms Script
application/javascript 37.157.5.71

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 8ed86e2b928c1b3c7035f47e16f70e3e71131b34c86b59e783a0559fcc8de4b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
content-encoding: gzip
last-modified: Mon, 15 May 2023 06:47:18 GMT
server: nginx
x-amz-request-id: tx00000a6950cfa6cbca7f8-006461d90b-3295d06f-default
etag: W/"cd30185b4774b9eb12ea46ca45e76972"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
DATA 200
OK truncated
/ Frame 1105 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d395387bfc7fef92c010b8904ab15c40128f55f2be52a4bd3351cc97ec1b5fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame D035
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEOx0MBEP67-w220rcCfshzM&google_cver=1

0
400 B

93ms
40ms

Image
text/plain

23.45.237.121

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEOx0MBEP67-w220rcCfshzM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYmd_x5gEwAQ&v=APEucNX5eDWB0Q81wKiL-jmGZRLy5jYHDsVXmM7HFXFWZX2j4ztckf74yliwTWG__f6sOUY4OMiBc-I66DDHRcqvEXhCAn6Q_yRG7QZ-Tf1kL_eI83-KOr9slbXm4pvpaHdLqQx0-b_D4151IqA1Hnkoo6ZUcCD_h-9KY2wzVMZakOlQsC_PoUk
Protocol: HTTP/1.1
Server: 23.45.237.121 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 23:43:40 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Wed, 31 May 2023 23:43:40 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEOx0MBEP67-w220rcCfshzM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame D035
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEAoWkUj8FUUO2ImtMqAyed8&google_cver=1&adform_v=1

43 B
163 B

102ms
33ms

Image
image/gif

37.157.4.24

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEAoWkUj8FUUO2ImtMqAyed8&google_cver=1&adform_v=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYmd_x5gEwAQ&v=APEucNX5eDWB0Q81wKiL-jmGZRLy5jYHDsVXmM7HFXFWZX2j4ztckf74yliwTWG__f6sOUY4OMiBc-I66DDHRcqvEXhCAn6Q_yRG7QZ-Tf1kL_eI83-KOr9slbXm4pvpaHdLqQx0-b_D4151IqA1Hnkoo6ZUcCD_h-9KY2wzVMZakOlQsC_PoUk
Protocol: H2
Server: 37.157.4.24 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
last-modified: Wed, 11 Oct 2017 13:39:07 GMT
server: nginx
accept-ranges: bytes
etag: "59de1efb-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEAoWkUj8FUUO2ImtMqAyed8&google_cver=1&adform_v=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame AEE5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9d2186b01fab3b892d42f1135674d486e83cd3eee9c66d31a34e140458292a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 09B7 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?D6wzmg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51E4 0
20 B 53ms
52ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=543041907330&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51E4 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=543041907330&version=m202301230201&ct=2&x=8&cor=5231338625520800000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 51E4 71 KB
32 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AuBFO6KLS5pBEC021onfmdCZ341RGCOlmheKMpgKd7rD7zO6yZjXUQ67bFAdqBdUZcSBHUapEMB0S5PqXWLteQQLeNq3rlcHs85JJkvVECzCtGEaW--77694ffm0e3QWRC1yB9EPe0BvPJrNVAttpZspRYG9qdGUkDvMuFE4eD-w5LeYM&cry=1&dbm_d=AKAmf-DyekKb15iKhGPPr2ej0lt5ktLwcrL6L_eMu7xKn0gmqawMe-uQrvKV3r7E6NUXRog5zfjii7xk5sNWUp1wnamB0ZoQzChuMfrW6K88EvV-mOIULevFeEpyxBF8sXKnsIzgH12AxUAyf8t4NsOnxsJK_txUV9i8SD7RxCNFFN7dI0suRylhgVW02l_D5r3J5yhs7r55PaMBa9n4R4DRCsMsXpJc1FTB5XhBMirQE57gHL4Nj76JZSBgi0kBorUMMJPpveTydCB1Jj71n0abCBxZLyA4T5RbsDEzpDkZdz0yrR31OIKqpl6sDggvFY76OG01KZP3vl1taxVO1XgEySkWa3FM8Cx1hEsfOePKJATL24NxzzFW2N2Z_8TpcghSPcZlHlRVLsYO0LVBs1x2-AYMsKGpSE3YjZ_plaiDigbxXIObIFdw4-8eEoqo8Xqi00lqc8FqzCWSDrO6SrFj36EpCi-sSEusTs-DlTpPxOTzW84wX4kX9bBOgEGfdb8J9sUhHTQfPXJsQG5G93T3V85_1Z-ysgBNnVh4YOXUixqswpydjbwZa6Q0JVpjt6BKF7chwFhYrr5zbjlrBsQ0BCi8exQKsRgSta_mn0Jm9OmstrjCu5EusPYTHHPJ3BnfTIWPLoYkQ_9dhqyk9g1tVBWCovgsfqV4Ehy01M1Z3FDhhhZulSmC2uxTuvTNYsZrtO2ntXnIGdt2m0MybugTRNx2D969_DCRIK-yOCowVPQkN-VicdwLYrHP1aSGqhJJBuqM0bNRVjuzA8Nocno2-0LhLoqYqnIva2ti7epvMb-RHPcpUvyhSFyAG3-ZUM80P6SDBXyoaYd0s6yknd3WITnhTGJOK8IihXeNO8nxqUDm2d87lq6cY_JBQv9TOJ7sdNqeMPbslglGa8XGgshkXjvKX4Yo3q0LvvByJCEWSlhee4YLpkZvUWHWKZI1eaPngAlJwUUDrRJ_SNRFQZaBSbRiXDqu6imVeMc2LaODWD_pgprihgj5flNVffVFK8JUTM5WihZMPIS_ItemAeMkITQDU9ycjRe2HFQ6Up6OYmDiz4w6kLIxWoTXSxpwQ2rkbNaxq0i5ebOZeiEeyTpgRZg-6rW_UuIz68otAUBEzSSVzOJYvPjOeDaepfBnutyDtkDMQTXl1--QjUvp4pHeQXgocM8vY66KcRpOzwCaado6qMBNGLWTgn2mEaqMYu4URzDCc9phXGRkDJW44WBHYufCrjI45MBvkrtdu5XMWG5rouAm67wZWmc5pXH0aTIVvkH_aM-aDHOyULePP8T6NyJH_49DD-w0bJyIgRe1X5FFlJFKCUSo1-sNWcOTaTh_AFVHIeci5vZkdbBQRt2wbGDWZDBVdn6VOeFqqBJw1VSpvo5sOwQhfg445e5abkd7_8hY11V_8Z4CX7Bfb1oeepzKVsha9Jjnw86o6vDmOsyV0nlghLLlGZXiKLag-Ov4c7wY-GRHdU6yhqyh7mbD_RvZ7O_Xxa33x7vTBRm8lnINZopEilm6wrTzTvNPXXAMzfLy06Pliel5TRM-_GBjA_mfjeJ0HY5XGJEttPLKKFb5yZPJV67kNy9iZ1L5DmnlNlrcbxeRA-D3e-f2GSuzXpi_nOMssMXa6Y7jHBWtitQ3gS3Y5qe_2dF0sDna7LQDaW_XcDqPpCKwjz38xJIDYUu7f8gq7k1U3mELWIDeK_TTUelWBtxK8oPasgS1JfFRCgQGsHvq8yBXqexMztqeOhzDxzEQplAS4zw-xe8Nk-rBe2XN4KYR3VGKysXQX8Tk4_vYYq1GCia_3gj14fDr96YOxKwF6uwZhWTCqCQ8s0p4_fZK2bBzXapTjuF9oAuJvMDrPcUyQTduog0O7-JsErV6cnrSqhIlGQvuzN5KLFK4vSXfvQ2mdbXKePl7C938i_nb47vZkprpT_VklBts7IJGQj_mFVt3rMGtn6Hi5BlteLWmT-Pej1lSQZE7CT7DtOm3PgNeSHVgu1jeDasJir2tsogYvvZCj1z8TQJPEMg_CQH7BHqXBLfUb5lrbh3yMKvdmI5Frk5ll7D0mWw0ASa1rPvgD36tjOY6ZpVAapvoFQTdIWayfjuakTJX3njNJXHXjeh1IusTdTvDVygkNjvxV2DlD7nm_htvahPGR4NPP6XuKI_FDvwSztF7aeKcCGnFsMTiH_-RbVWtcjZLhIYNbk3HND5xMVpuM4-FXtGHEQx0bmGic0ET9afkBl6aYcCRg7SIDQGk8WDeRpDt8x_H2LozJNvssxPtCTGzil-HH4lIhdiygMCJnQKpIn1iV_OpIbO1au5tTGLffvAYbTugnkEngMrhJY34e6S_y5bYDX1Fhtv5d079gnlReO0kDc9QeSdxc4RvOvdVACKQ_wIJ48MiP7eMqnvoDFUNm3DsYO2QsSyv19g4eLsJc2qOOHO_Kb68AhBR3z4Ui0UfaDHa_cG6Y3KcdEdIOe1WDwUQXdFLF3vg768mt4aKBReL4bhTWP6QI-hgCoCQnFpBMYkZPvTNK75kMqdZcjCmx1BAROlhOTtqe3ZUUKnrK5FGJnEjAWunONXoV8GRisCgJH6imqxYXc00NDyS26dtMPm2QnlZpy14gkMMKCfMe6fPJHcyTJGE3kl2Gs05ivJD6i-Ep7HxrsjdwsdMmwq4icFi423RCY1iTpC45SE_LFqT7mZeIbrk8A7-tiEcH6vQsW6dbfMWIzcpyPZvTRnjtbKniKBTUiCabFtx_cDxJ97383gW0BeiB1hIykviw9h2LXfbYvjkuaCNP38Pu_z4XhgvOsVSdqHULI9cd5QIGn94ts5_MkwIgK6g0vnPHxiEA92ZYFkpxBon0A6EuDklDkqLoldUXtks81sA1qzZdvfL3iT2jPlby6tXFDN10mTEn-hgDkNjrPe-weJ17iNoHFYPF96kA8XrqGoeA8yTa7pTFgD70G8OIqjOyi-EtrMHnXzzeumSwnBjHOzGd0GboXdtZFa_QVrDNuJEDdFgJ2YQdIFxp_6kPSnpP9Wq5EBPsWI9U3nmQ0X4J55-Fb3s3-BZnJfgQiWofOKRlAp2oQjrNEGOr0KcYP7o_DqTCcs3IsvjE_jQM3IcGxq8RID2DBwz-ibrOw6wyKgAhkCmfUzqsiXswfQ4KzTk3msnDJJJI8fu-SHJTVMVsbe8aBLEEmTzIvWnP0WQ3OPU4dtquS7B9k77WmQ26U1GkDynYo7g0vuIRyqX3sbUG3xjyXU3aA1TZS9VxBV1pX4L_NNexGhPWhn5Y6KqeF_WMCQaCiQu3SfYJ-x0LXj_HwESzh5Q7A2qCsAGpQ0eTflWDWy2qyAOKiHKBo7w&pr=8%3AB50255B55BED452A&cid=CAQSMgBygQiDGZ2q6JURWvL6VaKkrD8MGPMMxb73yhEUa0iNONwGdf0I8B-LchOR1rjFixGiGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=5231338625520800000&adk=3753878679&idt=54&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89fca8ac116ef77374a06351bb4a3f1308b152caf18d45b36eb12f1c34805167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32587
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 77D3 281 B
554 B 82ms
20ms Document
text/html 23.56.202.187

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 01 Jun 2023 23:43:40 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F897 0
0 100ms
58ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujtmL2fpEGZ8BDqd9gZ_KFWIw0tom5NUSNVS1SoEPiWZhJYnFPzJKiGgmXLZT09vfoyR1T20oO4rCOIlk-h8HX6uzVrFb6HBQwXU6mtdyzPrUWT0pS5esXhr9Cu3Eel5o-pxMZBaEYygQnRRAsZ64NpMXuSrCXdjbDfHGPjtvIEoKvNsz_ORKowJvbuNe7HpJ-jV9brm_Bv65HZt888KAPh0UzErOEhSgdvnDYsK-5NBoj_yYbrm8DCXFa_UCP9K_8wi2dCDjFRNZxBegrbxTYgZo5rlINrjCLN_uhNFNyz9qGJKXC9nC6AWdXsp2fr9SI7DiZP5U1JXObPQ&sai=AMfl-YS3hn6iZrM6dGyik8VU5U6-WPMQDCuFzv9tYwxi3UwEZ3CHV94LLKuKLj2IoTr0dKjclXeahZaJ48b2hVPh7FfbePuXDl96YoXCU9XHMM7guTostHawEnmxraThUQ&sig=Cg0ArKJSzG8Cd3NSUWVzEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Jun 2023 23:43:40 GMT

GET
DATA 200
OK truncated
/ Frame F897 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: deb548e330b008ae97d73ade60474f69bcecdc48212a65be7908f056fb654b19

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 6374 36 KB
17 KB 43ms
42ms Script
text/javascript 37.157.5.71

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=65010876;rtbwp=4bxct4KBIgNBwtnLLgxn0KzboUFQG3yp0;rtbdata=GDo4Ja9BKivdzl-qTJ3MfGpC-brmsP1QCyPm_XRLlFfw0NyRASa0c7SidME9_Qej89XHWrqMa8YQBwD72PpBsrbnyq3qf0ZBUJJo-ufrbEFy6hrPGmOyPjBAddEPUmj7RyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3jwvrS9T0J1WMzjR4oz79rmAkImYqO1g3DkUvmkmCPSoHsUeW1F3wxGRV-QcE45NG9CfmT8bPwR3V3fMpVJAh1rhQW6FXjSrzw2;csid=81917;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=KnTB0wTnfLN42u1ywTJ-2lvUG1M9t63qxgY_CyhV6i_GoLmUX_gCvZG4dWAZeGGwqpz1ZCDj3wQD803PKYJIdaH3rZQT8N4U3zkiSGsJ7Ih2G-h9goVtuaAWqbntrVNMmZZoi8xw8fboTo00h-sZ1KP1JJeoPeQKhTSXk_0PY31XuvP3-ye_moy1YG-aYPNt6YrNLUb_tkxV2MDN2nuLFrAcbPoHp0nX0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEqYXbye9b_jEA3kRsnI1poXXnenT7SaicAvfQyF5Uf8CTGGT_0J7dD96vWmW1dlSa0;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b922302c22aaa52e4ee94cc4e8949e60012dc6625adcff0165ef193caf3a3ee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 15:24:09 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 24 May 2023 10:46:06 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4BA6 172 KB
61 KB 354ms
19ms Script
text/javascript 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
Origin: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 10:17:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Jun 2023 10:17:22 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/ Frame 4BA6 11 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUzcNgy5pkaGrP9KZBk4GnW90quyIZsvX8EQVPQiNNmcd9hUoRtdN2uCTwHpVw4b3R80bshaVgM7BJpzPjV66B5Yefkv3wxwto_1SZLuiB47-T9fWD1M4joovUuxY9WSERDnjz1qImDSjQ1uAWVOd2vY5l1PN6S93ENnFHfBgjvFwTc_g&dbm_d=AKAmf-CUYkI0IEFufnvWB1nEjWa46g4K1P1P0bvpUMIt6YACrX0tKBirMN70DDu8_wx4xedDxQIwdOXyy5rOZuOMUrqUtFO4y_lgIZNo1r5vLvsl2nIN_5InoIjBH9f1GeNryH_ouG5ZkuSVruPW3djYntXu0A2aEu0bZXsPRlNP8D8blW69xZVd4vGMMdTUgOjo95i33uccjTOW-S3_LVJAUFiLacuKm6DJYFO038A6z1ZUErX3gWNBOHPTVvuxzFXBmvlDDrPRmvTqIdCs6D0Xsc8IlnI1INctATfWG7_N165P8nfLasmgSCJnVQJ_xa8S51HykvCM1BtWA6DB7iR8nCGrwHo8p_nlEIBme6lv3g5zHzZ_AwKkG6bAvsKzsTupTV5-oW20BziUbqzm_FmKujU7cn1Cp-29BqrC8UWHyIdStrc1PxKFDtKh-QE-9FY9NPAF6Lt92ysur3E-hnQ52EKzh-YxFlyx590Be4VBBBysvShv_kw339pNbZQ1CFJ8_THahmhm-0oJI7U5Ilt7abDPpEeXsUxIjzbr1ebncRp5QQZ05Wuxdtdm3oMNubMVVaexeLo07mXkqV1owaQolq41n-8A3Tj_9YR29--WZ7Q5-KaOC7N67EqAXiNUV_R026gp6m9IyaekhIJ1DNbOE_1QGNO4HfiTjf2lP12ECp-qfUpAakUrZ3q3YMCzL9zW4Q34I0FCO3idb_ek3NUf8mL5U2se_RXjbSOQuJB3-Oeu_sqajSRe8GUCwe47jL71IEDKx6V_-pFT7-d2SLMLJGC5lhPOhghLOL3LIBtRtmhs-U0aIeHlyRRko3EG_ZL6xUUd4klj34hpX-2HRN6o45vEyDueq4K8WURBXmi8usLlSfGlVqsX8gN4DrG90RAIwzmofKXqh_Rmf-CH2HxhhzB5xPxIxd_TwaNaqTRJPv3YlYHZGHf79Jfe3E0ZQFEUppaHtocLf-7-6gzywKKd4uJu6Nlg1zifBUSd-CZW-_xjD_3azfTEq6ud69Oe2-HaAH9Qg1WpT4ZnUeFT-8-V99JH4QR5MslH7AzqTHBzIH8HKX0XCFErWY6LX4aMdqPyMx5I4wKtB2pk9vvYP-ivHf2DMQl5abwqLMMBMsVIkcWywbsvzkUzPVIHwpuy5PNefyXOX7KpJBtLEIn7Psp7kKRjGp-2doWlBg9I5Z_b3Yg_WSF4xHZcvukzzesr613C1kuvLJ8xRnGuUTdWOhbWe6wfkz-41eMErDZ8kiZB8FovstNRRn7uRBlaDFlEily1PBLzdtpH9t194Q9r-IwjYKiydKTSedLN1uKyhKz_PlkA_R2WuX_b_c2DE8wdlvIKF7mgMnKUJeJz3XXbKpNDQrP4QO-B6isvf-kHHtieORVzScCY-PKe5r1dru2BPMGfICZGlSK_cyrKuk7SJGX4A4c68WFmICVvx_eeB5YWHYD-TvgurI2hRVZX1ZkXpWqqJ8xKFCWjELq1uvqIBWrgf2vPpDZLXO6Gz0iQracgE-uY_C5YLmVZGxHonl-5pUTveIUihbKN-EdmBFJ-D59rBfp118TPlLbIuf2Bhzi9mMOgrSbhzIE3hG5NZD-sB8LSuPvQvv7-c3-c2TDaEeckIY01hjN9JcCAt6F0bXtWWSIhjlnahhxolOCXjcUnuWwt9MlJ8zL8SeQ8QyuOy3DMiq10Evshh4GaDgR-WKe5FV-gNUcpzmxM9FqX2pVRdmjPR6wceAUHHLy3BmlKZy3rEzI_wgHcm5bq4rGm144XMt_--xvfQ8DTRvXfROmMdv7cxBEhUXVFX6FLuD43Px6VzteHTO-zwJWQja1CvjlMaj9yrgzC_aNAi9zeZzWpETbtgbB-mZ2XY_ctV3rPT-18lZnplx0E1zsMicprbeTFd95wkjYMG8mJ_iRhcSWpfVYU9030IfXIqRmllFUYbEeDH7Mfa73JDqx69M6n2KWIAenghzXhFjVIIO_Bdp0arKWznNEYnK4-0ef8UaZjfprfZs3R5QycZmwWaUbGdfG730b5MOdjIrRURtGrelDIrNk8HZjSqacYAaxfxXcpM65RXJJcPmVrj_q6hASgvWfDD5KFEyJjqPW4Yj5plS_RPwPhvHR2yGEfDQbckoSXftcAI62NptwICSmO3L2dSvDJqQdhVvvOs1IftNMdxPP6RLx2BmH-Y6BI9plc3qDdh1bWEzN01YX3WT-iMHgohae7GX8Ui0tTpCMVI27lXJBD814zp86YFk7Bavcbu-NF2V10iQoFs6-v5-QCUFMGbrpunl52LkeipayNw152w4INw1CMc6BBYoy6-HyAC2_squI4RXeJp3hKPX6VwzguSm2YBrHfBMUnRSuudNXlCCqNn5EhL-FKjuZ-tv7U7QYwbHyRrzxrk8DT0Nyodju7OqbCDkw-32_favA8g5eETcbXTtyrVVxFKGojm55lIi9aB3pZBhc6s8KtLm_M1bQhGBEZ1IqpahzJDZZCuPJoXL3jtkQiQtBYlcjQZQkAh64FhnodpPbduXNExxsjF3VobEbZkqVMgF4_OcuNJ3GgDqgawjEFIFcH06pXAAv6pt3dgg1yEaeUkNF9n5BvESjeb3wiUXKdXE8g7a47KhbGpxj-JTABsR3BpLqQkwtmph-nRWYH9G118u9zXg_tclbin6Hr8gGPRfbB-TvMqz6mWQvc6eZQA9sBepCWGPQPIcN5Qq2O6SKmC35LnXo1R0DEdssLjDSazkNtgEJZLdCul07RvIXLZO1FM1j65Pz0uSyy5h0l64_0JvE3n4xewPUIcg_k6H7GUw0oGKtDUkULoN8liNjm_1Qy6nANmQITadkWeAwLtraCseE3hfQndhuEbJYO8oqroEvHRfivtGtu1SdvX5y9Z2F8Ba32bgbj1hpVw-T3n0w7rdMwNW_2RbYMtL16f6G6pMxhkV29BP2FyMvhO_Ok1gwTB-p-ZXxrfSk4foZFeZweZsE80pZr49L-8nahSOXkivibLvOGIw5_iF0rLGtcYHP5T_TbJn7pAMPHWYcfWiMHo3IWDm7MdAeBjEr-iWW-vNF3ASkh9GsFK33zKFmycWGMZMzjZR93rERw3Wm6RC0g3LDnvfc0p_9rgj2pmZa6D9YdeZZFdwwXK0UFphfnQsVUKN2tQQWkbglucAQ1HBpsZC1fVa7DfIMnc-pX9F5i2VGAStn6LLKgODz9kKyXXM2-faBNiqBqkRULR0_Mvi7pxWADvJuhyOT3ft_IBuCSi1zqCfkevP_GnjwCUDaOIMl9fqyRsWpVgc_6vFh0WBMcuXVTKDoSSg709Y26uRyHL0qUBUPusFeP-C8jjyFUILlufxPyqL0USUAHpCac63jXtCfU11WN9qNnXM4uMh6VUhi2x5VLREVMorA4d0xBew7C8teng4EfSsFzTnyiMdwxvHIvouGWP3UG5aTaPjpiVwa3lSaDvRfiVIbaBIbqM4Juc6YJ8WF8d7t0xeLKxBnaim5oShr9jdXfhy18Gg4aykZFzSGti-M-3cgPPpSaOZGCYvXS72MQG9iEJRq35JtOs-BGcLGHByxlKvpQhWc2ABrmUR2f9-W_Kmu5ex9fOii6nyrQG9yBUeRS3zdNLnrIJqxi4Nk5fbE8ntTFQUK5GErApDiBceIT-rmtbdiYUB9e9xSnT8mtbBzfl-C3a9601UF9BUojJYoffjiTqWiwfzLRPLu8gvL_bV-Zw_Sc023Dw52t&cid=CAQSOwBygQiDN46SoSb-vq_1SI7RETBTZOBk03tDrjaNdczrexJ5Bh5Ibk6ujjtiE28-MxmGvfLDDBj5fW7BGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=6700015120537500000&adk=3860319555&idt=57&cac=0&dtd=60

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 13:56:52 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/ Frame 4BA6 29 KB
11 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 13:56:55 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4BA6 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230647
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 07:39:33 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E0FF 3 KB
3 KB 348ms
30ms Image
image/png 2606:4700:20::681a:71b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1169
x-guploader-uploadid: ADPycduTog6A2JPifmWwDYui9vUCCU5W1ZNEVFDzlBRMT9l9xNdgptaa0KpBuLLbjaWfVX7sXot7cGI-Oc2HEQNQ3r-JUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BsRMiHPc6zadiPTxqY16IXAPQh19j5kTFVX4wbWzq509TgAN6pECZooM5C1xT%2BUUU1esx3FsJ5qQqanv6ToDhrJImJiIn7R1QvZ6Pw79nDwY%2FtjctcyCOUDWjwOEImVAksIAHBxFY4q9TdIciGKYah2"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7d0b51f77b4a9b94-FRA
expires: Fri, 02 Jun 2023 00:02:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C6AA 1 KB
643 B 30ms
19ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 18:15:11 GMT
etag: 48472445140208031
expires: Fri, 02 Jun 2023 18:15:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4BA6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f2faabb535d781670d661ffc882bc1026221fcf67344bc7b250f6102d5bebca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4A1E 3 KB
4 KB 301ms
28ms Image
image/png 2606:4700:20::681a:71b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1169
x-guploader-uploadid: ADPycduTog6A2JPifmWwDYui9vUCCU5W1ZNEVFDzlBRMT9l9xNdgptaa0KpBuLLbjaWfVX7sXot7cGI-Oc2HEQNQ3r-JUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9xGHPlomKpaBR79VuaRpXOIOcahf536A%2B7eyO5gGXrX%2B85F1se%2FzeCA1u7wyQiFcRrvxG%2FcW0z%2BKLEBmFJoPCRpgzCDV4N3RgY8feMjWBk%2BV0uneaYNiwy1afWNXPFHPurAWb%2BfP94sgN4k6DmZiM%2BR"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7d0b51f77b4b9b94-FRA
expires: Fri, 02 Jun 2023 00:02:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/ Frame 51E4 29 KB
11 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AuBFO6KLS5pBEC021onfmdCZ341RGCOlmheKMpgKd7rD7zO6yZjXUQ67bFAdqBdUZcSBHUapEMB0S5PqXWLteQQLeNq3rlcHs85JJkvVECzCtGEaW--77694ffm0e3QWRC1yB9EPe0BvPJrNVAttpZspRYG9qdGUkDvMuFE4eD-w5LeYM&cry=1&dbm_d=AKAmf-DyekKb15iKhGPPr2ej0lt5ktLwcrL6L_eMu7xKn0gmqawMe-uQrvKV3r7E6NUXRog5zfjii7xk5sNWUp1wnamB0ZoQzChuMfrW6K88EvV-mOIULevFeEpyxBF8sXKnsIzgH12AxUAyf8t4NsOnxsJK_txUV9i8SD7RxCNFFN7dI0suRylhgVW02l_D5r3J5yhs7r55PaMBa9n4R4DRCsMsXpJc1FTB5XhBMirQE57gHL4Nj76JZSBgi0kBorUMMJPpveTydCB1Jj71n0abCBxZLyA4T5RbsDEzpDkZdz0yrR31OIKqpl6sDggvFY76OG01KZP3vl1taxVO1XgEySkWa3FM8Cx1hEsfOePKJATL24NxzzFW2N2Z_8TpcghSPcZlHlRVLsYO0LVBs1x2-AYMsKGpSE3YjZ_plaiDigbxXIObIFdw4-8eEoqo8Xqi00lqc8FqzCWSDrO6SrFj36EpCi-sSEusTs-DlTpPxOTzW84wX4kX9bBOgEGfdb8J9sUhHTQfPXJsQG5G93T3V85_1Z-ysgBNnVh4YOXUixqswpydjbwZa6Q0JVpjt6BKF7chwFhYrr5zbjlrBsQ0BCi8exQKsRgSta_mn0Jm9OmstrjCu5EusPYTHHPJ3BnfTIWPLoYkQ_9dhqyk9g1tVBWCovgsfqV4Ehy01M1Z3FDhhhZulSmC2uxTuvTNYsZrtO2ntXnIGdt2m0MybugTRNx2D969_DCRIK-yOCowVPQkN-VicdwLYrHP1aSGqhJJBuqM0bNRVjuzA8Nocno2-0LhLoqYqnIva2ti7epvMb-RHPcpUvyhSFyAG3-ZUM80P6SDBXyoaYd0s6yknd3WITnhTGJOK8IihXeNO8nxqUDm2d87lq6cY_JBQv9TOJ7sdNqeMPbslglGa8XGgshkXjvKX4Yo3q0LvvByJCEWSlhee4YLpkZvUWHWKZI1eaPngAlJwUUDrRJ_SNRFQZaBSbRiXDqu6imVeMc2LaODWD_pgprihgj5flNVffVFK8JUTM5WihZMPIS_ItemAeMkITQDU9ycjRe2HFQ6Up6OYmDiz4w6kLIxWoTXSxpwQ2rkbNaxq0i5ebOZeiEeyTpgRZg-6rW_UuIz68otAUBEzSSVzOJYvPjOeDaepfBnutyDtkDMQTXl1--QjUvp4pHeQXgocM8vY66KcRpOzwCaado6qMBNGLWTgn2mEaqMYu4URzDCc9phXGRkDJW44WBHYufCrjI45MBvkrtdu5XMWG5rouAm67wZWmc5pXH0aTIVvkH_aM-aDHOyULePP8T6NyJH_49DD-w0bJyIgRe1X5FFlJFKCUSo1-sNWcOTaTh_AFVHIeci5vZkdbBQRt2wbGDWZDBVdn6VOeFqqBJw1VSpvo5sOwQhfg445e5abkd7_8hY11V_8Z4CX7Bfb1oeepzKVsha9Jjnw86o6vDmOsyV0nlghLLlGZXiKLag-Ov4c7wY-GRHdU6yhqyh7mbD_RvZ7O_Xxa33x7vTBRm8lnINZopEilm6wrTzTvNPXXAMzfLy06Pliel5TRM-_GBjA_mfjeJ0HY5XGJEttPLKKFb5yZPJV67kNy9iZ1L5DmnlNlrcbxeRA-D3e-f2GSuzXpi_nOMssMXa6Y7jHBWtitQ3gS3Y5qe_2dF0sDna7LQDaW_XcDqPpCKwjz38xJIDYUu7f8gq7k1U3mELWIDeK_TTUelWBtxK8oPasgS1JfFRCgQGsHvq8yBXqexMztqeOhzDxzEQplAS4zw-xe8Nk-rBe2XN4KYR3VGKysXQX8Tk4_vYYq1GCia_3gj14fDr96YOxKwF6uwZhWTCqCQ8s0p4_fZK2bBzXapTjuF9oAuJvMDrPcUyQTduog0O7-JsErV6cnrSqhIlGQvuzN5KLFK4vSXfvQ2mdbXKePl7C938i_nb47vZkprpT_VklBts7IJGQj_mFVt3rMGtn6Hi5BlteLWmT-Pej1lSQZE7CT7DtOm3PgNeSHVgu1jeDasJir2tsogYvvZCj1z8TQJPEMg_CQH7BHqXBLfUb5lrbh3yMKvdmI5Frk5ll7D0mWw0ASa1rPvgD36tjOY6ZpVAapvoFQTdIWayfjuakTJX3njNJXHXjeh1IusTdTvDVygkNjvxV2DlD7nm_htvahPGR4NPP6XuKI_FDvwSztF7aeKcCGnFsMTiH_-RbVWtcjZLhIYNbk3HND5xMVpuM4-FXtGHEQx0bmGic0ET9afkBl6aYcCRg7SIDQGk8WDeRpDt8x_H2LozJNvssxPtCTGzil-HH4lIhdiygMCJnQKpIn1iV_OpIbO1au5tTGLffvAYbTugnkEngMrhJY34e6S_y5bYDX1Fhtv5d079gnlReO0kDc9QeSdxc4RvOvdVACKQ_wIJ48MiP7eMqnvoDFUNm3DsYO2QsSyv19g4eLsJc2qOOHO_Kb68AhBR3z4Ui0UfaDHa_cG6Y3KcdEdIOe1WDwUQXdFLF3vg768mt4aKBReL4bhTWP6QI-hgCoCQnFpBMYkZPvTNK75kMqdZcjCmx1BAROlhOTtqe3ZUUKnrK5FGJnEjAWunONXoV8GRisCgJH6imqxYXc00NDyS26dtMPm2QnlZpy14gkMMKCfMe6fPJHcyTJGE3kl2Gs05ivJD6i-Ep7HxrsjdwsdMmwq4icFi423RCY1iTpC45SE_LFqT7mZeIbrk8A7-tiEcH6vQsW6dbfMWIzcpyPZvTRnjtbKniKBTUiCabFtx_cDxJ97383gW0BeiB1hIykviw9h2LXfbYvjkuaCNP38Pu_z4XhgvOsVSdqHULI9cd5QIGn94ts5_MkwIgK6g0vnPHxiEA92ZYFkpxBon0A6EuDklDkqLoldUXtks81sA1qzZdvfL3iT2jPlby6tXFDN10mTEn-hgDkNjrPe-weJ17iNoHFYPF96kA8XrqGoeA8yTa7pTFgD70G8OIqjOyi-EtrMHnXzzeumSwnBjHOzGd0GboXdtZFa_QVrDNuJEDdFgJ2YQdIFxp_6kPSnpP9Wq5EBPsWI9U3nmQ0X4J55-Fb3s3-BZnJfgQiWofOKRlAp2oQjrNEGOr0KcYP7o_DqTCcs3IsvjE_jQM3IcGxq8RID2DBwz-ibrOw6wyKgAhkCmfUzqsiXswfQ4KzTk3msnDJJJI8fu-SHJTVMVsbe8aBLEEmTzIvWnP0WQ3OPU4dtquS7B9k77WmQ26U1GkDynYo7g0vuIRyqX3sbUG3xjyXU3aA1TZS9VxBV1pX4L_NNexGhPWhn5Y6KqeF_WMCQaCiQu3SfYJ-x0LXj_HwESzh5Q7A2qCsAGpQ0eTflWDWy2qyAOKiHKBo7w&pr=8%3AB50255B55BED452A&cid=CAQSMgBygQiDGZ2q6JURWvL6VaKkrD8MGPMMxb73yhEUa0iNONwGdf0I8B-LchOR1rjFixGiGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ds=l&xdt=1&iif=1&cor=5231338625520800000&adk=3753878679&idt=54&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11027
x-xss-protection: 0
server: cafe
etag: 5492578185836041520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 13:56:55 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/ Frame 51E4 11 KB
4 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 13:56:52 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 51E4 0
0 331ms
67ms Fetch
image/gif 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsux_0ciI-1ryy1mMk1XdWZ1IslspCLmnqV4CYyqFL6STdHaE9bpvv6lp0gfcbtn640IDnphzmOi7Jnd5kUrma3X6n-2XlJjhiG62q615rXegKsM5ek36kqtekfnwOlwxgf5ekG2YUqEYADS_VomsCG0lZQU56J58HqyUgbYK0fum3HSAaW4eiGhoa_nLnTcZBLF4KzPMj9Udh_6prCXHJI18BjufHLP6t4xAkBX88hNMPYTCL8y_7Crnw8UUeCa06kS1uA8wByAlyRZgzefyqG6R1H07Zc-QecqAa_xGiVCXMmn2TB8pKLz5D6OcReZWaIay6tWfnrSq2qg_PW03jypPSIeP-9dy_FfG2vMlxy4f8b5bEdBbVogwpkJyM2mgwOnJCTtfZaNeV3NDUoMDXBFcN34w5ykN3LeG5wZY5i0LEDYFYb-IffUstFlzZA6RDm4xn10myYRo_MeSrw-ltz8Ga2qyhziwR1-py1x1st84-3RTYtCMRVasMFoP_y2h964tR89SJzTGMx9MJCWtsG03vONJf6GgL3qmFc-xpDzbVGHjZZXCaGLWmrVwNEUt_pavWMecJgta7iStw5SOdjwph0N0IiwYLxynFJfcDqmbj9XK00BmXe4yalGOlCvGhMfJGNOGVXhEVTKHsZXQ0Hv213eLNP7IsOUkWzD6qNNoHS9WpFiLJbiUSRsvyy3P4N9nHpAQCM6O_CXppRm0wR65sYZg3N0yERJK6Qn7ARssVxcgI2Ucbh5e95TKTqdNQpytAfEbp6nraUIp5MphmicasRDHbO7KMTWEz1zYKx6DiVOWsPycoOpUFywFwIdf7xzIo7nco_y49IKirItH8WL5nd-nPn0BVHlqGtSYZaxHC7VLdauRJL14MQxAPFMtrd5CF1XGkp1XJOzj_xg7lveVljIg67EjD1sCRhSfMMJ0hZXW4U0nzpEK7Numyvso8pgLksmbUc9_A-cN6ugk-1IhVLlggDtStTPezasVZmP_UoPRTYRrjExKqdtQGm6LPcNI9SZMEmaHyLns-XEo4-3ioMWLR9qmPBeA9QsigTlHdnY5IZWHRq-SAPea8TFezfAw7H2_pqoePhy_xZkSNCqf_rpkuI7Hg17dxxxXBjNjF8EwHEpVFhqeK_ItdGlKca-Loj7Q_teF7FYQy8hkRjejc3Hsge5aHN7Grtau9GXTlY&sai=AMfl-YSt2sV51yj6um6ub_Jt1E8L2b5rnsu35yW3utd59-KjH9QJ5XvR-rWWNf8IFBPyYNtLCzjdLywDiCM37EMzWOANLE7Ry5_NNRco1eaXzEeqngWOUFqLyPn_Oe14R1QcW2GkeiEczQVfiC-H5hGK0V0211BfLnpRTuNQ_rcFkofri99LZ6OJsQv6SZxf7-Lo6_3mxi5aqvmsR08o36n91vkLWupzx8cXz2V_4ZKXQcpKIBhg0n5SUOUYxJI&sig=Cg0ArKJSzCM487YIYF8zEAE&uach_m=[UACH]&pr=8:B50255B55BED452A&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230530.41046&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 01 Jun 2023 23:43:40 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 01 Jun 2023 23:43:40 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 51E4 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230647
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 07:39:33 GMT

GET
H2 200 11851372808650513264
s0.2mdn.net/simgad/ Frame 51E4 69 KB
70 KB 277ms
20ms Image
image/jpeg 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11851372808650513264?sqp=uqWu0g0ICNgEEKABQGQ&rs=AOga4qnYZQ2l78gL8AESnI8PjcKzBdh3WA

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ea3d644c373d186b76aa1efa4290d417f5ee18a4341745dd291d9b590f2a6a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 10:31:40 GMT
x-content-type-options: nosniff
age: 133920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70780
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 09:45:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 May 2024 10:31:40 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D525 281 B
554 B 27ms
26ms Document
text/html 23.56.202.187

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 01 Jun 2023 23:43:40 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 51E4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1cbaf3eeef7c4d44c4ec9242da52a2966918006f65235d52ee3438f1e0ce73c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 frame.html Show response
ad4m.at/ Frame 8E50 2 KB
1 KB 32ms
32ms Document
text/html 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 995869
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7d0b51f76cc89b98-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 01 Jun 2023 23:43:40 GMT
expires: Mon, 08 May 2023 00:16:30 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTToIykDZOnTDyH3xlq5xnFN4qIe1PrY9tDEp0beaqCrUpp1dNu1UyDJqVMAdCDVur8ofiOeGSyjqGLeBmrZmsDd1rKmuh1XMVL6o6il5E5%2F%2Bno%2Bw2pp%2Bm1Y%2BEfCPlsl0vigeUA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame BA77 2 KB
1 KB 29ms
29ms Document
text/html 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 995869
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7d0b51f76cca9b98-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 01 Jun 2023 23:43:40 GMT
expires: Mon, 08 May 2023 00:16:30 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWhnLAOicrgDu2Pj7KOEwxP4Jzb5WQMx3RrTHeydcDN%2BJR%2BQGy7fbRv3sCOPChWvMJt2FopENk4%2BAXfETYDKxrlCV8TqzRgrFP29BPiYrMCdRu0C%2F%2BuL91ugxveLDNP29Q%2FEUkA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 6374 8 KB
4 KB 32ms
32ms Script
text/javascript 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=65010876;rtbwp=4bxct4KBIgNBwtnLLgxn0KzboUFQG3yp0;rtbdata=GDo4Ja9BKivdzl-qTJ3MfGpC-brmsP1QCyPm_XRLlFfw0NyRASa0c7SidME9_Qej89XHWrqMa8YQBwD72PpBsrbnyq3qf0ZBUJJo-ufrbEFy6hrPGmOyPjBAddEPUmj7RyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3jwvrS9T0J1WMzjR4oz79rmAkImYqO1g3DkUvmkmCPSoHsUeW1F3wxGRV-QcE45NG9CfmT8bPwR3V3fMpVJAh1rhQW6FXjSrzw2;csid=81917;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=KnTB0wTnfLN42u1ywTJ-2lvUG1M9t63qxgY_CyhV6i_GoLmUX_gCvZG4dWAZeGGwqpz1ZCDj3wQD803PKYJIdaH3rZQT8N4U3zkiSGsJ7Ih2G-h9goVtuaAWqbntrVNMmZZoi8xw8fboTo00h-sZ1KP1JJeoPeQKhTSXk_0PY31XuvP3-ye_moy1YG-aYPNt6YrNLUb_tkxV2MDN2nuLFrAcbPoHp0nX0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEqYXbye9b_jEA3kRsnI1poXXnenT7SaicAvfQyF5Uf8CTGGT_0J7dD96vWmW1dlSa0;;js=1;adfxid=1x;10805;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fpcloak.blob.core.windows.net

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b83aee6ab5341220143131e6b44acffd4d73963e125056219c1ff7f3057f77b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3757
expires: -1

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 49B1 22 KB
8 KB 26ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 180388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 21:37:12 GMT
expires: Wed, 29 May 2024 21:37:12 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame 4400 0
209 B 73ms
73ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685663017589&userId=vnetefd0516c-3240-4949-b137-84feadc2adc9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Thu, 01 Jun 2023 23:43:40 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 77D3 34 KB
10 KB 82ms
56ms Script
text/html 23.56.202.187

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e965445c73cc3e6944b4371a8f0b4a1b60c7765113d2c16f0043ce0a7b0ac0c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 23:43:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jun 2023 07:17:09 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=27213
Connection: keep-alive
Content-Length: 10112
Expires: Fri, 02 Jun 2023 07:17:13 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 6374 16 KB
7 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6830
x-xss-protection: 0
last-modified: Wed, 24 May 2023 18:59:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 02 Jun 2023 00:04:35 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 6374 35 B
588 B 33ms
32ms Ping
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=65010876&csi=cDlP8isyYd9teNBBQ8kcqyBZM13sQtzmVy-nRoStvTQJDwKV3Zer3AqXZ2QV7J9-snek2_Ev92-0MzM_DdNBF-LSFeXTyO4ccUAcIpDuM4SphdvJ71v-MQDeRGycjWmhded6dPtJqJwC99DIXlR_wJMYZP_Qnt0Pz-H32fnijRWvBg5SpT2O-QO8_7rsP1jj0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ye-mek.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://ye-mek.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0EBA 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 180388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 21:37:12 GMT
expires: Wed, 29 May 2024 21:37:12 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D525 34 KB
10 KB 25ms
20ms Script
text/html 23.56.202.187

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e965445c73cc3e6944b4371a8f0b4a1b60c7765113d2c16f0043ce0a7b0ac0c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 23:43:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jun 2023 07:17:09 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=27213
Connection: keep-alive
Content-Length: 10112
Expires: Fri, 02 Jun 2023 07:17:13 GMT

GET
H3 200 impl_v96.js Show response
www.googletagservices.com/dcm/ Frame 6374 49 KB
20 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v96.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 29 May 2023 16:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20157
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:41:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 May 2024 16:52:11 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame C6AA
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAqIKo3r-QW4D6obfzAE-0Q&google_cver=1&google_push=ATf1kGMEArfpGSRsx2TLm4IwAQ2IvCgZW4GgFTcJ2IlaY9uehRi7xFCX7-RUaIr1clyXpCyFY-0iVnuT5grcTWqyEuPqD_1ZKHHFO...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAqIKo3r-QW4D6obfzAE-0Q&google_cver=1&google_push=ATf1kGMEArfpGSRsx2TLm4IwAQ2IvCgZW4GgFTcJ2IlaY9uehRi7xFCX7-RUaIr1clyXpCyFY-0iVnuT5grcTWqyEuPqD_1ZKHH...

43 B
439 B

191ms
173ms

Image
image/gif

2606:4700::6812:19ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAqIKo3r-QW4D6obfzAE-0Q&google_cver=1&google_push=ATf1kGMEArfpGSRsx2TLm4IwAQ2IvCgZW4GgFTcJ2IlaY9uehRi7xFCX7-RUaIr1clyXpCyFY-0iVnuT5grcTWqyEuPqD_1ZKHHFOA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMEArfpGSRsx2TLm4IwAQ2IvCgZW4GgFTcJ2IlaY9uehRi7xFCX7-RUaIr1clyXpCyFY-0iVnuT5grcTWqyEuPqD_1ZKHHFOA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:41 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d0b51fa1eb19bef-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 941
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAqIKo3r-QW4D6obfzAE-0Q&google_cver=1&google_push=ATf1kGMEArfpGSRsx2TLm4IwAQ2IvCgZW4GgFTcJ2IlaY9uehRi7xFCX7-RUaIr1clyXpCyFY-0iVnuT5grcTWqyEuPqD_1ZKHHFOA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMEArfpGSRsx2TLm4IwAQ2IvCgZW4GgFTcJ2IlaY9uehRi7xFCX7-RUaIr1clyXpCyFY-0iVnuT5grcTWqyEuPqD_1ZKHHFOA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d0b51f84c5a9bef-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame C6AA 0
187 B 93ms
26ms Image
text/plain 98.98.134.241

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJu05ylZCmqTjuhslYIosPs&google_cver=1&google_push=ATf1kGNIAAwiAqtoefJUaXUbk502etpvXn2R6_SsGHzZAjyepbEwwjZ7a1vP3DjDBTKpS3Y5QMwW2aRpEJexImqvGQnh5ngacICgow
Requested by: Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 -, , ASN (),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6AA
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJAfKZlVsZINekr1MRytGkM&google_cver=1&google_push=ATf1kGMACsVf5siZJqnKwhcIp_e_plbRMya-NFoo2A-9VrCFkpfkuPymv_NMQELP-L8HH321XNAF6C6yeyzAUl4s18eiEOm...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJAfKZlVsZINekr1MRytGkM&google_cver=1&google_push=ATf1kGMACsVf5siZJqnKwhcIp_e_plbRMya-NFoo2A-9VrCFkpfkuPymv_NMQELP-L8HH321XNAF6C6yeyzAUl4s18eiE...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMACsVf5siZJqnKwhcIp_e_plbRMya-NFoo2A-9VrCFkpfkuPymv_NMQELP-L8HH321XNAF6C6yeyzAUl4s18eiEOmUcGKQ_Q

170 B
188 B

34ms
33ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMACsVf5siZJqnKwhcIp_e_plbRMya-NFoo2A-9VrCFkpfkuPymv_NMQELP-L8HH321XNAF6C6yeyzAUl4s18eiEOmUcGKQ_Q

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMACsVf5siZJqnKwhcIp_e_plbRMya-NFoo2A-9VrCFkpfkuPymv_NMQELP-L8HH321XNAF6C6yeyzAUl4s18eiEOmUcGKQ_Q
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 dds
rtb.openx.net/sync/ Frame C6AA 43 B
103 B 31ms
28ms Image
image/gif 35.227.252.103

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPd__e60t-P5yeKIKVW1C1Y&google_cver=1&google_push=ATf1kGPEo7VihGZYUcH5yVY88cRrbzJNJx060rJG2-vVgTqkPLdZpcgJ7aLgnJz32P7zqDLui33LUrPg-OeDRNVVbCkfj4EpCKBY
Requested by: Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6AA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NtxoPrXySYWdS6GOfaicmg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

30ms
30ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NtxoPrXySYWdS6GOfaicmg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGP9lPinK6b-EEK1ilo6kr7Shf-6-aPhCzMgGVvJJyny1RuMtPliaWPH2CL7_-mmQNkbOtM3gTNhGSKEsq6h-3CObfpsoUfg

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NtxoPrXySYWdS6GOfaicmg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGP9lPinK6b-EEK1ilo6kr7Shf-6-aPhCzMgGVvJJyny1RuMtPliaWPH2CL7_-mmQNkbOtM3gTNhGSKEsq6h-3CObfpsoUfg
date: Thu, 01 Jun 2023 23:43:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6AA
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOyVlZNv6ohv_ZNFH6TK5Yg&google_cver=1&google_push=ATf1kGNrjlI7CjkoF...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTc5NjQ5NTM2MTk0NTg3Nzg5OA%3D%3D&google_gid=CAESEOyVlZNv6ohv_ZNFH6TK5Yg&google_cver=1&google_push=ATf1kGNrjlI7CjkoF2PMCzwIbw31HoJvSn...

170 B
188 B

30ms
29ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTc5NjQ5NTM2MTk0NTg3Nzg5OA%3D%3D&google_gid=CAESEOyVlZNv6ohv_ZNFH6TK5Yg&google_cver=1&google_push=ATf1kGNrjlI7CjkoF2PMCzwIbw31HoJvSn8MCLi8hVAIASErunWSbM1Or5R-SQZo1DDdAeY6f-a2_ZYdlCq9x_Q9dLT_Pw_LHwbizmQ

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 01 Jun 2023 23:43:40 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c351ccce-9b9b-4500-b656-434849be5913
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTc5NjQ5NTM2MTk0NTg3Nzg5OA%3D%3D&google_gid=CAESEOyVlZNv6ohv_ZNFH6TK5Yg&google_cver=1&google_push=ATf1kGNrjlI7CjkoF2PMCzwIbw31HoJvSn8MCLi8hVAIASErunWSbM1Or5R-SQZo1DDdAeY6f-a2_ZYdlCq9x_Q9dLT_Pw_LHwbizmQ
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6AA
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOmq-BUy_...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=214844e6-f355-4f00-9120-f835efb2d8ef&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

30ms
29ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=214844e6-f355-4f00-9120-f835efb2d8ef&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=214844e6-f355-4f00-9120-f835efb2d8ef&%%GOOGLE_PUSH_PAIR%%
date: Thu, 01 Jun 2023 23:43:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C6AA 0
12 B 28ms
26ms Image
text/html 142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHFXwSCflE3P7vUEhW41Lh2KV9c0UF-XSzExPD9G0fRBZwtQpdqW0J1skJOr3W-jZwCiY4GMw

Requested by

Host: ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
URL: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 51E4 0
0 59ms
58ms Fetch
image/gif 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsux_0ciI-1ryy1mMk1XdWZ1IslspCLmnqV4CYyqFL6STdHaE9bpvv6lp0gfcbtn640IDnphzmOi7Jnd5kUrma3X6n-2XlJjhiG62q615rXegKsM5ek36kqtekfnwOlwxgf5ekG2YUqEYADS_VomsCG0lZQU56J58HqyUgbYK0fum3HSAaW4eiGhoa_nLnTcZBLF4KzPMj9Udh_6prCXHJI18BjufHLP6t4xAkBX88hNMPYTCL8y_7Crnw8UUeCa06kS1uA8wByAlyRZgzefyqG6R1H07Zc-QecqAa_xGiVCXMmn2TB8pKLz5D6OcReZWaIay6tWfnrSq2qg_PW03jypPSIeP-9dy_FfG2vMlxy4f8b5bEdBbVogwpkJyM2mgwOnJCTtfZaNeV3NDUoMDXBFcN34w5ykN3LeG5wZY5i0LEDYFYb-IffUstFlzZA6RDm4xn10myYRo_MeSrw-ltz8Ga2qyhziwR1-py1x1st84-3RTYtCMRVasMFoP_y2h964tR89SJzTGMx9MJCWtsG03vONJf6GgL3qmFc-xpDzbVGHjZZXCaGLWmrVwNEUt_pavWMecJgta7iStw5SOdjwph0N0IiwYLxynFJfcDqmbj9XK00BmXe4yalGOlCvGhMfJGNOGVXhEVTKHsZXQ0Hv213eLNP7IsOUkWzD6qNNoHS9WpFiLJbiUSRsvyy3P4N9nHpAQCM6O_CXppRm0wR65sYZg3N0yERJK6Qn7ARssVxcgI2Ucbh5e95TKTqdNQpytAfEbp6nraUIp5MphmicasRDHbO7KMTWEz1zYKx6DiVOWsPycoOpUFywFwIdf7xzIo7nco_y49IKirItH8WL5nd-nPn0BVHlqGtSYZaxHC7VLdauRJL14MQxAPFMtrd5CF1XGkp1XJOzj_xg7lveVljIg67EjD1sCRhSfMMJ0hZXW4U0nzpEK7Numyvso8pgLksmbUc9_A-cN6ugk-1IhVLlggDtStTPezasVZmP_UoPRTYRrjExKqdtQGm6LPcNI9SZMEmaHyLns-XEo4-3ioMWLR9qmPBeA9QsigTlHdnY5IZWHRq-SAPea8TFezfAw7H2_pqoePhy_xZkSNCqf_rpkuI7Hg17dxxxXBjNjF8EwHEpVFhqeK_ItdGlKca-Loj7Q_teF7FYQy8hkRjejc3Hsge5aHN7Grtau9GXTlY&sai=AMfl-YSt2sV51yj6um6ub_Jt1E8L2b5rnsu35yW3utd59-KjH9QJ5XvR-rWWNf8IFBPyYNtLCzjdLywDiCM37EMzWOANLE7Ry5_NNRco1eaXzEeqngWOUFqLyPn_Oe14R1QcW2GkeiEczQVfiC-H5hGK0V0211BfLnpRTuNQ_rcFkofri99LZ6OJsQv6SZxf7-Lo6_3mxi5aqvmsR08o36n91vkLWupzx8cXz2V_4ZKXQcpKIBhg0n5SUOUYxJI&sig=Cg0ArKJSzCM487YIYF8zEAE&uach_m=[UACH]&pr=8:B50255B55BED452A&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=346&vt=11&dtpt=345&dett=2&cstd=0&cisv=r20230530.41046&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Jun 2023 23:43:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 51E4 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvENZcM4Vz1C02cRRpL3CHBLZGAxN481_aKsCyU1ZdbKfVcVOLoOYXA5kPRMwbAXC5ETSmt08Bb0DWlcmW_0t08U3XlK2gNkVBtEMFfMsesA6D-CFmK1jkJoZocB7SJCaeZdJqjOvWuIn8LpYDrLq_ODHjOm3cMVNmwaQGd1tjj1iAhLWnQvNR7k0B0g48ukPD1Qe8jG4NEmE0AUvyoZH23LhfiL3VoyNp8PFYgItCdaP0APUd0diCkYhDtfFLhVccPe8mCNCBEqVTBwXDU39OUKQQ9hvu-we_nK7DA2kJDJtWjaUrQoC3Do5vk49cojBp5PP17sZPdkA8WyHtz6A&sai=AMfl-YSJP2vVshWhELWqZjZ0eHRPoilACF0uqfbh3A_y7jeoOBlQmM5DINdJdcPyTPuZo8ghA4QUaoSs0EzalMJhhGUUDuALiLsxZDh1zmAWPBw9dnmFw21OsesJMZLiDw&sig=Cg0ArKJSzND_H_ab2os2EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Jun 2023 23:43:40 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/7493198391404092334/ Frame EB6E 13 KB
3 KB 29ms
29ms Document
text/html 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MLk1GFzwcL&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6c6d900511c502a6d0b97a298ecab07040eb48a8756ec785beddb35006825f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2701
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:43:40 GMT
expires: Fri, 31 May 2024 23:43:40 GMT
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4BA6 0
0 66ms
66ms Fetch
image/gif 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5aiwuv_rRDarCAF01KDvJ65rjYcoDPbAHRIKHD3iulIURYbagUvaTNF6pzMy5agmgS0a0HwIZHIebLy-JhQw7LrKz4SrEyvv3CRd9So9RexwIzX-5B8QC2IfUQjKYJ7RTuQSVPaIj9zf6GXZd47jVjwzGiDczkfY5UO2b1GP-e8Ar2f44kewQMTJ6kJT7PREiZruSjlrFu5CBB2178FkiDaWw5VQJsu2rOcW4paPXkQkRb5Vegs0XgoI1LGJTPqp4Rty4EdC4UmKJPOkLQizC2cYuwJx4_3gxxvLgRA_UWwfVGpzNTvFz0yYuICMWFE0jX3MxPpgeDf7pwAehpHWGLKurZD5CgPPa_bT__hkTcAGQfiQ2AbexdK-52fqc9gzwaSlC759NQM2JYuqYjChZB5ARLNn1Yyy9Y_oKdbi-L1ssxdB_aavyDpxA6vY5KYdLIi1x1YU2LRpDV_3e4UfNvtsSYheGjNNei_jumR6nDalJmD9-JNAaFGP8mIchmHjK8_OgVzjKqa7nC_SqODzJ3pODACeOJgElv_6q0_s79y_i2iGhgWSU0OSOKo2tasTnB-BKZpRDbLeAGQlWtSvCP2bIRgxf3abEd7zv2X4Lqn-hmfZJq_mvlkHtYp1aaDnqzYr084He8BfzmIUATNJwU3NkZwdq0OnkFjmJ9JzuuPnAJ0BJ3Wc2Ief3JjdNU4aRD2KVg0und2cDW2XfImmO2NNhYoxCDJJQoYEHT91suNipnVsFvXFUZexhZNTCqW_qt92s7PE4dscgZoCiExJ95EqyBVqHIzVrwsj0rOIIAPkYzRsNi2Rhn-T631qYrV5ItDHbefeX-TR9cwBTpEgRXVFETFFrS85Hgs60PXPGjo5pDvops1dxL3OHThX9bRO535eSwOI4EA409O80_-6mLUrOoZDUCAqTNH34gexWOcwjr3G2gupxVrfwPNVGmXLZYhEPHFHktB8Dm-myWYRfEWr1uKHphTBpPsUEHNINQLxGcyzNv_IRx4UHVu17pzkYFpGl83imWD3zSEjpO9u0Wx9Wd2ZiJoYVIUMJFnqinsp90SX4EQaoNnGQpkko-5EE9wgIhvg-Wr19T4XTXg6iePMDY0-wRk5FpbKMe_46yp4sG7aGUIKxoB_PgZAv3obQCWmME0_c_BzFdfnv4fFZBWWM4tggWovATFZ1FYdaGIfuwvndc28UKQuoG1lKiwbIGbo2hSutwNgafftrjLHUp-EYPob7TS668v-xO3zXb9JUMgfS2HPunc4UAAA7YFicIMKwF0yhWApreoo_UulktX-FhVSpafSY8kY_6owoyVF-jHvw3uDGJFx0ZkVGvLlwFUxX2h5-GYEgpQ&sai=AMfl-YSt6z6YGZ3w3bHSOrxDEnu2pEIFpLhn_tvOjsW-ArDrqpnrghe082fQuuYT5l5xc5qF6e7Hv357SFBPeVxgETHwKUQb4hahQCX-ns6ZP1zlHSrXmFVtlpnbk6c0M2lz8myEKxTMfqYUXUyyTdNELakE4nub1T7wWGdLlnpThHYsSCqm5z-Al4_U9lXpBrLSWPbAOV1ZMbYiScDV0s3maax1dhBivLK_WYHKoFoAXOlygzUfxrsmpaXTboYuomKIZLDjU8I4L72Vh2zPTUs_xwn1oD9Ieg&sig=Cg0ArKJSzOcb0YxqhbnLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=449&cbvp=1&cstd=439&cisv=r20230530.42046&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 01 Jun 2023 23:43:40 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 01 Jun 2023 23:43:40 GMT

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 49B1 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 22:00:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 22:00:00 GMT

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 0EBA 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 22:00:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 22:00:00 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.229/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 6374 34 KB
15 KB 40ms
39ms Script
text/javascript 37.157.5.71

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.229/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 15:24:09 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 24 May 2023 10:46:06 GMT

GET
H2 200 B29887216.368266317;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=3213693593;ord=e3sjf6;click0=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D65010876%3Bcrtbwp%3D4bxct4KBIgNBwtnLLgxn0KzboUFQG... Show response
ad.doubleclick.net/ddm/adj/N1212566.3782089ADFORM_PGM/ Frame 6374 70 KB
30 KB 135ms
61ms Script
text/javascript 142.250.186.70

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1212566.3782089ADFORM_PGM/B29887216.368266317;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=3213693593;ord=e3sjf6;click0=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D65010876%3Bcrtbwp%3D4bxct4KBIgNBwtnLLgxn0KzboUFQG3yp0%3Bcrtbdata%3DGDo4Ja9BKivdzl-qTJ3MfGpC-brmsP1QCyPm_XRLlFfw0NyRASa0c7SidME9_Qej89XHWrqMa8YQBwD72PpBsrbnyq3qf0ZBUJJo-ufrbEFy6hrPGmOyPjBAddEPUmj7RyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3jwvrS9T0J1WMzjR4oz79rmAkImYqO1g3DkUvmkmCPSoHsUeW1F3wxGRV-QcE45NG9CfmT8bPwR3V3fMpVJAh1rhQW6FXjSrzw2%3Bccsid%3D81917%3Badfibeg%3D0%3Bcdata%3D25lFo2cIA9k4jpqAWpNe6DjCCV49w96ZTWGpS2_jFVElJUwa1DvnauC60wOI4CueBDQXR1kV9P6FwxG81lm5RB0G2j45OeLjM6HJXZqMiH2neRoFZXgSBBqpldGk7Grgwi6CD4TuYfgehfIN0_NVdAZUl8eRshIqWDKaf-jmd0Mr_PhiGXzP-MMt4hcvbA_Yt-Q8R0qhOUmy6EyEHynWQxLw3Ubh3IIg79RmYeSqToI2td1sRlzlHqoy4RunXhqLy1hB3xpLdZbc-LGMNH8YYLp0CLdWSp35N4r89vsOAqWEFBH4i0cXBfhxcn9wHRGkNPNAiokZ0sWuFqwhPKLxp1hI0NIOrq7ZYaJU2uM20Nn_opJd3eAZ9fJCHhrkY29ePchNFTaqWXwgfQuHuRVUBSTvO_Fq2i9mu2nUSVhDZuAkJ8o-FDJHmfmbHRSvXIbGldK-PFDm6p7tIO8SnwQnMzrFXmPeEND5qK7XOvQn-hdB4SKZKGrNxw2%3B%3BCREFURL%3Dhttps%253a%252f%252fpcloak.blob.core.windows.net%3BC%3D1%3Bcpdir%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fpcloak.blob.core.windows.net%2F$0;xdt=1;crlt=5nNu.N8v1i;stc=1;chaa=1;sttr=76;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

79b2fa499fea10d7e5ef3ce0851a5be9664e2043381655d7684b95d138311d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30011
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/7493198391404092334/css/ Frame EB6E 6 KB
1 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MLk1GFzwcL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ac2429c9dd60bbe0eeab4fb4322667db2a3566125b4a1d772c488381de05b9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MLk1GFzwcL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 17:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1446
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 17:14:23 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame EB6E 118 KB
40 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MLk1GFzwcL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MLk1GFzwcL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 07:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59094
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Jun 2023 07:18:46 GMT

GET
H3 200 overlay.png
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame EB6E 95 B
122 B 19ms
19ms Image
image/png 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/img/overlay.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MLk1GFzwcL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MLk1GFzwcL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 07:44:54 GMT
x-content-type-options: nosniff
age: 489526
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 07:44:54 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame EB6E 6 KB
3 KB 24ms
19ms Image
image/svg+xml 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/img/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MLk1GFzwcL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MLk1GFzwcL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 00:14:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2563
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 May 2024 00:14:57 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame EB6E 60 KB
24 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MLk1GFzwcL&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MLk1GFzwcL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Jun 2023 23:43:40 GMT

GET
H2 200 5ed7638be4b07a92411bbffe
ng.virgul.com/tck/i_vb2/ Frame 4400 0
209 B 60ms
59ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed7638be4b07a92411bbffe?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1685663020919&userId=vnetefd0516c-3240-4949-b137-84feadc2adc9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Thu, 01 Jun 2023 23:43:40 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame 4400 0
209 B 61ms
61ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1685663020919&userId=vnetefd0516c-3240-4949-b137-84feadc2adc9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Thu, 01 Jun 2023 23:43:40 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame 4400 0
209 B 60ms
59ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1685663020919&userId=vnetefd0516c-3240-4949-b137-84feadc2adc9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Thu, 01 Jun 2023 23:43:40 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame 4400 0
209 B 61ms
61ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1685663020919&userId=vnetefd0516c-3240-4949-b137-84feadc2adc9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Thu, 01 Jun 2023 23:43:40 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 62ms
39ms Preflight
text/plain 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d0b51f8fb3d1c60-FRA
content-length: 24
content-type: text/plain
date: Thu, 01 Jun 2023 23:43:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2oesZIWS10j9UpNdY1TsWE9ORohXRcBUgvvCksM6UeogpnQ7U4jCb3LJWt%2B1weogXFrxCh0IaqKLC61hV0tnIx18vlqLyOyXbMjgMEVVcus1KL9oji3SygFvOpmGta6vtHLOqY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-jtm5

POST
H3 200 rs Show response
ad4m.at/ Frame E0FF 2 KB
2 KB 45ms
45ms XHR
text/plain 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 895005ee25ee58c98d5a015a6d3f41c72eafcbde49431119cbb60e27d1265130

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gu3rF4MsXwxQ%2FhW1NIhbd9FSJpLN1gg1MAUkcVJHbv32jRQiqCYZwdPfZF5njHdZSoMOSroAM9kEKsSmE9MmkX4pdbojeyd82KZZ502K0RO7gYwHzBRPeRgyOSYV6t8uJ7iNP%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7d0b51f93bbc1c60-FRA
x-backend-server: aa-reachservice-group-europe-west1-jtm5
alt-svc: h3=":443"; ma=86400

GET
H2

200

setuid
px.ads.linkedin.com/ Frame D525
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIDS8L4P-17-IYKZ

0
649 B

259ms
197ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIDS8L4P-17-IYKZ
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:40 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 85252D01973848489C102D110151B8CA Ref B: FRAEDGE1214 Ref C: 2023-06-01T23:43:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX9GgGX/A+BvqJbls2Ptg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIDS8L4P-17-IYKZ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame D525
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=h09IkGWdRe-atBys891umw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=h09IkGWdRe-atBys891umw

43 B
720 B

125ms
124ms

Image
image/gif

67.220.224.144

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=h09IkGWdRe-atBys891umw

Protocol

HTTP/1.1

Server

67.220.224.144 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 23:43:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H6SFS1YZ9AWYPCM5X7BC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=h09IkGWdRe-atBys891umw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame D525 70 B
264 B 51ms
49ms Image
image/gif 3.33.220.150

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame D525
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xQBa27u6SneAbygAfoFy8A&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xQBa27u6SneAbygAfoFy8A

43 B
479 B

122ms
122ms

Image
image/gif

52.46.155.104

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xQBa27u6SneAbygAfoFy8A

Protocol

HTTP/1.1

Server

52.46.155.104 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 23:43:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CJQQPM7R7JEGYB5GYD4B
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xQBa27u6SneAbygAfoFy8A
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D525
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2I4NWQ1MWJjYWM5MTliNzI2MzE1OTQ0NGE0NGZjNDkxYmY2ZWM3ZQ

170 B
188 B

30ms
30ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2I4NWQ1MWJjYWM5MTliNzI2MzE1OTQ0NGE0NGZjNDkxYmY2ZWM3ZQ

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=M2I4NWQ1MWJjYWM5MTliNzI2MzE1OTQ0NGE0NGZjNDkxYmY2ZWM3ZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame D525
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/9MD91GFFrLRlKJRWFXSV48n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-W11.mMJE2oJew_jJvcVCWyjzIJniLeM5GRk4gA--~A

0
239 B

42ms
23ms

Image
image/gif

69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-W11.mMJE2oJew_jJvcVCWyjzIJniLeM5GRk4gA--~A
Protocol: HTTP/1.1
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 01 Jun 2023 23:43:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-W11.mMJE2oJew_jJvcVCWyjzIJniLeM5GRk4gA--~A
content-length: 0

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 61ms
41ms Preflight
text/plain 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d0b51f8fb3e1c60-FRA
content-length: 24
content-type: text/plain
date: Thu, 01 Jun 2023 23:43:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22dU4YUkoZ7Ea4sZDmJTOeohzE1rAEWlN2svmc9K%2FK1stjzA5SPPyH3GnaZy8Wz%2BtgeY9tKJ06ZkT3PDXhvQ%2FuAtlpEu2igY8sYVnx3kiMLDnxWqssPEhbSDhFCvUqgBtiojqMw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-jtm5

POST
H3 200 rs Show response
ad4m.at/ Frame 4A1E 2 KB
2 KB 44ms
44ms XHR
text/plain 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 19570ac2ab7b94b4f118484b49f9cb9813f8a0416be1cd9e44ab7970b922a1ed

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmqtgbPlbcpYOE3LNPBULGAZ5zmmi1q4LeeBoJC3x9bT57LRQBNQKIkDaHBw6KiMK%2FovXMCnVSMNSU5NG1owMDmluQpNZkvYwTKTFxcSIcVClXloD3j%2BJ4fLeBXp1g5FaymVB1w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7d0b51f93bbe1c60-FRA
x-backend-server: aa-reachservice-group-europe-west1-jtm5
alt-svc: h3=":443"; ma=86400

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame D525
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJvhe7rYXbbDfp6-jXcXm4U&google_cver=1

0
239 B

128ms
19ms

Image
image/gif

69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJvhe7rYXbbDfp6-jXcXm4U&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJvhe7rYXbbDfp6-jXcXm4U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D525
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElEUzhMNFAtMTctSVlLWg==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECbIARURgBtTgS-aXYXFqvA&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElEUzhMNFAtMTctSVlLWg==&google_push=

170 B
188 B

30ms
30ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElEUzhMNFAtMTctSVlLWg==&google_push=

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElEUzhMNFAtMTctSVlLWg==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3 200 FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame EB6E 13 KB
13 KB 20ms
19ms Font
font/woff 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaCondMedium.subline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 508111
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13336
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 02:35:09 GMT

GET
H3 200 FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame EB6E 12 KB
12 KB 24ms
24ms Font
font/woff 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaBlack.headline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 11:23:09 GMT
x-content-type-options: nosniff
age: 476431
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11876
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 11:23:09 GMT

GET
H3 200 FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/7493198391404092334/fonts/ Frame EB6E 14 KB
14 KB 21ms
21ms Font
font/woff 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/fonts/FordAntennaRegular.legal.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 26 May 2023 23:45:45 GMT
x-content-type-options: nosniff
age: 518275
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14468
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 May 2024 23:45:45 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 6374 111 KB
39 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 10:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Jun 2023 10:17:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/ Frame 6374 11 KB
4 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1212566.3782089ADFORM_PGM/B29887216.368266317;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=3213693593;ord=e3sjf6;click0=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D65010876%3Bcrtbwp%3D4bxct4KBIgNBwtnLLgxn0KzboUFQG3yp0%3Bcrtbdata%3DGDo4Ja9BKivdzl-qTJ3MfGpC-brmsP1QCyPm_XRLlFfw0NyRASa0c7SidME9_Qej89XHWrqMa8YQBwD72PpBsrbnyq3qf0ZBUJJo-ufrbEFy6hrPGmOyPjBAddEPUmj7RyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3jwvrS9T0J1WMzjR4oz79rmAkImYqO1g3DkUvmkmCPSoHsUeW1F3wxGRV-QcE45NG9CfmT8bPwR3V3fMpVJAh1rhQW6FXjSrzw2%3Bccsid%3D81917%3Badfibeg%3D0%3Bcdata%3D25lFo2cIA9k4jpqAWpNe6DjCCV49w96ZTWGpS2_jFVElJUwa1DvnauC60wOI4CueBDQXR1kV9P6FwxG81lm5RB0G2j45OeLjM6HJXZqMiH2neRoFZXgSBBqpldGk7Grgwi6CD4TuYfgehfIN0_NVdAZUl8eRshIqWDKaf-jmd0Mr_PhiGXzP-MMt4hcvbA_Yt-Q8R0qhOUmy6EyEHynWQxLw3Ubh3IIg79RmYeSqToI2td1sRlzlHqoy4RunXhqLy1hB3xpLdZbc-LGMNH8YYLp0CLdWSp35N4r89vsOAqWEFBH4i0cXBfhxcn9wHRGkNPNAiokZ0sWuFqwhPKLxp1hI0NIOrq7ZYaJU2uM20Nn_opJd3eAZ9fJCHhrkY29ePchNFTaqWXwgfQuHuRVUBSTvO_Fq2i9mu2nUSVhDZuAkJ8o-FDJHmfmbHRSvXIbGldK-PFDm6p7tIO8SnwQnMzrFXmPeEND5qK7XOvQn-hdB4SKZKGrNxw2%3B%3BCREFURL%3Dhttps%253a%252f%252fpcloak.blob.core.windows.net%3BC%3D1%3Bcpdir%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fpcloak.blob.core.windows.net%2F$0;xdt=1;crlt=5nNu.N8v1i;stc=1;chaa=1;sttr=76;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 13:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 6053914914909336730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 13:56:52 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6374 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 07:39:33 GMT

GET
DATA 200
OK truncated
/ Frame 6374 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad5c65b1bd2f1809f6a1f53e7c676971bd09370a3feed468d7c444a33cdde8c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EB6E 7 KB
6 KB 33ms
33ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca82cfd8cd2ec61cf115e16f27eee14f299308188b72f01e0758179c4f8a6522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5673
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame BFFC 10 KB
5 KB 43ms
43ms Document
text/html 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=728&d=90&e=&g=2f1158fc991c25af1e19f705482bfafd%2F2321417586194464727&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685663021011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnssdrexzwrvk550v7byadesefwr151qd1b1ttqbnvnwpswhpsyveq04c3mf5n1y193kj2x0epzgfajtej05msb839mf7aaqr0hkbysac9cgpzrhftahcc6kava2y8ay82g2mhe8ax8a3hv1jb13r51z69xx5rx79cjbj7sssq2qmh9arsdkwcz2m774vcdrfwq0kwjjjhz7t7ktbb49v47cd0x10tppceevkxcyhans96504k6wrd1yjmrz54e6vg6gf74p8abrad0cfs0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

0cc8f436c8d6a58a7cfc6ecd100cc12f39b19b13770b664a3bd80373d844e2d3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hcvd9367dxd51e1dk3mkfpdrx59bgsvqnm7ytpcewgtn1ced5aqxx5a0wm7bq5fm0sgh80vhm9a6fswp37zhp7nkehkg6mqtxtwm07v7x81mg4y995v27trxq1pz6222vjq8rv53aksjgas331s8c0y0dd25e6f8fwrct10pg195qc307pdhz9y130x6m6wap8jf7yekqmj2kssq3zxpf3kef2k2sgn3gxhg556rme75bwjw92wnzqt5d337ry7ej92ksdr5vccc66d46173bhwc82evkt0r6c06bdxr00dj4qk8qmwnj8f806nw64rcezpcn05374rxfa3zspv9f7kcjrmsm7zqzvcashz2865cnj68nyk1xk7srw6dpchd2bnv244f40yxs6wd17kw38bptvyawcmrgn6a2s4v714styaasbg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%26client%3Dca-pub-7983651257838282%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d0b51fa0fe59b98-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:43:41 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 22FA 11 KB
5 KB 44ms
44ms Document
text/html 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=98ee16c764ac1be3f2c5a400ca932306%2F4715799845315985016&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685663021012&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdp53vktf3p893wfmpssbbnr1hdqd726sjj3wnbyf0r1xtet3m0b8tdb8xz0x8gba9v45y68fyfaanhjsah7d115kwdc9zz4vw2rc14m54mk200bz59859bksrj7gw648739g0nnq3344rg9csdfbbc6c7sst3sdepm6thnv501ekke56az0wefk576wv2dj2skzawsx5bdezp7jfz7nk5360k5r88kfq5j8zrvgdf0g8yngzwkgy8q5qsaw0t4afv0dx9n5wmdqjkp9c82csfj94%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ef5ed6fdb4149f11677dfe737c6a275538efc7ccece2f9435252460881370a26

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kbyrqmej76jaqcya7wetq1t9kvkpntq7tfeq6excjg8avmxpnfy5vfwgw5k286zh1hm76327s21zjqgg79k6jenqxqv2ragg6cs3tfsrstabnggx5arcyr4syzcqwwkbnmdezaq9asaevz065r9dr5t963pcebd2eqjgkb9cxw7w139znby1h3ja6pt946m63mq2dasfw625kp9x7ytwhbtzkwznxpasynsgan1vz5pg669qm1ft4vtpsqbht78v5qg4yctns9nsqr01wvdfzrc3fxhppwxc3bt05vmkpz9z0c1vc8kab01ged51pv83nxwye51dgrc5wth3x7nqxt1trksw7zs6tb6t9am078b3n5gbzntxj3nvr2yt4zzcgcjnyckcvb3qxrsbw0m07y636q69zrvgswrskybde2eha32k7vm8xy84m17ajmfnkzbeard1c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%26client%3Dca-pub-7983651257838282%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d0b51fa0fe79b98-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:43:41 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4BA6 0
0 57ms
56ms Fetch
image/gif 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5aiwuv_rRDarCAF01KDvJ65rjYcoDPbAHRIKHD3iulIURYbagUvaTNF6pzMy5agmgS0a0HwIZHIebLy-JhQw7LrKz4SrEyvv3CRd9So9RexwIzX-5B8QC2IfUQjKYJ7RTuQSVPaIj9zf6GXZd47jVjwzGiDczkfY5UO2b1GP-e8Ar2f44kewQMTJ6kJT7PREiZruSjlrFu5CBB2178FkiDaWw5VQJsu2rOcW4paPXkQkRb5Vegs0XgoI1LGJTPqp4Rty4EdC4UmKJPOkLQizC2cYuwJx4_3gxxvLgRA_UWwfVGpzNTvFz0yYuICMWFE0jX3MxPpgeDf7pwAehpHWGLKurZD5CgPPa_bT__hkTcAGQfiQ2AbexdK-52fqc9gzwaSlC759NQM2JYuqYjChZB5ARLNn1Yyy9Y_oKdbi-L1ssxdB_aavyDpxA6vY5KYdLIi1x1YU2LRpDV_3e4UfNvtsSYheGjNNei_jumR6nDalJmD9-JNAaFGP8mIchmHjK8_OgVzjKqa7nC_SqODzJ3pODACeOJgElv_6q0_s79y_i2iGhgWSU0OSOKo2tasTnB-BKZpRDbLeAGQlWtSvCP2bIRgxf3abEd7zv2X4Lqn-hmfZJq_mvlkHtYp1aaDnqzYr084He8BfzmIUATNJwU3NkZwdq0OnkFjmJ9JzuuPnAJ0BJ3Wc2Ief3JjdNU4aRD2KVg0und2cDW2XfImmO2NNhYoxCDJJQoYEHT91suNipnVsFvXFUZexhZNTCqW_qt92s7PE4dscgZoCiExJ95EqyBVqHIzVrwsj0rOIIAPkYzRsNi2Rhn-T631qYrV5ItDHbefeX-TR9cwBTpEgRXVFETFFrS85Hgs60PXPGjo5pDvops1dxL3OHThX9bRO535eSwOI4EA409O80_-6mLUrOoZDUCAqTNH34gexWOcwjr3G2gupxVrfwPNVGmXLZYhEPHFHktB8Dm-myWYRfEWr1uKHphTBpPsUEHNINQLxGcyzNv_IRx4UHVu17pzkYFpGl83imWD3zSEjpO9u0Wx9Wd2ZiJoYVIUMJFnqinsp90SX4EQaoNnGQpkko-5EE9wgIhvg-Wr19T4XTXg6iePMDY0-wRk5FpbKMe_46yp4sG7aGUIKxoB_PgZAv3obQCWmME0_c_BzFdfnv4fFZBWWM4tggWovATFZ1FYdaGIfuwvndc28UKQuoG1lKiwbIGbo2hSutwNgafftrjLHUp-EYPob7TS668v-xO3zXb9JUMgfS2HPunc4UAAA7YFicIMKwF0yhWApreoo_UulktX-FhVSpafSY8kY_6owoyVF-jHvw3uDGJFx0ZkVGvLlwFUxX2h5-GYEgpQ&sai=AMfl-YSt6z6YGZ3w3bHSOrxDEnu2pEIFpLhn_tvOjsW-ArDrqpnrghe082fQuuYT5l5xc5qF6e7Hv357SFBPeVxgETHwKUQb4hahQCX-ns6ZP1zlHSrXmFVtlpnbk6c0M2lz8myEKxTMfqYUXUyyTdNELakE4nub1T7wWGdLlnpThHYsSCqm5z-Al4_U9lXpBrLSWPbAOV1ZMbYiScDV0s3maax1dhBivLK_WYHKoFoAXOlygzUfxrsmpaXTboYuomKIZLDjU8I4L72Vh2zPTUs_xwn1oD9Ieg&sig=Cg0ArKJSzOcb0YxqhbnLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=758&vt=11&dtpt=309&dett=3&cstd=439&cisv=r20230530.42046&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Jun 2023 23:43:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4400 0
0 55ms
55ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305310101&jk=3034555866243605&bg=!-fql-q7NAAZu7ficTu07ADkAdvg8WvvwkSYwTTv9ZHBPzUv0oX8ZE0KU_fpV8womte50DvtJLOit6Q7ACs5hhS_G7CRuo3i6xEYCAAACbFIAAAADaAEHCgB0SSkbsKBFIZ82qwJucXfmlWawauCvzCQdu2buqZfhZ3o-tRAJMkRCmx9--vzOBIlwd8w5t6T8aM0SiSlqVGWrS52MQft6SOnn5l4kxaqK7ixkfy3-_dGylkRe7IXO6ct02mZ069_pGnn2DHbGG_x3V8Kk9QCZAwU_44BDbXezslgkoJUaB0HAor7vgtV6rQUS0jVkmSw-YSbeEOsp7oVOCrkKc5wIuOazFhTQ9nl9qXyuCsmA077yX8KuGsxSnr9PPlvu-BwX4zdDqnaKUAUKXz5OdpjFHhBKEg5Id2A-FI9dlZoEXqUYIWh57lssai4jAqHWBWBzuMKrmc30MCPj4CqMEMTiNyFV_9AyoFgxKS121xkiCLP3cwPSkm5kGNOIOe3mTmIb2JBCOf3CS5k4IwGoQEjIv46BlG8dY_1td2Vfaql9gGCeiOFIOCF2CpZp2X8L2KMk5SY-bFS7kHOexCZCt94k8DCuJBd1UMycA1FmvkjLc3rTPnECpu2up8EyZs5Z51UDJ0CU9h6ovt460w1fo00WurX5-NoxvQhFLBHe7dDxqbIwA1yJhNWAhZB7zzecS2sLJLdZE3wiIDm0Topux9lhqdNb8ug6eKtEvhDIajKWAtyiPeYIDhevi1gr8en_6ECC0jNDI1oP5GNwbuItfwnKOe4__scjDrER_5aqCHaSyWuXpknLxKhO41paymxiN3HecxMe9Hx-tQYIof0m8Sb_gn8k36GDTAQ0aAyKeDt0FOlFj8aZ2uvCNi7HTVqmQqsAhU5W-fVBH2uOlHDIjQZcGkv_LJVo63DrCP5pbDqW1VAbuCb38OAg3rpze9qm4xDpsIxfMI-DCaHF6JMZdhDw5TCUXeLxvs6PtOu9zFZnptFhCHDMeUtiZxHdyd_E7OgT-qMbpbSwKtSEfq77wCMlhOdXQhfeHdq0dCwGxDlH9Ju610o0za_Owf0nKU0VD_9STEnaYsDud9BMLLZjsPdO-cUYAZ9mU5y_z1NSxkfSrgPde9XYaHePklzW6-d7WHIZNHcF1WxB4QIynEHZpdhoLSStgPA-YbOSCLn7UGG1yfn22iwCL89NQxF-I2E0b68Hb7VrCdgXhyt0CgjhnPpTmUMHhoZG1AYfZuvwPwZinQWyQjOZC1Tn3SJCkEFSYf_7dDjdgW15FHU2hlO06dNmF4kY0RFN_w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 visual.jpg
s0.2mdn.net/sadbundle/7493198391404092334/img/ Frame EB6E 84 KB
84 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7493198391404092334/img/visual.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b438fcb0b6409866bcf245a57397590528a9db351cceb09953f27f9105069895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7493198391404092334/index.html?e=69&leftOffset=0&topOffset=0&c=MLk1GFzwcL&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 508112
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86025
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 May 2024 02:35:09 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EB6E 17 KB
6 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 23:43:41 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6374 0
0 57ms
56ms Fetch
image/gif 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsua49mUdl0h7bIxH0YAfNCtzYvfM9wyZfruKM002FQm1_Ys_aRax18oPJ7NVmKHEo2lhwctLagOxr0vw6bIyiE84TjuwAXUPFbNB7dqv5It3tbZ7LNKQ5JZpQFP_DXnUiVaREV5kUFuC4A8aCk9_ulrSiO98CRFNqYvLA3NGZ-k6iW7etYV&sai=AMfl-YSZruALegU9gw7vevICV1V7umu_aPPXaIGu1eL8MUdyHepfcMAekyIdl5UuD30AlDrlyhBngcIIaPOCodNicg9xIj43d1DqreMVBA&sig=Cg0ArKJSzOOmlhLZqbgGEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=127&cbvp=1&cisv=r20230530.01487&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Jun 2023 23:43:41 GMT

GET
H3 200 8744708956824636498
s0.2mdn.net/simgad/ Frame 6374 50 KB
50 KB 21ms
20ms Image
image/gif 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8744708956824636498

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6d27db31ff47db31fcf69a7d4397eb20533d3f7189ed80a4d5345a9d449fc5bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 19:00:04 GMT
x-content-type-options: nosniff
age: 103417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51521
x-xss-protection: 0
last-modified: Fri, 26 May 2023 15:54:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 May 2024 19:00:04 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame BFFC 103 KB
13 KB 30ms
30ms Stylesheet
text/css 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=728&d=90&e=&g=2f1158fc991c25af1e19f705482bfafd%2F2321417586194464727&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685663021011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnssdrexzwrvk550v7byadesefwr151qd1b1ttqbnvnwpswhpsyveq04c3mf5n1y193kj2x0epzgfajtej05msb839mf7aaqr0hkbysac9cgpzrhftahcc6kava2y8ay82g2mhe8ax8a3hv1jb13r51z69xx5rx79cjbj7sssq2qmh9arsdkwcz2m774vcdrfwq0kwjjjhz7t7ktbb49v47cd0x10tppceevkxcyhans96504k6wrd1yjmrz54e6vg6gf74p8abrad0cfs0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=728&d=90&e=&g=2f1158fc991c25af1e19f705482bfafd%2F2321417586194464727&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685663021011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnssdrexzwrvk550v7byadesefwr151qd1b1ttqbnvnwpswhpsyveq04c3mf5n1y193kj2x0epzgfajtej05msb839mf7aaqr0hkbysac9cgpzrhftahcc6kava2y8ay82g2mhe8ax8a3hv1jb13r51z69xx5rx79cjbj7sssq2qmh9arsdkwcz2m774vcdrfwq0kwjjjhz7t7ktbb49v47cd0x10tppceevkxcyhans96504k6wrd1yjmrz54e6vg6gf74p8abrad0cfs0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 893064
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbBNaeb1lgB6yxoYO2s7OVydd9MLXBooyIyRUU%2BraFKYynkW5kxmH6NOl4rKvSZUElzEwtRgFXGuV0isTHfIRe88LZM3PKCN4UN86wAFCQlyzQmagfL5pdR2I9grzFbgIwUIr5tBlno%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7d0b51fa78359b98-FRA
expires: Fri, 02 Jun 2023 00:43:41 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame BFFC 44 KB
44 KB 50ms
29ms Image
image/webp 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=728&d=90&e=&g=2f1158fc991c25af1e19f705482bfafd%2F2321417586194464727&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685663021011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnssdrexzwrvk550v7byadesefwr151qd1b1ttqbnvnwpswhpsyveq04c3mf5n1y193kj2x0epzgfajtej05msb839mf7aaqr0hkbysac9cgpzrhftahcc6kava2y8ay82g2mhe8ax8a3hv1jb13r51z69xx5rx79cjbj7sssq2qmh9arsdkwcz2m774vcdrfwq0kwjjjhz7t7ktbb49v47cd0x10tppceevkxcyhans96504k6wrd1yjmrz54e6vg6gf74p8abrad0cfs0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1384315
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxdH6D05mX9dF9Uk1WsJDEESKz7Ms8TjrrV0yLpK%2BEg1fxlmW4LSDjXJTY%2B%2BbCeovQDogSs8BE4koH85nRS0GCmdfmahWCJkYnbul%2BBrP8QiOrbxCU5OahAFJfvARaY0Sbr8V%2BfmDYvTJehZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d0b51fa9ccb1c20-FRA
expires: Fri, 02 Jun 2023 23:43:41 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame BFFC 222 KB
222 KB 58ms
50ms Image
image/webp 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=728&d=90&e=&g=2f1158fc991c25af1e19f705482bfafd%2F2321417586194464727&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685663021011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnssdrexzwrvk550v7byadesefwr151qd1b1ttqbnvnwpswhpsyveq04c3mf5n1y193kj2x0epzgfajtej05msb839mf7aaqr0hkbysac9cgpzrhftahcc6kava2y8ay82g2mhe8ax8a3hv1jb13r51z69xx5rx79cjbj7sssq2qmh9arsdkwcz2m774vcdrfwq0kwjjjhz7t7ktbb49v47cd0x10tppceevkxcyhans96504k6wrd1yjmrz54e6vg6gf74p8abrad0cfs0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1145122
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400
content-length: 226916
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64oC140p8VJUKm%2FH56SAl2sGQ5tSUpZPZlpUyo0e7hk5ynzyKswYprKLS9qfeQLT6Wvk%2FQNpmAhgcDwBiMkp6LO9vHpCk1dniDmDQDUL1WtVeernsc1HU%2Bbx524tOj3HE3hjA3bACH%2BS3Q1I"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d0b51fa9cca1c20-FRA
expires: Fri, 02 Jun 2023 23:43:41 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame BFFC
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1685663021_23767070-00d6-11ee-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=

0
471 B

102ms
31ms

Image
text/plain

2606:4700::6812:7e05

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1685663021_23767070-00d6-11ee-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=728&d=90&e=&g=2f1158fc991c25af1e19f705482bfafd%2F2321417586194464727&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685663021011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnssdrexzwrvk550v7byadesefwr151qd1b1ttqbnvnwpswhpsyveq04c3mf5n1y193kj2x0epzgfajtej05msb839mf7aaqr0hkbysac9cgpzrhftahcc6kava2y8ay82g2mhe8ax8a3hv1jb13r51z69xx5rx79cjbj7sssq2qmh9arsdkwcz2m774vcdrfwq0kwjjjhz7t7ktbb49v47cd0x10tppceevkxcyhans96504k6wrd1yjmrz54e6vg6gf74p8abrad0cfs0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7e05 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
cache-control: no-cache
cf-ray: 7d0b51fc1ead3a9a-FRA
content-length: 0
expires: -1

Redirect headers

Date: Thu, 01 Jun 2023 23:43:41 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1685663021_23767070-00d6-11ee-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame BFFC 74 KB
74 KB 61ms
52ms Image
image/png 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=728&d=90&e=&g=2f1158fc991c25af1e19f705482bfafd%2F2321417586194464727&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685663021011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnssdrexzwrvk550v7byadesefwr151qd1b1ttqbnvnwpswhpsyveq04c3mf5n1y193kj2x0epzgfajtej05msb839mf7aaqr0hkbysac9cgpzrhftahcc6kava2y8ay82g2mhe8ax8a3hv1jb13r51z69xx5rx79cjbj7sssq2qmh9arsdkwcz2m774vcdrfwq0kwjjjhz7t7ktbb49v47cd0x10tppceevkxcyhans96504k6wrd1yjmrz54e6vg6gf74p8abrad0cfs0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 324881
cf-polished: origSize=115129, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 75430
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5%2FvwS3kb13Nlb8IyYMALUdAf4PR5GcO7YAVOMFRaj0%2FGFvqphWh6FiQbYmLr2yGBNjI9z9uml9Um64Cest%2FC%2F5im1USpNG%2BppLXt19noT8765HhzidnbHg7rsVVJ2YTe7BnFpk%2BVyNxhC0K"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d0b51fabce71c20-FRA
expires: Fri, 02 Jun 2023 23:43:41 GMT

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame BFFC 23 KB
23 KB 56ms
48ms Image
image/webp 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=728&d=90&e=&g=2f1158fc991c25af1e19f705482bfafd%2F2321417586194464727&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685663021011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnssdrexzwrvk550v7byadesefwr151qd1b1ttqbnvnwpswhpsyveq04c3mf5n1y193kj2x0epzgfajtej05msb839mf7aaqr0hkbysac9cgpzrhftahcc6kava2y8ay82g2mhe8ax8a3hv1jb13r51z69xx5rx79cjbj7sssq2qmh9arsdkwcz2m774vcdrfwq0kwjjjhz7t7ktbb49v47cd0x10tppceevkxcyhans96504k6wrd1yjmrz54e6vg6gf74p8abrad0cfs0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1105919
cf-polished: qual=85, origFmt=jpeg, origSize=132437
alt-svc: h3=":443"; ma=86400
content-length: 23154
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rNMUg48gL7RUf0KBNFzYKu%2Bb23K1CaXLoE%2FFUkfzfrsqzEaVhP%2BTgF74%2F0p34sRSCyJH4H2u9z4yzqHLBT6nrKSj75gUjMCmQCjKHaQLx0J849rxkoU6EqenXwTc2zn9FgcXWsC9%2FDlY0j%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d0b51fa9cd01c20-FRA
expires: Fri, 02 Jun 2023 23:43:41 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame BFFC
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKrW3Iygo_8CFRjvEQgdrPIDRw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023060201434185523008087X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

100ms
38ms

Image
image/gif

167.233.13.224

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023060201434185523008087X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023060201434185523008087X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=728&d=90&e=&g=2f1158fc991c25af1e19f705482bfafd%2F2321417586194464727&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685663021011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnssdrexzwrvk550v7byadesefwr151qd1b1ttqbnvnwpswhpsyveq04c3mf5n1y193kj2x0epzgfajtej05msb839mf7aaqr0hkbysac9cgpzrhftahcc6kava2y8ay82g2mhe8ax8a3hv1jb13r51z69xx5rx79cjbj7sssq2qmh9arsdkwcz2m774vcdrfwq0kwjjjhz7t7ktbb49v47cd0x10tppceevkxcyhans96504k6wrd1yjmrz54e6vg6gf74p8abrad0cfs0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 23:43:41 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023060201434185523008087X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023060201434185523008087X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Thu, 01 Jun 2023 23:43:41 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame BFFC 9 KB
9 KB 57ms
49ms Image
image/webp 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=728&d=90&e=&g=2f1158fc991c25af1e19f705482bfafd%2F2321417586194464727&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685663021011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnssdrexzwrvk550v7byadesefwr151qd1b1ttqbnvnwpswhpsyveq04c3mf5n1y193kj2x0epzgfajtej05msb839mf7aaqr0hkbysac9cgpzrhftahcc6kava2y8ay82g2mhe8ax8a3hv1jb13r51z69xx5rx79cjbj7sssq2qmh9arsdkwcz2m774vcdrfwq0kwjjjhz7t7ktbb49v47cd0x10tppceevkxcyhans96504k6wrd1yjmrz54e6vg6gf74p8abrad0cfs0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 265993
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfxBMw7L31tbWdQTtPO6lj8%2BdVkbB8k6dceYRjE7HnJTdsJ%2FXD8E6maQ4iTe4pjojr57%2F%2BV%2BLKJA2TNPa4GhTZ3RF0DPtKtv1Cl5GSjjr7vdZLGodYa1YDvgmQRQN5Ti9KoEGqsrnSZAq%2FHQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d0b51fa9ccd1c20-FRA
expires: Fri, 02 Jun 2023 23:43:41 GMT

GET
H2 200 A82D4E4655959EE65957B3D54C38767F8640A6BF49B28578F60A440F3EB1DCA10D535C0D8D7DE5ABFECB7F47C2F92CA23C7E0F97D343D7CCCB0A93B9F181397B
assets.ad4m.at/ Frame BFFC 13 KB
13 KB 65ms
58ms Image
image/webp 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/A82D4E4655959EE65957B3D54C38767F8640A6BF49B28578F60A440F3EB1DCA10D535C0D8D7DE5ABFECB7F47C2F92CA23C7E0F97D343D7CCCB0A93B9F181397B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=728&d=90&e=&g=2f1158fc991c25af1e19f705482bfafd%2F2321417586194464727&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685663021011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnssdrexzwrvk550v7byadesefwr151qd1b1ttqbnvnwpswhpsyveq04c3mf5n1y193kj2x0epzgfajtej05msb839mf7aaqr0hkbysac9cgpzrhftahcc6kava2y8ay82g2mhe8ax8a3hv1jb13r51z69xx5rx79cjbj7sssq2qmh9arsdkwcz2m774vcdrfwq0kwjjjhz7t7ktbb49v47cd0x10tppceevkxcyhans96504k6wrd1yjmrz54e6vg6gf74p8abrad0cfs0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3fbf7c17c5c355ffc2c599b7040bdaf254129b19dbd66e946f035465d2aa64

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 327240
cf-polished: qual=85, origFmt=jpeg, origSize=40544
alt-svc: h3=":443"; ma=86400
content-length: 13188
cf-bgj: imgq:85,h2pri
last-modified: Wed, 05 Apr 2023 21:35:19 GMT
server: cloudflare
etag: "3d8410e459f8881b4ef917d426938b2f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ir%2Fqnw%2BMDGwvPm%2BWIruJxp5IPVL6kRN%2FTNOEBfzzpT%2BH29diG9%2FZ%2FPT4%2BWfp3aMGXwApn9raKFZovptWn85MhhaToskg3mf6ysHcQxmc62UvZ69O9H16kXjrUfc16I5bJqGWzpWEu2j7GfOT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d0b51fabce81c20-FRA
expires: Fri, 02 Jun 2023 23:43:41 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame BFFC
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CK7X3Iygo_8CFaDsEQgdQScDhA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023060201434185523008085X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netm...

49 B
1 KB

122ms
48ms

Image
image/gif

167.233.13.224

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023060201434185523008085X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=728&d=90&e=&g=2f1158fc991c25af1e19f705482bfafd%2F2321417586194464727&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685663021011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnssdrexzwrvk550v7byadesefwr151qd1b1ttqbnvnwpswhpsyveq04c3mf5n1y193kj2x0epzgfajtej05msb839mf7aaqr0hkbysac9cgpzrhftahcc6kava2y8ay82g2mhe8ax8a3hv1jb13r51z69xx5rx79cjbj7sssq2qmh9arsdkwcz2m774vcdrfwq0kwjjjhz7t7ktbb49v47cd0x10tppceevkxcyhans96504k6wrd1yjmrz54e6vg6gf74p8abrad0cfs0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 -, , ASN (),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 23:43:41 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023060201434185523008085X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
date: Thu, 01 Jun 2023 23:43:41 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 22FA 103 KB
13 KB 44ms
43ms Stylesheet
text/css 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=98ee16c764ac1be3f2c5a400ca932306%2F4715799845315985016&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685663021012&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdp53vktf3p893wfmpssbbnr1hdqd726sjj3wnbyf0r1xtet3m0b8tdb8xz0x8gba9v45y68fyfaanhjsah7d115kwdc9zz4vw2rc14m54mk200bz59859bksrj7gw648739g0nnq3344rg9csdfbbc6c7sst3sdepm6thnv501ekke56az0wefk576wv2dj2skzawsx5bdezp7jfz7nk5360k5r88kfq5j8zrvgdf0g8yngzwkgy8q5qsaw0t4afv0dx9n5wmdqjkp9c82csfj94%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=98ee16c764ac1be3f2c5a400ca932306%2F4715799845315985016&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685663021012&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdp53vktf3p893wfmpssbbnr1hdqd726sjj3wnbyf0r1xtet3m0b8tdb8xz0x8gba9v45y68fyfaanhjsah7d115kwdc9zz4vw2rc14m54mk200bz59859bksrj7gw648739g0nnq3344rg9csdfbbc6c7sst3sdepm6thnv501ekke56az0wefk576wv2dj2skzawsx5bdezp7jfz7nk5360k5r88kfq5j8zrvgdf0g8yngzwkgy8q5qsaw0t4afv0dx9n5wmdqjkp9c82csfj94%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 893064
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pW7Vtuz4EgFdWHS%2FqZfGSUlBC1%2Fmi87rWxGZIfzDNcKpadicPO8993ORGn%2BJImzjx%2BwSvslAh2komoyAbf4%2FSNiekA%2BP9kCKz8f6mX2JA8Ld4P7qEqCGYBAGKi%2F7HWVcLeM7n4fDCio%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7d0b51fa783e9b98-FRA
expires: Fri, 02 Jun 2023 00:43:41 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 22FA 5 KB
5 KB 50ms
34ms Image
image/webp 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=98ee16c764ac1be3f2c5a400ca932306%2F4715799845315985016&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685663021012&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdp53vktf3p893wfmpssbbnr1hdqd726sjj3wnbyf0r1xtet3m0b8tdb8xz0x8gba9v45y68fyfaanhjsah7d115kwdc9zz4vw2rc14m54mk200bz59859bksrj7gw648739g0nnq3344rg9csdfbbc6c7sst3sdepm6thnv501ekke56az0wefk576wv2dj2skzawsx5bdezp7jfz7nk5360k5r88kfq5j8zrvgdf0g8yngzwkgy8q5qsaw0t4afv0dx9n5wmdqjkp9c82csfj94%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1657637
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYYRVL3JAgT8dJgxsMKcsnPh7TfNvYEHuP15CYT1qJyWipgjWqjxcpy28K3VvyCG9aJ92AzyvVOiJlWdN0K4GSbK9MkHPb%2F5GiPhourcl6qET4VI7Gu5wI14LO42vCcfr86B0O%2FCfoUond%2F6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d0b51fa9cc91c20-FRA
expires: Fri, 02 Jun 2023 23:43:41 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 22FA 54 KB
55 KB 38ms
35ms Image
image/webp 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=98ee16c764ac1be3f2c5a400ca932306%2F4715799845315985016&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685663021012&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdp53vktf3p893wfmpssbbnr1hdqd726sjj3wnbyf0r1xtet3m0b8tdb8xz0x8gba9v45y68fyfaanhjsah7d115kwdc9zz4vw2rc14m54mk200bz59859bksrj7gw648739g0nnq3344rg9csdfbbc6c7sst3sdepm6thnv501ekke56az0wefk576wv2dj2skzawsx5bdezp7jfz7nk5360k5r88kfq5j8zrvgdf0g8yngzwkgy8q5qsaw0t4afv0dx9n5wmdqjkp9c82csfj94%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 756377
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400
content-length: 55786
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHOUGJZjUr7jx4%2F0V2CQIQlhsTRlV2uqyvQQ8cVQi3Is66aVw69XJ11Gca%2F7G%2B7fDVpSgv30K9L%2FJfyNA1EZAX99qfFqXoZLsGRefPgfoqsGz2DUdXdPog0nhDQ4gdtynseCVT3jx1%2F0mvt0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d0b51fa9cc21c20-FRA
expires: Fri, 02 Jun 2023 23:43:41 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 22FA 2 KB
3 KB 52ms
49ms Image
image/webp 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=98ee16c764ac1be3f2c5a400ca932306%2F4715799845315985016&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685663021012&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdp53vktf3p893wfmpssbbnr1hdqd726sjj3wnbyf0r1xtet3m0b8tdb8xz0x8gba9v45y68fyfaanhjsah7d115kwdc9zz4vw2rc14m54mk200bz59859bksrj7gw648739g0nnq3344rg9csdfbbc6c7sst3sdepm6thnv501ekke56az0wefk576wv2dj2skzawsx5bdezp7jfz7nk5360k5r88kfq5j8zrvgdf0g8yngzwkgy8q5qsaw0t4afv0dx9n5wmdqjkp9c82csfj94%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2088065
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Etcdu4%2B3z8sDz9jVeWaRq0k7qAi5tb2LFbVkOaEu49cg0DC1cv60vUyy1EgKa6Vt1D9tEpuCZhQIBw%2B8ub9oOHn8D73XtXUmsuGfUlfEZXZa9WwUkj5UU24nr2x%2F704khxJl1ZlpXnYZQXR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d0b51fa9cc41c20-FRA
expires: Fri, 02 Jun 2023 23:43:41 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 22FA 496 KB
497 KB 51ms
49ms Image
image/png 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=98ee16c764ac1be3f2c5a400ca932306%2F4715799845315985016&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685663021012&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdp53vktf3p893wfmpssbbnr1hdqd726sjj3wnbyf0r1xtet3m0b8tdb8xz0x8gba9v45y68fyfaanhjsah7d115kwdc9zz4vw2rc14m54mk200bz59859bksrj7gw648739g0nnq3344rg9csdfbbc6c7sst3sdepm6thnv501ekke56az0wefk576wv2dj2skzawsx5bdezp7jfz7nk5360k5r88kfq5j8zrvgdf0g8yngzwkgy8q5qsaw0t4afv0dx9n5wmdqjkp9c82csfj94%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e61c4c6f2c0c52c9b5dadb303f0db1128715c2e8819a50b1d24c6d7089fbebb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271349
cf-polished: origSize=563367, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 508355
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F67PqEQgCy1AnDNTyI6ABLLJZPOhS6d1nQ7ykPA%2BRhzpHs4Cl2jfe55dnnW4CR7uRbcrdWNef3RVzCXxha1QM6vP0GFY9t5mPm5GuMUnjTHSHjhQlIaofn4iGJs1vDJeniQHidETeD4vGmGs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d0b51fa9cc51c20-FRA
expires: Fri, 02 Jun 2023 23:43:41 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 22FA 43 B
704 B 111ms
59ms Image
image/gif 23.56.205.163

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=98ee16c764ac1be3f2c5a400ca932306%2F4715799845315985016&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685663021012&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdp53vktf3p893wfmpssbbnr1hdqd726sjj3wnbyf0r1xtet3m0b8tdb8xz0x8gba9v45y68fyfaanhjsah7d115kwdc9zz4vw2rc14m54mk200bz59859bksrj7gw648739g0nnq3344rg9csdfbbc6c7sst3sdepm6thnv501ekke56az0wefk576wv2dj2skzawsx5bdezp7jfz7nk5360k5r88kfq5j8zrvgdf0g8yngzwkgy8q5qsaw0t4afv0dx9n5wmdqjkp9c82csfj94%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 23:43:41 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 22FA 36 KB
36 KB 51ms
49ms Image
image/webp 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=98ee16c764ac1be3f2c5a400ca932306%2F4715799845315985016&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685663021012&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdp53vktf3p893wfmpssbbnr1hdqd726sjj3wnbyf0r1xtet3m0b8tdb8xz0x8gba9v45y68fyfaanhjsah7d115kwdc9zz4vw2rc14m54mk200bz59859bksrj7gw648739g0nnq3344rg9csdfbbc6c7sst3sdepm6thnv501ekke56az0wefk576wv2dj2skzawsx5bdezp7jfz7nk5360k5r88kfq5j8zrvgdf0g8yngzwkgy8q5qsaw0t4afv0dx9n5wmdqjkp9c82csfj94%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 324891
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJCltE5du4LYFnXpA6y2mMyg2wju5g2ZOyiU9ozx6TGZV4%2FRxqx7dZr6xkOzUaugKs83t8I7yOlwmL7GES1Q4NHyZl7z3RBE1RA1tYJiecVD7Gg2HrMxHBd4hGhYX4kGpdD1NBMkSjMPlJgC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d0b51fa9cc61c20-FRA
expires: Fri, 02 Jun 2023 23:43:41 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 22FA 28 KB
28 KB 50ms
48ms Image
image/webp 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=98ee16c764ac1be3f2c5a400ca932306%2F4715799845315985016&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685663021012&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdp53vktf3p893wfmpssbbnr1hdqd726sjj3wnbyf0r1xtet3m0b8tdb8xz0x8gba9v45y68fyfaanhjsah7d115kwdc9zz4vw2rc14m54mk200bz59859bksrj7gw648739g0nnq3344rg9csdfbbc6c7sst3sdepm6thnv501ekke56az0wefk576wv2dj2skzawsx5bdezp7jfz7nk5360k5r88kfq5j8zrvgdf0g8yngzwkgy8q5qsaw0t4afv0dx9n5wmdqjkp9c82csfj94%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1908430
cf-polished: qual=85, origFmt=jpeg, origSize=133780
alt-svc: h3=":443"; ma=86400
content-length: 28740
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HM56f4mL5gj3LLaOD%2F8bDc298I0hRq5CLYFo6VT5oEoY4ATvZfnatsVpVq4HI1Tuzq2V9w%2FKrUpBNo%2ByeldooJVr0UZDsrz%2Fe4T4PdQpqkCzuAHBaP%2B%2F55UAwVZ5YHQ9LyrreD1Pcg245ns0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d0b51fa9cc71c20-FRA
expires: Fri, 02 Jun 2023 23:43:41 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 22FA 43 B
704 B 134ms
82ms Image
image/gif 23.56.205.163

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 23:43:41 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2719 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 180389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 21:37:12 GMT
expires: Wed, 29 May 2024 21:37:12 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AEE5 42 B
64 B 55ms
54ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7BRD5wvpGeaFck8kzPEIZDjEYtxLBZZjX0Yj9MOuGpkZU8-pQtNjlMLl4G001cdMfLkk3nU5hxG0HbxgZOMYepDn7&sig=Cg0ArKJSzDe96XsPLPsjEAE&id=lidar2&mcvt=1035&p=0,0,90,728&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685663019832&rpt=398&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 22FA 2 KB
2 KB 169ms
73ms Script
text/html 18.135.173.74

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h8sa3ayshjmd02mdrnvyfth60epj40by72tkackfqg1dyvpk58ncdaf74z27zpde995h5a27k0f8n55dmdynskyqv1jkh2sx4cb20x7cc45b9ktev4q5xhwj0g5dwh8qbjanwfvndh3t6m0teshcdyeybtgc6fgpf16j5y4f996wwf8xjfksx3p7eykn2jw33cx11cpa5kwvne0p8pj4xex0hm6ztrwyp93dyzm2kqvc9j2593yfgfm9m47vgqhb1d0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jdp53vktf3p893wfmpssbbnr1hdqd726sjj3wnbyf0r1xtet3m0b8tdb8xz0x8gba9v45y68fyfaanhjsah7d115kwdc9zz4vw2rc14m54mk200bz59859bksrj7gw648739g0nnq3344rg9csdfbbc6c7sst3sdepm6thnv501ekke56az0wefk576wv2dj2skzawsx5bdezp7jfz7nk5360k5r88kfq5j8zrvgdf0g8yngzwkgy8q5qsaw0t4afv0dx9n5wmdqjkp9c82csfj94%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=98ee16c764ac1be3f2c5a400ca932306%2F4715799845315985016&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685663021012&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdp53vktf3p893wfmpssbbnr1hdqd726sjj3wnbyf0r1xtet3m0b8tdb8xz0x8gba9v45y68fyfaanhjsah7d115kwdc9zz4vw2rc14m54mk200bz59859bksrj7gw648739g0nnq3344rg9csdfbbc6c7sst3sdepm6thnv501ekke56az0wefk576wv2dj2skzawsx5bdezp7jfz7nk5360k5r88kfq5j8zrvgdf0g8yngzwkgy8q5qsaw0t4afv0dx9n5wmdqjkp9c82csfj94%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.173.74 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: 21896d6508fdf85e7af8d9ae8646b9db055817b96d1c9759e573502544c212ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
last-modified: Thu, 01 Jun 2023 23:43:41 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 01 Jun 2023 23:44:41 GMT

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FD9 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 22:00:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 22:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6374 0
0 65ms
65ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6FOcwPwWLPmhWp5q25lTtFhlm7UM5NELDTmH8W8cmVVkjwOOYEMQn0LbkdVe_yR3vfRj5k_pBtNL-YgOaIPlD-y8RAinfQ6fk5XUNa9YKzuUhPtGPSN-F0_ZMtg8AgDrpuJH0nQlKPGJzcuQse3e1LpF6sIAEtbcrOE2DeIVKEqaGNIoJweK1U7rasbYIwpi-QNAlDP8651vW-1QTASApIpvTWTrlffhqiLsFLoeRIwCcWwY7RKfDptugwfeE2IqEV8QS2Q2QoOpqBLJaFHb8XzyHUyZesi_BMnmgG5kSChON05u6N7RN8dI18LnjW0YrjHsHKfAlTy7wh8tivBZozoPcik3uyz4Zv1k-ZXnv&sai=AMfl-YQRrVLkGgQk6Y0mf6-P30unDAufJE3vjDke-k1ltmQ80ty_JmUyikQyPgrIptVixuSTLTq4H3oqdcELiZ6PF90KjiZM16t2zRrHzmEH_CRCnGXfvIaxpgEnoFGkow&sig=Cg0ArKJSzNgNwDxYvf0KEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Jun 2023 23:43:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6374 171 KB
53 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 23:43:41 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6374 0
0 58ms
58ms Fetch
image/gif 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsua49mUdl0h7bIxH0YAfNCtzYvfM9wyZfruKM002FQm1_Ys_aRax18oPJ7NVmKHEo2lhwctLagOxr0vw6bIyiE84TjuwAXUPFbNB7dqv5It3tbZ7LNKQ5JZpQFP_DXnUiVaREV5kUFuC4A8aCk9_ulrSiO98CRFNqYvLA3NGZ-k6iW7etYV&sai=AMfl-YSZruALegU9gw7vevICV1V7umu_aPPXaIGu1eL8MUdyHepfcMAekyIdl5UuD30AlDrlyhBngcIIaPOCodNicg9xIj43d1DqreMVBA&sig=Cg0ArKJSzOOmlhLZqbgGEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=315&vt=11&dtpt=188&dett=3&cstd=309&cisv=r20230530.01487&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 01 Jun 2023 23:43:41 GMT

GET
H3 200 Copy-of-Acquisition-creatives-May-2023-728x90-German-animated-638207132505238367-6470d6227402c1a238e01a67.html Show response
s0.2mdn.net/sadbundle/1088030921086468096/ Frame 1A5E 4 KB
1 KB 19ms
19ms Document
text/html 2a00:1450:4001:828::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1088030921086468096/Copy-of-Acquisition-creatives-May-2023-728x90-German-animated-638207132505238367-6470d6227402c1a238e01a67.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

16ca6788fa61db90463057d260051d04ae1b2c3c1e46e86a7d04cfad6df6fc3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 17013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1363
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 19:00:08 GMT
expires: Fri, 31 May 2024 19:00:08 GMT
last-modified: Fri, 26 May 2023 15:54:16 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EBA 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDj3nLC15ZNHuEsnogAfDrIXABwAAAAA4AeAEAg&bg=!gYKlgtbNAAZu7ficTu07ADkAdvg8WkiKgopJZTX-MbYjDXlnGSCx_TRgv2EykWyrM5J-kHZ8bCu1ttWNg_pMChAJxAS91o8-sk0CAAABkVIAAAAEaAEHmQMC0Zvc5ktJWRDBObBOtQAICEY7Y1IJyaP_oOL-_6Bt7JHCztwCpbCC_23ika_Ay9IpfFzhAjbO2SPDrSC5jqtCfA4Kv8bKxirW5Y7pBOdDFDpHjpNmPFKVYn7YkK0gQPQH8xRml0fHnCCHP3oBk6tyXUtRXYngfeOID3E2BN-8FH5CRN4NCI3qG77oEheTN71EPB2lsLKq9JRU6mDUy7lsDPP5e6SFOeeHaN348RwaGnOFRINw4FRYhw30695T-6EZmcPMV2hKhLz9EGw3mzAw6cBy-EEI9wlU7cmUzKIa2hw4hL5ykrnCi0WMID5JfZQl-66fq9N68uxKShJ8TjxQHke_41UclpzjBZNp7NQyqR7lhnwzYS0p300ofb99QlkP1lVNILXITumz07jrsY95_Y5pKyNMgPhj6hAYu2IBUUF7EU_wxa9vmjQQQ2HDs-t6ugnkRDa83sZx2zcjjAi8YUfWd7qF1tSUIxcGoEGdv_9ld4d-e3MG6pg09EW5YAaG1UpI4SsImXlpfBbtuul51UqHN7GD_WmiDVh4HnaILUrXe_tgu5jW_Aqxs5U9AeHoDCNYs4mx4Stn3xmPduc4uzHt3aH27iZYHq1xZl9q-p7e1BZO41CPh7ItmJOudNiSNSmDpBtGYlkpOAjCXhbx0eLYnp8B7ALMupq8Ba7-YOvDprntJeq0Ktn1ilidKP0PKYDHkhJdt3K_PG_mjmeZ5MHIyOo-33yZ3mU0inkyBY_RY28jjlZCnI-haBlO1XpOsPhvSJbDvtEvTjTyfrB1psleZWfu2Zk-_kmIuQJCPCo5gMDXYhPrqTPj5pp5sPVRooLainwrjI-Sk9cKiew86CvaFgrYYEl2I0ZTW24IGuZBRFpKQEqR5_7yvH1aIiXg58AZBh4thcs4MuLKxgqDenkNBZMcdsaJe9ozEaM9KBMrESnQbQB_b_l1ahsaR8rLXkESwWi900zfKxNU0Urrp9CTaOp4d24RWf_A-Qa89xBMDXyX8VAiNgyANP5Cd4PKtDk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 49B1 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjFFbLC15ZN34CpbDx_APh4GCoAsAAAAAOAHgBAI&bg=!mZqlms7NAAZu7ficTu07ADkAdvg8WoI3z4Jmx2Ccpj9a9WLFlV2S9xISYIP7Oke53fsiJD8DXnjh7t72_5c0TOVhnmlMk8DPN-YCAAABrFIAAAADaAEHCgBCdeAVS7cadxSu0U8baZ6rGd4USNLENLTnHzcArITuXBuKByo4m6Wsy4cQPUIo7t2uljbUlrhiEQT9jBIb-yLx9_sGmQND2AzDybpZr5TaCfOJDldge51iRlSrpjifcj0NRUMPsek_CDHVRbsTOnJdKw0iEZulEY0gwBtMltmjvrRvtn7BKATDyfW_Zg6raBXIDW0XUlDA39GebN6HcWKSuIJmONgx7V9RP8uaG0SDiUHxIEl7dny6SsOjzFAXXPsubR4iBZ2hiPX4Tzjqe8cm0Jn3oqc7JDz5KiDHdomULFD-m5le77YEJGsy6QbvxkUbP4UKuURTBXclIR4p_dfDAU0DM7ge9KSwC9C7VegoB5qJqXDNERFkMWv3bUa95ZYYPj8p07WUC23YTiqhzbglvGsHxr47HR_giHqJqsAxHmEYSZ-9KfxqhbGskgw357c1nsLR6_qhFl2YelQywAL7scF1f_SBx4mAlcqfF0F6Zep1fXBotJzl8uQTXlNToZYuHfwJD_naJfuDRUOOI3s-0b701MxOmFL2QqwgxkU0TwdZgH1m5Aicg1ViOqTZTZIaAiLdXOovxqPU3F7tbuhBuMYeh4DBmSkFZC_O-MS30eYJPMK4TnWDQ6uQqYHFC0ivTscaZJ4WTWXwatmDeMXRXkmQMUjpgZWpK3-A0O57B_Lg31V_k1Wm5fkYhevzzeGxBLq-JnK8ryS5YOy_zM3VYV0aA_GSuG7z-DYbtWyGzijb6006rb8JfvNVKQDomOH-yAtxcSeZQwPiOEIjgUTRGG1WNvWjhu4AAjjRz2_lmTHwwr88_O6q57orP13hBCdmB88PuWEalnl-1tcKIWGyIQpY4nkmH4Z5mw-4pnYK9ztZG8_zsrl5idoamo9SvcgPY91VV2D5iRE6B1kSBBkkw_VYHskWcVPf-DbCWySljEkCvMdmuliYf8gbNee6dgjoWqvhr7Ytz4baTGDaUDQpx7jWz_9so_CGH3jfvh2K33vMrDkVizuVo6sBoKLQA4MSi-iTypiusNQBzStZHVDs_LIQM77NwvXxgES9GMay0ejJ0Ry-4jnTYweYq6vU516EqtOw52Txl0rNI_JNv5bsL3WoVBc4zoqx-YLuPP9aq41vH6F5SUIdWMEAXJm2ubqF6UZtLRZQ3D7ZETlventZbBrEyEY0wFQBR0lEEzpyxjIV5hmOvsT3RQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1T19pN000MhJQqu5MM1VUGhWn1rY_cLvECS5p9l14sM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2719 37 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1T19pN000MhJQqu5MM1VUGhWn1rY_cLvECS5p9l14sM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d53d7da4dd34d0c84942abb930cd555068569f5ad8fdc2ef1024b9a7d975e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 20:24:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 20:24:57 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F897 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvizCJBtHKwF_qmAGtISmAYc1FMF-3C5stsXV_bQKkNmAsO1XNhyvMKR_tUR3g56Zld_hOhU7SZEDT9h6-ngwkdOdP5QpBHaRdl9_h2Oo_z-4ofG9ft&sig=Cg0ArKJSzENnUPMr_q0REAE&id=lidar2&mcvt=1040&p=0,0,254,970&mtos=0,1040,1040,1040,1040&tos=0,1040,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=19&adk=3050045420&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685663019795&rpt=526&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6470d6227402c1a238e01a67 Show response
cdn.bannerflow.com/bf-placements/ Frame 1A5E 5 KB
2 KB 114ms
30ms Script
application/javascript 2606:4700::6810:5068

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bannerflow.com/bf-placements/6470d6227402c1a238e01a67?targetwindow=_blank&targeturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsua49mUdl0h7bIxH0YAfNCtzYvfM9wyZfruKM002FQm1_Ys_aRax18oPJ7NVmKHEo2lhwctLagOxr0vw6bIyiE84TjuwAXUPFbNB7dqv5It3tbZ7LNKQ5JZpQFP_DXnUiVaREV5kUFuC4A8aCk9_ulrSiO98CRFNqYvLA3NGZ-k6iW7etYV%26sai%3DAMfl-YRFnYhKMkYO7iBFY-uFZkD7RVto_wTloAqJlLpn3CIPYya_Z6ltqdSpmKls-qnra4sVbbq41otPW8vTCZZ6MfMy-OwW--IHNkG8dA%26sig%3DCg0ArKJSzJgYHEHyEeVKEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D8607329%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%253Fbn%253D65010876%253Bcrtbwp%253D4bxct4KBIgNBwtnLLgxn0KzboUFQG3yp0%253Bcrtbdata%253DGDo4Ja9BKivdzl-qTJ3MfGpC-brmsP1QCyPm_XRLlFfw0NyRASa0c7SidME9_Qej89XHWrqMa8YQBwD72PpBsrbnyq3qf0ZBUJJo-ufrbEFy6hrPGmOyPjBAddEPUmj7RyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3jwvrS9T0J1WMzjR4oz79rmAkImYqO1g3DkUvmkmCPSoHsUeW1F3wxGRV-QcE45NG9CfmT8bPwR3V3fMpVJAh1rhQW6FXjSrzw2%253Bccsid%253D81917%253Badfibeg%253D0%253Bcdata%253D25lFo2cIA9k4jpqAWpNe6DjCCV49w96ZTWGpS2_jFVElJUwa1DvnauC60wOI4CueBDQXR1kV9P6FwxG81lm5RB0G2j45OeLjM6HJXZqMiH2neRoFZXgSBBqpldGk7Grgwi6CD4TuYfgehfIN0_NVdAZUl8eRshIqWDKaf-jmd0Mr_PhiGXzP-MMt4hcvbA_Yt-Q8R0qhOUmy6EyEHynWQxLw3Ubh3IIg79RmYeSqToI2td1sRlzlHqoy4RunXhqLy1hB3xpLdZbc-LGMNH8YYLp0CLdWSp35N4r89vsOAqWEFBH4i0cXBfhxcn9wHRGkNPNAiokZ0sWuFqwhPKLxp1hI0NIOrq7ZYaJU2uM20Nn_opJd3eAZ9fJCHhrkY29ePchNFTaqWXwgfQuHuRVUBSTvO_Fq2i9mu2nUSVhDZuAkJ8o-FDJHmfmbHRSvXIbGldK-PFDm6p7tIO8SnwQnMzrFXmPeEND5qK7XOvQn-hdB4SKZKGrNxw2%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fpcloak.blob.core.windows.net%253BC%253D1%253Bcpdir%253Dhttps%253A%252F%252Fwww.sunmaker.de%252Fde%252Fslots%252Fexplore%253Fsidebar%253Dregister%2526dclid%253D%2525edclid!%2526aff%253D100769
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1088030921086468096/Copy-of-Acquisition-creatives-May-2023-728x90-German-animated-638207132505238367-6470d6227402c1a238e01a67.html?ev=01_250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5068 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b135a577b9bc1f7e88be6e7c4f73397db72b0950e5a719af71f9dbb9fa47cc48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Jun 2023 23:43:41 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: fvqMQ3n5W/Cgd3IgynjwCQ==
age: 524
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Fri, 26 May 2023 17:42:35 GMT
server: cloudflare
etag: W/"0x8DB5E1097689444"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fdc90043-701e-0046-0a04-902685000000
cache-control: public,max-age=900
x-ms-version: 2014-02-14
cf-ray: 7d0b51fd0d2e9016-FRA

GET
H2 200 5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame 4400 0
209 B 62ms
61ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1685663017589&userId=vnetefd0516c-3240-4949-b137-84feadc2adc9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Thu, 01 Jun 2023 23:43:41 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 22FA 85 KB
31 KB 99ms
23ms Script
text/javascript 18.66.147.52

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h8sa3ayshjmd02mdrnvyfth60epj40by72tkackfqg1dyvpk58ncdaf74z27zpde995h5a27k0f8n55dmdynskyqv1jkh2sx4cb20x7cc45b9ktev4q5xhwj0g5dwh8qbjanwfvndh3t6m0teshcdyeybtgc6fgpf16j5y4f996wwf8xjfksx3p7eykn2jw33cx11cpa5kwvne0p8pj4xex0hm6ztrwyp93dyzm2kqvc9j2593yfgfm9m47vgqhb1d0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jdp53vktf3p893wfmpssbbnr1hdqd726sjj3wnbyf0r1xtet3m0b8tdb8xz0x8gba9v45y68fyfaanhjsah7d115kwdc9zz4vw2rc14m54mk200bz59859bksrj7gw648739g0nnq3344rg9csdfbbc6c7sst3sdepm6thnv501ekke56az0wefk576wv2dj2skzawsx5bdezp7jfz7nk5360k5r88kfq5j8zrvgdf0g8yngzwkgy8q5qsaw0t4afv0dx9n5wmdqjkp9c82csfj94%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%252526client%25253Dca-pub-7983651257838282%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 15:20:04 GMT
content-encoding: gzip
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 30218
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: znLxha4MaCpdYZ4jtnDJTifSmf8a3ea0xrm8INpRtrmbK2EJPyc0Dg==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 22FA 15 KB
15 KB 86ms
22ms Image
image/png 99.86.4.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1685663321&Signature=fcF-060nAMdvzsrKUPklLrsNm85DZLUKwSgcU64nfQbeNphj6tcbeBMmG-tIbl2RmIJH07w3bu3yHBsaDuyMHgRcwQHj4qhfEHtzr6NDHNavFfKWpFu5zJNHI8RWBW1RE5JhXd0zjZGkJco~qN4OHgchaNqcP0s3WCwLX2hXz1rZycMfgzE2FoMnZzGRai3M3NoNKO-998tLYM8ChHoLLnCyTtbNE0p3kvsgnHEWKLuZx6WBr7ajIsZN5kJISBA8fO7OpMQ4Qz7L1PbxWabHs5wsGHqAibD3Y20BuW7WSQMdQzp9HlrLcdkEhGqV13-5e~-4eVk5xBbe1SCTfZpERA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=98ee16c764ac1be3f2c5a400ca932306%2F4715799845315985016&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685663021012&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdp53vktf3p893wfmpssbbnr1hdqd726sjj3wnbyf0r1xtet3m0b8tdb8xz0x8gba9v45y68fyfaanhjsah7d115kwdc9zz4vw2rc14m54mk200bz59859bksrj7gw648739g0nnq3344rg9csdfbbc6c7sst3sdepm6thnv501ekke56az0wefk576wv2dj2skzawsx5bdezp7jfz7nk5360k5r88kfq5j8zrvgdf0g8yngzwkgy8q5qsaw0t4afv0dx9n5wmdqjkp9c82csfj94%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 01 Jun 2023 17:37:35 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 21967
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: DSbOSFlvGD_egE1HunUjLAZL_4LpGe3vrt4g0ICwJHGMbhgubzj1Cg==

GET
H2 200 ca Show response
choices.trustarc.com/ Frame F897 7 KB
3 KB 92ms
21ms Script
text/javascript 52.222.214.123

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=46h40h0_ji7q872_lgqypybz&w=970&h=250&c=tradedesk01cont1&js=pmw1&base=te-clr1-559b6726-211b-4a1d-aba3-ee691edfddbb&sid=0

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=46h40h0_ji7q872_lgqypybz&c=tradedesk01cont1&js=pmw0&w=970&h=250&sid=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.123 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

0559c69d8feeeab96fc1638978b2709cce5758389fcf8bf341423d192677f50d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 05:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
age: 67072
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2416
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: 93RyC2ZuVxdUfAUcfh_SZDzqJnWzJDT8ghBMn9GIlyhJ4IXNjlMRBw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame F897 38 KB
12 KB 95ms
24ms Script
text/javascript 52.222.214.123

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=46h40h0_ji7q872_lgqypybz&w=970&h=250&c=tradedesk01cont1&js=pmw2

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=46h40h0_ji7q872_lgqypybz&c=tradedesk01cont1&js=pmw0&w=970&h=250&sid=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.123 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 03:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
age: 73464
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: 5GmmNBKOjuDn3bc2n1fxaZUdDFslOn4-Q1eAWSFdNmTtdg__0_rdyg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame F897 43 B
1020 B 185ms
114ms Image
image/gif 52.222.214.123

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=46h40h0_ji7q872_lgqypybz&w=970&h=250&c=9c93

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.123 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:43:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: 9xV9nSwx_pLMppd5e7MRBewwhEVgxyaPjgH7jPQtiz5ixXw8hEjMtA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 render.min.js Show response
comeon-comeon.bannerflow.com/scripts/1.5.24/ Frame 1A5E 28 KB
10 KB 115ms
30ms Script
application/javascript 2606:4700::6810:5068

General

Check archive.org

Show headers Download Go to

Full URL: https://comeon-comeon.bannerflow.com/scripts/1.5.24/render.min.js
Requested by: Host: cdn.bannerflow.com
URL: https://cdn.bannerflow.com/bf-placements/6470d6227402c1a238e01a67?targetwindow=_blank&targeturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsua49mUdl0h7bIxH0YAfNCtzYvfM9wyZfruKM002FQm1_Ys_aRax18oPJ7NVmKHEo2lhwctLagOxr0vw6bIyiE84TjuwAXUPFbNB7dqv5It3tbZ7LNKQ5JZpQFP_DXnUiVaREV5kUFuC4A8aCk9_ulrSiO98CRFNqYvLA3NGZ-k6iW7etYV%26sai%3DAMfl-YRFnYhKMkYO7iBFY-uFZkD7RVto_wTloAqJlLpn3CIPYya_Z6ltqdSpmKls-qnra4sVbbq41otPW8vTCZZ6MfMy-OwW--IHNkG8dA%26sig%3DCg0ArKJSzJgYHEHyEeVKEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D8607329%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%253Fbn%253D65010876%253Bcrtbwp%253D4bxct4KBIgNBwtnLLgxn0KzboUFQG3yp0%253Bcrtbdata%253DGDo4Ja9BKivdzl-qTJ3MfGpC-brmsP1QCyPm_XRLlFfw0NyRASa0c7SidME9_Qej89XHWrqMa8YQBwD72PpBsrbnyq3qf0ZBUJJo-ufrbEFy6hrPGmOyPjBAddEPUmj7RyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3jwvrS9T0J1WMzjR4oz79rmAkImYqO1g3DkUvmkmCPSoHsUeW1F3wxGRV-QcE45NG9CfmT8bPwR3V3fMpVJAh1rhQW6FXjSrzw2%253Bccsid%253D81917%253Badfibeg%253D0%253Bcdata%253D25lFo2cIA9k4jpqAWpNe6DjCCV49w96ZTWGpS2_jFVElJUwa1DvnauC60wOI4CueBDQXR1kV9P6FwxG81lm5RB0G2j45OeLjM6HJXZqMiH2neRoFZXgSBBqpldGk7Grgwi6CD4TuYfgehfIN0_NVdAZUl8eRshIqWDKaf-jmd0Mr_PhiGXzP-MMt4hcvbA_Yt-Q8R0qhOUmy6EyEHynWQxLw3Ubh3IIg79RmYeSqToI2td1sRlzlHqoy4RunXhqLy1hB3xpLdZbc-LGMNH8YYLp0CLdWSp35N4r89vsOAqWEFBH4i0cXBfhxcn9wHRGkNPNAiokZ0sWuFqwhPKLxp1hI0NIOrq7ZYaJU2uM20Nn_opJd3eAZ9fJCHhrkY29ePchNFTaqWXwgfQuHuRVUBSTvO_Fq2i9mu2nUSVhDZuAkJ8o-FDJHmfmbHRSvXIbGldK-PFDm6p7tIO8SnwQnMzrFXmPeEND5qK7XOvQn-hdB4SKZKGrNxw2%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fpcloak.blob.core.windows.net%253BC%253D1%253Bcpdir%253Dhttps%253A%252F%252Fwww.sunmaker.de%252Fde%252Fslots%252Fexplore%253Fsidebar%253Dregister%2526dclid%253D%2525edclid!%2526aff%253D100769
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5068 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 465909b0130fad6ae6ed2b7911110808e5d1051484d4cee598d778046a85e8b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Jun 2023 23:43:41 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: nKJBh0GJujJ2zRZ0DYG9Tg==
age: 472
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 08 Oct 2020 15:00:18 GMT
server: cloudflare
etag: W/"0x8D86B9ADF280CFB"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1f799070-601e-0065-01ef-35bc46000000
cache-control: public, max-age=31530000
x-ms-version: 2014-02-14
cf-ray: 7d0b51fdcc2a3a3e-FRA

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2719 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeCewLC15ZJyOOfe4x_APjpiPqAkAAAAAOAHgBAI&bg=!KSqlKn7NAAZu7ficTu07ADkAdvg8Wuj5BurJtrl4iBnrS9nm-m-i4URdYThg5--lci14gsghFt_p8XIoM6aQd-IPNnPSuFEKORwCAAAAqVIAAAADaAEHCgBSNnRKijjNKj4wD1AYl85Ha1NI6VviGObl_CfQLEouuX_dMqG5K-H5WWxeVrUhd6bJshaicNY8dFmg8Qw3daSRgqgzlGgqP8W2z67P6gfKTqwrppkDARC3oFT1Zs3jE78uLQ4NVMcePJ_O_r4CQtl_d220tSMM392nCqeDodLPhc2dZxoj-yleD_8QCpsh5-6Y1dOkoVgZ6bzpzrdjrxrazxtJ5MZGbXrLtcGMLbPKc6DOpAl1r7bxYtKr1MsjwRgxgItakxSbdFnTaLZDM3tF-l-FZnuoL5lPMveahyy7vIZ0kgZsPKA3i5n2A24x63PdChC5mWX1QikH3XmvRMP8LpipCYCvxMHZzy7fXwXB0cA85dBmX0xCjOwjvAtQVl9V4GS9jyqns4l4zoTCQBJwg8WkTAR1lW_heX5S3BquZTWEULmxgiyHg_rBrr-QUa_LQMjXt7uRDkYts1Bdrdf9CK-IrjSJjsbWCLCM9JCXoQ7KxGjYSz4OGdj4nFIOgCm8jSbAmtkcX2d0ntU_aA5t5dqAlO5ngA2Ac7M0kWpYGoFxat9mbr_SlvmMSd4MnElXfxNsJEFf4zI7IfgH2rsXdbWT6R0ZKCypbZPP6wEmHoTrESaW5rAY6Y4_B09CdnEEtlxcX3yEJVU6OHjMAW0i3xb23y551ONKfEf7VQtvF1Yih4HHV7H939VharNbBPp6pWiwfQCJqxv3TKVHevRcAKBGsi9SPD3l83D-GBhbPeGbu0cZDZMVC_x7v5X7zpEA0fJnEHymcS3cH65LcVUOKqlKgkaY5EgdfH9VM1odHms6N-UbbSUx2MrvRhiPSyZ1Tu4wP89NJbiaY372oFeWJlLpnYJ9ySYFygHIYWp48PJQ7zY7kxTjV9v1GmDxsq-IDEepIimRRcnpKF-3ylyRtDGdQD0oO4SQNRlS1LUQY3MmZL2ri42fShr3H9xK33SESzvd5qUd8KD6Qvhr43U6W40LX2q4oW2J9cJJGbIWVlkJUxkJsVadClBtZXrHFqCEIFWTn9PgiG4gcgmrHTBJFn29gOLh9g9zSOmCUGdSe-6OjT9AK2IxClQjfUef9mqv1RzhnyA0y9VEUPKDuAv_XzqNdjMcMRYkyJLsuQFVQuyfSgxVkF4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get
choices.trustarc.com/ Frame F897 287 B
628 B 21ms
20ms Image
image/png 52.222.214.123

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.123 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: public
date: Tue, 23 May 2023 01:16:12 GMT
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P3
age: 858449
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 287
x-amz-cf-id: JA7KbbDJGvT7xa057_9qNCaf6n1zZbhomUDpnjOf8FXFRPc4FEJa_Q==
expires: Thu, 22 Jun 2023 01:16:12 GMT

GET
H2 200 6470d441ca6f177304c9f375.S6215quGrb5i.html Show response
comeon-comeon.bannerflow.com/bf-banners/ Frame 0132 11 KB
4 KB 30ms
29ms Document
text/html 2606:4700::6810:5068

General

Check archive.org

Show headers Download Go to

Full URL: https://comeon-comeon.bannerflow.com/bf-banners/6470d441ca6f177304c9f375.S6215quGrb5i.html?cb=638207197529081769&clickpixel=%2F%2F5565bd4af50b9835bcfbc864.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522comeon%2522%252C%2522brand%2522%253A%25225565bd4af50b9835bcfbc864%2522%252C%2522placement%2522%253A%25226470d6227402c1a238e01a67%2522%252C%2522ad%2522%253A%25226470d441ca6f177304c9f376%2522%252C%2522bannerset%2522%253A%25226470d438ca6f177304c9f341%2522%252C%2522banner%2522%253A%25226470d441ca6f177304c9f375%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25226470d441ca6f177304c9f375%2522%257D&targeturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsua49mUdl0h7bIxH0YAfNCtzYvfM9wyZfruKM002FQm1_Ys_aRax18oPJ7NVmKHEo2lhwctLagOxr0vw6bIyiE84TjuwAXUPFbNB7dqv5It3tbZ7LNKQ5JZpQFP_DXnUiVaREV5kUFuC4A8aCk9_ulrSiO98CRFNqYvLA3NGZ-k6iW7etYV%26sai%3DAMfl-YRFnYhKMkYO7iBFY-uFZkD7RVto_wTloAqJlLpn3CIPYya_Z6ltqdSpmKls-qnra4sVbbq41otPW8vTCZZ6MfMy-OwW--IHNkG8dA%26sig%3DCg0ArKJSzJgYHEHyEeVKEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D8607329%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%253Fbn%253D65010876%253Bcrtbwp%253D4bxct4KBIgNBwtnLLgxn0KzboUFQG3yp0%253Bcrtbdata%253DGDo4Ja9BKivdzl-qTJ3MfGpC-brmsP1QCyPm_XRLlFfw0NyRASa0c7SidME9_Qej89XHWrqMa8YQBwD72PpBsrbnyq3qf0ZBUJJo-ufrbEFy6hrPGmOyPjBAddEPUmj7RyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3jwvrS9T0J1WMzjR4oz79rmAkImYqO1g3DkUvmkmCPSoHsUeW1F3wxGRV-QcE45NG9CfmT8bPwR3V3fMpVJAh1rhQW6FXjSrzw2%253Bccsid%253D81917%253Badfibeg%253D0%253Bcdata%253D25lFo2cIA9k4jpqAWpNe6DjCCV49w96ZTWGpS2_jFVElJUwa1DvnauC60wOI4CueBDQXR1kV9P6FwxG81lm5RB0G2j45OeLjM6HJXZqMiH2neRoFZXgSBBqpldGk7Grgwi6CD4TuYfgehfIN0_NVdAZUl8eRshIqWDKaf-jmd0Mr_PhiGXzP-MMt4hcvbA_Yt-Q8R0qhOUmy6EyEHynWQxLw3Ubh3IIg79RmYeSqToI2td1sRlzlHqoy4RunXhqLy1hB3xpLdZbc-LGMNH8YYLp0CLdWSp35N4r89vsOAqWEFBH4i0cXBfhxcn9wHRGkNPNAiokZ0sWuFqwhPKLxp1hI0NIOrq7ZYaJU2uM20Nn_opJd3eAZ9fJCHhrkY29ePchNFTaqWXwgfQuHuRVUBSTvO_Fq2i9mu2nUSVhDZuAkJ8o-FDJHmfmbHRSvXIbGldK-PFDm6p7tIO8SnwQnMzrFXmPeEND5qK7XOvQn-hdB4SKZKGrNxw2%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fpcloak.blob.core.windows.net%253BC%253D1%253Bcpdir%253Dhttps%253A%252F%252Fwww.sunmaker.de%252Fde%252Fslots%252Fexplore%253Fsidebar%253Dregister%2526dclid%253D%2525edclid!%2526aff%253D100769&targetwindow=_blank&ref=https%3A%2F%2Fpcloak.blob.core.windows.net
Requested by: Host: comeon-comeon.bannerflow.com
URL: https://comeon-comeon.bannerflow.com/scripts/1.5.24/render.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5068 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: f9ca627553ecd07975118103247e2f1cdeef6d6fc965fd68595c51515852227a

Request headers

Referer: https://s0.2mdn.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 531
cache-control: public,max-age=900
cf-cache-status: HIT
cf-ray: 7d0b51fe0c783a3e-FRA
content-encoding: br
content-md5: udBwEuz2oZDvTlkcKUeAAg==
content-type: text/html
date: Thu, 01 Jun 2023 23:43:41 GMT
last-modified: Fri, 26 May 2023 17:42:32 GMT
server: cloudflare
vary: Accept-Encoding
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 875b60cd-301e-001a-6904-9073dd000000
x-ms-version: 2014-02-14

GET
H2 200 pixel Show response
5565bd4af50b9835bcfbc864.tracker.bannerflow.com/api/tr/v1/ Frame 1A5E 32 B
458 B 173ms
33ms XHR
image/gif 13.69.68.15

General

Check archive.org

Show headers Download Go to

Full URL: https://5565bd4af50b9835bcfbc864.tracker.bannerflow.com/api/tr/v1/pixel?data=%7B%22u%22%3A%7B%22sr%22%3A%5B1600%2C1200%5D%2C%22tz%22%3A%22%2B0000%22%2C%22r%22%3A%22https%3A%2F%2Fpcloak.blob.core.windows.net%22%2C%22s%22%3A%221685663021757_56370%22%7D%2C%22a%22%3A%7B%22vs%22%3A%22v1.5.24%22%2C%22a%22%3A%22comeon%22%2C%22br%22%3A%225565bd4af50b9835bcfbc864%22%2C%22c%22%3A%226470d438ca6f177304c9f341%22%2C%22ad%22%3A%226470d441ca6f177304c9f376%22%2C%22p%22%3A%226470d6227402c1a238e01a67%22%2C%22b%22%3A%226470d441ca6f177304c9f375%22%2C%22pl%22%3A1%2C%22r%22%3A0%2C%22an%22%3A1%2C%22s%22%3A%225565bd4bf50b9835bcfbc875%22%2C%22t%22%3A%226470d438ca6f177304c9f345%22%2C%22l%22%3A%225566fa3ef50b9640c01ab033%22%2C%22bf%22%3A%226470d441ca6f177304c9f373%22%7D%2C%22e%22%3A%5B%7B%22d%22%3A1685663021757%2C%22t%22%3A1%2C%22v%22%3A%7B%22vw%22%3A1%2C%22s%22%3A0%7D%7D%5D%7D
Requested by: Host: comeon-comeon.bannerflow.com
URL: https://comeon-comeon.bannerflow.com/scripts/1.5.24/render.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.69.68.15 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin: https://s0.2mdn.net
date: Thu, 01 Jun 2023 23:43:41 GMT
cache-control: no-store, must-revalidate, no-cache
access-control-allow-credentials: true
content-type: image/gif
server: Kestrel
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H2 200 6470d441ca6f177304c9f375.S6215quGrb5i.gif
comeon-comeon.bannerflow.com/bf-images/ Frame 0132 28 KB
28 KB 28ms
28ms Image
image/webp 2606:4700::6810:5068

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comeon-comeon.bannerflow.com/bf-images/6470d441ca6f177304c9f375.S6215quGrb5i.gif?cb=638207197526977365
Requested by: Host: comeon-comeon.bannerflow.com
URL: https://comeon-comeon.bannerflow.com/bf-banners/6470d441ca6f177304c9f375.S6215quGrb5i.html?cb=638207197529081769&clickpixel=%2F%2F5565bd4af50b9835bcfbc864.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522comeon%2522%252C%2522brand%2522%253A%25225565bd4af50b9835bcfbc864%2522%252C%2522placement%2522%253A%25226470d6227402c1a238e01a67%2522%252C%2522ad%2522%253A%25226470d441ca6f177304c9f376%2522%252C%2522bannerset%2522%253A%25226470d438ca6f177304c9f341%2522%252C%2522banner%2522%253A%25226470d441ca6f177304c9f375%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25226470d441ca6f177304c9f375%2522%257D&targeturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsua49mUdl0h7bIxH0YAfNCtzYvfM9wyZfruKM002FQm1_Ys_aRax18oPJ7NVmKHEo2lhwctLagOxr0vw6bIyiE84TjuwAXUPFbNB7dqv5It3tbZ7LNKQ5JZpQFP_DXnUiVaREV5kUFuC4A8aCk9_ulrSiO98CRFNqYvLA3NGZ-k6iW7etYV%26sai%3DAMfl-YRFnYhKMkYO7iBFY-uFZkD7RVto_wTloAqJlLpn3CIPYya_Z6ltqdSpmKls-qnra4sVbbq41otPW8vTCZZ6MfMy-OwW--IHNkG8dA%26sig%3DCg0ArKJSzJgYHEHyEeVKEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D8607329%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%253Fbn%253D65010876%253Bcrtbwp%253D4bxct4KBIgNBwtnLLgxn0KzboUFQG3yp0%253Bcrtbdata%253DGDo4Ja9BKivdzl-qTJ3MfGpC-brmsP1QCyPm_XRLlFfw0NyRASa0c7SidME9_Qej89XHWrqMa8YQBwD72PpBsrbnyq3qf0ZBUJJo-ufrbEFy6hrPGmOyPjBAddEPUmj7RyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3jwvrS9T0J1WMzjR4oz79rmAkImYqO1g3DkUvmkmCPSoHsUeW1F3wxGRV-QcE45NG9CfmT8bPwR3V3fMpVJAh1rhQW6FXjSrzw2%253Bccsid%253D81917%253Badfibeg%253D0%253Bcdata%253D25lFo2cIA9k4jpqAWpNe6DjCCV49w96ZTWGpS2_jFVElJUwa1DvnauC60wOI4CueBDQXR1kV9P6FwxG81lm5RB0G2j45OeLjM6HJXZqMiH2neRoFZXgSBBqpldGk7Grgwi6CD4TuYfgehfIN0_NVdAZUl8eRshIqWDKaf-jmd0Mr_PhiGXzP-MMt4hcvbA_Yt-Q8R0qhOUmy6EyEHynWQxLw3Ubh3IIg79RmYeSqToI2td1sRlzlHqoy4RunXhqLy1hB3xpLdZbc-LGMNH8YYLp0CLdWSp35N4r89vsOAqWEFBH4i0cXBfhxcn9wHRGkNPNAiokZ0sWuFqwhPKLxp1hI0NIOrq7ZYaJU2uM20Nn_opJd3eAZ9fJCHhrkY29ePchNFTaqWXwgfQuHuRVUBSTvO_Fq2i9mu2nUSVhDZuAkJ8o-FDJHmfmbHRSvXIbGldK-PFDm6p7tIO8SnwQnMzrFXmPeEND5qK7XOvQn-hdB4SKZKGrNxw2%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fpcloak.blob.core.windows.net%253BC%253D1%253Bcpdir%253Dhttps%253A%252F%252Fwww.sunmaker.de%252Fde%252Fslots%252Fexplore%253Fsidebar%253Dregister%2526dclid%253D%2525edclid!%2526aff%253D100769&targetwindow=_blank&ref=https%3A%2F%2Fpcloak.blob.core.windows.net
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5068 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a144483789f9b0b1ebcf9e93ed5d8184593afa04cc6454ffcf11efac34611e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comeon-comeon.bannerflow.com/bf-banners/6470d441ca6f177304c9f375.S6215quGrb5i.html?cb=638207197529081769&clickpixel=%2F%2F5565bd4af50b9835bcfbc864.tracker.bannerflow.com%2Fapi%2Ftr%2Fclick%3Fdata%3D%257B%2522account%2522%253A%2522comeon%2522%252C%2522brand%2522%253A%25225565bd4af50b9835bcfbc864%2522%252C%2522placement%2522%253A%25226470d6227402c1a238e01a67%2522%252C%2522ad%2522%253A%25226470d441ca6f177304c9f376%2522%252C%2522bannerset%2522%253A%25226470d438ca6f177304c9f341%2522%252C%2522banner%2522%253A%25226470d441ca6f177304c9f375%2522%252C%2522spotIndexes%2522%253A0%252C%2522bannerIds%2522%253A%25226470d441ca6f177304c9f375%2522%257D&targeturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsua49mUdl0h7bIxH0YAfNCtzYvfM9wyZfruKM002FQm1_Ys_aRax18oPJ7NVmKHEo2lhwctLagOxr0vw6bIyiE84TjuwAXUPFbNB7dqv5It3tbZ7LNKQ5JZpQFP_DXnUiVaREV5kUFuC4A8aCk9_ulrSiO98CRFNqYvLA3NGZ-k6iW7etYV%26sai%3DAMfl-YRFnYhKMkYO7iBFY-uFZkD7RVto_wTloAqJlLpn3CIPYya_Z6ltqdSpmKls-qnra4sVbbq41otPW8vTCZZ6MfMy-OwW--IHNkG8dA%26sig%3DCg0ArKJSzJgYHEHyEeVKEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D8607329%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%253Fbn%253D65010876%253Bcrtbwp%253D4bxct4KBIgNBwtnLLgxn0KzboUFQG3yp0%253Bcrtbdata%253DGDo4Ja9BKivdzl-qTJ3MfGpC-brmsP1QCyPm_XRLlFfw0NyRASa0c7SidME9_Qej89XHWrqMa8YQBwD72PpBsrbnyq3qf0ZBUJJo-ufrbEFy6hrPGmOyPjBAddEPUmj7RyF8AUZcZD-PU39zjExzCnuH8KSjkBUKyeuGl_f7SXZDp5Wjm3oV3jwvrS9T0J1WMzjR4oz79rmAkImYqO1g3DkUvmkmCPSoHsUeW1F3wxGRV-QcE45NG9CfmT8bPwR3V3fMpVJAh1rhQW6FXjSrzw2%253Bccsid%253D81917%253Badfibeg%253D0%253Bcdata%253D25lFo2cIA9k4jpqAWpNe6DjCCV49w96ZTWGpS2_jFVElJUwa1DvnauC60wOI4CueBDQXR1kV9P6FwxG81lm5RB0G2j45OeLjM6HJXZqMiH2neRoFZXgSBBqpldGk7Grgwi6CD4TuYfgehfIN0_NVdAZUl8eRshIqWDKaf-jmd0Mr_PhiGXzP-MMt4hcvbA_Yt-Q8R0qhOUmy6EyEHynWQxLw3Ubh3IIg79RmYeSqToI2td1sRlzlHqoy4RunXhqLy1hB3xpLdZbc-LGMNH8YYLp0CLdWSp35N4r89vsOAqWEFBH4i0cXBfhxcn9wHRGkNPNAiokZ0sWuFqwhPKLxp1hI0NIOrq7ZYaJU2uM20Nn_opJd3eAZ9fJCHhrkY29ePchNFTaqWXwgfQuHuRVUBSTvO_Fq2i9mu2nUSVhDZuAkJ8o-FDJHmfmbHRSvXIbGldK-PFDm6p7tIO8SnwQnMzrFXmPeEND5qK7XOvQn-hdB4SKZKGrNxw2%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fpcloak.blob.core.windows.net%253BC%253D1%253Bcpdir%253Dhttps%253A%252F%252Fwww.sunmaker.de%252Fde%252Fslots%252Fexplore%253Fsidebar%253Dregister%2526dclid%253D%2525edclid!%2526aff%253D100769&targetwindow=_blank&ref=https%3A%2F%2Fpcloak.blob.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Jun 2023 23:43:41 GMT
cf-cache-status: HIT
content-md5: yWFJG1Wo1TSXdnZU0e/21g==
age: 398
cf-polished: origFmt=gif, origSize=51521
content-disposition: inline; filename="6470d441ca6f177304c9f375.webp"
content-length: 28578
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri
last-modified: Fri, 26 May 2023 17:42:35 GMT
server: cloudflare
etag: "0x8DB5E109727C445"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 7d4a793f-201e-0016-6a04-90e4d5000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 7d0b51fe4c983a3e-FRA

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 51E4 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswBuuWbK2LvJP-RcIhCCHtKjT5OxtH19zGFIhDnu5AxZ7sSgBRnACtrCYHovRNBpqNqS7HIypXt0bFkigw6LyRc2LNSLJ6QL54KMxulcc6BL2QMEFQ&sig=Cg0ArKJSzE82F7Mkpr3QEAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3203893797&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685663019890&rpt=895&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 51E4 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdl8ufabmh89IaW7qjUbvlbz7W_01zz8JMRh48AxLmB2KhrvpPBS6niI_PHtmTjdaXorWUpHn26cGGehW-aB5sbKoDOtQAvTQ&sig=Cg0ArKJSzL2IacvMsnMiEAE&id=lidar2&mcvt=1003&p=0,0,600,160&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=3753878679&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685663019890&rpt=899&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get
choices.trustarc.com/ Frame E2B5 287 B
628 B 25ms
24ms Image
image/png 52.222.214.123

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=46h40h0_ji7q872_lgqypybz&w=970&h=250&c=tradedesk01cont1&js=pmw2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.123 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: public
date: Tue, 23 May 2023 01:16:12 GMT
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P3
age: 858449
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 287
x-amz-cf-id: ot77RqD3j5rbF1NxmwCe-YxjP0iSvQv749BRTZCpnn2B-mOArI0ykg==
expires: Thu, 22 Jun 2023 01:16:12 GMT

GET
H2 200 get
choices.trustarc.com/ Frame E2B5 739 B
1 KB 25ms
25ms Image
image/png 52.222.214.123

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.123 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: public
date: Mon, 22 May 2023 01:22:16 GMT
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P3
age: 944485
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: foTiyomJuslmDK0KRJolBG7B1u5jpTq16chPsDLuF2Tf3ZN4ABHVPg==
expires: Wed, 21 Jun 2023 01:22:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4BA6 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiECPUVn0pRqxcSCCH4jd-btb6zroEzZPz-J_iG09M7O8VhqkgKsdN1Z-scZVRpIw1JQqAq01G2H8sWIF_iflJzODhX3vtuFp3f2SvRPAeBON7x3mYTYYwFTX1QP1N3U1hXGsYnw&sai=AMfl-YQYBIpk-52kr5CNK-OcB9DdsGvLx35ilcM7_N_L_aeX8LlOsMf06bSEnSNN8v2gsf7X7ulo6b6e7Uqnxc1GlLZ2v_GAfkxsYzP7RursZewkugkAldUDVDlcTFs&sig=Cg0ArKJSzCOxO0XIcSe0EAE&cid=CAQSOwBygQiDN46SoSb-vq_1SI7RETBTZOBk03tDrjaNdczrexJ5Bh5Ibk6ujjtiE28-MxmGvfLDDBj5fW7BGAE&id=lidar2&mcvt=1000&p=0,119,40,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3299242717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685663019858&rpt=566&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51E4 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=543041907330&version=m202301230201&ct=2&x=8&cor=5231338625520800000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET event
unilever.demdex.net/ Frame 4400 0
0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BA6 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7411219401763&version=m202301230201&ct=76&x=1&cor=6700015120537500000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:43:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=1500&ts=1685663018007&src=pbjs

Domain: cs.emxdgt.com
URL: https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEF8Q2c36sHsuYRBpfEX96ws&google_cver=1&google_push=ATf1kGMuG8cLpucASjh01mxCm4ULamGhptWY5VS682KjvpUh4c2xEMtHqCK8M-LZjU8fmq_pa-vmemACTJ-90uysm2X55ODTpG0Q

Domain: unilever.demdex.net
URL: https://unilever.demdex.net/event?d_sid=25453995&cs=1685663022084

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubiconproject.com/	1970-01-20 20:59:59	Name: khaos Value: LIDS8L4P-17-IYKZ
.rubiconproject.com/	1970-01-20 20:59:59	Name: audit Value: 1\|naVuGyos1qo7FrboCI+vP8zzH/SUMvpGs1wMD2ZZQDK15hXKCnPm+B1h5W4q0qdd8NhzLov3/0MOwzHLtYfPBBoZUFBBzTvW0A+VO7RH1E0=
.doubleclick.net/	1970-01-20 21:35:59	Name: IDE Value: AHWqTUmtDiqBFr3qKEfmA_S483yaxfS-Hdw6JEuRXI5GFaWIqHA1HpxInZVmLAhwOP4
.doubleclick.net/	1970-01-20 12:14:26	Name: DSID Value: NO_DATA
.criteo.com/	1970-01-20 21:35:59	Name: uid Value: 61e452ec-f93d-4feb-83b9-1c32df167847

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript	error	URL: https://ye-mek.net/(Line 39) Message: Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685663017739&bpp=4&bdt=717&idt=310&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&nras=1&correlator=8786959146304&frm=24&ife=1&pv=2&ga_vid=288053228.1685663017&ga_sid=1685663018&ga_hid=190282803&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44788442&oid=2&pvsid=3034555866243605&tmod=1937465561&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.xjee1ntxe87k&fsb=1&dtd=326 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://as.ad4m.at/ad/dr?ed=1kbyrqmej76jaqcya7wetq1t9kvkpntq7tfeq6excjg8avmxpnfy5vfwgw5k286zh1hm76327s21zjqgg79k6jenqxqv2ragg6cs3tfsrstabnggx5arcyr4syzcqwwkbnmdezaq9asaevz065r9dr5t963pcebd2eqjgkb9cxw7w139znby1h3ja6pt946m63mq2dasfw625kp9x7ytwhbtzkwznxpasynsgan1vz5pg669qm1ft4vtpsqbht78v5qg4yctns9nsqr01wvdfzrc3fxhppwxc3bt05vmkpz9z0c1vc8kab01ged51pv83nxwye51dgrc5wth3x7nqxt1trksw7zs6tb6t9am078b3n5gbzntxj3nvr2yt4zzcgcjnyckcvb3qxrsbw0m07y636q69zrvgswrskybde2eha32k7vm8xy84m17ajmfnkzbeard1c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%26client%3Dca-pub-7983651257838282%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1hcvd9367dxd51e1dk3mkfpdrx59bgsvqnm7ytpcewgtn1ced5aqxx5a0wm7bq5fm0sgh80vhm9a6fswp37zhp7nkehkg6mqtxtwm07v7x81mg4y995v27trxq1pz6222vjq8rv53aksjgas331s8c0y0dd25e6f8fwrct10pg195qc307pdhz9y130x6m6wap8jf7yekqmj2kssq3zxpf3kef2k2sgn3gxhg556rme75bwjw92wnzqt5d337ry7ej92ksdr5vccc66d46173bhwc82evkt0r6c06bdxr00dj4qk8qmwnj8f806nw64rcezpcn05374rxfa3zspv9f7kcjrmsm7zqzvcashz2865cnj68nyk1xk7srw6dpchd2bnv244f40yxs6wd17kw38bptvyawcmrgn6a2s4v714styaasbg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%26client%3Dca-pub-7983651257838282%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=728&d=90&e=&g=2f1158fc991c25af1e19f705482bfafd%2F2321417586194464727&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1685663021011&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hnssdrexzwrvk550v7byadesefwr151qd1b1ttqbnvnwpswhpsyveq04c3mf5n1y193kj2x0epzgfajtej05msb839mf7aaqr0hkbysac9cgpzrhftahcc6kava2y8ay82g2mhe8ax8a3hv1jb13r51z69xx5rx79cjbj7sssq2qmh9arsdkwcz2m774vcdrfwq0kwjjjhz7t7ktbb49v47cd0x10tppceevkxcyhans96504k6wrd1yjmrz54e6vg6gf74p8abrad0cfs0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCS_7_Ky15ZKvRJPSi7_UPwpyzkASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEngJP0C0x_JQbfBxa-JlnLEdSIy-6WPzQ7BSQMx4fnta4sUWlBLzu4N_hOf2rcy_mExrgr30wdOGratA_neQJXHWjPGIJBqHBefqaqklOJm76Yjteh1EqorWAOmDQFYyUJUtO5seDBF9qAJ_ndLvdH3sKWoCisaT0ugNgx4_arrtEJkYkVqrxPstQG2v2u3HMWHiWQ-s14f6Qaw7zdJt4zSQCny7wORFJc_uHXDBkHksdTRukaYHdLaYypm7R7SXmLAUCEIbIaMmHVqlIz9_M0Rjx90GJceKAr5mmHq8iedwLYFA-_p0i5-L2fmwieJveg1p3OH8eE-fHgHNVhDW3slxynS7qo1T9Uj0NcVIQs8s83-nIExI8Qp9cfRF3-Ubo4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02eCnoMDlw5VFWThnT2MPQO3AinQ%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=90&e=&g=98ee16c764ac1be3f2c5a400ca932306%2F4715799845315985016&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685663021012&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdp53vktf3p893wfmpssbbnr1hdqd726sjj3wnbyf0r1xtet3m0b8tdb8xz0x8gba9v45y68fyfaanhjsah7d115kwdc9zz4vw2rc14m54mk200bz59859bksrj7gw648739g0nnq3344rg9csdfbbc6c7sst3sdepm6thnv501ekke56az0wefk576wv2dj2skzawsx5bdezp7jfz7nk5360k5r88kfq5j8zrvgdf0g8yngzwkgy8q5qsaw0t4afv0dx9n5wmdqjkp9c82csfj94%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzLp7Ky15ZMXDJKCf7_UPl-6aoAaQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJqQJpqB7bjAOyPuACAKgDAaoEpAJP0HYYvfMXG7aHwLEfTiXxnwUJsikc-bFsc1WaEcCV1Q7NgeOHnKcBry-tU5FeoPNE4vVtPxIz4ewaE499wDGTeVUNzR67bXIGortPcdr6IH6boEnhmNruFjbb_B0ZiTEqPXP1u9uPhgVf6M0259yZXsVviTh1jEZaPs2mts96BeovqdWc7XcrnVTMR9bKDvfZXizo7uhNxU7aR40T2Tmd0aZIlfsvuaw5anImyTr0JbmrVhoKrh1_QxHcTfFUbduM3j03noMDyxzcQAyAJHoEkt51I2XzTQSF8YnxHEVtSV59bh8JG6ZOy7Za8p5kz_nyd5luEhdQHiexAgTreklc8cnTpfH9_QyGJpPciCpKMlVNOvp4cuziofK6mn6-qghlVUtk4AQBgAbO6LrFlbONgqcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2fqcb5_QqQyophJGI_bjIIldv-YA%2526client%253Dca-pub-7983651257838282%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5565bd4af50b9835bcfbc864.tracker.bannerflow.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.adsrvr.org
ad.doubleclick.net
ad.yieldlab.net
ad4m.at
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
analytics.webgains.io
ap.lijit.com
as.ad4m.at
assets.ad4m.at
beacon-ams3.rubiconproject.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cdn.ampproject.org
cdn.bannerflow.com
cdn.jsdelivr.net
cdn.track.production.webgains.team
cdn.ye-mek.net
choices.trustarc.com
choices.truste.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
comeon-comeon.bannerflow.com
connect.facebook.net
cpm.programattik.com
cs.emxdgt.com
d5p.de17a.com
dclk-match.dotomi.com
de1-bid.adsrvr.org
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
ef3e578d47372562e348cc7d3b47c6eb.safeframe.googlesyndication.com
eus.rubiconproject.com
fastlane.rubiconproject.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
ng.virgul.com
ng2.virgul.com
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pcloak.blob.core.windows.net
pghub.io
pixel-sync.sitescout.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prod-rtb.ad4mat.net
px.ads.linkedin.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
s7.addthis.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.criteo.net
static.virgul.com
sync.1rx.io
sync.inmobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track.webgains.com
unilever.demdex.net
www.awin1.com
www.cloakan.co
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
ye-mek.net
cs.emxdgt.com
hb.emxdgt.com
unilever.demdex.net
108.138.15.119
108.138.9.235
13.32.121.66
13.69.68.15
142.250.181.226
142.250.186.70
151.139.128.10
162.19.138.117
167.233.13.224
178.250.1.11
18.135.173.74
18.66.147.52
185.29.134.244
185.64.189.112
185.7.176.221
185.7.176.223
185.80.39.216
198.47.127.19
20.127.253.7
20.60.220.36
213.155.156.167
213.19.147.44
216.52.2.30
216.58.212.162
23.206.208.114
23.45.237.121
23.56.202.187
23.56.205.163
2600:1901:0:76b9::
2602:803:c003:200::31
2602:803:c003:200::57
2606:4700:20::681a:71b
2606:4700:20::681a:8a9
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700::6810:5068
2606:4700::6812:19ad
2606:4700::6812:372
2606:4700::6812:7e05
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:801::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:d::d
2a02:6ea0:c700::11
2a02:fa8:8806:20::2010
2a03:2880:f083:9:face:b00c:0:3
2a04:4e42::485
2a05:d018:d29:3602:6ae3:6657:23ce:d6ec
3.125.195.44
3.33.220.150
3.77.69.115
34.102.243.38
35.227.252.103
35.241.45.217
37.157.4.23
37.157.4.24
37.157.5.133
37.157.5.71
37.252.171.21
37.252.173.215
51.89.9.251
52.222.208.154
52.222.214.123
52.46.155.104
67.220.224.144
69.173.144.138
76.223.111.18
76.223.26.175
77.245.159.14
84.200.5.215
85.111.6.48
85.114.159.93
94.138.206.83
95.101.149.35
98.98.134.241
99.86.4.52
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03a01ad5e8143a1ea639e78c7f2201a74a9ea74d2fc9c1b03a55b820c7839ee5
0559c69d8feeeab96fc1638978b2709cce5758389fcf8bf341423d192677f50d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
089371c2d0c637c172d5af2ba670a229c49df18790fa29a8c9a3d4af7796f2c7
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
09d46eb1397a55833670832dcac4edf7f7e1d2b170b3eb7c11557cadcfe0a784
0ab8b99dcad680b96c31500f2e0bec3978813df45c359f0c01d01f49e5b197e9
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb6011ca0dbc5ca0ec9f0cf68f65fb93b324b359d0aa3c1986bc5c60b04b875
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0cc8f436c8d6a58a7cfc6ecd100cc12f39b19b13770b664a3bd80373d844e2d3
0ccc84485ec58c3e6bd06279633d98e9f85a9a186fa550852b1d00a2d3716f8c
0f09b0318aff3af0d9800468abe10528cc754efdc123700533cddc1183ec05dd
11f2f6707f9738ef32cbf188862e30bf5c0b64bc3532abfbff56e79c2c1bc2c3
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16ca6788fa61db90463057d260051d04ae1b2c3c1e46e86a7d04cfad6df6fc3e
176c8c0668e7e1fa94e294393467b5df4e0b2ead46c874d1c6921d8b8242030a
19570ac2ab7b94b4f118484b49f9cb9813f8a0416be1cd9e44ab7970b922a1ed
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d38d3575be56d128dcaebb0d6013e528e67048b2a47393a7122248f51bbf1a9
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
21896d6508fdf85e7af8d9ae8646b9db055817b96d1c9759e573502544c212ca
22c974ca84d1beebef37b4c95335f8ae6f597563bbb9246eed2f4f647a176128
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437
2312a8ca2aaa918b94c448545a36676abee3f7be212ff5c3e207db0ab7a9281e
23a94822c53a89bd37e99e85cfa9b7d5fbe7a435687624e8b3870230899fbc81
26702ae7a960c8f250350ccde8b196f350fc03ccfbbe8d801938d810ff7d3945
268d2ed9429d7595bbc18c4f44374c6916a3d44ac0c878b3616d85caebdcc5f8
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2a144483789f9b0b1ebcf9e93ed5d8184593afa04cc6454ffcf11efac34611e4
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2c481ccdb6e10e0136132ac25c732c873df15b1cf23a063a714f63606159551e
2cc5de34e8914d3f4a740635837c49f638743d85682d7e0037ea9fdc7b659993
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
39b36742155c7a34c0a5004d3ac152d07ecca8f8482e0939f6a9014a29f5fe77
3bb3896616eef75a1a5ee9ccd3ab95d5faf92c122a3f7c3a5c4320b303ab5a31
3c2fc0614d14f19c7b68d795bbd361ec0baa28f2f72f7fd645cb7967f380af07
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
3fb4740b294fde30baedbdbb62af5521176842bcfb6c7b64d967962ed4eac753
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
42c600c9293359a7e6a9506e5dc30ca74845321a0849e8aa0cc5d2d52a7b5a94
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
465909b0130fad6ae6ed2b7911110808e5d1051484d4cee598d778046a85e8b0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f0e1ce5f1bc9e08e3dc864c6d65fb7bde761cdde2e8ca86780c539991badf5
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4809916d0077b67c97480fbf143ebdd652c583f4158a97505547db40bed655
4e61c4c6f2c0c52c9b5dadb303f0db1128715c2e8819a50b1d24c6d7089fbebb
4f72c90ac0456372cb5ce96f7364eb4d76c7f33b85ae17a777267d4334a20fbc
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565b56a04b0c14fbb67f85831742be7801516ffc8d4f8737eb702caf6abc64c1
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
587405ff5b3e5c040e4d5f24ae63b93b12c7438cca34ca28f313a104df8e8468
5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a
5c06ddc90e3ff457f4354a37e4499333226dd0204742c07a892104a9c9d45520
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e2084cf59c4f68f8346a17541d1cf44755745ec160e6bc3cfd9d1651424640
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6c6d900511c502a6d0b97a298ecab07040eb48a8756ec785beddb35006825f0a
6d27db31ff47db31fcf69a7d4397eb20533d3f7189ed80a4d5345a9d449fc5bb
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
772de1eb224033fdc2d4f895698a95d01249b3e95be8f99991e8f9099c985df0
79b2fa499fea10d7e5ef3ce0851a5be9664e2043381655d7684b95d138311d43
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
7d7862e6fbf2d69229da6a29919581daccb5fda185e6d92171147b42184eb460
7e36af7b80897b61ec68d3c4e222b6367a4fea0143dbca2c6884aa4623feb040
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837d63620657b055c980948022e01ba5c63c986d3d08ca7db80558411eab45d6
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
881557cf62ae6459da90e17bdb7c608c646010d308e4c0feb9cda80cca82d59b
895005ee25ee58c98d5a015a6d3f41c72eafcbde49431119cbb60e27d1265130
89fca8ac116ef77374a06351bb4a3f1308b152caf18d45b36eb12f1c34805167
8b043c00ac1abc4518fc711f5e932aaabd63da8ccc59464de65c454ea2ff01b9
8b9df28f59076afb3f8ebca8d01cf67f27a2172705e582d8824af82e4a293494
8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8
8c911e08d44dd204ab6b8d9d9d1f74658176977075a7bf651e6b42a963c1a98d
8d61d212045611c2b5a7956db31bf8ccf7f53515c48f85d6851be4c66a1cd9f8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2b2033aae5f2ebbc9b92291c3cdfa7a084429d21d85b382e39dfbd875b5f55
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8ed86e2b928c1b3c7035f47e16f70e3e71131b34c86b59e783a0559fcc8de4b6
8f2faabb535d781670d661ffc882bc1026221fcf67344bc7b250f6102d5bebca
9819547cd26c610ba3d15895e8ed81e8a5661421fb2a144064345cd9fb94a0e6
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c1d5eead33fb63bd3a19b2444461953449797f909ef408e9aef9bf572546736
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9ca119586f3ba8e6a4a1dacf83852d3275071d2501de033ba04673b4efde1ac3
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9d3fbf7c17c5c355ffc2c599b7040bdaf254129b19dbd66e946f035465d2aa64
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
9fe178b3a246dfa8391758b6964ea91fa324fc0942c9d3fb8e7c652a47ab23da
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1755361ebea5c38443a4e30f7c334868e54ed383f2ea73dc412c665d0dc6f4e
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a4099a8ee3293b603e4cc68ebc163b8328b4f7d45041b1237cc80e353db92bee
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6320eac3bb550a7a53c651faeee209aa87962dce52566b90109585216f0e380
a6cc789aba8ac76bed3b32f93c97b5848d1e04c2866c15a0cbe39d9c25783af9
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7729e83a2a31ee567f3eaab3ee5eb1becedb839188fcb59fffd34667fa4bb3d
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
a9f2bdacd4951b5e28dcd417c660d0e84dd2d82c09b81d4ff3f22e0bd3b20cb0
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac2429c9dd60bbe0eeab4fb4322667db2a3566125b4a1d772c488381de05b9e6
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
ad5c65b1bd2f1809f6a1f53e7c676971bd09370a3feed468d7c444a33cdde8c6
ad71bc506a9cd91e1716a582328ccaf3c955d4848963329c96eb435d872cdc4b
add6f28e8fa3fd84fd02879774862b9144cfd6a3966d17055e2f9744893079ec
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
af27ff8e0ffae533f2ae54cf3d9372c0979b4d1691a2573af76d426a9488a545
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b0a9edd9406b9e846d2613b16def49dca3d2307816622cb274acc4d0d2314245
b135a577b9bc1f7e88be6e7c4f73397db72b0950e5a719af71f9dbb9fa47cc48
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cbaf3eeef7c4d44c4ec9242da52a2966918006f65235d52ee3438f1e0ce73c
b358220e5b27c2715f2afcdc4c02c448766bb9d81b959f877a0026aaf60c6f86
b438fcb0b6409866bcf245a57397590528a9db351cceb09953f27f9105069895
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b83aee6ab5341220143131e6b44acffd4d73963e125056219c1ff7f3057f77b7
b922302c22aaa52e4ee94cc4e8949e60012dc6625adcff0165ef193caf3a3ee3
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
bbe94db022e5f7fcbf99255693dae29db2e2c03174fbbcc56b0cb6d9b9b9bb6d
bbed5424f2f97c210ccba4c2050a216711a997c49a8cef4051db16386e7a1b4d
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c236871c166be8d9b18d525e6bba93edcf88bfb1b79d54c3013a67b17ca5fea2
c2398f7cd250e7f74a174468329a3f1cb829032998f0ed4c0034672aa5f3ffeb
c2af72a404720105529c263fd93cd0193b920a7098a0e8c068c7fa9e6c35754c
c4c25bf6b4460d191982c4b8c17324bb992e42dacb53f0d7dd51cf11fc24c6ec
c9d2186b01fab3b892d42f1135674d486e83cd3eee9c66d31a34e140458292a0
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
ca4860813ea837436a0040ad52750556d2d80f33d287607f6542cf662d88ab97
ca82cfd8cd2ec61cf115e16f27eee14f299308188b72f01e0758179c4f8a6522
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d0486b7f66d01f751ad3df7479383308281d81fe258795a4b55f016776e9ed5e
d101a2dfc5de49f2797353ac141b404b96ec5d1b3e1a6e84ec97b76264b8886f
d1f7d57c54a2f168df796106063e89d2c6dc208ceeb2fca5257ed9297ec2bf88
d2d887515bbff324e166602e4a4f70f620adc7da103204fc31d8fd3d0253ac62
d395387bfc7fef92c010b8904ab15c40128f55f2be52a4bd3351cc97ec1b5fbd
d53d7da4dd34d0c84942abb930cd555068569f5ad8fdc2ef1024b9a7d975e2c3
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
d7d89a85ca36ba2b8a4b0a736f4facec28380bce18c6dc81912efeea9e08e393
d9820cbdfa51ec6677bf026fa786d1ca93dd0dd9e4e3ab8c3a2a855386194e43
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
da8da9a8b17a97d2ed230ad4f7441ebaa25c984ebfbdc8acd4ae6553ad9ce5f0
db725e2f455d418fe503bf105ae1f43045035eb576fa2f667e21a8c290e06d17
dd147215c433cf11cf795f86d20e08e98be616b4ccdaf99e394d47035988325c
deb548e330b008ae97d73ade60474f69bcecdc48212a65be7908f056fb654b19
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e685a897e3b552fe45551a3223b135ce7cb62521f32759e30f657e1028edd94e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e83a6e6d3b514c443964ced040878fe12d03f326240804355adc29084ed7ca8c
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
e965445c73cc3e6944b4371a8f0b4a1b60c7765113d2c16f0043ce0a7b0ac0c2
ea3d644c373d186b76aa1efa4290d417f5ee18a4341745dd291d9b590f2a6a27
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eb8e687f8ef4d4838ea77f88aa15f238529f8273aa2d22b7efc8ff18460f7757
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5ed6fdb4149f11677dfe737c6a275538efc7ccece2f9435252460881370a26
f35fb700ba1c9f6aa2b682cbc9307da3918e9e7281fe35caff1d4a298b8bf046
f8851656c76b34d0b68710739e01ccf4592fcbf41a901b9f75709abf6b117151
f9ca627553ecd07975118103247e2f1cdeef6d6fc965fd68595c51515852227a
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884
ff9f858ac817d1e04708aca4e81f4d6d060bb2d82d8d6057c655b22bfc439427
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

351 Requests

90 %HTTPS

40 %IPv6

68 Domains

107 Subdomains

81 IPs

7 Countries

4915 kBTransfer

10195 kBSize

5 Cookies

0 Outgoing links

Redirected requests

351 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

351
Requests

90 %
HTTPS

40 %
IPv6

68
Domains

107
Subdomains

81
IPs

7
Countries

4915 kB
Transfer

10195 kB
Size

5
Cookies

351 HTTP transactions
8 data transactions