urlscan.io logo urlscan.io
SecurityTrails logo

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36  Public Scan

Go To Rescan Add Verdict Report
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Submission: On May 12 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 11 countries across 62 domains to perform 371 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.
This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 20.60.220.36 8075 (MICROSOFT...)
2 77.245.159.14 42868 (NIOBEBILI...)
2 94.138.206.83 49126 (AS49126)
1 2a00:1450:400... 15169 (GOOGLE)
40 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.139.128.10 20446 (STACKPATH...)
8 23.206.208.114 16625 (AKAMAI-AS)
1 22 185.7.176.223 42910 (PREMIERDC...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.32.185.123 16625 (AKAMAI-AS)
13 2a00:1450:400... 15169 (GOOGLE)
48 2a00:1450:400... 15169 (GOOGLE)
3 13.224.225.68 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
1 35.241.45.217 15169 (GOOGLE)
2 185.7.176.221 42910 (PREMIERDC...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 108.138.201.216 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 37.157.5.132 198622 (ADFORM)
2 216.52.2.16 32475 (SINGLEHOP...)
1 185.64.189.112 62713 (AS-PUBMATIC)
4 85.111.6.48 9121 (TTNET)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.194.201.98 16509 (AMAZON-02)
6 2602:803:c003... 26667 (RUBICONPR...)
5 11 37.252.172.123 29990 (ASN-APPNEX)
1 95.101.149.35 16625 (AKAMAI-AS)
1 2620:100:a001... 19750 (AS-CRITEO)
1 34.102.243.38 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
3 185.7.176.218 42910 (PREMIERDC...)
6 2a00:1450:400... 15169 (GOOGLE)
16 43 172.217.16.194 15169 (GOOGLE)
7 13 185.80.39.216 27381 (CASALE-MEDIA)
1 2600:9000:249... 16509 (AMAZON-02)
1 154.58.197.185 174 (COGENT-174)
1 192.229.233.53 15133 (EDGECAST)
1 3.125.249.165 16509 (AMAZON-02)
23 2a00:1450:400... 15169 (GOOGLE)
2 3 34.91.62.186 396982 (GOOGLE-CL...)
2 2 35.186.193.173 15169 (GOOGLE)
1 4 178.250.1.9 44788 (ASN-CRITE...)
3 4 185.64.190.78 62713 (AS-PUBMATIC)
2 2 54.76.83.155 16509 (AMAZON-02)
3 3 213.19.147.45 26120 (RHYTHMONE)
11 18.203.131.238 16509 (AMAZON-02)
6 142.250.184.194 15169 (GOOGLE)
3 6 18.158.240.157 16509 (AMAZON-02)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 18.184.195.22 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
4 3.33.220.150 16509 (AMAZON-02)
2 35.186.253.211 15169 (GOOGLE)
3 3 185.29.134.244 30419 (MEDIAMATH...)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 3.120.144.155 16509 (AMAZON-02)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
4 4 37.157.6.254 198622 (ADFORM)
8 10 69.173.144.165 26667 (RUBICONPR...)
2 2 3.75.62.37 16509 (AMAZON-02)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2 2620:100:a001::c ()
1 178.250.7.13 ()
2 23.35.236.201 ()
1 151.101.65.108 ()
2 23.201.255.110 ()
4 185.64.190.80 ()
1 1 193.0.160.131 ()
4 185.64.189.110 ()
2 2 213.155.156.185 ()
1 34.249.208.98 ()
2 2 34.111.129.221 ()
1 34.111.131.239 ()
3 4 18.66.122.70 ()
1 2620:1ec:21::14 ()
2 3 52.46.128.147 ()
2 3 67.220.228.201 ()
3 35.241.34.106 ()
371 74
4    20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pcloak.blob.core.windows.net
2    77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com
www.cloakan.co
2    94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)
ye-mek.net
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
40    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.ye-mek.net
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
images.dmca.com
8    23.206.208.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
22    185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
static.virgul.com
ng.virgul.com
ng2.virgul.com
rek.izlesene.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    23.32.185.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-123.deploy.static.akamaitechnologies.com
z.moatads.com
13    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
48    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    13.224.225.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-225-68.lhr61.r.cloudfront.net
c.amazon-adsystem.com
13    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
2    185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
c1.imgiz.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    108.138.201.216 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-201-216.mxp64.r.cloudfront.net
aax.amazon-adsystem.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
9    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
5    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
2    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
2    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns1.ttidc.com.tr
cpm.programattik.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    18.194.201.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-201-98.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
6    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
11    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
1    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
1    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
feed.pghub.io
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
21    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    185.7.176.218 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
rek-n18.nktcdn.com
6    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
43    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
cm.g.doubleclick.net
13    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    2600:9000:2491:6000:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)
ads.w55c.net
1    154.58.197.185 (Philippines)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com
t.hspvst.com
1    192.229.233.53 (Granada Hills, United States)

ASN15133 (EDGECAST, US)
cti.w55c.net
1    3.125.249.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-249-165.eu-central-1.compute.amazonaws.com
i.w55c.net
23    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    54.76.83.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-83-155.eu-west-1.compute.amazonaws.com
match.360yield.com
3    213.19.147.45 (Castricum, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
11    18.203.131.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
s.h.w55c.net
6    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads4.g.doubleclick.net
6    18.158.240.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-240-157.eu-central-1.compute.amazonaws.com
d.adtriba.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    18.184.195.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-195-22.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    3.120.144.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-144-155.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    2a05:d018:d29:3601:1a95:7ea:ebf7:b0a7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
10    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2620:100:a001::c (None, )

ASN- ()
gum.criteo.com
1    178.250.7.13 (None, )

ASN- ()
mug.criteo.com
2    23.35.236.201 (None, )

ASN- ()
ads.pubmatic.com
1    151.101.65.108 (None, )

ASN- ()
acdn.adnxs.com
2    23.201.255.110 (None, )

ASN- ()
eus.rubiconproject.com
4    185.64.190.80 (None, )

ASN- ()
simage2.pubmatic.com
1    193.0.160.131 (None, )

ASN- ()
p.rfihub.com
4    185.64.189.110 (None, )

ASN- ()
image2.pubmatic.com
2    213.155.156.185 (None, )

ASN- ()
d5p.de17a.com
1    34.249.208.98 (None, )

ASN- ()
sync.crwdcntrl.net
2    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
1    34.111.131.239 (None, )

ASN- ()
idsync.frontend.weborama.fr
4    18.66.122.70 (None, )

ASN- ()
a.audrte.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
3    52.46.128.147 (None, )

ASN- ()
s.amazon-adsystem.com
3    67.220.228.201 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
3    35.241.34.106 (None, )

ASN- ()
c.4dex.io
Apex Domain
Subdomains		 Transfer
74 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
705 KB
74 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 357
363 KB
42 ye-mek.net
ye-mek.net — Cisco Umbrella Rank: 399852
cdn.ye-mek.net
605 KB
23 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 311
319 KB
21 virgul.com
static.virgul.com — Cisco Umbrella Rank: 63243
ng.virgul.com — Cisco Umbrella Rank: 65891
ng2.virgul.com — Cisco Umbrella Rank: 73693
270 KB
19 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 948
fastlane.rubiconproject.com — Cisco Umbrella Rank: 491
pixel.rubiconproject.com — Cisco Umbrella Rank: 352
eus.rubiconproject.com
token.rubiconproject.com
19 KB
15 w55c.net
ads.w55c.net — Cisco Umbrella Rank: 12668
cti.w55c.net — Cisco Umbrella Rank: 3749
i.w55c.net — Cisco Umbrella Rank: 2245
s.h.w55c.net — Cisco Umbrella Rank: 9407
pm.w55c.net — Cisco Umbrella Rank: 848
107 KB
15 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 506
image6.pubmatic.com — Cisco Umbrella Rank: 746
ads.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
28 KB
13 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
9 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
secure.adnxs.com — Cisco Umbrella Rank: 440
acdn.adnxs.com
29 KB
10 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax.amazon-adsystem.com — Cisco Umbrella Rank: 406
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
65 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 83
www.google.com — Cisco Umbrella Rank: 2
2 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 733
dis.criteo.com — Cisco Umbrella Rank: 674
gum.criteo.com
mug.criteo.com
9 KB
7 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1865
m.addthis.com
220 KB
6 adtriba.com
d.adtriba.com — Cisco Umbrella Rank: 75208
2 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
315 KB
6 adform.net
adx.adform.net — Cisco Umbrella Rank: 4323
c1.adform.net — Cisco Umbrella Rank: 585
dmp.adform.net
4 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1651
mp.4dex.io — Cisco Umbrella Rank: 2234
c.4dex.io
25 KB
4 audrte.com
a.audrte.com
2 KB
4 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448
ups.analytics.yahoo.com — Cisco Umbrella Rank: 301
2 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
1 KB
4 programattik.com
cpm.programattik.com — Cisco Umbrella Rank: 59847
565 B
4 windows.net
pcloak.blob.core.windows.net
3 KB
3 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
898 B
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 505
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 792
2 KB
3 nktcdn.com
rek-n18.nktcdn.com
30 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 7680
818 B
2 de17a.com
d5p.de17a.com
562 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 664
59 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 324
1 KB
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1307
484 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 817
s.tribalfusion.com — Cisco Umbrella Rank: 2073
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 949
r.turn.com — Cisco Umbrella Rank: 3697
869 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
2 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2410
811 B
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 60165
1 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 639
3 KB
2 imgiz.com
c1.imgiz.com — Cisco Umbrella Rank: 124947
131 KB
2 pghub.io
pghub.io — Cisco Umbrella Rank: 1834
feed.pghub.io — Cisco Umbrella Rank: 8229
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
89 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 13164
6 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 385
imasdk.googleapis.com — Cisco Umbrella Rank: 468
153 KB
2 cloakan.co
www.cloakan.co
1 KB
1 linkedin.com
px.ads.linkedin.com
649 B
1 crwdcntrl.net
sync.crwdcntrl.net
265 B
1 rfihub.com
p.rfihub.com
793 B
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 2155
1 KB
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1581
583 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3063
104 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 6378
555 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 740
465 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1173
574 B
1 hspvst.com
t.hspvst.com — Cisco Umbrella Rank: 214384
916 B
1 izlesene.com
rek.izlesene.com — Cisco Umbrella Rank: 441800
170 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1435
386 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 499
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
21 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
46 KB
0 demdex.net Failed
unilever.demdex.net Failed
0 brealtime.com Failed
biddr.brealtime.com Failed
0 emxdgt.com Failed
hb.emxdgt.com Failed
371 62
Domain Requested by
48 pagead2.googlesyndication.com static.virgul.com
pagead2.googlesyndication.com
08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
ye-mek.net
www.googletagservices.com
securepubads.g.doubleclick.net
pcloak.blob.core.windows.net
43 cm.g.doubleclick.net 16 redirects googleads.g.doubleclick.net
08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
ye-mek.net
40 cdn.ye-mek.net ye-mek.net
cdn.ye-mek.net
23 s0.2mdn.net pcloak.blob.core.windows.net
s0.2mdn.net
08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
21 tpc.googlesyndication.com 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
googleads.g.doubleclick.net
pcloak.blob.core.windows.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
13 dsum-sec.casalemedia.com 7 redirects googleads.g.doubleclick.net
13 securepubads.g.doubleclick.net static.virgul.com
securepubads.g.doubleclick.net
08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
www.googletagservices.com
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
pcloak.blob.core.windows.net
08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
googleads.g.doubleclick.net
11 s.h.w55c.net cti.w55c.net
s.h.w55c.net
10 ib.adnxs.com 4 redirects static.virgul.com
googleads.g.doubleclick.net
acdn.adnxs.com
9 static.virgul.com ye-mek.net
static.virgul.com
pcloak.blob.core.windows.net
7 ng.virgul.com static.virgul.com
ye-mek.net
ng2.virgul.com
pcloak.blob.core.windows.net
6 pixel.rubiconproject.com 4 redirects
6 d.adtriba.com 3 redirects 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
6 googleads4.g.doubleclick.net pcloak.blob.core.windows.net
googleads.g.doubleclick.net
6 www.google.com 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
6 www.googletagservices.com 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
6 fastlane.rubiconproject.com static.virgul.com
6 s7.addthis.com ye-mek.net
s7.addthis.com
5 ng2.virgul.com static.virgul.com
ye-mek.net
pcloak.blob.core.windows.net
5 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 token.rubiconproject.com 4 redirects
4 a.audrte.com 3 redirects ads.pubmatic.com
4 image2.pubmatic.com ads.pubmatic.com
4 simage2.pubmatic.com ads.pubmatic.com
4 match.adsrvr.org 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
static.virgul.com
ads.pubmatic.com
4 image6.pubmatic.com 3 redirects ads.pubmatic.com
4 dis.criteo.com 1 redirects 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
googleads.g.doubleclick.net
4 cpm.programattik.com static.virgul.com
4 pcloak.blob.core.windows.net pcloak.blob.core.windows.net
3 c.4dex.io pcloak.blob.core.windows.net
3 aax-eu.amazon-adsystem.com 2 redirects
3 s.amazon-adsystem.com 2 redirects
3 c1.adform.net 3 redirects
3 sync.mathtag.com 3 redirects
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 rek-n18.nktcdn.com ye-mek.net
pcloak.blob.core.windows.net
3 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 c.amazon-adsystem.com static.virgul.com
c.amazon-adsystem.com
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 eus.rubiconproject.com static.virgul.com
eus.rubiconproject.com
2 ads.pubmatic.com static.virgul.com
ads.pubmatic.com
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net static.virgul.com
static.criteo.net
2 ups.analytics.yahoo.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 x.bidswitch.net 2 redirects
2 rtb.openx.net 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
googleads.g.doubleclick.net
2 sync.1rx.io 2 redirects
2 match.360yield.com 2 redirects
2 gcm.ctnsnet.com 2 redirects
2 ap.lijit.com static.virgul.com
2 adx.adform.net static.virgul.com
2 script.4dex.io static.virgul.com
script.4dex.io
2 c1.imgiz.com static.virgul.com
c1.imgiz.com
2 connect.facebook.net ye-mek.net
connect.facebook.net
2 images.dmca.com ye-mek.net
2 ye-mek.net www.cloakan.co
ye-mek.net
2 www.cloakan.co pcloak.blob.core.windows.net
1 px.ads.linkedin.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 acdn.adnxs.com static.virgul.com
1 mug.criteo.com pcloak.blob.core.windows.net
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 dsp.adfarm1.adition.com 1 redirects
1 dclk-match.dotomi.com 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 s.tribalfusion.com ye-mek.net
1 a.tribalfusion.com 1 redirects
1 pm.w55c.net 1 redirects
1 cms.quantserve.com 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
1 r.turn.com ye-mek.net
1 ad.turn.com 1 redirects
1 secure.adnxs.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 i.w55c.net googleads.g.doubleclick.net
1 cti.w55c.net googleads.g.doubleclick.net
1 t.hspvst.com googleads.g.doubleclick.net
1 ads.w55c.net googleads.g.doubleclick.net
1 rek.izlesene.com 1 redirects
1 imasdk.googleapis.com c1.imgiz.com
1 feed.pghub.io pghub.io
1 bidder.criteo.com static.virgul.com
1 a.teads.tv static.virgul.com
1 prebid-server.rubiconproject.com static.virgul.com
1 mp.4dex.io static.virgul.com
1 hbopenbid.pubmatic.com static.virgul.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 pghub.io static.virgul.com
1 z.moatads.com s7.addthis.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com ye-mek.net
1 ajax.googleapis.com ye-mek.net
0 unilever.demdex.net Failed
0 biddr.brealtime.com Failed static.virgul.com
0 hb.emxdgt.com Failed static.virgul.com
371 102

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2023-03-22 -
2024-03-22		 a year crt.sh
cpanel.cloakan.co
R3		 2023-05-03 -
2023-08-01		 3 months crt.sh
www.ye-mek.net
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-29 -
2023-07-07		 7 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
1099124734.rsc.cdn77.org
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
images.dmca.com
R3		 2023-03-14 -
2023-06-12		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
*.virgul.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-24 -
2023-09-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-18 -
2023-05-19		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
*.imgiz.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-27 -
2023-09-09		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.programattik.com
GeoTrust RSA CA 2018		 2022-10-25 -
2023-10-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-31 -
2023-08-31		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.w55c.net
Amazon RSA 2048 M02		 2023-03-01 -
2023-07-27		 5 months crt.sh
*.hspvst.com
Gandi Standard SSL CA 2		 2022-12-12 -
2023-12-09		 a year crt.sh
ads.w55c.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-06 -
2023-06-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
h.w55c.net
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.nktcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-16 -
2023-11-06		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
c.4dex.io
GTS CA 1D4		 2023-05-04 -
2023-08-02		 3 months crt.sh

This page contains 45 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Frame ID: A4042FB54E39FA27ED92A3F90933425D
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: 9F420C5D0ACA8C063FB5BD87CA097CC4
Requests: 137 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 74AE1A6AA17BF6FA2CA569B763BE5BCD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: 51B46258DF427BCE89CCA0CF0BDFBB0B
Requests: 1 HTTP requests in this frame

Frame: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D3FC0CE6EAE7F7B5C80E8FBDBE91E941
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: E6AF0EE959FDCB3A5C34F71EC4986769
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875627775&bpp=4&bdt=848&idt=231&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&nras=1&correlator=4587312634858&frm=24&ife=1&pv=2&ga_vid=1195969361.1683875627&ga_sid=1683875628&ga_hid=1414178609&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759876%2C44759927%2C42532089%2C42532185%2C44759837%2C44788441%2C44789779&oid=2&pvsid=2648781072102199&tmod=300938915&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.j7vueekla53t&fsb=1&dtd=245
Frame ID: 67BB1EDB4149D357910EB6267375C48F
Requests: 1 HTTP requests in this frame

Frame: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 121BBC28F0EB25447588304E1E95ABB8
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BO9AI3MgE3rULBoQ3cmcu4sTxpXp9GEEKifR2phUTYWUy58W1owQPZQFuVIuurY4kYeJZSAKmXp2wdWT9b85twNExDelnnHSrRKT3UMrRznfXV7jRuslVy75_GKQjeoovn0_ebXTI2CgoaTEh3Ab2-oJMlHeXGHyvzdrvYyJtMOJ3uI3Q&cry=1&dbm_d=AKAmf-Dv4Qs1aM9iOfft3cJzeEHK8xUzA8M1ZllEg9GC_2eGrAQirTrJ3z6flgL84unvuFKndqkszE_kJNpuo62BxA8bKsZ8ItoCSC8HIAlZrdt2H9sxmeMz0VFdzi-hxR31tjMR-DsRmmGgUQERjUrbBn7PpHF-fKVZIPqExZ_Cq-Js7iNL9i8uBzeydwilXve_gbE2c22wdL4Ilwa9F346BC2V5LGMGIv62XaDKl5Ey3JGpUzPXg3KVnexJQwCIbFGLUQD5n57_Ny2vzxZiI68zx_gt8cVbnV3XyNjRUPIdWilqZZo7qrqzOOlghhEj9nYh3gjtxvrHWZSsycu7LddbIuugZR7S0G_fIIW81VM0HVmqjMARflvorPZ8N5HF5_Ya2ZmOQKV9GgJr6dLWwFXPzR6Hm4hWr7qBUVggrHEKEiBRM315q0wK7Qe-KWISlDrCZoV9kTOUg4H5HbRgUirXuncWKDzO2b8WjzWV99NIxc-Csm8R6lPq4GV7ofnG7zhFHuvB85EyzBP9M3nCNz0VJM9ORWGOg-vnkVqanpwlv1QT2YZIWt41bBPrka2BaT_CxKLjglXDSc6YiJ_T26iN6rvGj6t6NDZH4qfvkkuE5ng72oS1cDg5gl5Dh05KOpFQ3DK0hRWG-os9-wV0tN0YWKhYeA_i5y8OV6xE3gcR_BV3PqBIEPNU-fv7nh3pnnNT9vsg_BUmAgVni1pjkxqVY7j6J0utQeAvuI_9YIC2Qk2ABTqLBgv4mdBU_p--Oks-cr1ymHheRHqW0XdOLq1uMPRaRT9Y0CD30mM2GAsycasrggiWpfvSMqovaL8Y2zh7zogPse0DISl8JMjOo_81OmpK2ZDUfgaeVm3qVPhpiMHTo1rOI2SG5IiKTgYKeBpUAxmXuUVuvXAEAqkHok0J4ByMvpl_eYvOCByUC2Xy5JDnr1fsYpg_g1mV_oXdMhSExyW8-Or6x3Y1qUBNbdMhWezcEgN1uYkzSDtPF9ffpxGLVRbx-FituepD1nlehlRDnK_sEn7NLnzLz5gUXxGSzMEn-iA6oVySF-NB17ryxTcjPttqCxqEhRc5sgEcLNkQ8Mxk6ZmL4wfsY1vCVILwhim4bQbadIBHj3do4F1x66cOG8GQmfLFKk5YOq8omNC5sez4XhPo3we7RtTxl_oN4lfec4J-eHf7GpiuYjmRpavlae5sZ5P6ubRxx3-u1_RYXK8fPzjMmaITpVFyIZW9dA5XQuumA0sadr8G6WgpV3GGr9SZkQT0Gh0qRgOzB3muNXLjuSzPcPkVV_KoYMb-KNFaMaSvRVEXUlkk1LdRHk6I88dN9b0nOrexJF_BiWfdnN0Fr1u-MW79F7i2CNYXug_ZT599SkZaCCtLGyxK4ijDL1JBe6y1w6ZXNILKDUPHsafh3Xg1Yym1IQh9exaRl7cUc2DJu7PK-Y0-_ifp2DmhtN_Bsn-QQ2AsATDXJGhSQssJEvkBgSOiJPNpReGcyvyWFz1jt7YemXFOpW_svGLKVe9DfECG59feb8ikqR72FqQwGx9BEbLJ1jbH14YpBy4j1NOvPeih3B58KBz9ekLs9jSrSvFeW2tBhxd_0hrI1aAyHxfDosltaAweGFpRR4JNcxTeriVHbp2_NKthcNVVVW0hyXw1liaoyorVJgYp_GWVJ73k8d9PBi-Qej3FShfKK8xauW-1HqcIFUXzMRk9TmYZGrU8IO_6YPjNubgP-FXZByEOGHnQDkcSkleGM94L9NwaeNbq0I6FVbAZ3slQZmi7N5rSNfWe5crsm0J21Et-TraZ2gbi0A14mXH3LVSiWj5ln7oqWpoiPesJdTXyKtXjVlvhA8VfGVddQBrXK6wUYO6dz2mnIVb_HjjMJvaeCZ9wLlBrp7BPmrX_XNmO34bQ0NRMLFXW9M-DBhqBBQfGiw8lUJgnnFfU21ZJCoxRz-AM_JLlc1IjZppyrCwcUgMA1Jr6-SwCNkt1H85oRioO--aCsQS0dSwUKzVfbPpZAKn04rR-3gG0ew5wa115LNtHM86fsA94DNxSLZ1cw05vDoMn9HSukxLlX8hyV7z6jJBM3PlUBHURQG69542RmKxqOJ3E-L3dzvH-LFBBmK6FrirTJ3A3EKgf4AUWlqnSQOPw-P1bHfP3G8dqLCfNVPLwDL6F1GP3o9yR_ewAnEK7qqNjLg19ZI6ZvgPhrNchQUQ07Ku73DBPItfrEKORarPIViZERogiBjJF3wpwZJngOATw3pw0M_WsoxGz25loYHq8BPVQJeR1dgYG4E3ed_GkzNEZ5Vto8ZzDFH93ofNMlznHKQQhChwo_3-7yjGRmaQWccZOcv6NeE6MkuUycssQyJo49NbZOnLNUmmo_yXaJVk8SpoZh4S4p42c_2A4uQAtkCzPAD9alYEFnGQZpIJDJaYFQgENN2hd3rumCE0NC7CcvxwdQWtcT_yLPnxLlzuPJQFD0CSWNb5ar9SKLwme-AoK2w-dCs_fvpoVvzLLtqcr5T05bMVdqIayRnjLes2eWdPPlIUL25n5AcG55dUPBXkVutYnYAMEK7YMY82p0LP_2PpPFA-JH9rpzCh6I-ScywJZ3LPd9lrx-19AAkIyIM9M8G8fsfjWe1_bipkdn-xAxa4w58N8f21oaGu2AoJt7ugpeZQ8-clWh72jLmlVahmzV-pYFCPtSBNxLFPOtkc70BiehIosAoaJmxU_FuiO5Beluga6L-DXZY4gJ_epk0ZrxrCp23jZepefdm2NkzdemeRvonSI2X3AegB9hb90Ayf2i-HiHQbnAJjULADczhfcDeDTHS7T3TQL-ZD5h6kIL5dVJOIBxGhCQOC0jg1sedgUjFJyi68LNqDvXxSbpENu8NN4y5kIYVNNUGpU_-j1WANQGAds0OqGfrxQb4Sv2U2Sv0iQg-Rjr85qgcvP_bH7e1o1wVCxLIWkbKrh6cNKNEbYUsiVYK2dKEla2XYQyxQcuBqXLcfiYIBqLc8D24CQ2v3dK-UeM8FXdfAeJC2g2UHtqqhkaQpqWxbK83sY9oHyz86OT_Yp0qvOpqY1_0JK88CuMDutwuiHbTLZrkSWItvd4kMH8DrdIYUkYt73VzZUOSl_Lj_DopXiBUwzjACCCDfLXjzCpIYFBneu_OTbnz_-Np5bQTZEsS7AVTniza-XUkoyUXvDnuul5iFFA0nWiz1SICnhDdKUTrrMZjsLS66HXJ6wbdBDZ_e1PkCzKekRne6yazhJw-orALHbp9LEOX1bqzXUp3EEoBP7CmnjViZWCcQkZLxzdUEMb00uOZGKXeCblMrGDu4D7svS9XqJtNJ4kp92NUowtAf3SetKu1YruplIlRmJZIlEd5oWZQiR-ZKDlYcLwR84yTNsqW0VDMkT3T9H3r8OiUaeWm_M8abAkZwW-GhZZDxO-EsExRj2Lo2tBvu0mRXD98cLW4mZe_pGtbmycKYwmyVvAvOI4OgiAPxSckQJYwCVcHVw0SErtNWRpJWyJiB3psfyGF5GLZb56LMAgFpeyxxKXZ9dFqNoJ5zFsnwuaGK7A_y4IwtILoASOuLFjp-EiVqKSarHSH-200IGhHaXA_cR5Uf0iKI7ERck2YI44oteK-jxERc9CM8_pGT5oLTCoYwiEJCbbmJPqVlrTv_S2bDXJlvYngWOgNK9T7oPQ226wpluCGagf4rHHVjSvPeMXMPa255oEKwwy8OAO-IVIgGR8rhG3oYdtl5FQfM4UHIsbLWjCaDf2nylDinHjJhnIwprNcFTWmOAeC20zeRt96dHJgLSi4zf18iZ9YYX-4dIoFuATSjM25Xk3a6FFViPuqtvq0sw8-bSMlwSVBIqf_6tqpsbP9sgmM66yVNGR7F4Chpvjxyzc0jZnfxYNnuYXcwatqes76Owfkl1vG9wM902SrUcBlqRiwsnHQMa37r879BRyWJDS9IcjI2nGLiw3mzN3QiS3vJB-cDGsmTSoSrrgwFrpVQxeK0-j3lJd55UWkwE2cOj0d6f5fticfmh3ydH73I2LdpWFgZlVBRtMgAAltzHeCVCGau82gQarjxZCBv-azTH_mBtKYxRqK69sh2PaNlBsjDpNeJMdEVwCw3n4Efzco13ESor2b4P30VOW4B5T1Dn9DPJ8mEJ75PuMVnSBO70f3f8MX7Vd-Oz9Neb1Iqjk7FsAkCLwALPf7Bad_XJtSjsPQgbC3KlyfDVWLGqE9jMarwAYQSmMFmGyrq1_7ZoyEREIkCdztEVO-VkLwnyp_F1oXkiD69Pw1hVsnfiEqGkCAy00OiX96WiO7FBsCuVxNVOzTNdQCF0A93rpornmSOuqgcvjhthl-YrrZhQItAE_UilNNaT2rC_BIPQbGK&cid=CAQSOwBygQiDB5ZZSVClcGumwE5pIn_VV7XYB5BFE_32uRy5fJZu8Xa0Y4u_558BB6YhPIcvzsgxDTiLFLR7GAE
Frame ID: ED5B95ACD68E3BB951A07A8BF4C45E3C
Requests: 5 HTTP requests in this frame

Frame: https://ng2.virgul.com/adview?a=60b91f99e4b0b65b3ce7bc5b&t=pageskin:153493&r=153493@site_geneli@yemek_net:site_geneli&l=&mt=1683875627587&userId=vneta053d54b-47d2-4394-ad52-d3209bb3e68e&vmn=60b91f99e4b0b65b3ce7bc5b___1534931456252032
Frame ID: 224CA9819A42A2C792F8C2281425814B
Requests: 2 HTTP requests in this frame

Frame: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 8BC2E2F84895E9CD4D3646AA5BCF4687
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407280060&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628505&bpp=9&bdt=106&idt=236&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&nras=1&correlator=7072187039029&frm=8&ife=1&pv=2&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.64j4q3c9dm8y&fsb=1&dtd=254
Frame ID: DF5E0D97212889C15CAE7E994B4459EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Frame ID: 91ABD71CF769E8A324D848502A117DC7
Requests: 23 HTTP requests in this frame

Frame: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F644A5DFF57334D1446828727CE8A6A7
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNV4oEdkPqo3NyWGzwnvdQpaAuHWPxEux8iVUSX_ncfgVXK38u8PePtArBCoVOO_GKMR_WzhjYa0BIaByU2uF2JR5s_rujNBremT-WHBbn3DzoxZ9lZv2jPV8W_MkRXeRSTP_h-A_XkzukB5e2SyC8Q3i4P2szEJQzkOeynHWBZYC06Ngw0
Frame ID: 96CEB743ECFF53FA8D5DE74A3E8F66BD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUzyGs4oRq6UABSqf-_P_-GoghBq2GCYEDYI2PEhM6pcRT1bqtIVcatclTTWZdpvJQbl4bdzB2OUTn3GqqgZhHp9dGiEURRgwQH5R5v1iH-BMT-vtefSqhs8krInvhcLH8OXsmjwZV24A4R_3m0pxZfWT2rvkhos28c6ZQaJKvVuo1Fc5I
Frame ID: 57ADF6C0AA305A4E0A18AA0129BDE604
Requests: 5 HTTP requests in this frame

Frame: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: EF3D56632A5E4498FA6C2C59660B065C
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUqvf8pR_XMOuOCISh0uhq08tU2-JE2g857SQVJn4n7v2tmxvSrNoqiYI-clvE5IUuzAGfNOMWZYA-fOkJ0Q90g6ThaSPJ1MuVLkiBcjknCFLEsdAnLDWMDgRfTVLMvX7QGkrzuN0AF5JEWnhbEO8Vs2T44Yz6KJn_3eMsNZUlltfNzS88
Frame ID: 04FF896F62FAB59CE5438DA3D495B627
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 80396B2EFE5032E932169BB2FFFF5714
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 18E9C746F065D7983B15188DB6D1E3E2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FE3A944729F359EC1AC485DDC7FB8EED
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11799348657721538044/index.html
Frame ID: 11BF7A07C2A9CB4C7D3E17090F50CB5E
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E004B9EF06A3FC9CC2596E2810617B01
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
Frame ID: A6D131C21CA750D22CCD47E7A1B6C544
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5F582E5844D42BE027A5F0F110AACC74
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DFC6C39A861AE62D2CE755A9EC12B086
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 650565ECAABA261150EF1DE8113B758C
Requests: 3 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/308b6369-4373-4742-a108-bbb1c4b0d9be
Frame ID: B5D1504582561CEDDD35A5350E555247
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: F389D275D9640A9AFC1CF12D3BC613C9
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2A34657ECE033D0808D6502080BB99C0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Frame ID: 3D9C279B2AF48986C4BC8FF33A580FBE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EF36E4E39FDDD2BACD0330178DA07DC6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 228AEF529989BF5776A97026EBA39C87
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 363FA75BFFD733E5E25A670010748D34
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D83420BC5C49413A6370B3A5AC90742D
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 197279254CBB76DA5C67CEE5A347CC7B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Frame ID: DA774A42465DBB68745A38EC632F1902
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A6B89FF0AB25E675D0607B66DB13B7FC
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13442375
Frame ID: F151744A972097937838FEA6905A28F8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7C3F39EFEFBFA88C7BEF4296C9ECFA35
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:532e645d-e72d-4b00-8111-9e7618c3c741&gdpr=0&gdpr_consent=
Frame ID: 9F9E2BE90082A6EBD55DE5D9F5B7D447
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455419138778665
Frame ID: 34BAB38D8E7D2B87F395B179528D7811
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: D696B02BB5A8E04B84408A0536C10402
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3584376253566737382
Frame ID: CBEB2828AA59C1C1DFABC1D2A2D20C37
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1740212894709690222&gdpr=0&gdpr_consent=
Frame ID: A4A08E70A1EA780F85A3FCE41BC52C9D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

371
Requests

85 %
HTTPS

32 %
IPv6

62
Domains

102
Subdomains

74
IPs

11
Countries

3627 kB
Transfer

11683 kB
Size

42
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 130
  • https://rek.izlesene.com/mockups/philips/Philips_utu_DB.mp4 HTTP 302
  • https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4
Request Chain 156
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi4y8x-evL_irGqOvv5xOQ&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi4y8x-evL_irGqOvv5xOQ&google_cver=1&C=1
Request Chain 157
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZF3nLOeHDPsSilRSIOXp7gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATi1W6brcymJ2HyWxl4OKM&google_cver=1
Request Chain 158
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFBf8v5XrZjTpVPp2yCVOi0&google_cver=1
Request Chain 159
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0MDIxMjg5NDcwOTY5MDIyMg%3D%3D
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGo3BY-wWvPTRrI4FN-Avtw&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGo3BY-wWvPTRrI4FN-Avtw&google_cver=1&C=1
Request Chain 164
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZF3nLOeHDPsSilRSIOXp7gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATi1W6brcymJ2HyWxl4OKM&google_cver=1
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMW8i32YnC2l5_b4mcxu6GU&google_cver=1
Request Chain 166
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0MDIxMjg5NDcwOTY5MDIyMg%3D%3D
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATi1W6brcymJ2HyWxl4OKM&google_cver=1
Request Chain 193
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZF3nLOeHDPsSilRSIOXp7wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATi1W6brcymJ2HyWxl4OKM&google_cver=1
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDHzu-oQ061ff_5EnX7J6sg&google_cver=1
Request Chain 195
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0MDIxMjg5NDcwOTY5MDIyMg%3D%3D
Request Chain 209
  • https://um.simpli.fi/gp_match?google_gid=CAESEIpLav3D4RmQHOmMLIqgDqs&google_cver=1&google_push=ATf1kGPih1a1LrUhBfdMnU4u8DsKEdLYctbJauMHk9B2aTDpKqnNGEYs04yEHlSJoaLqpmrUGUSjyPrbOc-fgQUp3zUZXEO9H5qA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=69E41AC40F32434298C79ABCBC4EE3DE&google_push=ATf1kGPih1a1LrUhBfdMnU4u8DsKEdLYctbJauMHk9B2aTDpKqnNGEYs04yEHlSJoaLqpmrUGUSjyPrbOc-fgQUp3zUZXEO9H5qA
Request Chain 210
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDYJogyAtFsEbMotPvwlqgk&google_cver=1&google_push=ATf1kGP-AHRoi5_6hnY7SYWYOG53kJqQTZ8KVRAJ0atJ76Z1l8rlYGtHzM-1b7_z1Fihrxq_-g2QKjGgzWjW_MBALconlP9zOgA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGP-AHRoi5_6hnY7SYWYOG53kJqQTZ8KVRAJ0atJ76Z1l8rlYGtHzM-1b7_z1Fihrxq_-g2QKjGgzWjW_MBALconlP9zOgA&google_hm=yxTPFXxITMKyyrFoVnLDmbg
Request Chain 212
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELgmiAhXFZkF8CpK23-Ag-w&google_cver=1&google_push=ATf1kGMIhHZt4b2NXal8tZnx9uW0ItFn6yQEqSYbqc_1eHVohQFKIaMuOVeTzSPCYeTMWHfpzIoDdAC-z97E0omZRfGBNqhdmh3O HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELgmiAhXFZkF8CpK23-Ag-w&google_cver=1&google_push=ATf1kGMIhHZt4b2NXal8tZnx9uW0ItFn6yQEqSYbqc_1eHVohQFKIaMuOVeTzSPCYeTMWHfpzIoDdAC-z97E0omZRfGBNqhdmh3O&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mBqurFgRTcKQrA6cg4hnxQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMIhHZt4b2NXal8tZnx9uW0ItFn6yQEqSYbqc_1eHVohQFKIaMuOVeTzSPCYeTMWHfpzIoDdAC-z97E0omZRfGBNqhdmh3O
Request Chain 213
  • https://match.360yield.com/match/ebda?google_gid=CAESEGUqfhqQWoK1eQ6MYA85c1w&google_cver=1&google_push=ATf1kGPVQwkDtvyuHFe0xzImb_vOErn2iKN2fSeuzT85m3l9J8lLfWwiF3ortteGi5wvBV8CTFPFO795QNvbSU-sMIn1ALIfHzx7 HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGUqfhqQWoK1eQ6MYA85c1w&google_cver=1&google_push=ATf1kGPVQwkDtvyuHFe0xzImb_vOErn2iKN2fSeuzT85m3l9J8lLfWwiF3ortteGi5wvBV8CTFPFO795QNvbSU-sMIn1ALIfHzx7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kwvJpEhZQsiZ8BP7zEu7qw&google_push=ATf1kGPVQwkDtvyuHFe0xzImb_vOErn2iKN2fSeuzT85m3l9J8lLfWwiF3ortteGi5wvBV8CTFPFO795QNvbSU-sMIn1ALIfHzx7
Request Chain 214
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKIsO6-yCoj5v45bbUoM0RE&google_cver=1&google_push=ATf1kGPO9bse9GV0HRcuyl88uLkKOONAPoLbRT8sSUjfk10svYDwj1kqaQXwiZV8tiGwUW3HxX7TuT7CBBQFmRlBM36ovirqDtMM HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGPO9bse9GV0HRcuyl88uLkKOONAPoLbRT8sSUjfk10svYDwj1kqaQXwiZV8tiGwUW3HxX7TuT7CBBQFmRlBM36ovirqDtMM&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1683875629234 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-aaa96378-137a-4b01-8d45-67d34c274f62-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGPO9bse9GV0HRcuyl88uLkKOONAPoLbRT8sSUjfk10svYDwj1kqaQXwiZV8tiGwUW3HxX7TuT7CBBQFmRlBM36ovirqDtMM%26google_hm%3DA6qpY3gTeksBjUVn00wnT2I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPO9bse9GV0HRcuyl88uLkKOONAPoLbRT8sSUjfk10svYDwj1kqaQXwiZV8tiGwUW3HxX7TuT7CBBQFmRlBM36ovirqDtMM&google_hm=A6qpY3gTeksBjUVn00wnT2I
Request Chain 215
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEM9vEOoREgyl0WzBtv6boY0&google_cver=1&google_push=ATf1kGM8lAn44tWF6jy-8946fzTGvcbQYRN-cWM8BrZJ7wjnmrFoT-aORzXk-RcJdHW_ipsJOKG_LLWNAqmEcAsJMAJTs4MgATEIHg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTc0MDIxMjg5NDcwOTY5MDIyMg%3D%3D&google_gid=CAESEM9vEOoREgyl0WzBtv6boY0&google_cver=1&google_push=ATf1kGM8lAn44tWF6jy-8946fzTGvcbQYRN-cWM8BrZJ7wjnmrFoT-aORzXk-RcJdHW_ipsJOKG_LLWNAqmEcAsJMAJTs4MgATEIHg
Request Chain 220
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202210_es_hunger_dv_pros_347628237&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 226
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202210_es_hunger_dv_pros_347628237&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 231
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202210_es_hunger_dv_pros_347628237&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 233
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDgdpVbzgkFATWwYLu1VtC4&google_cver=1&google_push=ATf1kGODwTxsusAYMrDJNqHX_Yge4feK3VsLWNi_0vyljAtGCBTdwLNm12eBoSQDOXROUwuuntOJ-R34Ta2hx1W4MBcLKr4Bh5Tt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTE3MDYyMzMwMTMxMjg3NDAzMw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFj5IAPE7JmaGf3Fst9Lrgo&google_cver=1
Request Chain 235
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIRV2Q0F2djuBNZXTFZgRmE&google_cver=1&google_push=ATf1kGO5sb7znNe44VsX48xcjaoeHcW2-HCdNCHBIsK3d0unVh8KEfDIyD2R3Z-tEBZwmNxQIyk1-8xgWJXrETizDgmZDOKf2JtqOA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZGZmMHgzV0UxUFhtWWw1&google_gid=CAESEIRV2Q0F2djuBNZXTFZgRmE&google_cver=1&google_push=ATf1kGO5sb7znNe44VsX48xcjaoeHcW2-HCdNCHBIsK3d0unVh8KEfDIyD2R3Z-tEBZwmNxQIyk1-8xgWJXrETizDgmZDOKf2JtqOA
Request Chain 236
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEEoYdhf2Cf3lRIZqTAIeHww&google_cver=1&google_push=ATf1kGO3f3YFbX3KG4GxcKQkm6ey65a90vy8OlCw1S0iAcAOLsNLUTrUQU-J-j8a1YtVqsHgDSi8Im_k2PVm_geXi_rzA5PeLg-L&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO3f3YFbX3KG4GxcKQkm6ey65a90vy8OlCw1S0iAcAOLsNLUTrUQU-J-j8a1YtVqsHgDSi8Im_k2PVm_geXi_rzA5PeLg-L%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEoYdhf2Cf3lRIZqTAIeHww&google_cver=1&google_push=ATf1kGO3f3YFbX3KG4GxcKQkm6ey65a90vy8OlCw1S0iAcAOLsNLUTrUQU-J-j8a1YtVqsHgDSi8Im_k2PVm_geXi_rzA5PeLg-L&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO3f3YFbX3KG4GxcKQkm6ey65a90vy8OlCw1S0iAcAOLsNLUTrUQU-J-j8a1YtVqsHgDSi8Im_k2PVm_geXi_rzA5PeLg-L%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 245
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBAXAQImgBxV6_BMcRNElQc&google_cver=1&google_push=ATf1kGOJcvNs7SOA-duUgxkfLtzClPogzluRXaWsNjarGSVhAGqSrMZNjXdQrrfLdSn8KZk3pmsZ0ksbvQFmaOiIQ5bptwFHjSBHFmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOJcvNs7SOA-duUgxkfLtzClPogzluRXaWsNjarGSVhAGqSrMZNjXdQrrfLdSn8KZk3pmsZ0ksbvQFmaOiIQ5bptwFHjSBHFmo
Request Chain 246
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEA-c1bunoqvT2vP6JVQtnSI&google_cver=1&google_push=ATf1kGMzSKeuYsk1UErXosldB-vqOtAJuK_sPHQgJj8pD0sw-DB6crMLZRoej5XztZdukO565pdgTKF7R6n4su7d6QtwOPfqqlcW4lM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMzSKeuYsk1UErXosldB-vqOtAJuK_sPHQgJj8pD0sw-DB6crMLZRoej5XztZdukO565pdgTKF7R6n4su7d6QtwOPfqqlcW4lM&google_hm=yxTPFXxITMKyyrFoVnLDmbg
Request Chain 247
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBl51XH-xih1DywBxauG1qY&google_cver=1&google_push=ATf1kGOb2ZvhTMlYRj9rQeiYT8wo79tUdLRanh7rUGlqL9sRloS5nwgdddEHnoT6vBsRXvUEZ1XFj38Edw5Y55K11FY0-8_YJA3-xfs HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6Yt0YjJTQxmsn9CWhEyoPA2&google_push=ATf1kGOb2ZvhTMlYRj9rQeiYT8wo79tUdLRanh7rUGlqL9sRloS5nwgdddEHnoT6vBsRXvUEZ1XFj38Edw5Y55K11FY0-8_YJA3-xfs
Request Chain 248
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGbHi5P7KcqF_pWj87itvvo&google_cver=1&google_push=ATf1kGPpKugb-L6IiOp_o64PmjnBrGBGz564sQCJP_ssXynXv5Ux9VgO9s8znTlfbo5grVNpf7VeBb74iEdjWaHlkjHJ_LHH_a14sQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGbHi5P7KcqF_pWj87itvvo&google_cver=1&google_push=ATf1kGPpKugb-L6IiOp_o64PmjnBrGBGz564sQCJP_ssXynXv5Ux9VgO9s8znTlfbo5grVNpf7VeBb74iEdjWaHlkjHJ_LHH_a14sQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPpKugb-L6IiOp_o64PmjnBrGBGz564sQCJP_ssXynXv5Ux9VgO9s8znTlfbo5grVNpf7VeBb74iEdjWaHlkjHJ_LHH_a14sQ&google_hm=8Ux7x1z6RrmjZ7ediWrg2A==
Request Chain 249
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIiPadBqG7WZhEINk2a1Umk&google_cver=1&google_push=ATf1kGMSOZkLPTZlfW2PcnuYE_I0ukIaY7mEEEpFraZZf9DIKskQOEbF7iVUdRwqrwvrBn1IZzGlKSEZKmqintlTBn_1i8GRc9zsIw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMSOZkLPTZlfW2PcnuYE_I0ukIaY7mEEEpFraZZf9DIKskQOEbF7iVUdRwqrwvrBn1IZzGlKSEZKmqintlTBn_1i8GRc9zsIw&google_hm=eS1UaWwuVFRoRTJwSElOQUdrRVhYX2pTdERZejVqbDJyWX5B
Request Chain 269
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDXtKSRhhIQyWnUAkqs0ORk&google_cver=1&google_push=ATf1kGO7J81od5PhXCMy093Cz0fNneZEWxBCI8On47HyRIz5hfrtzp8QcVImzQ3OPgYqTaoP2XMbmuIQVSyMGM_6yntotqdB9ilB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO7J81od5PhXCMy093Cz0fNneZEWxBCI8On47HyRIz5hfrtzp8QcVImzQ3OPgYqTaoP2XMbmuIQVSyMGM_6yntotqdB9ilB
Request Chain 270
  • https://um.simpli.fi/gp_match?google_gid=CAESECOEGreAVPymI8Vl-00BOSU&google_cver=1&google_push=ATf1kGMIRQ_xrN84jCAo0bc7DbGYmbBIIqV0etm4gtTT_e1anDMBOsTqQQh4HhXxXP6J_fHo-fy3TR82BaAAchaj9aOe5e3gJvNm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=69E41AC40F32434298C79ABCBC4EE3DE&google_push=ATf1kGMIRQ_xrN84jCAo0bc7DbGYmbBIIqV0etm4gtTT_e1anDMBOsTqQQh4HhXxXP6J_fHo-fy3TR82BaAAchaj9aOe5e3gJvNm
Request Chain 271
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEM1p2tiC4tusaFy5qxNOeiI&google_cver=1&google_push=ATf1kGMBkBGvenb3DCuIuCXyaFG6rUUK3eHDaNUuvjiuTh70yqNhVyuUs352-Ltbixmh78fmCEoNSofUhLNAaFA6Nhv5nYgMywk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjE5MDc1NzA5NzM3MTgwMA%3D%3D&google_push=ATf1kGMBkBGvenb3DCuIuCXyaFG6rUUK3eHDaNUuvjiuTh70yqNhVyuUs352-Ltbixmh78fmCEoNSofUhLNAaFA6Nhv5nYgMywk
Request Chain 272
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPPCpM0ywyST_HD3mAyq0Is&google_cver=1&google_push=ATf1kGN8n1mOOT8f9tdf0wL5lslPz8rC5ylkCElGwvbpNvoSLeGIVut5QWIfiRlTQPrO5Vxib2Pk2MBcr6cp0Yk2U-Hwh0n0BYhi HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPPCpM0ywyST_HD3mAyq0Is&google_cver=1&google_push=ATf1kGN8n1mOOT8f9tdf0wL5lslPz8rC5ylkCElGwvbpNvoSLeGIVut5QWIfiRlTQPrO5Vxib2Pk2MBcr6cp0Yk2U-Hwh0n0BYhi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4ODkwODEzODczNjM1NDgxMQ&google_push=ATf1kGN8n1mOOT8f9tdf0wL5lslPz8rC5ylkCElGwvbpNvoSLeGIVut5QWIfiRlTQPrO5Vxib2Pk2MBcr6cp0Yk2U-Hwh0n0BYhi
Request Chain 273
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF17QCMJpLv9kAsO6NRWK6Q&google_cver=1&google_push=ATf1kGMs0Y9CRPe_YO4RxEz0zLna7i9OyH_jAF4SwgSRNJ5GDR3wUEA00WRcbXHsqOSdAmzw-ZatQhdO32UCt25Dt1o8-Cz9Qhw0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhLODJNMkItVS1INDhX&google_push=ATf1kGMs0Y9CRPe_YO4RxEz0zLna7i9OyH_jAF4SwgSRNJ5GDR3wUEA00WRcbXHsqOSdAmzw-ZatQhdO32UCt25Dt1o8-Cz9Qhw0
Request Chain 274
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIS_bQN8vxr1e70MmGoQw58&google_cver=1&google_push=ATf1kGPmdHlLxGDRcH4KXp_oMAlZlV-D_k14UbviIYETeKUyhrXjBmPiH0z3VKjF5FF1xURNJB500hqXWFXaHcElF0aSNNQbgU15Qw HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIS_bQN8vxr1e70MmGoQw58&google_cver=1&google_push=ATf1kGPmdHlLxGDRcH4KXp_oMAlZlV-D_k14UbviIYETeKUyhrXjBmPiH0z3VKjF5FF1xURNJB500hqXWFXaHcElF0aSNNQbgU15Qw&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kZkpYRlFKRTJ1SHpCSkkwWUNsbFJYZXRfbFVaeWIuN35B&google_push=ATf1kGPmdHlLxGDRcH4KXp_oMAlZlV-D_k14UbviIYETeKUyhrXjBmPiH0z3VKjF5FF1xURNJB500hqXWFXaHcElF0aSNNQbgU15Qw
Request Chain 334
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=doY0AXxkOVlRRjVvbDNWYloyV2NaWTVzTXM0Y1Npc2Q0cHNLQWxheVZMVlVBSk4yVGZiYjBOSjkrRWhsOUQyNnNxUk9OUFdnelp1UUxLU3dkUGN6R3ROb0M3S3hxd1NHWnpldWhrS3VYSk42REhNSGxkWVM2YTBjUlA4YVJwdjRoemh2K3ZoNEJyWVF2QzQydjREdm45RWtKVE1ENnVQc3B5b2tFN2U0NVozY3hqcm1kNHA1WGZTU2pJa3NPWEFROXVVcWlHZVNUL29IUk5UVS9pT0U5UEMyOGJNdHhMS240S0QvWnV3U2hMR2V1VGM5ZkdycG14R25nY1Z6RTJTdFVqUXQwbVozYVhVNWdLQ0hzMHoyNDhPQzBzaHg2TGkwOFpCV3ZtR1Zjb3BRNGo4ND18&cppv=2
Request Chain 350
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:532e645d-e72d-4b00-8111-9e7618c3c741&gdpr=0&gdpr_consent=
Request Chain 351
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455419138778665
Request Chain 352
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 353
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3584376253566737382
Request Chain 354
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1740212894709690222&gdpr=0&gdpr_consent=
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mBqurFgRTcKQrA6cg4hnxQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 357
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1086327568 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=981AAEAC-5811-4DC2-90AC-0E9C838867C5
Request Chain 358
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=981AAEAC-5811-4DC2-90AC-0E9C838867C5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NWltTmQ1Y1VnLThRQ1dacktvQ01KT01qZw==&google_redir=http%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W3sibmFtZSI6ImFkZm9ybSJ9XX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W3sibmFtZSI6ImFkZm9ybSJ9XX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W119&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4088908138736354811&r=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W119 HTTP 302
  • https://a.audrte.com/p
Request Chain 359
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTgxQUFFQUMtNTgxMS00REMyLTkwQUMtMEU5QzgzODg2N0M1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJU246iTr4QzwImBr3H9Kqo&google_cver=1
Request Chain 362
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4088908138736354811
Request Chain 364
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ZjfNv5IYaNVK4sskfpVJyQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ShXVhx1E2oLTkeDekjkrMOaBgNR2yA9OfOrpcg--~A
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJyz_7F6ido4XyB1k3_XrPk&google_cver=1
Request Chain 366
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHK82M2B-U-H48W
Request Chain 367
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GhTxcln3TcCnSvnevFYnwQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GhTxcln3TcCnSvnevFYnwQ
Request Chain 369
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhLODJNMkItVS1INDhX HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJskVG08LAYCFzPkfAGuyzA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhLODJNMkItVS1INDhX&google_push=
Request Chain 370
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=e5EPSTEKTBGSZSTpyWmZ8A&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=e5EPSTEKTBGSZSTpyWmZ8A
Request Chain 371
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjlmODA2NjQ0ZDdjY2JmYWVmZjUzZTJhZDJlN2FjM2JmZTM5ZDVmMw

371 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6x6uf5z9e3262.html
pcloak.blob.core.windows.net/web/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
1324
Content-MD5
XPHdOVCmWyxrVVstkB9xGw==
Content-Type
text/html
Date
Fri, 12 May 2023 07:13:45 GMT
ETag
0x8DB304DFD1C41BC
Last-Modified
Wed, 29 Mar 2023 12:06:12 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
9354d28b-501e-0033-07a1-841da6000000
x-ms-version
2009-09-19
jquery.min.js
pcloak.blob.core.windows.net/web/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-request-id
9354d2f9-501e-0033-67a1-841da6000000
Date
Fri, 12 May 2023 07:13:45 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
cloakan.js
pcloak.blob.core.windows.net/web/ 		308 B
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 12 May 2023 07:13:45 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
zPiKctHo6j8i1UGOFPpInw==
ETag
0x8DA4D4A263C11C2
Content-Type
text/javascript
x-ms-request-id
9354d3d7-501e-0033-38a1-841da6000000
x-ms-version
2009-09-19
Content-Length
308
style.css
pcloak.blob.core.windows.net/web/ 		166 B
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pcloak.blob.core.windows.net/web/style.css
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 12 May 2023 07:13:45 GMT
Last-Modified
Mon, 13 Jun 2022 14:36:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
9ruAIrm4XHnQO3/sM8J0AQ==
ETag
0x8DA4D4A26527CA0
Content-Type
text/css
x-ms-request-id
9354d382-501e-0033-68a1-841da6000000
x-ms-version
2009-09-19
Content-Length
166
px.php
www.cloakan.co/ 		743 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/px.php?id=6x6uf5z9e3262
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:46 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
404
nv.php
www.cloakan.co/ 		232 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
stilgar.wlsrv.com
Software
LiteSpeed / PHP/7.3.33
Resource Hash
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pcloak.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:46 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.3.33
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
112
/
ye-mek.net/ Frame 9F42 		76 KB
76 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/
Requested by
Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x6uf5z9e3262-m
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
46f0cc2e9c125cb90661c6b6a21f72fae9ae4f908b1874e189fe9fa1927fe4f0

Request headers

Referer
https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
77504
content-type
text/html; charset=utf-8
date
Fri, 12 May 2023 07:13:46 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 9F42 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 12:36:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 May 2024 12:36:30 GMT
yemeknet.js
ye-mek.net/js/ Frame 9F42 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ye-mek.net/js/yemeknet.js?v=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Fri, 12 May 2023 07:13:46 GMT
content-encoding
br
last-modified
Tue, 20 Aug 2019 13:15:54 GMT
server
Microsoft-IIS/10.0
etag
"0a144655957d51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=691200
accept-ranges
bytes
content-length
2179
maincss.css
cdn.ye-mek.net/ Frame 9F42 		40 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ye-mek.net/maincss.css?v=434
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
2066185
x-accel-date
1681809442
x-77-nzt
AcO1ryc7bUj/CYcfAA
x-accel-expires
@1713345442
last-modified
Tue, 24 Nov 2020 00:00:32 GMT
server
CDN77-Turbo
etag
W/"5fbc4d20-9e5b"
x-77-nzt-ray
25b021316aa253c62be75d64c9f84205
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ Frame 9F42 		116 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-38733763-1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4900d8728f3bf4dcdd3eef34e5ccfa3e10485f28aea8ff6e8de2a18068890982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46266
x-xss-protection
0
last-modified
Fri, 12 May 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 May 2023 07:13:47 GMT
searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame 9F42 		542 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2066227
x-accel-date
1681809400
content-length
542
x-77-nzt
AcO1rydygpn/M4cfAA
x-accel-expires
@1713345400
last-modified
Sat, 22 Oct 2022 20:00:57 GMT
server
CDN77-Turbo
etag
"63544bf9-21e"
x-77-nzt-ray
25b021316aa253c62be75d640ac18907
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ara.png
cdn.ye-mek.net/App_UI/Img/ Frame 9F42 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2066186
x-accel-date
1681809441
content-length
1651
x-77-nzt
AcO1ryfXemP/CocfAA
x-accel-expires
@1713345441
last-modified
Mon, 14 May 2018 22:41:08 GMT
server
CDN77-Turbo
etag
"5afa1084-673"
x-77-nzt-ray
25b021316aa253c62be75d64fe8ccb07
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
taze-bakla-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 9F42 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/taze-bakla-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d3c70a5ecb1b5c16ddff716d6a83d189efa57a07c4210acf01c978093e3a80eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
34405
x-accel-date
1683841222
content-length
15403
x-77-nzt
AcO1rye4cd7/ZYYAAA
x-accel-expires
@1715377222
last-modified
Thu, 11 May 2023 20:25:52 GMT
server
CDN77-Turbo
etag
"645d4f50-3c2b"
x-77-nzt-ray
25b021316aa253c62be75d64b1a5cf07
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
zeytinyagli-bezelye-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 9F42 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/zeytinyagli-bezelye-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0210c85818d68e70d5b2b7173b9c3ae65774adee772ad11018f968403f1abcc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
116510
x-accel-date
1683759117
content-length
17312
x-77-nzt
AcO1rydjgoD/HscBAA
x-accel-expires
@1715295117
last-modified
Wed, 10 May 2023 22:21:12 GMT
server
CDN77-Turbo
etag
"645c18d8-43a0"
x-77-nzt-ray
25b021316aa253c62be75d64f978dd07
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ic-bakla-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 9F42 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ic-bakla-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fcc58cc9d4be09fdd40a74ca3a453622a269f2bdd1c598a863f54d2bd07a2126

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
204430
x-accel-date
1683671197
content-length
16203
x-77-nzt
AcO1ryc7kqj/jh4DAA
x-accel-expires
@1715207197
last-modified
Tue, 09 May 2023 22:05:32 GMT
server
CDN77-Turbo
etag
"645ac3ac-3f4b"
x-77-nzt-ray
25b021316aa253c62be75d64b8f5e007
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
karnabahar-yapragi-corbasi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/05/ Frame 9F42 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/05/karnabahar-yapragi-corbasi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3f064267c64c1eeca604b20f9d60538c32c14e90528441d0524c2f30161f8b47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
290162
x-accel-date
1683585465
content-length
14031
x-77-nzt
AcO1rye9/Zr/cm0EAA
x-accel-expires
@1715121465
last-modified
Mon, 08 May 2023 22:19:39 GMT
server
CDN77-Turbo
etag
"6459757b-36cf"
x-77-nzt-ray
25b021316aa253c62be75d64c070e307
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuk-kroket-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/05/ Frame 9F42 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/05/tavuk-kroket-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
05c72250b7b0da8e896799e32f88440d53848a083665b797629e25bad1bde6fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2065529
x-accel-date
1681810098
content-length
14613
x-77-nzt
AcO1ryfrQQj/eYQfAA
x-accel-expires
@1713346098
last-modified
Thu, 26 May 2022 23:00:23 GMT
server
CDN77-Turbo
etag
"62900687-3915"
x-77-nzt-ray
25b021316aa253c62be75d642e09e507
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-sebzeli-tavuk-sote-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/11/ Frame 9F42 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/11/firinda-sebzeli-tavuk-sote-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b2ecd92de7982ef4ffd3778b02d62aaef7341b3c9ac5f4e53e749a9bde702119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2065299
x-accel-date
1681810328
content-length
13621
x-77-nzt
AcO1rycFikv/k4MfAA
x-accel-expires
@1713346328
last-modified
Sat, 16 Nov 2019 21:54:33 GMT
server
CDN77-Turbo
etag
"5dd07019-3535"
x-77-nzt-ray
25b021316aa253c62be75d6499b3e607
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
katikli-dolma-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 9F42 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/katikli-dolma-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4db3292f4d48701915b46f5de3cc365ad20985486373d51af771c1e3d9ce7baa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2065929
x-accel-date
1681809698
content-length
14462
x-77-nzt
AcO1rycqk3f/CYYfAA
x-accel-expires
@1713345698
last-modified
Fri, 08 May 2020 02:12:32 GMT
server
CDN77-Turbo
etag
"5eb4c010-387e"
x-77-nzt-ray
25b021316aa253c62be75d642b56e807
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-kofteli-patates-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/06/ Frame 9F42 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/06/firinda-kofteli-patates-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fcc8d02d1890db4b4310e06955eb7c309069e9672717fe97e043d6114cd105ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2065233
x-accel-date
1681810394
content-length
12649
x-77-nzt
AcO1ryceYCD/UYMfAA
x-accel-expires
@1713346394
last-modified
Wed, 01 May 2019 23:19:29 GMT
server
CDN77-Turbo
etag
"5cca2981-3169"
x-77-nzt-ray
25b021316aa253c62be75d64b03a7e08
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
yufkadan-findik-lahmacun-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/01/ Frame 9F42 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/01/yufkadan-findik-lahmacun-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d82c4906e4b728e92a7fcec80c1f8bcb5b16502d30a9de09a361dc503a70145a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2066118
x-accel-date
1681809509
content-length
16684
x-77-nzt
AcO1ryeCKTT/xoYfAA
x-accel-expires
@1713345509
last-modified
Wed, 01 May 2019 22:52:17 GMT
server
CDN77-Turbo
etag
"5cca2321-412c"
x-77-nzt-ray
25b021316aa253c62be75d6453298108
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
pirasa-diblesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/01/ Frame 9F42 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/01/pirasa-diblesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7d9fcac1fb7114def5ff3d03c471a461834e48dd9bdeb94f803a76bfe01a3a37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2058696
x-accel-date
1681816931
content-length
13230
x-77-nzt
AcO1ryd3Rab/yGkfAA
x-accel-expires
@1713352931
last-modified
Sun, 01 Jan 2023 20:33:18 GMT
server
CDN77-Turbo
etag
"63b1ee0e-33ae"
x-77-nzt-ray
25b021316aa253c62be75d64fc4c8308
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
hatay-usulu-acuka-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/02/ Frame 9F42 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/02/hatay-usulu-acuka-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d36dfe6d6d9da7b8fca74c7e5587a057a719eed2d2d1eae4fcd7af0e2d12f21f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2065625
x-accel-date
1681810002
content-length
13255
x-77-nzt
AcO1rye8okT/2YQfAA
x-accel-expires
@1713346002
last-modified
Thu, 03 Feb 2022 00:09:16 GMT
server
CDN77-Turbo
etag
"61fb1d2c-33c7"
x-77-nzt-ray
25b021316aa253c62be75d64f45e8508
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
gendime-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/05/ Frame 9F42 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/05/gendime-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9133b1a03fbaae9ea9cc0430b15c8f9a20dbff26288ab9eef75a9959d775c6ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2066195
x-accel-date
1681809432
content-length
9686
x-77-nzt
AcO1rydANCr/E4cfAA
x-accel-expires
@1713345432
last-modified
Wed, 15 May 2019 23:07:19 GMT
server
CDN77-Turbo
etag
"5cdc9ba7-25d6"
x-77-nzt-ray
25b021316aa253c62be75d64b13b8708
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
karbonatli-kofte-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/06/ Frame 9F42 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/06/karbonatli-kofte-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f22e44016410fdcef01a56b89401973c22cc1d5fc740e615ed904add45ad7ffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2065929
x-accel-date
1681809698
content-length
13173
x-77-nzt
AcO1rydTZWz/CYYfAA
x-accel-expires
@1713345698
last-modified
Wed, 01 May 2019 23:00:46 GMT
server
CDN77-Turbo
etag
"5cca251e-3375"
x-77-nzt-ray
25b021316aa253c62be75d64e50d8908
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ev-usulu-firinda-urfa-kebap-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/10/ Frame 9F42 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2015/10/ev-usulu-firinda-urfa-kebap-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fb9ee137734c9d4933d908d02325dc37c4dd86dd58614a2c7d9d5a01890aefd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2065187
x-accel-date
1681810440
content-length
12802
x-77-nzt
AcO1ryesvD3/I4MfAA
x-accel-expires
@1713346440
last-modified
Wed, 01 May 2019 22:49:22 GMT
server
CDN77-Turbo
etag
"5cca2272-3202"
x-77-nzt-ray
25b021316aa253c62be75d644e8d8a08
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tas-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/10/ Frame 9F42 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/10/tas-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2064708
x-accel-date
1681810919
content-length
10807
x-77-nzt
AcO1ryfxAl3/RIEfAA
x-accel-expires
@1713346919
last-modified
Wed, 01 May 2019 23:24:41 GMT
server
CDN77-Turbo
etag
"5cca2ab9-2a37"
x-77-nzt-ray
25b021316aa253c62be75d64c70e8c08
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
kislik-kavurma-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/03/ Frame 9F42 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/03/kislik-kavurma-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
34036b7ceed88b75d9cf9fcc6b414372042896bcc28954b304766f6f1bf8e8bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2064997
x-accel-date
1681810630
content-length
11517
x-77-nzt
AcO1rydlxsz/ZYIfAA
x-accel-expires
@1713346630
last-modified
Tue, 17 Mar 2020 20:22:46 GMT
server
CDN77-Turbo
etag
"5e713196-2cfd"
x-77-nzt-ray
25b021316aa253c62be75d64505d8d08
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuk-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/11/ Frame 9F42 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/11/tavuk-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5d867d8101d7d263052fd7656e7e10f585b485c3c38cb96e2c7bca172f579491

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2064292
x-accel-date
1681811335
content-length
12499
x-77-nzt
AcO1rye9xLn/pH8fAA
x-accel-expires
@1713347335
last-modified
Wed, 01 May 2019 23:26:22 GMT
server
CDN77-Turbo
etag
"5cca2b1e-30d3"
x-77-nzt-ray
25b021316aa253c62be75d641fcd8e08
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
firinda-etimekli-besamel-soslu-tavuk-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/12/ Frame 9F42 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/12/firinda-etimekli-besamel-soslu-tavuk-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e041f359812b31ffb3d561c106435550a58d86540a0262a93e6e462624fada6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2065329
x-accel-date
1681810298
content-length
12566
x-77-nzt
AcO1ryc97Df/sYMfAA
x-accel-expires
@1713346298
last-modified
Wed, 01 May 2019 23:10:13 GMT
server
CDN77-Turbo
etag
"5cca2755-3116"
x-77-nzt-ray
25b021316aa253c62be75d6453ab9008
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavuk-sote-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/12/ Frame 9F42 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2017/12/tavuk-sote-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6bfe09f0e69c4c09277d895b1146f4217b705d6bee219c661b36031742c24dd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2059762
x-accel-date
1681815865
content-length
12346
x-77-nzt
AcO1ryf7djb/8m0fAA
x-accel-expires
@1713351865
last-modified
Wed, 01 May 2019 23:27:27 GMT
server
CDN77-Turbo
etag
"5cca2b5f-303a"
x-77-nzt-ray
25b021316aa253c62be75d6440809208
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
patates-puresinde-tavuk-sote-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/04/ Frame 9F42 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/04/patates-puresinde-tavuk-sote-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3bc501087c297a6f3d740843828eabab1f7f9de9787718f2ec63952faedbec0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2065860
x-accel-date
1681809767
content-length
16839
x-77-nzt
AcO1ryeHtRf/xIUfAA
x-accel-expires
@1713345767
last-modified
Tue, 04 Apr 2023 21:50:39 GMT
server
CDN77-Turbo
etag
"642c9baf-41c7"
x-77-nzt-ray
25b021316aa253c62be75d64b4d99308
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sebzeli-yesil-mercimek-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/10/ Frame 9F42 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/10/sebzeli-yesil-mercimek-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9b1ec654e529d91133a96b94592f569bdef2932fa03d52c6fdb164a5195d7b9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
929438
x-accel-date
1682946189
content-length
15088
x-77-nzt
AcO1ryfERPD/ni4OAA
x-accel-expires
@1714482189
last-modified
Sun, 03 Oct 2021 22:06:06 GMT
server
CDN77-Turbo
etag
"615a294e-3af0"
x-77-nzt-ray
25b021316aa253c62be75d64e86b9508
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
ispanak-borani-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/04/ Frame 9F42 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/04/ispanak-borani-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d8b4887a05128d173df033ad7b0ecf00bba347394d67b8800b831a90dfeff00c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2065478
x-accel-date
1681810149
content-length
13451
x-77-nzt
AcO1rycRgBL/RoQfAA
x-accel-expires
@1713346149
last-modified
Wed, 01 May 2019 22:57:37 GMT
server
CDN77-Turbo
etag
"5cca2461-348b"
x-77-nzt-ray
25b021316aa253c62be75d64ba3d9708
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sogan-kavurmasi-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/02/ Frame 9F42 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/02/sogan-kavurmasi-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
204be8afb130957abf83d87a592dfb6de645dcfc7035fafefec72e676dfe05e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
679427
x-accel-date
1683196200
content-length
12265
x-77-nzt
AcO1ryfRcdP/A14KAA
x-accel-expires
@1714732200
last-modified
Thu, 06 Feb 2020 21:07:27 GMT
server
CDN77-Turbo
etag
"5e3c800f-2fe9"
x-77-nzt-ray
25b021316aa253c62be75d64f04c9908
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
taze-fasulye-borani-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/07/ Frame 9F42 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/07/taze-fasulye-borani-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e333cb1305d380d1fea95d56af2665209ad86d60e8df0d3d0b1d6aba56d5836f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2066154
x-accel-date
1681809473
content-length
14550
x-77-nzt
AcO1ryfiVDn/6oYfAA
x-accel-expires
@1713345473
last-modified
Wed, 01 Jul 2020 23:09:11 GMT
server
CDN77-Turbo
etag
"5efd1797-38d6"
x-77-nzt-ray
25b021316aa253c62be75d6418e29a08
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
yogurtlu-kuskus-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/10/ Frame 9F42 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2016/10/yogurtlu-kuskus-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8ef632787197eed4d48c94b8bf69add99b244a562f4927b491f8ec1f4d27e8e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2065860
x-accel-date
1681809767
content-length
12366
x-77-nzt
AcO1ryf6rmX/xIUfAA
x-accel-expires
@1713345767
last-modified
Wed, 01 May 2019 23:05:42 GMT
server
CDN77-Turbo
etag
"5cca2646-304e"
x-77-nzt-ray
25b021316aa253c62be75d648f519c08
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
havuclu-brokoli-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/01/ Frame 9F42 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/01/havuclu-brokoli-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
08ea981d8e95685d3e51862b19b49ffad381b140f8389b86658b47b5eed2b0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2065553
x-accel-date
1681810074
content-length
10112
x-77-nzt
AcO1ryf8337/kYQfAA
x-accel-expires
@1713346074
last-modified
Sat, 29 Jan 2022 23:43:27 GMT
server
CDN77-Turbo
etag
"61f5d11f-2780"
x-77-nzt-ray
25b021316aa253c62be75d64d9349e08
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
eristeli-domates-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/06/ Frame 9F42 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2015/06/eristeli-domates-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
840f32948f13a31acb240f2481999e70efe9eabea0d423581bb2e4f9e53aafb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2065536
x-accel-date
1681810091
content-length
13963
x-77-nzt
AcO1ryc1bEL/gIQfAA
x-accel-expires
@1713346091
last-modified
Wed, 01 May 2019 22:44:10 GMT
server
CDN77-Turbo
etag
"5cca213a-368b"
x-77-nzt-ray
25b021316aa253c62be75d64ea0aa108
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
bulgurlu-tarhana-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/02/ Frame 9F42 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/02/bulgurlu-tarhana-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
436484b452f8f1c015d37c79077fd81dcfbb053f58e6f0b586692ef9de9fc2d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2063821
x-accel-date
1681811806
content-length
13869
x-77-nzt
AcO1ryfHJZn/zX0fAA
x-accel-expires
@1713347806
last-modified
Mon, 27 Feb 2023 19:03:03 GMT
server
CDN77-Turbo
etag
"63fcfe67-362d"
x-77-nzt-ray
25b021316aa253c62be75d64dce5a208
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
zencefilli-kek-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/11/ Frame 9F42 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/11/zencefilli-kek-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
55ddcabedf2600fc561ab8ea1d690461ad399c9b8f77f82214d905b21310c71e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1631673
x-accel-date
1682243954
content-length
13622
x-77-nzt
AcO1ryeJ2aD/ueUYAA
x-accel-expires
@1713779954
last-modified
Tue, 03 Nov 2020 22:45:55 GMT
server
CDN77-Turbo
etag
"5fa1dda3-3536"
x-77-nzt-ray
25b021316aa253c62be75d6460f6a408
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cevizli-irmik-helvasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/02/ Frame 9F42 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2023/02/cevizli-irmik-helvasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
81fa8db261275be7531fb128593cece26d5e679e6e7a633f28f77add13a0d217

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2063078
x-accel-date
1681812549
content-length
12673
x-77-nzt
AcO1ryc6LAL/5nofAA
x-accel-expires
@1713348549
last-modified
Fri, 10 Feb 2023 21:46:02 GMT
server
CDN77-Turbo
etag
"63e6bb1a-3181"
x-77-nzt-ray
25b021316aa253c62be75d64427f2a09
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sodali-kakaolu-kek-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/07/ Frame 9F42 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/07/sodali-kakaolu-kek-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ea68e20514296ce314c3ca1eb5ff2cd1c1a1fc396b303b41c2364ffbd31e1550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2065686
x-accel-date
1681809941
content-length
15276
x-77-nzt
AcO1ryfgO2L/FoUfAA
x-accel-expires
@1713345941
last-modified
Thu, 16 Jul 2020 23:19:56 GMT
server
CDN77-Turbo
etag
"5f10e09c-3bac"
x-77-nzt-ray
25b021316aa253c62be75d6483f22d09
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
helvaci-ali-irmik-helvasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/12/ Frame 9F42 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2021/12/helvaci-ali-irmik-helvasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0f7226a27d44ba3b13a34640b036b2d2666f057b039861b781576c4bf8308642

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2065860
x-accel-date
1681809767
content-length
12238
x-77-nzt
AcO1rydVXhz/xIUfAA
x-accel-expires
@1713345767
last-modified
Wed, 15 Dec 2021 12:29:16 GMT
server
CDN77-Turbo
etag
"61b9df9c-2fce"
x-77-nzt-ray
25b021316aa253c62be75d648ab03009
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
tavada-pisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/12/ Frame 9F42 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2019/12/tavada-pisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7fb65548f1070a02531030355eb69c1dbdaa000acc7997f5c2af52e01bc29aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2064334
x-accel-date
1681811293
content-length
11084
x-77-nzt
AcO1rye5eM3/zn8fAA
x-accel-expires
@1713347293
last-modified
Mon, 16 Dec 2019 21:44:06 GMT
server
CDN77-Turbo
etag
"5df7faa6-2b4c"
x-77-nzt-ray
25b021316aa253c62be75d64da5f3209
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
pirasali-yumurta-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame 9F42 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/pirasali-yumurta-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a09a0a0b27c17ceedfae9a0c2db6819018ce22c4630ae3b4f8b0a75bbb0a86ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2064959
x-accel-date
1681810668
content-length
15820
x-77-nzt
AcO1ryf3aez/P4IfAA
x-accel-expires
@1713346668
last-modified
Thu, 10 Dec 2020 23:23:37 GMT
server
CDN77-Turbo
etag
"5fd2adf9-3dcc"
x-77-nzt-ray
25b021316aa253c62be75d642d513409
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
sebzeli-misir-ekmegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/11/ Frame 9F42 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2020/11/sebzeli-misir-ekmegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
886aadb9d7fd797e07b70c67dfc5e3f40f8cb9a350bee05e5cc4db9c078613c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
1737260
x-accel-date
1682138367
content-length
12450
x-77-nzt
AcO1ryczk8n/LIIaAA
x-accel-expires
@1713674367
last-modified
Sun, 08 Nov 2020 23:21:47 GMT
server
CDN77-Turbo
etag
"5fa87d8b-30a2"
x-77-nzt-ray
25b021316aa253c62be75d6410413609
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
peynirli-pankek-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/01/ Frame 9F42 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/App_UI/Img/out/270/2022/01/peynirli-pankek-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
65fb4798ce5d6c245da63cc949a4909180b95d36906efdbd49e5a3789d262266

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2063818
x-accel-date
1681811809
content-length
16270
x-77-nzt
AcO1rydz2Bj/yn0fAA
x-accel-expires
@1713347809
last-modified
Fri, 28 Jan 2022 23:17:09 GMT
server
CDN77-Turbo
etag
"61f47975-3f8e"
x-77-nzt-ray
25b021316aa253c62be75d64680a3809
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
_dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame 9F42 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:47 GMT
last-modified
Thu, 02 Jun 2011 03:26:26 GMT
server
Microsoft-IIS/10.0
etag
"8ae3cdbd420cc1:0"
x-powered-by
ASP.NET
x-hw
1683875627.cds287.fr8.hn,1683875627.cds153.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length
5605
addthis_widget.js
s7.addthis.com/js/300/ Frame 9F42 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Fri, 12 May 2023 07:13:47 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116390
DMCABadgeHelper.min.js
images.dmca.com/Badges/ Frame 9F42 		465 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:47 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
Microsoft-IIS/10.0
etag
"26b181f16d28d51:0"
x-powered-by
ASP.NET
x-hw
1683875627.cds287.fr8.hn,1683875627.cds057.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
395
outside.js
static.virgul.com/theme/mockups/adcode/ Frame 9F42 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
3bf48016240e2a08d327f70eed169e186b2fca957544ed5c02e9b7c6c9af7d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:47 GMT
content-encoding
gzip
last-modified
Tue, 18 Apr 2023 08:37:30 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
sdk.js
connect.facebook.net/tr_TR/ Frame 9F42 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5044b68fb02ec958a800bc49e306cfe424ae5143f4eb907a291128bbf85e273c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 12 May 2023 07:13:47 GMT
content-md5
61uFq2uHKZCGX/sCwrPQMw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
9ZqykZBY/+vi2BjxN6/VF2nUknIiguh4gwoPfmeSenQZDJp/a5gHMfntCy6bKjOjf2GcjD/iAdD1uL53kreWTA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
992ec9f9fa19a10d49bc1f02b598c562
cross-origin-opener-policy
same-origin-allow-popups
etag
"b2ce879976f733f148639f82a4ac36e3"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 12 May 2023 07:17:28 GMT
sprite_3.png
cdn.ye-mek.net/grafik/ Frame 9F42 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by
Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ye-mek.net/maincss.css?v=434
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 12 May 2023 07:13:47 GMT
x-cache
HIT
x-77-cache
HIT
x-age
2066185
x-accel-date
1681809442
content-length
21525
x-77-nzt
AcO1ryeC6vf/CYcfAA
x-accel-expires
@1713345442
last-modified
Mon, 14 May 2018 20:55:05 GMT
server
CDN77-Turbo
etag
"5af9f7a9-5415"
x-77-nzt-ray
25b021316aa253c62be75d648ca33909
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
analytics.js
www.google-analytics.com/ Frame 9F42 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38733763-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 12 May 2023 07:05:00 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
527
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 12 May 2023 09:05:00 GMT
sdk.js
connect.facebook.net/tr_TR/ Frame 9F42 		301 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js?hash=c90c0f42f1e9c718ece65ceb5be80c39
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c1213bb180d29b3b030ae1e3cc9b89f0823b2af4ace4d0cb42d18e1326f39ba1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 12 May 2023 07:13:47 GMT
content-md5
muw8ZcdbZC/OLeHmSXSrpg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87266
x-fb-rlafr
0
x-fb-debug
R+1wf4zNEDCXpBS/mIRfLmYxh43EugM0yADPtiG+Fz6n4JZ6gTue7UHib/dH0B3f/8jFCzYBnkHtwsmocMf20g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
76989f012d6bebf438a9f0daef7fc495
cross-origin-opener-policy
same-origin-allow-popups
etag
"212fe98ab8b1f99c0bb5ff4f9d834a58"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), serial=()
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 11 May 2024 06:41:27 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ Frame 9F42 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62
8096267
date
Fri, 12 May 2023 07:13:47 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
B402EDC6F7271ED7
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=30515
accept-ranges
bytes
content-length
948
x-amz-id-2
3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9F42 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5413d515eef98dd488b9d4addfa8f594b1a505233eb79a00a76870685e75a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25262
x-xss-protection
0
server
cafe
etag
924 / 19489 / m202305090101 / config-hash: 7593482187646896781
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:47 GMT
ads.js
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 9F42 		120 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:47 GMT
last-modified
Wed, 21 Dec 2022 18:47:42 GMT
server
openresty/1.15.8.3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
120
str.html
static.virgul.com/theme/mockups/outside/ Frame 74AE 		891 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=5184000
content-length
891
content-type
text/html
date
Fri, 12 May 2023 07:13:47 GMT
last-modified
Wed, 28 Sep 2022 10:07:57 GMT
server
openresty/1.15.8.3
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9F42 		137 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b486fb2c76cecda2be72306ada458464547f8a65d8423bb2a6cea53b21be6e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Origin
https://ye-mek.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47664
x-xss-protection
0
server
cafe
etag
5754945367176788923
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:47 GMT
prebid7.38.0.js
static.virgul.com/theme/mockups/outside/ Frame 9F42 		489 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:47 GMT
content-encoding
gzip
last-modified
Mon, 27 Mar 2023 14:56:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
apstag.js
c.amazon-adsystem.com/aax2/ Frame 9F42 		230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.225.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-225-68.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:09:37 GMT
content-encoding
gzip
via
1.1 ed123fb341b4af39cf924aafa949d976.cloudfront.net (CloudFront), 1.1 6c75f370e2f32e8fc940abded097e39c.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:07 GMT
server
AmazonS3
x-amz-cf-pop
LHR62-C4, LHR61-C2
age
251
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
8RpqLGFmScx4Sso0m-b855G50Y4I7Ln-JjFqJ_SuZzz7hjgLqrxxWg==
pageview
ng.virgul.com/ Frame 9F42 		35 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/pageview?c=site_geneli&mt=1683875627587&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.6826510109441715
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
10a926255dc419d01f05cf651efaf27b224c58581450f8bb20f02c1a8f285771

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:47 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
yemek_net.js
static.virgul.com/theme/mockups/fallback/ Frame 9F42 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19489
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
07849c46f2c450b07dfccf7163e986d80d942edd003d11dbe02f083bc21ac008

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:47 GMT
content-encoding
gzip
last-modified
Thu, 11 May 2023 21:52:45 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
hb
ng.virgul.com/ Frame 9F42 		49 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=467743
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
a5b385a6e3635652fa541617d26939d25f47ee873fab1b119ef2685b85e678c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:47 GMT
content-encoding
gzip
server
openresty/1.15.8.3
vary
Accept-Encoding
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://ye-mek.net
content-type
application/javascript
cache-control
max-age=3600
access-control-allow-credentials
true
empowerwebplayer3.js
static.virgul.com/theme/mockups/outside/ Frame 9F42 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:47 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 09:38:48 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/ Frame 9F42 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4343356117396bfb8ed39ef51da72a77b9ce2006eb82fa3f09b4ff5ae75650a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122743
x-xss-protection
0
server
cafe
etag
2371288819543775739
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:47 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame 51B4 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37549
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 20:47:58 GMT
etag
15057649708203361565
expires
Thu, 25 May 2023 20:47:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
config
c.amazon-adsystem.com/cdn/prod/ Frame 9F42 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.225.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-225-68.lhr61.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 04:45:56 GMT
via
1.1 6c75f370e2f32e8fc940abded097e39c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
LHR61-C2
age
8871
x-cache
Hit from cloudfront
access-control-allow-origin
https://ye-mek.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
eg__EFcrgBv_CSi8z_7fcV2Ro-ERVpr3KACbyO5RQJi4AY-KSQARSw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 9F42 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.225.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-225-68.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 21:16:54 GMT
x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 340acc109468df693ec024a66dbb0f1e.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-C2
age
35814
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
CPtf_RjYcfQXm_vCYe-_EtLuVMsydTsdFsMtiOxfH4-dGhithIg9yg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/ Frame 9F42 		402 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 10:59:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
72845
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127184
x-xss-protection
0
server
cafe
etag
3263738860219486170
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 10 May 2024 10:59:42 GMT
yemek_net.js
static.virgul.com/theme/mockups/sites/ Frame 9F42 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=467743
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:47 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 09:08:06 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
pandg-sdk.js
pghub.io/js/ Frame 9F42 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 06:39:08 GMT
content-encoding
gzip
age
2079
x-guploader-uploadid
ADPycdth8GpSw4x3HG_CRGfMX7xClUiF8z9ORH7hjtad0K4sDeEsuLEucxn12mDzVZjGl5P14rkWnyMEbbnYXMEL4PersA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4955
last-modified
Fri, 20 Jan 2023 18:31:19 GMT
server
UploadServer
etag
"b3517e216253857ea8c4209cb84004df"
vary
Accept-Encoding
x-goog-generation
1674239479122517
x-goog-hash
crc32c=rClt4g==, md5=s1F+IWJThX6oxCCcuEAE3w==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
4955
accept-ranges
bytes
content-type
application/javascript
zoneview
ng.virgul.com/ Frame 9F42 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1683875627845&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vneta053d54b-47d2-4394-ad52-d3209bb3e68e&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.968668660737894
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 07:13:47 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
NoktaNpmPlayerApi.js
c1.imgiz.com/player_others/html5/ Frame 9F42 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19489
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 11:58:21 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Fri, 19 May 2023 07:13:48 GMT
localstore.js
script.4dex.io/ Frame 9F42 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 07:13:47 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1861402
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDw3%2FtSP0%2BFvejg7MiQ1JJz5PoddKK92ygmI8t3UIgpqmXfjc2PHwVrsocDF0F3jgYRC4F3Cbbh5%2FTbKUj0weLuNW4ChdDsmewlPU%2FsYqgm%2F%2FO0aIGKL0T6ql%2BgvA%2FhvkaSj1EJOhQ7cP1zu"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7c60dc72ed919214-FRA
bid
aax.amazon-adsystem.com/e/dtb/ Frame 9F42 		23 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=lvuGgPpRZgQAh&cb=0&ws=1600x1200&v=23.505.1627&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.201.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-201-216.mxp64.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b28067dcf0cd83a34da216e94df8ba72.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MXP64-P2
x-amz-rid
VY7JA5GCZQJXRGGRTMAD
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
8oOiEgapdJmiNVplH_nv0Xq_w0nqxCv9gTJljRJP0QeUWXQb-2SPgQ==
integrator.js
adservice.google.de/adsid/ Frame 9F42 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9F42 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9F42 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2648781072102199&correlator=3020934783452079&eid=31074171%2C31074474&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683875627587%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvneta053d54b-47d2-4394-ad52-d3209bb3e68e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vneta053d54b47d24394ad52d3209bb3e68e&sc=1&cdm=ye-mek.net&abxe=1&dt=1683875627932&lmt=1683875627&dlt=1683875626928&idt=966&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=mecfmcft852p&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1195969361.1683875627&ga_sid=1683875628&ga_hid=1414178609&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bcbeaea0fdb111e7cb0373e3c1e3aa846128818fbe1afb55466227dddc9bab8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10420
x-xss-protection
0
google-lineitem-id
6241543851
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425583933
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D3FC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:13:48 GMT
expires
Sat, 11 May 2024 07:13:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
openrtb
adx.adform.net/adx/ Frame 9F42 		0
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bid
ap.lijit.com/rtb/ Frame 9F42 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.38.0
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
4418e8eb99d17f14de0b993f9c8b5e0ce194ebda0245e0c06d98fa6a4cceb7c7

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 12 May 2023 07:13:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ye-mek.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
2473
openrtb
adx.adform.net/adx/ Frame 9F42 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ Frame 9F42 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 07:13:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
cpm.programattik.com/ Frame 9F42 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=43&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns1.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame 9F42 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=45&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns1.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame 9F42 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=44&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns1.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
hb
cpm.programattik.com/ Frame 9F42 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.programattik.com/hb?zone=80&v=1.6
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS
ns1.ttidc.com.tr
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ye-mek.net
pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
cache-control
no-store
access-control-allow-credentials
true
server
nginx
age
0
/
hb.emxdgt.com/ Frame 9F42 		0
0
prebid
mp.4dex.io/ Frame 9F42 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c60dc733d132be0-FRA
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 9F42 		173 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.201.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-201-98.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
11bdeef13c43bc54e3d8c6059983a8e53ee7dedf433f863c725f9252b4500c26

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
gzip
x-prebid
pbs-java/1.118.0
content-type
application/json
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9F42 		416 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862172&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=40e7948e-7a22-48ed-9521-0bd45ed56184%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&tk_flint=pbjs_lite_v7.38.0&x_source.tid=f9205a4a-d65c-4bbd-8f7d-5222f34002fb&l_pb_bid_id=43f15f919bf2b5b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8747308193765944
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a4f3838eb274c796c020d1f20b49561a1f4053a9a7e571c145364667c9055bf2

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
416
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9F42 		410 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862174&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=40e7948e-7a22-48ed-9521-0bd45ed56184%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&tk_flint=pbjs_lite_v7.38.0&x_source.tid=c7351676-07da-40b2-b39b-cf38229f096d&l_pb_bid_id=44c50231b67ba65&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1773420751311181
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
70c1047262a463128cdda479f9ffc5ef1fb3caa7c1c3ab42e5ffd3e930ae41a6

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
410
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9F42 		404 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746578&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C55%2C57&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=40e7948e-7a22-48ed-9521-0bd45ed56184%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead&tk_flint=pbjs_lite_v7.38.0&x_source.tid=c1e2e06d-a175-4f8f-9b8f-d2df09626c02&l_pb_bid_id=458e5ff97404868&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8271536982068755
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5f34fddd1249e637892e6a17905cd4fbbcaff31ac09a1626f98aaa45b5953599

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
404
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9F42 		398 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746730&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=40e7948e-7a22-48ed-9521-0bd45ed56184%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=caf45092-ca30-4687-92ae-7fe74d9353f4&l_pb_bid_id=46aeb391cbdcf9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.07276581787785608
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b5b76542cdb6e9a9ff341907d66f2cd74f8b5544666fb975d5fb80db46194cbf

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
398
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9F42 		397 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=1746580&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=40e7948e-7a22-48ed-9521-0bd45ed56184%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower&tk_flint=pbjs_lite_v7.38.0&x_source.tid=cd359527-ff70-4050-9687-2afd822c67ee&l_pb_bid_id=47e501cd8bdb6ad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9131998013027205
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d5e9a3b63640ba8e6b388a6596295a1a01225f6ac3192357d01f1f4cad6cb11b

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
397
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9F42 		408 B
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=333016&zone_id=2862158&size_id=2&alt_size_ids=1&rp_schain=1.0,1!empower.net,5ed754bfe4b07a92411bbff0,1,,,&eid_pubcid.org=40e7948e-7a22-48ed-9521-0bd45ed56184%5E1&rf=https%3A%2F%2Fye-mek.net%2F&tg_i.page=https%3A%2F%2Fye-mek.net%2F&tg_i.domain=ye-mek.net&tg_i.pbadslot=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&tk_flint=pbjs_lite_v7.38.0&x_source.tid=91b05394-6db8-48d7-822d-fbecf023737b&l_pb_bid_id=4927c59cf0713e9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3904991860327782
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f87a5e9c361a20e11c94a19a78b0bb96fa5dbefa264404070c617213015295b0

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
408
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9F42 		478 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
015f01ac1de281b59184590acd3cd394181b4f2d309e08b8d527de820a968420
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:48 GMT
AN-X-Request-Uuid
ec7bc35b-4f1b-41c5-a2bf-f6e147b3a62a
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
478
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ Frame 9F42 		16 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ye-mek.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 12 May 2023 07:13:48 GMT
cdb
bidder.criteo.com/ Frame 9F42 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.38.0&cb=57553232898&lsavail=0
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 May 2023 07:13:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ye-mek.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame 9F42 		360 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
5c4a38af2471142f60f0034c5b0b5657f718da28011a6ced27e9e3e56183d07e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:48 GMT
AN-X-Request-Uuid
fcf26990-1ca4-4de7-b61e-39e07173288a
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ye-mek.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
360
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
zoneview
ng.virgul.com/ Frame 9F42 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1683875627985&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vneta053d54b-47d2-4394-ad52-d3209bb3e68e&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.22021123157404854
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 07:13:48 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
tag
feed.pghub.io/ Frame E6AF 		13 B
257 B 		Document
General
Check archive.org
Download Go to
Full URL
https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Fri, 12 May 2023 07:13:48 GMT
strict-transport-security
max-age=31536000
via
1.1 google
ads
googleads.g.doubleclick.net/pagead/ Frame 67BB 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875627775&bpp=4&bdt=848&idt=231&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&nras=1&correlator=4587312634858&frm=24&ife=1&pv=2&ga_vid=1195969361.1683875627&ga_sid=1683875628&ga_hid=1414178609&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759876%2C44759927%2C42532089%2C42532185%2C44759837%2C44788441%2C44789779&oid=2&pvsid=2648781072102199&tmod=300938915&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.j7vueekla53t&fsb=1&dtd=245
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:13:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adagio.js
script.4dex.io/ Frame 9F42 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 07:13:48 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
618066
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MunTba1KqhR1LkRnofcdCcbTG6bsdqWGV6VpZ%2Fvp1cLv5uJGr5I2BtyJXUeOIIXblZfEQ5fSzkFTqfRI5xYjpY3Vt%2B7Jp04QA3nvegzvXSPneBkfwL0iL%2FfLwK9i45xtRl1o9DYIkxKsT%2B4"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7c60dc737af837eb-FRA
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 9F42 		360 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122883
x-xss-protection
0
expires
Fri, 12 May 2023 07:13:48 GMT
NoktaPlayer.js
c1.imgiz.com/player_others/html5/ Frame 9F42 		399 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=5/12/2023
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e183dfed35d6921278c39359a5d34fbb9dfaaf4f990ec6d210a7217a95e897db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
gzip
last-modified
Mon, 06 Mar 2023 16:42:16 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Fri, 19 May 2023 07:13:48 GMT
container.html
08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 121B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:13:48 GMT
expires
Sat, 11 May 2024 07:13:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 9F42 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9F42 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9F42 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2648781072102199&correlator=1607150091140248&eid=31074171%2C31074474&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=3&adks=3203893797&sfv=1-0-40&prev_scp=hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.32%26hb_adid%3D68b7a27169b0e1d%26hb_bidder%3Dsovrn%26hb_format_sovrn%3Dbanner%26hb_size_sovrn%3D300x600%26hb_pb_sovrn%3D0.32%26hb_adid_sovrn%3D68b7a27169b0e1d%26hb_bidder_sovrn%3Dsovrn%26hg_pb%3D0.32&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683875627587%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvneta053d54b-47d2-4394-ad52-d3209bb3e68e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vneta053d54b47d24394ad52d3209bb3e68e&sc=1&cdm=ye-mek.net&abxe=1&dt=1683875628379&lmt=1683875628&dlt=1683875626928&idt=966&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=e92lt17uba1f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvixuf8D95GDcU7BMLHs5N2av7U2OjWj_FCagZKCHyYYQ1lo8facWGQyZb0NtbzIyc2KGyzAOQs0Ywo_ZJUxyA&ga_vid=1195969361.1683875627&ga_sid=1683875628&ga_hid=1414178609&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00b84b6e0b5e6b6017c143a7b927a5de0f2172cf7a8ddb2b2c86d9643ab00340
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8988
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 9F42 		32 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2648781072102199&correlator=2557514680479249&eid=31074171%2C31074474&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_pageskin&enc_prev_ius=%2F0%2F1&prev_iu_szs=1920x1051%7C100x100%7C100x400&ifi=4&adks=3698513385&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683875627587%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvneta053d54b-47d2-4394-ad52-d3209bb3e68e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vneta053d54b47d24394ad52d3209bb3e68e&sc=1&cdm=ye-mek.net&abxe=1&dt=1683875628383&lmt=1683875628&dlt=1683875626928&idt=966&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=carkt7qc2002&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=900&ohw=0&psts=ABHeCvixuf8D95GDcU7BMLHs5N2av7U2OjWj_FCagZKCHyYYQ1lo8facWGQyZb0NtbzIyc2KGyzAOQs0Ywo_ZJUxyA&ga_vid=1195969361.1683875627&ga_sid=1683875628&ga_hid=1414178609&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02f5595ff7049365dadd3a70792382b925323401d409b7f8b1cab3d61ea159dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15887
x-xss-protection
0
google-lineitem-id
6271164171
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138430115743
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 9F42 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2648781072102199&correlator=225213469872534&eid=31074171%2C31074474&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=5&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683875627587%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvneta053d54b-47d2-4394-ad52-d3209bb3e68e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vneta053d54b47d24394ad52d3209bb3e68e&sc=1&cdm=ye-mek.net&abxe=1&dt=1683875628384&lmt=1683875628&dlt=1683875626928&idt=966&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ogoosbu8ka&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvixuf8D95GDcU7BMLHs5N2av7U2OjWj_FCagZKCHyYYQ1lo8facWGQyZb0NtbzIyc2KGyzAOQs0Ywo_ZJUxyA&ga_vid=1195969361.1683875627&ga_sid=1683875628&ga_hid=1414178609&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e114ad0f73b9f3e1a252a7bfc15c82f169e8d84f6961d20655c19f7e5c0caa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9557
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 9F42 		56 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2648781072102199&correlator=4306636943134053&eid=31074171%2C31074474&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=6&adks=3299242717&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683875627587%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvneta053d54b-47d2-4394-ad52-d3209bb3e68e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vneta053d54b47d24394ad52d3209bb3e68e&sc=1&cdm=ye-mek.net&abxe=1&dt=1683875628387&lmt=1683875628&dlt=1683875626928&idt=966&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=tc75qgi9bhgx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABHeCvixuf8D95GDcU7BMLHs5N2av7U2OjWj_FCagZKCHyYYQ1lo8facWGQyZb0NtbzIyc2KGyzAOQs0Ywo_ZJUxyA&ga_vid=1195969361.1683875627&ga_sid=1683875628&ga_hid=1414178609&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77017d3007821ab79e69cdd1da0c3b5e72308f78b8b9d1f3a34730de4b144302
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12349
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 9F42 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2648781072102199&correlator=3458110225275043&eid=31074171%2C31074474&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160%7C640x205&fluid=height&ifi=7&adks=3050045420&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683875627587%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvneta053d54b-47d2-4394-ad52-d3209bb3e68e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vneta053d54b47d24394ad52d3209bb3e68e&sc=1&cdm=ye-mek.net&abxe=1&dt=1683875628389&lmt=1683875628&dlt=1683875626928&idt=966&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=ebbvoqxt1u9d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=996x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvixuf8D95GDcU7BMLHs5N2av7U2OjWj_FCagZKCHyYYQ1lo8facWGQyZb0NtbzIyc2KGyzAOQs0Ywo_ZJUxyA&ga_vid=1195969361.1683875627&ga_sid=1683875628&ga_hid=1414178609&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0863d199b018e75865317de60a161721a899ca66ff152136475df3bf0e5204bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8992
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 9F42 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2648781072102199&correlator=3719557582039278&eid=31074171%2C31074474&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=8&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683875627587%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvneta053d54b-47d2-4394-ad52-d3209bb3e68e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vneta053d54b47d24394ad52d3209bb3e68e&sc=1&cdm=ye-mek.net&abxe=1&dt=1683875628392&lmt=1683875628&dlt=1683875626928&idt=966&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=9chtqiz7084l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvixuf8D95GDcU7BMLHs5N2av7U2OjWj_FCagZKCHyYYQ1lo8facWGQyZb0NtbzIyc2KGyzAOQs0Ywo_ZJUxyA&ga_vid=1195969361.1683875627&ga_sid=1683875628&ga_hid=1414178609&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83bb06fedf748e77418bf8c58cb98297d9e093ae1d018c24d2b377af89023284
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9466
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 9F42 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2648781072102199&correlator=1665214272147804&eid=31074171%2C31074474&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=9&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1683875627587%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvneta053d54b-47d2-4394-ad52-d3209bb3e68e%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vneta053d54b47d24394ad52d3209bb3e68e&sc=1&cdm=ye-mek.net&abxe=1&dt=1683875628394&lmt=1683875628&dlt=1683875626928&idt=966&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=gr9syjk7zl6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABHeCvixuf8D95GDcU7BMLHs5N2av7U2OjWj_FCagZKCHyYYQ1lo8facWGQyZb0NtbzIyc2KGyzAOQs0Ywo_ZJUxyA&ga_vid=1195969361.1683875627&ga_sid=1683875628&ga_hid=1414178609&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b11986b7afdf2de1efe4081e4438499553d09cae22d8b21109be645d45e523cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9160
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ye-mek.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 121B 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 09:20:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
510819
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 05 May 2024 09:20:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 121B 		136 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60a7a84a62766e4ee1b9cd4662372eaf402d99549cf92dcea1ddaa1b136d496d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Origin
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47521
x-xss-protection
0
server
cafe
etag
14416228618453111518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 121B 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:48 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 121B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssRSswmzGd2h3-6I_9zgqTAw7OQ7XNNI6JfHjRGtvb4TCZc9hKbH2gT8oNoWN0ZkOUTXDrLDvlmFENs3IQkO_ks-kSbosnTrnLBm3HCVghiuPJO99SXVLDWEyx-b1w0yZaKIDG6-N4UGBjN6Bcjj6w6HHQkuApVBXd0YsmvBaP1O1W8MedoWCTxll2kGJXZACSFXEzQeXBLyRAkvhBt4xzeY1cIo75uBRqAGXMAF3zVfztRRYxdw8OG71BGJEUe4dj0kEQbn3EPDalu3uu-TWzZa5NUhs7GaQAo0Ft3Ia6ErNNWX88ZoWktWLxiuqMHVEhdRUpCmQGiq8q3XIIfY87TeHSjUkXSZfTawM9u5QMyD3H&sai=AMfl-YQbbdR92V-KW754d1iAktdLOuDXr1a-yTDea_P0SziCbsQSwHeecPhVDTqeuPhBUZoP37IUy1fRBtUP0AoEWpjcrE80zogVq2suxj_v0Po&sig=Cg0ArKJSzA04TvLVOhMbEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 07:13:48 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/ Frame 121B 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bab7b7ca4f11f4d8ae815868cc1e93b3b27904e1500147a870fe639852c1add
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122728
x-xss-protection
0
server
cafe
etag
6978169370444658430
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:48 GMT
truncated
/ Frame 121B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c436d2ba8f49d08bce6f99abf4b4924338f199f9f972240f50a9c1284f89b40

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
ad
googleads.g.doubleclick.net/dbm/ Frame ED5B 		42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BO9AI3MgE3rULBoQ3cmcu4sTxpXp9GEEKifR2phUTYWUy58W1owQPZQFuVIuurY4kYeJZSAKmXp2wdWT9b85twNExDelnnHSrRKT3UMrRznfXV7jRuslVy75_GKQjeoovn0_ebXTI2CgoaTEh3Ab2-oJMlHeXGHyvzdrvYyJtMOJ3uI3Q&cry=1&dbm_d=AKAmf-Dv4Qs1aM9iOfft3cJzeEHK8xUzA8M1ZllEg9GC_2eGrAQirTrJ3z6flgL84unvuFKndqkszE_kJNpuo62BxA8bKsZ8ItoCSC8HIAlZrdt2H9sxmeMz0VFdzi-hxR31tjMR-DsRmmGgUQERjUrbBn7PpHF-fKVZIPqExZ_Cq-Js7iNL9i8uBzeydwilXve_gbE2c22wdL4Ilwa9F346BC2V5LGMGIv62XaDKl5Ey3JGpUzPXg3KVnexJQwCIbFGLUQD5n57_Ny2vzxZiI68zx_gt8cVbnV3XyNjRUPIdWilqZZo7qrqzOOlghhEj9nYh3gjtxvrHWZSsycu7LddbIuugZR7S0G_fIIW81VM0HVmqjMARflvorPZ8N5HF5_Ya2ZmOQKV9GgJr6dLWwFXPzR6Hm4hWr7qBUVggrHEKEiBRM315q0wK7Qe-KWISlDrCZoV9kTOUg4H5HbRgUirXuncWKDzO2b8WjzWV99NIxc-Csm8R6lPq4GV7ofnG7zhFHuvB85EyzBP9M3nCNz0VJM9ORWGOg-vnkVqanpwlv1QT2YZIWt41bBPrka2BaT_CxKLjglXDSc6YiJ_T26iN6rvGj6t6NDZH4qfvkkuE5ng72oS1cDg5gl5Dh05KOpFQ3DK0hRWG-os9-wV0tN0YWKhYeA_i5y8OV6xE3gcR_BV3PqBIEPNU-fv7nh3pnnNT9vsg_BUmAgVni1pjkxqVY7j6J0utQeAvuI_9YIC2Qk2ABTqLBgv4mdBU_p--Oks-cr1ymHheRHqW0XdOLq1uMPRaRT9Y0CD30mM2GAsycasrggiWpfvSMqovaL8Y2zh7zogPse0DISl8JMjOo_81OmpK2ZDUfgaeVm3qVPhpiMHTo1rOI2SG5IiKTgYKeBpUAxmXuUVuvXAEAqkHok0J4ByMvpl_eYvOCByUC2Xy5JDnr1fsYpg_g1mV_oXdMhSExyW8-Or6x3Y1qUBNbdMhWezcEgN1uYkzSDtPF9ffpxGLVRbx-FituepD1nlehlRDnK_sEn7NLnzLz5gUXxGSzMEn-iA6oVySF-NB17ryxTcjPttqCxqEhRc5sgEcLNkQ8Mxk6ZmL4wfsY1vCVILwhim4bQbadIBHj3do4F1x66cOG8GQmfLFKk5YOq8omNC5sez4XhPo3we7RtTxl_oN4lfec4J-eHf7GpiuYjmRpavlae5sZ5P6ubRxx3-u1_RYXK8fPzjMmaITpVFyIZW9dA5XQuumA0sadr8G6WgpV3GGr9SZkQT0Gh0qRgOzB3muNXLjuSzPcPkVV_KoYMb-KNFaMaSvRVEXUlkk1LdRHk6I88dN9b0nOrexJF_BiWfdnN0Fr1u-MW79F7i2CNYXug_ZT599SkZaCCtLGyxK4ijDL1JBe6y1w6ZXNILKDUPHsafh3Xg1Yym1IQh9exaRl7cUc2DJu7PK-Y0-_ifp2DmhtN_Bsn-QQ2AsATDXJGhSQssJEvkBgSOiJPNpReGcyvyWFz1jt7YemXFOpW_svGLKVe9DfECG59feb8ikqR72FqQwGx9BEbLJ1jbH14YpBy4j1NOvPeih3B58KBz9ekLs9jSrSvFeW2tBhxd_0hrI1aAyHxfDosltaAweGFpRR4JNcxTeriVHbp2_NKthcNVVVW0hyXw1liaoyorVJgYp_GWVJ73k8d9PBi-Qej3FShfKK8xauW-1HqcIFUXzMRk9TmYZGrU8IO_6YPjNubgP-FXZByEOGHnQDkcSkleGM94L9NwaeNbq0I6FVbAZ3slQZmi7N5rSNfWe5crsm0J21Et-TraZ2gbi0A14mXH3LVSiWj5ln7oqWpoiPesJdTXyKtXjVlvhA8VfGVddQBrXK6wUYO6dz2mnIVb_HjjMJvaeCZ9wLlBrp7BPmrX_XNmO34bQ0NRMLFXW9M-DBhqBBQfGiw8lUJgnnFfU21ZJCoxRz-AM_JLlc1IjZppyrCwcUgMA1Jr6-SwCNkt1H85oRioO--aCsQS0dSwUKzVfbPpZAKn04rR-3gG0ew5wa115LNtHM86fsA94DNxSLZ1cw05vDoMn9HSukxLlX8hyV7z6jJBM3PlUBHURQG69542RmKxqOJ3E-L3dzvH-LFBBmK6FrirTJ3A3EKgf4AUWlqnSQOPw-P1bHfP3G8dqLCfNVPLwDL6F1GP3o9yR_ewAnEK7qqNjLg19ZI6ZvgPhrNchQUQ07Ku73DBPItfrEKORarPIViZERogiBjJF3wpwZJngOATw3pw0M_WsoxGz25loYHq8BPVQJeR1dgYG4E3ed_GkzNEZ5Vto8ZzDFH93ofNMlznHKQQhChwo_3-7yjGRmaQWccZOcv6NeE6MkuUycssQyJo49NbZOnLNUmmo_yXaJVk8SpoZh4S4p42c_2A4uQAtkCzPAD9alYEFnGQZpIJDJaYFQgENN2hd3rumCE0NC7CcvxwdQWtcT_yLPnxLlzuPJQFD0CSWNb5ar9SKLwme-AoK2w-dCs_fvpoVvzLLtqcr5T05bMVdqIayRnjLes2eWdPPlIUL25n5AcG55dUPBXkVutYnYAMEK7YMY82p0LP_2PpPFA-JH9rpzCh6I-ScywJZ3LPd9lrx-19AAkIyIM9M8G8fsfjWe1_bipkdn-xAxa4w58N8f21oaGu2AoJt7ugpeZQ8-clWh72jLmlVahmzV-pYFCPtSBNxLFPOtkc70BiehIosAoaJmxU_FuiO5Beluga6L-DXZY4gJ_epk0ZrxrCp23jZepefdm2NkzdemeRvonSI2X3AegB9hb90Ayf2i-HiHQbnAJjULADczhfcDeDTHS7T3TQL-ZD5h6kIL5dVJOIBxGhCQOC0jg1sedgUjFJyi68LNqDvXxSbpENu8NN4y5kIYVNNUGpU_-j1WANQGAds0OqGfrxQb4Sv2U2Sv0iQg-Rjr85qgcvP_bH7e1o1wVCxLIWkbKrh6cNKNEbYUsiVYK2dKEla2XYQyxQcuBqXLcfiYIBqLc8D24CQ2v3dK-UeM8FXdfAeJC2g2UHtqqhkaQpqWxbK83sY9oHyz86OT_Yp0qvOpqY1_0JK88CuMDutwuiHbTLZrkSWItvd4kMH8DrdIYUkYt73VzZUOSl_Lj_DopXiBUwzjACCCDfLXjzCpIYFBneu_OTbnz_-Np5bQTZEsS7AVTniza-XUkoyUXvDnuul5iFFA0nWiz1SICnhDdKUTrrMZjsLS66HXJ6wbdBDZ_e1PkCzKekRne6yazhJw-orALHbp9LEOX1bqzXUp3EEoBP7CmnjViZWCcQkZLxzdUEMb00uOZGKXeCblMrGDu4D7svS9XqJtNJ4kp92NUowtAf3SetKu1YruplIlRmJZIlEd5oWZQiR-ZKDlYcLwR84yTNsqW0VDMkT3T9H3r8OiUaeWm_M8abAkZwW-GhZZDxO-EsExRj2Lo2tBvu0mRXD98cLW4mZe_pGtbmycKYwmyVvAvOI4OgiAPxSckQJYwCVcHVw0SErtNWRpJWyJiB3psfyGF5GLZb56LMAgFpeyxxKXZ9dFqNoJ5zFsnwuaGK7A_y4IwtILoASOuLFjp-EiVqKSarHSH-200IGhHaXA_cR5Uf0iKI7ERck2YI44oteK-jxERc9CM8_pGT5oLTCoYwiEJCbbmJPqVlrTv_S2bDXJlvYngWOgNK9T7oPQ226wpluCGagf4rHHVjSvPeMXMPa255oEKwwy8OAO-IVIgGR8rhG3oYdtl5FQfM4UHIsbLWjCaDf2nylDinHjJhnIwprNcFTWmOAeC20zeRt96dHJgLSi4zf18iZ9YYX-4dIoFuATSjM25Xk3a6FFViPuqtvq0sw8-bSMlwSVBIqf_6tqpsbP9sgmM66yVNGR7F4Chpvjxyzc0jZnfxYNnuYXcwatqes76Owfkl1vG9wM902SrUcBlqRiwsnHQMa37r879BRyWJDS9IcjI2nGLiw3mzN3QiS3vJB-cDGsmTSoSrrgwFrpVQxeK0-j3lJd55UWkwE2cOj0d6f5fticfmh3ydH73I2LdpWFgZlVBRtMgAAltzHeCVCGau82gQarjxZCBv-azTH_mBtKYxRqK69sh2PaNlBsjDpNeJMdEVwCw3n4Efzco13ESor2b4P30VOW4B5T1Dn9DPJ8mEJ75PuMVnSBO70f3f8MX7Vd-Oz9Neb1Iqjk7FsAkCLwALPf7Bad_XJtSjsPQgbC3KlyfDVWLGqE9jMarwAYQSmMFmGyrq1_7ZoyEREIkCdztEVO-VkLwnyp_F1oXkiD69Pw1hVsnfiEqGkCAy00OiX96WiO7FBsCuVxNVOzTNdQCF0A93rpornmSOuqgcvjhthl-YrrZhQItAE_UilNNaT2rC_BIPQbGK&cid=CAQSOwBygQiDB5ZZSVClcGumwE5pIn_VV7XYB5BFE_32uRy5fJZu8Xa0Y4u_558BB6YhPIcvzsgxDTiLFLR7GAE
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ED5B 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:48 GMT
adview
ng2.virgul.com/ Frame 224C 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ng2.virgul.com/adview?a=60b91f99e4b0b65b3ce7bc5b&t=pageskin:153493&r=153493@site_geneli@yemek_net:site_geneli&l=&mt=1683875627587&userId=vneta053d54b-47d2-4394-ad52-d3209bb3e68e&vmn=60b91f99e4b0b65b3ce7bc5b___1534931456252032
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
6a6b89640e1cf136f687e85107323fe46d3eb0bf6572903005ba9e6829d2dd27

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://ye-mek.net
content-length
1129
content-type
text/html
date
Fri, 12 May 2023 07:13:48 GMT
expires
Tue, 04 Jan 2022 10:49:40 GMT
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
server
openresty/1.15.8.3
mobile_sound_on.gif
static.virgul.com/theme/mockups/icons/ Frame 9F42 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.virgul.com/theme/mockups/icons/mobile_sound_on.gif
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
d3b45b06882fe1aa9b47a8d88df978f19ce55a249840cc1b44eed3974a0fcd6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 12 May 2023 07:13:48 GMT
last-modified
Fri, 29 Jan 2021 08:57:46 GMT
server
openresty/1.15.8.3
accept-ranges
bytes
content-length
19674
content-type
image/gif
mobile_sound_off.png
static.virgul.com/theme/mockups/icons/ Frame 9F42 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.virgul.com/theme/mockups/icons/mobile_sound_off.png
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
5aa2370fd272d30acd5cb39f9b191a243d55a2adab6f0d7ff1950c39f028d331

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 12 May 2023 07:13:48 GMT
last-modified
Fri, 29 Jan 2021 08:57:44 GMT
server
openresty/1.15.8.3
accept-ranges
bytes
content-length
17986
content-type
image/png
Philips_utu_DB.mp4
rek-n18.nktcdn.com/data/ads/mockups/philips/ Frame 9F42
Redirect Chain
  • https://rek.izlesene.com/mockups/philips/Philips_utu_DB.mp4
  • https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4
80 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Server
185.7.176.218 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
last-modified
Wed, 19 Apr 2023 06:23:17 GMT
server
openresty/1.15.8.3
x-amz-request-id
tx00000000000000bcab3a5-006453c679-9e2f20a7-default
content-type
video/mp4
Content-Range
bytes 0-2913708/2913709
cache-control
max-age=5184000
Content-Length
2913709

Redirect headers

location
https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4
date
Fri, 12 May 2023 07:13:49 GMT
cache-control
max-age=0
content-type
text/html
server
openresty/1.15.8.3
content-length
151
expires
Fri, 12 May 2023 07:13:49 GMT
truncated
/ Frame ED5B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47797ddf9560867d1c7d4c4e37e7b8816ae87b8082d3c2d915b0b3f822fac371

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame ED5B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDhH18369g3gCoT4Gq2exwJU4QtPwFE2Lb0yzJkFPiBOFo6oSqhCzt172Ejlr8djOBc-B3gNEI0aZBq-U3ZAxnnYm4qRHDdyWaqpQlOgqhfq5K6QPtbRjPlqOEtc3Q9ZTZ1EoSMb_zNqdmjk0_vnDftR9Km3ExVZPTmVVpsXb-vPjnl5bKGL2yBuCxFaRiDwjfGJoNFVBZmn9vwGjqp8zl9J_Bwykp4m8GYbntbtUWLXQLnxJ68KypMkwSAKp3-Psi26F7XeVRazaE6sNL7A1kpQtEGYrzhg7l3jOxKYsPBNYUA6zLY8F1igFNFX8HT1qevA-fkRKfMjodmw0N5RnB8PCNhQc&sai=AMfl-YRZehkAWtKSy1YaH5vXsfDCtEfed46RYGNY9pik0Lq6GMPg_3cir_-6BqM5jBqerkPwsnxCs9Zf7_WBxaP-pwdUtRiPh_sTZSAdQmaCQjpIywh6uNsJdpnCF7QXrQ&sig=Cg0ArKJSzLJVvxMKuGdTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 07:13:48 GMT
container.html
08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8BC2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:13:48 GMT
expires
Sat, 11 May 2024 07:13:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 121B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 121B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DF5E 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407280060&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628505&bpp=9&bdt=106&idt=236&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&nras=1&correlator=7072187039029&frm=8&ife=1&pv=2&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.64j4q3c9dm8y&fsb=1&dtd=254
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:13:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 91AB 		29 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89a6171a0c1696d59b7e25f7eb79f536d2c3655d70d7e069d9598002540bc788
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13001
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:13:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
container.html
08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F644 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:13:48 GMT
expires
Sat, 11 May 2024 07:13:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
5ed7638be4b07a92411bbffe
ng2.virgul.com/tck/imp/ Frame 9F42 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7638be4b07a92411bbffe?g=1&t=gb&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1683875627587&userId=vneta053d54b-47d2-4394-ad52-d3209bb3e68e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 07:13:48 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
pixel
googleads.g.doubleclick.net/xbbe/ Frame 96CE 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNV4oEdkPqo3NyWGzwnvdQpaAuHWPxEux8iVUSX_ncfgVXK38u8PePtArBCoVOO_GKMR_WzhjYa0BIaByU2uF2JR5s_rujNBremT-WHBbn3DzoxZ9lZv2jPV8W_MkRXeRSTP_h-A_XkzukB5e2SyC8Q3i4P2szEJQzkOeynHWBZYC06Ngw0
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:13:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8BC2 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BC2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AxJQHvaYpkbEWzppWtktPwN3DUg88rwKPELIs1bb62n2nuvaRPlQFhf9BCZUjnQQEjV3Zl7yCdWa2059ju80Zvez_75_gweTARf7owCYQoVzGiT3U
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BC2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11288165321896466040&x=1&ct=76
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 8BC2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 06:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2894
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 06:25:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 8BC2 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
47387
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 18:04:01 GMT
l
www.google.com/ads/measurement/ Frame 8BC2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0hFT3vfBvK22yZ7dPnxKQA9erT7ksfoK7Jo7xJDYXhugTELqEYIsOy1JsJiD-_DziN8zuPAvp80DE3UhwgQ4sKZ7vkg
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8BC2 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:48 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 57AD 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUzyGs4oRq6UABSqf-_P_-GoghBq2GCYEDYI2PEhM6pcRT1bqtIVcatclTTWZdpvJQbl4bdzB2OUTn3GqqgZhHp9dGiEURRgwQH5R5v1iH-BMT-vtefSqhs8krInvhcLH8OXsmjwZV24A4R_3m0pxZfWT2rvkhos28c6ZQaJKvVuo1Fc5I
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:13:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F644 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F644 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ChzFcct4XwhxqeDU-n2NcF_FABWRU4SKSzm37wkZjl5vglFGe72p1iLbuQLpQQUK5lQOSM3zlIHw-AFoqBJXkQ8XKl1vFM-l7f916RWdgkji1qawg
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F644 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3496467626569839215&x=1&ct=76
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame F644 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 06:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2894
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 06:25:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame F644 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
47387
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 18:04:01 GMT
l
www.google.com/ads/measurement/ Frame F644 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcfCvD8CpVbZOzTOEG9x4NFkAp92Rgz8GcL50lU1hZQ-GuThA6_U66NH4SWnU1qxzVkxA1teB11vHzwfT2qMOrn2E6Pg
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F644 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:48 GMT
rum
dsum-sec.casalemedia.com/ Frame 96CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi4y8x-evL_irGqOvv5xOQ&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi4y8x-evL_irGqOvv5xOQ&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJi4y8x-evL_irGqOvv5xOQ&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNV4oEdkPqo3NyWGzwnvdQpaAuHWPxEux8iVUSX_ncfgVXK38u8PePtArBCoVOO_GKMR_WzhjYa0BIaByU2uF2JR5s_rujNBremT-WHBbn3DzoxZ9lZv2jPV8W_MkRXeRSTP_h-A_XkzukB5e2SyC8Q3i4P2szEJQzkOeynHWBZYC06Ngw0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEJi4y8x-evL_irGqOvv5xOQ&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 96CE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZF3nLOeHDPsSilRSIOXp7gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATi1W6brcymJ2HyWxl4OKM&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATi1W6brcymJ2HyWxl4OKM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNV4oEdkPqo3NyWGzwnvdQpaAuHWPxEux8iVUSX_ncfgVXK38u8PePtArBCoVOO_GKMR_WzhjYa0BIaByU2uF2JR5s_rujNBremT-WHBbn3DzoxZ9lZv2jPV8W_MkRXeRSTP_h-A_XkzukB5e2SyC8Q3i4P2szEJQzkOeynHWBZYC06Ngw0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATi1W6brcymJ2HyWxl4OKM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 96CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFBf8v5XrZjTpVPp2yCVOi0&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFBf8v5XrZjTpVPp2yCVOi0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNV4oEdkPqo3NyWGzwnvdQpaAuHWPxEux8iVUSX_ncfgVXK38u8PePtArBCoVOO_GKMR_WzhjYa0BIaByU2uF2JR5s_rujNBremT-WHBbn3DzoxZ9lZv2jPV8W_MkRXeRSTP_h-A_XkzukB5e2SyC8Q3i4P2szEJQzkOeynHWBZYC06Ngw0
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:48 GMT
AN-X-Request-Uuid
95440a50-41e5-4d64-a3ee-07580e997c43
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFBf8v5XrZjTpVPp2yCVOi0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 96CE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0MDIxMjg5NDcwOTY5MDIyMg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0MDIxMjg5NDcwOTY5MDIyMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNV4oEdkPqo3NyWGzwnvdQpaAuHWPxEux8iVUSX_ncfgVXK38u8PePtArBCoVOO_GKMR_WzhjYa0BIaByU2uF2JR5s_rujNBremT-WHBbn3DzoxZ9lZv2jPV8W_MkRXeRSTP_h-A_XkzukB5e2SyC8Q3i4P2szEJQzkOeynHWBZYC06Ngw0
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 12 May 2023 07:13:48 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
775a473d-a96c-41ed-8b98-de4f1a9b0878
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0MDIxMjg5NDcwOTY5MDIyMg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BC2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9574254681292&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BC2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9574254681292&version=m202301230201&ct=76&x=1&cor=11288165321896466000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8BC2 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzAidyfWO6wNJ2dYtejBWny4dAQCx3YSb0YOhCY_qBAUI5q0YmVlbRRBG4nOH5MxJsQJ4833DYs7ow97uQT5Sst-VUlB7xO93oNHVvjRSxZrrHYbeg59rFwRolmqUEiiQvwbYiekKIRKBb5ZG4XYvTkyMYUYSsecdhpax4HIvdttH_Blg&dbm_d=AKAmf-BzaUiXIsRceVNH0bqZWj8i1rwS1AlmyuYYnS_53eTUtM50YBAJ9lYFbBRqB1a6C7jTuL7PkjVj90F3oiEFNoLyIOzkqTvEh4SOGLHK6OjrYgyN5VJCl6z3tl2Sqt3grGIzEUSbQYCt6qV9CdX_H8sBy_DUuuQgC2gljnk2L94KEC70MiFpInC0fpg9y54t-S6A3dukg0vL4tolR_57UuehFpqHHpwOXTJgPS0J4ct8qJnyYd97WHL6gl8f1suvogoJLiufL0IRx2s5U91MXo3g5gEFJBP_MGISyNbEHhLZ6C87wYmpqIfBGjvDNmbEPSu1pDfrpjcJorENsfmDT9pJdmjmXZJRsqxhAahrEgdbWA4zKvaVwhfAM94MWzuRhqmaG3OXQkHNWbB7-3hassZI0wKZI2__PFZ0CIdJRg65usyexT_ypbkJPfpcPTqrFhdt05puRBVpjG05hr8hEMKnaJCYmfJkwzygGueJqPfjh1Bu3bPOg4EFi-hWST5v31QElDSqTTqsm6OpYBLxLqwRp566KmOWQXuUBAHhsdUht5dobTD6Hmsn5C-Bc4vNJ0OrkslrtqOhFcal43UPbuHO4iZQMIIkjPHedXu30K1mH1dW3pAA_TA9vPhNRqlEzBrk9HIW2J8-1M4MQxLCFCziBPpIE9U39Xom10uoXm6p2o0v-Ux-n5BB0_SJ6jYXPJpp_NETT-vtvfVMG1cxjhChajdj2Qgzwn5kzKvfaHj9Pkzq87BfXjAl95RNLCuhPRkQtLg0XK8l2aZ8_srCZcOPEblhSi7bU77rFUceB96mjZjyP2OQSXC7O0aN8acLsNTGh6RSRLFopZUDZaYl6msy__wcqG0oRok8ZRNNmxBw9L_Hkn3lykG96GpmvyiqLCTHapj8Qcu-ouFMzbW2adxcFZtu6unN1jsm4GcP1EJLcHKIO-aBadhOx1Ro3khBma38a3HiYOGBPwk9ibgfzUMFnPFZHMoJoNzdQF4aV9WdSAtyTzcd5rDGnEBChVU2BL0D3wCMLnwd_OLt2t7rB4AwNWCQBrYipN3Cfw82eysSknGP5zZUEGjgl-beS9AqrAFJY_ldpEYlT0gz9nd4Kc7ea_pg4rBomNgTvJZUoXX_aCGJaXqE3Lp6cEfn2B1mqbhduywp7wLCEgQkp1_ZKp6NsNPCHq9jPuHq8dRRRPK2mQPuOhf07kH0RymC_ONbrq-Dm3Ei3Tbd6r6g02HjYwBI49nWJpENlMZbXw6c2PfPcBEAJ-1-6vibGLZBil3t8auNeVSWFYoqKPRhPom-FSDTFJV_sDRCzvj_aDo1EVTS6Du0Ck3Wv1DbkBwzxICp_Bi13XnKFmQK_A5YWB4ZNnCM1O2XNH1pp_-kOZbJDlHqeN8tzXWGaP5ICiz3qV9ygICAhvgAIsujfbaVeBrgIKqf0IQa4wlGpCkKOriabnUTePZRbyMgRgMTbI4oBM9wvLFzhobCQskf9FlLjwi58NxqhnlcTmTK-kI1SYChZdXJ6FUuj-cju3QhtKwfKFFqZAwCRwQWwHmtv74Zrbz816rKU92wBOTHhYUuU2bnWexd7huyd5qhoxfmg1hN-lVvibzGQQ9_w1wTSXUH8ax88glsFRm744JXMvw33uUzYLdL5AmidFODWQp5V9VGWWrFHhBph1PDV_LqnF_UVcy-TUkmrHsruXyY4D0PJxGEk0Oofc93Z5PwaiZ7lFjIoUNqSlPElnMICaimv0091xwFCfCbYdsknSUrO6d5Dib_pWY24tiilewnJX4xDPMHv1QJ4r1QRIvkIhkQxltj_L5snt5lVztxeVgEaREfc4hJZ7KhbUv4C_qH33g2lCFfFhlz93Wg3V_nW_YOaiX-5YSn8AJGOi3voZbbSPe17-uAjBQ_Spd2peED7H4_YCgmd8nFZv_y0-8CvxyALck_3MoLgO__09PqNpftVmlStx-3VYRZlv08gxdqbQniaSF80wTRSxT2TS_lqgWC57Fv5kkrv0rCe_EeZhwU71q_k4y9uuSTBdYHxHhfUQIACHzIGZZO1LbYPLCsd98gD2175MCeaMD_TuDzTcF9INuAhhoi9Yx8cqPEjwOpfWWwPj-3Jiq0RYzJdyxVSq2PqmRDVqLUHs7F-_7P2ffFK99FH8UhAb-89ESlRkE70veK5aLGkh0W4z1wWn3DI0BFL9o1FPFUhbSbEY6RIXXAUnEMvQkbfUskpHNMgSES9l-mky0AKbVIcFDE8JOCwN9GJ6rv2Qqn9V1hOUVu_ClLAgpIZm8_n4qRL-6qArvTlkwbLD9oP_xiO9VCaD4HSEknfNL5dM0oGnYQJsYH1WnxHzVGLsJLWCChd9ybmiFoNzjyGh0W1cfKD7dCgLwXfqoPFL6EMSYSTQST1WaYbMcdayvabbWvtOOyvjdWJjRho8hKpLZboj-eHHLvoR6KWt7U6WS05OVM5GJsYK-t4X5xf2uk2JB8OhR9k0TU-vsZToON5XcMY-0AkdFLBny_xFMJPy4EJI82uPYjKM0oI2MK8kPUFrT6YOsdrX8AdJK8bRA8lyclCzrt5qXhm5gt04Z_FsG3EXCLMk-8hdP7_te6ZhagyxCekvE2nqocF2LqQAmFmqwrR71dP0e3Hyc8Fm1Wc6IgTPzmiQ1xELj1QTD-_8gEO56PSSNpLGuwze3BWaCvz2OfPkTwNImsO8KfmRXUJDq01UPpJqfD_lAMrihUnyc-ZF8moVb6V8cCa4j9sp3HnJXLtuVnZl3yVQXyCiKgFpD1Z_ru67mFynkFW6Icb2bnGu1nYd2YO4MxeHehIrBCNaRL9a2o9D8v9he6kHZLEY395woNVkj0yrfoGk6p4Vvd9n0pwFbSvTMW-ZuezbX7i6SebZhHupWjRsN9pu1Jg9s5TEfPK4IbYBTcQKcj1UDuZGMBN0TKewiQY08TyGPROD18RTQ1V6p-Bh1sGZI93iCFzKEWPjBpw0aMsXDmN-pBMh7FpQ6V-xyJpwBHELBZt-ofnzmiyNorHznV68WbRaIqwMvHhdmU2Qx1FSnyKE5WFQ5O9W0ewacHvceBQ2F5N68zRKyKTpW3jd5z-GkP8xSfkYx9XzI-IT2oBFaucUflQKqwpW7AwAmC05SO0MsHgFKXqIzci68x5lntNva5ziHN03ZRn6TLFsftOYd1ak1n5PYKDMfQN3ATT1S3VC8PdGgbOIzT9yMU5Y8GdC0cxK7BXG0--IVDyQ82jH9y6P8fI4rUJgdngylEoaBHX1KIrvLjuA26snzxFGOAGQSajU2tDsLW0J1KksX2WGhh2cuN51F-ScPO4u8FreRYG7fHglFMd5UhIDwm_ifVdvHJlAuY0owcfK4O2Sjb4mMyuN0FWZVM8v2_kLyRxboArXJB0oboiLR7fRwjgLPc-AGl15unfuK4YsqniV-zdLtPXCBXMcvCkEzQMynLgRLnVz_IEbbSAylHq4EBU6UQy0xRrwUaJPPyiUWwcqaU6JpADhjD1LwI3B5NZ6IFC1oiItbJcWdkNxd4SlpvvdMG5DxqDt2oi93Zq5yNT0hbE_gKJXSpUI6MfiQgv1ZdEWZWCug4cBsfxTxPifIsZYzxc6ekM0eNOERBedlDFTMq0IMcgNkYvgdFJIORKo0HkWmaWi546BbBrV3AvG0ltqK3M6eYQxi4NklrhzBxW4OKq8Rmgp8L56VqJruvzdL_8tGdgc8W0VKfB5UbyiR1bCklsmUhMB-7X0bTbpUg_upPLnxzlpr6VzaSup_5IrQh2nY&cid=CAQSOwBygQiDHwZIpUvIPNdW3uWypQxXYrpFuv8kh9q1zjwKc-anhbWzivS8PW9RPbs8XwZTpTRFBqkmJWxEGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=11288165321896466000&adk=212707235&idt=76&cac=0&dtd=30
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6186cdfa3c371aed90c7f2c822df1a8e1db780cffb7a2c4d0fc15874a7237dd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36354
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 57AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGo3BY-wWvPTRrI4FN-Avtw&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGo3BY-wWvPTRrI4FN-Avtw&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGo3BY-wWvPTRrI4FN-Avtw&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUzyGs4oRq6UABSqf-_P_-GoghBq2GCYEDYI2PEhM6pcRT1bqtIVcatclTTWZdpvJQbl4bdzB2OUTn3GqqgZhHp9dGiEURRgwQH5R5v1iH-BMT-vtefSqhs8krInvhcLH8OXsmjwZV24A4R_3m0pxZfWT2rvkhos28c6ZQaJKvVuo1Fc5I
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEGo3BY-wWvPTRrI4FN-Avtw&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 57AD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZF3nLOeHDPsSilRSIOXp7gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATi1W6brcymJ2HyWxl4OKM&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATi1W6brcymJ2HyWxl4OKM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUzyGs4oRq6UABSqf-_P_-GoghBq2GCYEDYI2PEhM6pcRT1bqtIVcatclTTWZdpvJQbl4bdzB2OUTn3GqqgZhHp9dGiEURRgwQH5R5v1iH-BMT-vtefSqhs8krInvhcLH8OXsmjwZV24A4R_3m0pxZfWT2rvkhos28c6ZQaJKvVuo1Fc5I
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATi1W6brcymJ2HyWxl4OKM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 57AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMW8i32YnC2l5_b4mcxu6GU&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMW8i32YnC2l5_b4mcxu6GU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUzyGs4oRq6UABSqf-_P_-GoghBq2GCYEDYI2PEhM6pcRT1bqtIVcatclTTWZdpvJQbl4bdzB2OUTn3GqqgZhHp9dGiEURRgwQH5R5v1iH-BMT-vtefSqhs8krInvhcLH8OXsmjwZV24A4R_3m0pxZfWT2rvkhos28c6ZQaJKvVuo1Fc5I
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:48 GMT
AN-X-Request-Uuid
ca188579-a256-4f3f-bd02-117258a9cd43
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMW8i32YnC2l5_b4mcxu6GU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 57AD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0MDIxMjg5NDcwOTY5MDIyMg%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0MDIxMjg5NDcwOTY5MDIyMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUzyGs4oRq6UABSqf-_P_-GoghBq2GCYEDYI2PEhM6pcRT1bqtIVcatclTTWZdpvJQbl4bdzB2OUTn3GqqgZhHp9dGiEURRgwQH5R5v1iH-BMT-vtefSqhs8krInvhcLH8OXsmjwZV24A4R_3m0pxZfWT2rvkhos28c6ZQaJKvVuo1Fc5I
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 12 May 2023 07:13:48 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bd870149-ede5-41b1-b2b1-6547c5665be6
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0MDIxMjg5NDcwOTY5MDIyMg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
60b91f99e4b0b65b3ce7bc5b
ng.virgul.com/tck/imp/ Frame 224C 		0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/imp/60b91f99e4b0b65b3ce7bc5b?userId=vneta053d54b-47d2-4394-ad52-d3209bb3e68e&mt=1683875627587&sdr=&et=&r=153493@site_geneli@yemek_net:site_geneli&l=&info=&t=banner:153493@site_geneli@yemek_net:site_geneli&os=&c=&cs=1683875628861
Requested by
Host: ng2.virgul.com
URL: https://ng2.virgul.com/adview?a=60b91f99e4b0b65b3ce7bc5b&t=pageskin:153493&r=153493@site_geneli@yemek_net:site_geneli&l=&mt=1683875627587&userId=vneta053d54b-47d2-4394-ad52-d3209bb3e68e&vmn=60b91f99e4b0b65b3ce7bc5b___1534931456252032
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ng2.virgul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ng2.virgul.com
date
Fri, 12 May 2023 07:13:48 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
container.html
08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EF3D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:13:48 GMT
expires
Sat, 11 May 2024 07:13:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 04FF 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUqvf8pR_XMOuOCISh0uhq08tU2-JE2g857SQVJn4n7v2tmxvSrNoqiYI-clvE5IUuzAGfNOMWZYA-fOkJ0Q90g6ThaSPJ1MuVLkiBcjknCFLEsdAnLDWMDgRfTVLMvX7QGkrzuN0AF5JEWnhbEO8Vs2T44Yz6KJn_3eMsNZUlltfNzS88
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:13:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame EF3D 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF3D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ab2PHLOA5h6bPVuEXk9b975SY2Etz6XD96xDibcFC8Fi2wlj3rRxNtRo7bn-K9IynwzznTPqltX87YuOCeGC22Lo73DBnQaAqt0fDtA9wWzD-KzAQ
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF3D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10899176448837953246&x=1&ct=76
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame EF3D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 06:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2894
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 06:25:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame EF3D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
47387
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 18:04:01 GMT
l
www.google.com/ads/measurement/ Frame EF3D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSH2UCMUkkr6r6-5GRFRezwEQdbSzv9VfY9VcvGZSE3N8qJW7l65cz8VhnTGVrRbwpDcnWGaIVP-YzIDGGaHMS6gspNtQ
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EF3D 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:48 GMT
XassetrGVaWW53.png
ads.w55c.net/t/d/ Frame 91AB 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.w55c.net/t/d/XassetrGVaWW53.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=RUJGRDhCNkMwNkNCNDlDREUyQjAxMjg2ODE0NDY2MkZ8R0ZacFdzZmRzenwxNjgzODc1NjI4ODk0fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDMwMjIxMTkzM19FWHw1NDExM3x8fHwuMFB8VVNE&ei=GOOGLE_CONTENTNETWORK&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCOCMwLjc4MjA2MDl8SUFCOC04IzAuNTc4OTIzOXxJQUI4LTcjMC4xNDgyNDM2NQ&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fye-mek.net&ts=1683875628897&c=DE&r=NW&m=0&pc=46236&epid=R0N5ZS1tZWsubmV0&mi=d2Vi&wp_exchange=NWP
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6000:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96e22a33f827f042ac4b239c21f468a17c87545df3f6b90e100d3a91b253a1e7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
77muH8mujF9NEC9ipS.55iMMWqUaEtvK
date
Fri, 12 May 2023 07:10:01 GMT
via
1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
strict-transport-security
max-age=2592000; includeSubDomains
x-amz-cf-pop
FRA56-P7
age
229
x-amz-server-side-encryption
AES256
x-amz-meta-width
728
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-filesize
44534
x-amz-meta-height
90
content-length
44534
last-modified
Wed, 03 May 2023 17:26:36 GMT
server
AmazonS3
etag
"ccf751b21647e448aa5dadd8c05f5ac6"
vary
Accept-Encoding
content-type
image/png
cache-control
must-revalidate
accept-ranges
bytes
x-amz-cf-id
aRms0CHfrWBWuFTl_TpokWhUBzC_3Y-SyQ3sNjX-ZecrXj6ItUSLRQ==
pixel.php
t.hspvst.com/ Frame 91AB 		95 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.hspvst.com/pixel.php?id=2677&t=P&cb=2474276183460010
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.58.197.185 , Philippines, ASN174 (COGENT-174, US),
Reverse DNS
staticip-hv4m185.hispavista.com
Software
Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 07:13:48 GMT
Server
Apache
X-Powered-By
PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding
chunked
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
image/png
Cache-Control
max-age=315360000
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=3, max=1000
Expires
Mon, 09 May 2033 07:13:48 GMT
creative_add_on.js
cti.w55c.net/ct/ Frame 91AB 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE_CONTENTNETWORK&ob=0&ai=0DaDXCcU00&epid=R0N5ZS1tZWsubmV0&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRzobPsLhV&btid=RUJGRDhCNkMwNkNCNDlDREUyQjAxMjg2ODE0NDY2MkZ8R0ZacFdzZmRzenwxNjgzODc1NjI4ODk0fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDMwMjIxMTkzM19FWHw1NDExM3x8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEN3iGAa1kuFv-YFE2GvbT9c&spidu=GOOGLE_CONTENTNETWORK&pidu=ye-mek.net&hmpvu=491ec925-2269-4887-8879-7ecce3b74f09&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.53 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
6a88e0d82ba2998038cc86adc47bfb48d21e6114e18d97f0ecd05f5df519a95f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000; includeSubDomains
last-modified
Wed, 23 Feb 2022 16:57:18 GMT
server
ECS (frb/67DF)
age
137624
etag
"3321997696"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
cache-control
no-cache, must-revalidate
accept-ranges
bytes
content-length
2391
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 91AB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 06:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2894
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 May 2023 06:25:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 91AB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 18:04:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
47387
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7937
x-xss-protection
0
server
cafe
etag
2499949999788435271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 18:04:01 GMT
l
www.google.com/ads/measurement/ Frame 91AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTiP4n8yHHkztsyYnSL4E5-mKT4bozKsZHhllCXmsX7IOnUIEmqNjyHdg1TrJ30oGEZJ4ijM49V1vCke5D6kpNyojcEhA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 91AB 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:49 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 91AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CrIPoLOddZMOVMozm6wTUtL_wBLqItI9cnNfu7qkIwI23ARABIABgldKfgrAHggEXY2EtcHViLTY1OTM1MjMyMTAwMTAxNTTIAQmoAwGqBNIBT9COqMcnhQkRtzPRQRxWB5afq0kVOEEjmrjhoWkyXTvq2Lm6z4N6mAaJ1qudwsOcSrz8DHgCyqg93DnEYLR53j06PR-EiG67VcxAN1yRNVcm8ZGIEaO-xgacnSGCAU2uP-NML97HK8mVYAdrKp2bdruSGW8DFJcZ2yoluQWk4RxW5V-GfrG_VeZZfy-qO8hZuX0zYwWbjjHnH6P_zacD2AhxFqbduciy7o7Zd0qhD32oTT7le0XpEbEDrTNBCJ83qjJuiiRy-H8z5Hi71mSU6V3dgAbRyaWX66WWlesBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02NTkzNTIzMjEwMDEwMTU0GAA&sigh=i04wOJiNeaA&uach_m=[UACH]&cid=CAQSKQBygQiDJnoz5Wh3VM0p3opE9j4RSKh_lcOtqPwx4s-js5942RGLuxTDGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 May 2023 07:13:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
a.gif
i.w55c.net/ Frame 91AB 		42 B
582 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=RUJGRDhCNkMwNkNCNDlDREUyQjAxMjg2ODE0NDY2MkZ8R0ZacFdzZmRzenwxNjgzODc1NjI4ODk0fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDMwMjIxMTkzM19FWHw1NDExM3x8fHwuMFB8VVNE&ei=GOOGLE_CONTENTNETWORK&wp_exchange=ZF3nLAAMisMKmvMMAA_aVPEWGPD_RjVqFm1aPg&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCOCMwLjc4MjA2MDl8SUFCOC04IzAuNTc4OTIzOXxJQUI4LTcjMC4xNDgyNDM2NQ&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=ye-mek.net&s=https%3A%2F%2Fye-mek.net&ts=1683875628897&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=NW&m=0&pc=46236&rnd=2474276183460010&epid=R0N5ZS1tZWsubmV0&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1jYU9UR0ZnRw&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=2&euid=Q0FFU0VOM2lHQWExa3VGdi1ZRkUyR3ZiVDlj&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=Uyf1BHBVCgICF_Z58ZKhvg&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEN3iGAa1kuFv-YFE2GvbT9c&spidu=GOOGLE_CONTENTNETWORK&pidu=ye-mek.net&hmpvu=491ec925-2269-4887-8879-7ecce3b74f09&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.249.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-249-165.eu-central-1.compute.amazonaws.com
Software
PixelTracking/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:48 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PixelTracking/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F644 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3815707240819&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F644 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3815707240819&version=m202301230201&ct=76&x=1&cor=3496467626569839000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F644 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4iKDH2w_IzYNcrY_vc4TVDLlW-vAT9IuP4w4wdkH4CD4pxVZFI7CRiJ5lim-8rVQYeutqVysLnhP7zUwwjoa0a7yOpt-5YmPzCf9_8vmukbazzfFwGNCUPaBfge1NE7iP5QESjmYCnSmaPI6MzkpjZkODSC-rds7bGTDlDPLmDdxFZbU&dbm_d=AKAmf-BwIrBglSSHPdR4jS3TDDsIMuicDaym4QJn_rNQ40AGSTVYjSLiLshQq9SYPidm9Q8DiaVtjkeAVCB-6zuNd9Vn2AaSWN_d2NmDOZ1W1EQtet8w1UOeor8n8ZV_P_eyZPAsTb9FwFPKglPsVC3xshO1uO1pWg4W5XFftCcEJHl8w06LvNssPxUPHefhjj83i-y3JHLa6vkWPBhJjcJ6FRHR0NESvkSuA_hgQ9RQa7LFmfhx_9quwcZXEM27X-y6PJDLd_xFu6rXIWWYZdURxqoBeweMVNzdR8X7YbtFKrfm_OJllnjTtEBjxjICybaI_Cl8t36PlVnBW4x6gG9oKMGl5fHX7pb3xBeXSJRET1mOCj2xSO3HqyWcA87dXMgsmsu33CYiKCLGPRrvg-K_N0rPLGLD9jNnIJy7Vv-9j-u_66DYJZhZlJ1GkfP8Cm6Hu9jmIZpYFJ4ZhD0N7w2vHi4rU4Sgb2eOModZyyMQkCkCqhZsVTjE_bumzJ-Kf4DIoFL5bAe0vJGP1EmuMgSv73pd4FEUHwq8WHX7oE-tkYKMWCCFAZDQxK71PiBmRC_Qx5lV_eRNdHHgLizGbucqqzIkbZSmIzx3V-L0jrvtFOF1DlLDFPoYC1-TIIQiVFiPqO9hdRqNlkAkjFYsz4nzn45us1Rp7QtB2fCKQVk0yoLujgtdPCeUj5Wmyath_4kBRVR0KTudgQiGFMEUcq5pmlr1_grC8BsXfN8SYmmW3Xqo81k6xeG816irXY30aGZ_grgOBIZ16GqCL-8FQp88IAAOe1MZvckGnneoo5fMawHQ3DI75uO6_XPfRf8w4UKopHOeii79o3MSXqfBTgvdgaNr1AK-agjZLLNIXMR1sXZ1s94FJ8AWzkkFzYUCBO5jA_mttvggwlFuc6z9eu7YhOOee8_tK9iAlwUvlXVaY3EMXpAsi7s79fduJYp-WXXVou7DSHUVEEnMlHrJPAxx8YHZLn-Mh_NWbV2jddpYs4DwEUhDY6g0JiuuZVD6Dr_DLDTxzxlDQtOvZcNw949UiF0fegwXtfNQu9zOTgK_ZbsMrYAlJzAvWMAT4z4tH_6GGAcCNZ_Pq_wclHsff398PogOggzmaJkU2gq37odGrLqo4M1R0d-Vt88Z9NoStpfP_wNd0av6B2glVgakHwMafjzAKvxkahwOxYlo6fNyQAfZgBFt52-NhLPlA9uWXctyX2q66pRw_xu775us3pGistlWcj1RzIVGHMAOlcX6ZqUby4KX7FgmUipuGY7aClwcopGODyfDZrSjA1W4OQKL2oKqZy87thMPzEme4vXr_7oXjnOG0pM1rZYUVnrCxHXzxUZH5PJ3HIvHiBul3wZP3vNp1am-YMZIGm8dlEpEa4CnTZnWc8nNT-ByjIS_6v_P_K3vzfjGP7OJXlH_R3hWOUTUxtbW5FJEj8llesaCDfLA7rjAQKQn6R8IwtCr1aBGPiPZYfCivuhfGwtULjjAlqduVaM9L69pnCsuxtbogFrPKAs9YWKoBccPhZooBLtuGAhDvaJyx2LaUUXowldUCWjdLzCXCZeVLULfVkfxD7sc7OnygEBKEVxhAJETp_8k9_e2mZDX_0IuwwV2M0Ja8aFrXu0hbzRHi_dmjpJvV4fluFuaK67CU7GlZIdHoLI_MxUy5v5Ru_tPlkkGbz66EdAOC237MpiMELBj8DkMD_Z-Bo6QLJmx7pmA3fZMKA1OqGWEaYT55K_wC4X6ApFcFi58c4CEooJbe26AZYgbNCplak6p06tibALQCHE-icoNZzeE54ov81HeRPPOXFkjI2M8qW35NAU_8WDkgChMLE1nQEUxzfg4z3f7EyawtSdybAwS8AuOwYFr8kjNhK1TBIYHte56ZUeqeIBl92__NKFk3gsGAgAaJyVES8U85NkljkBhK7a4ZKT_6gRqxR-W7ht-s50YE6GWE2PfYn-0dA9TFhflcnpKZYw3XNNeF45DeiLaZ72K_k92QbVOjpVIybCrIivSZMb2oNoPkvfNe22qrzLwn8hG4GDJAmdeJfWPbAutjSTaLLS60e5EeRhQHu8dcc7QgEkl3YCSUPhriVOA4zNK1DB57wxO4OLvRVlVV3Ocg64zA5wSukjR6ufwktQueuHjWTLxyQoZnomKGRQvAYABWuD3e0SDtNzN2y_tEHp9tRSOJ9dWAjedNLPbD4w0b2PVAxB4KMkmWCJ4r_S4QCuWu_JM_MvAC5zBYtxcHTKxVJkVd9TMTemHovxD9uxyy0HXCqBnFX58K9djzX4m6UIgJdIOE8aH4DjfTk4vhbEEPQkVu7Idn1VFyvo9SdN2i4K1bW_ughvYJ6Ck43cvzsdD9jROTXJB9Dg_kcUANyxCqOg_8uae42uROyoVZB_luvlLZXvwjtQ5HH_SkorEG_Py-kqwhCOLJIOUKgSCwiz4trHTrA7wkvxJDSlwG_IAVfUby6LpukxCSFeVhMunlyQa3OHa7JzFjJOdC_G28m_8zREBq6qbJk-LgmlA4QjfJH0CgjxtXrSgTuCCCBFV8WQ8axpvHQtox3BMdCRyx5sG47ISyk2yFHM0aYhRDy2l0FMPb1AcjtE9A83QNfunH2mvERDyKiN1gKLPUUM0aAu2zqVJFd068OtoAim3vYj4UTdYJyaF5g9I0w0gOH625zZh6ns45QNkDlHErGK3T9CwtrRPoRaVlyE2STeoPZ_m39mkfvy-vt9w_qo3OYyLkuNRhT6TmGRwGINtLp9_xtAoKpsMLrbwN6206di7nlfvsQGkYDmkPrSER62PY3n93NVK9r1mPwH-n8SRcmtqNIog0hxt5Un62JUoqfMBl9RO941ToGv1fPTju2FbAos4qMoHk4EG-lug_q22NYiYVGzEY3Z6nwfKHeHvAzCCqkINwHJZVVA27VHRg8YBjnC5QQ0jBgdMpLmJUQ71WDnU3ML9lB8acHLHWDNk6tqc1pi8nv2uP5bfMeswEjyyrQoM4Yxar00Nt4gAbF5Ol-eZNkzaZ6YQeP-5Y29TYlOd8jJuyYT671fEL6vn-5dQJSvALR4KLTYq8VMySKa89exLCftFJRDuZ3bHfOpNmi9cqdVv3EavUeGWjQ1LPHo9z5q4etXO7IpyLSIELSiOeUC2KVS47bhWL-Pgrlq2YBfSt7rphf_ipH2o-hJgK1x4mDfuX3jc_1QQpk9_Qr72exWhAiMyiPyyeAjYk3eefsVdCE2ajVIz_uxWiDnKB4L6b7wp2F0jVtyXwuswgo1PF-oPmiHXDDXesgBDLKPGrB7rO2wm20o9-P0GbaR2xGzGDSHBYSlZdTdOpL850sYuwZrcFRdxbfzihF6uEEcYKEXqHCa0BJssObZKW-Ml3KaC_OMvXL7I3xnm5hhkfZekYY7zXwn-_ZUFZUyKnkUm0kpoXrz7VB4t074FL8oyEoT_khbSxuDHHiZCG567yfIklW_32oc_r28FDyCntAqwQldzVxqRn4I-hNS6J3pRGWFznSl0766efJTYf3_xZWyTYOWdg_-H96W_6xKLQ7UTviAjHlfqCb3x4PCAlFQE2odAdImp_txcCdCYfZv6G9EAUCfbiAPhqrLJPei12aqLRCTqiilTsJ55TWcpgJPenQvI1qcwpBuY2nsEpS-dfpFBZyH7cJyfs121uHUXK_4ZlybpRMWHV_Gr3rUwFuiOiTwOXPDMcvsBMbob8-gBog7Rv_mcl0-RHH9MsJjQQPlGnxk5WjOhzVABMnN1lGLfkrwFOG-swnN4d1o&cid=CAQSOwBygQiD9VkOzmOMKZAPpjBsPIzrI7jp1s97ZmuMrEGGNjr1jGN-VrtERkUWkhFAZsY-mjRq41IAQbViGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=3496467626569839000&adk=3587751834&idt=170&cac=0&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0a2e59733d6e88bc887e607fad372e4a59e36c08fa9a7b71e15ba1b8bd4fb51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36430
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8BC2 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Origin
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame 8BC2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzAidyfWO6wNJ2dYtejBWny4dAQCx3YSb0YOhCY_qBAUI5q0YmVlbRRBG4nOH5MxJsQJ4833DYs7ow97uQT5Sst-VUlB7xO93oNHVvjRSxZrrHYbeg59rFwRolmqUEiiQvwbYiekKIRKBb5ZG4XYvTkyMYUYSsecdhpax4HIvdttH_Blg&dbm_d=AKAmf-BzaUiXIsRceVNH0bqZWj8i1rwS1AlmyuYYnS_53eTUtM50YBAJ9lYFbBRqB1a6C7jTuL7PkjVj90F3oiEFNoLyIOzkqTvEh4SOGLHK6OjrYgyN5VJCl6z3tl2Sqt3grGIzEUSbQYCt6qV9CdX_H8sBy_DUuuQgC2gljnk2L94KEC70MiFpInC0fpg9y54t-S6A3dukg0vL4tolR_57UuehFpqHHpwOXTJgPS0J4ct8qJnyYd97WHL6gl8f1suvogoJLiufL0IRx2s5U91MXo3g5gEFJBP_MGISyNbEHhLZ6C87wYmpqIfBGjvDNmbEPSu1pDfrpjcJorENsfmDT9pJdmjmXZJRsqxhAahrEgdbWA4zKvaVwhfAM94MWzuRhqmaG3OXQkHNWbB7-3hassZI0wKZI2__PFZ0CIdJRg65usyexT_ypbkJPfpcPTqrFhdt05puRBVpjG05hr8hEMKnaJCYmfJkwzygGueJqPfjh1Bu3bPOg4EFi-hWST5v31QElDSqTTqsm6OpYBLxLqwRp566KmOWQXuUBAHhsdUht5dobTD6Hmsn5C-Bc4vNJ0OrkslrtqOhFcal43UPbuHO4iZQMIIkjPHedXu30K1mH1dW3pAA_TA9vPhNRqlEzBrk9HIW2J8-1M4MQxLCFCziBPpIE9U39Xom10uoXm6p2o0v-Ux-n5BB0_SJ6jYXPJpp_NETT-vtvfVMG1cxjhChajdj2Qgzwn5kzKvfaHj9Pkzq87BfXjAl95RNLCuhPRkQtLg0XK8l2aZ8_srCZcOPEblhSi7bU77rFUceB96mjZjyP2OQSXC7O0aN8acLsNTGh6RSRLFopZUDZaYl6msy__wcqG0oRok8ZRNNmxBw9L_Hkn3lykG96GpmvyiqLCTHapj8Qcu-ouFMzbW2adxcFZtu6unN1jsm4GcP1EJLcHKIO-aBadhOx1Ro3khBma38a3HiYOGBPwk9ibgfzUMFnPFZHMoJoNzdQF4aV9WdSAtyTzcd5rDGnEBChVU2BL0D3wCMLnwd_OLt2t7rB4AwNWCQBrYipN3Cfw82eysSknGP5zZUEGjgl-beS9AqrAFJY_ldpEYlT0gz9nd4Kc7ea_pg4rBomNgTvJZUoXX_aCGJaXqE3Lp6cEfn2B1mqbhduywp7wLCEgQkp1_ZKp6NsNPCHq9jPuHq8dRRRPK2mQPuOhf07kH0RymC_ONbrq-Dm3Ei3Tbd6r6g02HjYwBI49nWJpENlMZbXw6c2PfPcBEAJ-1-6vibGLZBil3t8auNeVSWFYoqKPRhPom-FSDTFJV_sDRCzvj_aDo1EVTS6Du0Ck3Wv1DbkBwzxICp_Bi13XnKFmQK_A5YWB4ZNnCM1O2XNH1pp_-kOZbJDlHqeN8tzXWGaP5ICiz3qV9ygICAhvgAIsujfbaVeBrgIKqf0IQa4wlGpCkKOriabnUTePZRbyMgRgMTbI4oBM9wvLFzhobCQskf9FlLjwi58NxqhnlcTmTK-kI1SYChZdXJ6FUuj-cju3QhtKwfKFFqZAwCRwQWwHmtv74Zrbz816rKU92wBOTHhYUuU2bnWexd7huyd5qhoxfmg1hN-lVvibzGQQ9_w1wTSXUH8ax88glsFRm744JXMvw33uUzYLdL5AmidFODWQp5V9VGWWrFHhBph1PDV_LqnF_UVcy-TUkmrHsruXyY4D0PJxGEk0Oofc93Z5PwaiZ7lFjIoUNqSlPElnMICaimv0091xwFCfCbYdsknSUrO6d5Dib_pWY24tiilewnJX4xDPMHv1QJ4r1QRIvkIhkQxltj_L5snt5lVztxeVgEaREfc4hJZ7KhbUv4C_qH33g2lCFfFhlz93Wg3V_nW_YOaiX-5YSn8AJGOi3voZbbSPe17-uAjBQ_Spd2peED7H4_YCgmd8nFZv_y0-8CvxyALck_3MoLgO__09PqNpftVmlStx-3VYRZlv08gxdqbQniaSF80wTRSxT2TS_lqgWC57Fv5kkrv0rCe_EeZhwU71q_k4y9uuSTBdYHxHhfUQIACHzIGZZO1LbYPLCsd98gD2175MCeaMD_TuDzTcF9INuAhhoi9Yx8cqPEjwOpfWWwPj-3Jiq0RYzJdyxVSq2PqmRDVqLUHs7F-_7P2ffFK99FH8UhAb-89ESlRkE70veK5aLGkh0W4z1wWn3DI0BFL9o1FPFUhbSbEY6RIXXAUnEMvQkbfUskpHNMgSES9l-mky0AKbVIcFDE8JOCwN9GJ6rv2Qqn9V1hOUVu_ClLAgpIZm8_n4qRL-6qArvTlkwbLD9oP_xiO9VCaD4HSEknfNL5dM0oGnYQJsYH1WnxHzVGLsJLWCChd9ybmiFoNzjyGh0W1cfKD7dCgLwXfqoPFL6EMSYSTQST1WaYbMcdayvabbWvtOOyvjdWJjRho8hKpLZboj-eHHLvoR6KWt7U6WS05OVM5GJsYK-t4X5xf2uk2JB8OhR9k0TU-vsZToON5XcMY-0AkdFLBny_xFMJPy4EJI82uPYjKM0oI2MK8kPUFrT6YOsdrX8AdJK8bRA8lyclCzrt5qXhm5gt04Z_FsG3EXCLMk-8hdP7_te6ZhagyxCekvE2nqocF2LqQAmFmqwrR71dP0e3Hyc8Fm1Wc6IgTPzmiQ1xELj1QTD-_8gEO56PSSNpLGuwze3BWaCvz2OfPkTwNImsO8KfmRXUJDq01UPpJqfD_lAMrihUnyc-ZF8moVb6V8cCa4j9sp3HnJXLtuVnZl3yVQXyCiKgFpD1Z_ru67mFynkFW6Icb2bnGu1nYd2YO4MxeHehIrBCNaRL9a2o9D8v9he6kHZLEY395woNVkj0yrfoGk6p4Vvd9n0pwFbSvTMW-ZuezbX7i6SebZhHupWjRsN9pu1Jg9s5TEfPK4IbYBTcQKcj1UDuZGMBN0TKewiQY08TyGPROD18RTQ1V6p-Bh1sGZI93iCFzKEWPjBpw0aMsXDmN-pBMh7FpQ6V-xyJpwBHELBZt-ofnzmiyNorHznV68WbRaIqwMvHhdmU2Qx1FSnyKE5WFQ5O9W0ewacHvceBQ2F5N68zRKyKTpW3jd5z-GkP8xSfkYx9XzI-IT2oBFaucUflQKqwpW7AwAmC05SO0MsHgFKXqIzci68x5lntNva5ziHN03ZRn6TLFsftOYd1ak1n5PYKDMfQN3ATT1S3VC8PdGgbOIzT9yMU5Y8GdC0cxK7BXG0--IVDyQ82jH9y6P8fI4rUJgdngylEoaBHX1KIrvLjuA26snzxFGOAGQSajU2tDsLW0J1KksX2WGhh2cuN51F-ScPO4u8FreRYG7fHglFMd5UhIDwm_ifVdvHJlAuY0owcfK4O2Sjb4mMyuN0FWZVM8v2_kLyRxboArXJB0oboiLR7fRwjgLPc-AGl15unfuK4YsqniV-zdLtPXCBXMcvCkEzQMynLgRLnVz_IEbbSAylHq4EBU6UQy0xRrwUaJPPyiUWwcqaU6JpADhjD1LwI3B5NZ6IFC1oiItbJcWdkNxd4SlpvvdMG5DxqDt2oi93Zq5yNT0hbE_gKJXSpUI6MfiQgv1ZdEWZWCug4cBsfxTxPifIsZYzxc6ekM0eNOERBedlDFTMq0IMcgNkYvgdFJIORKo0HkWmaWi546BbBrV3AvG0ltqK3M6eYQxi4NklrhzBxW4OKq8Rmgp8L56VqJruvzdL_8tGdgc8W0VKfB5UbyiR1bCklsmUhMB-7X0bTbpUg_upPLnxzlpr6VzaSup_5IrQh2nY&cid=CAQSOwBygQiDHwZIpUvIPNdW3uWypQxXYrpFuv8kh9q1zjwKc-anhbWzivS8PW9RPbs8XwZTpTRFBqkmJWxEGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=11288165321896466000&adk=212707235&idt=76&cac=0&dtd=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 18:09:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
47075
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 18:09:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 8BC2 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzAidyfWO6wNJ2dYtejBWny4dAQCx3YSb0YOhCY_qBAUI5q0YmVlbRRBG4nOH5MxJsQJ4833DYs7ow97uQT5Sst-VUlB7xO93oNHVvjRSxZrrHYbeg59rFwRolmqUEiiQvwbYiekKIRKBb5ZG4XYvTkyMYUYSsecdhpax4HIvdttH_Blg&dbm_d=AKAmf-BzaUiXIsRceVNH0bqZWj8i1rwS1AlmyuYYnS_53eTUtM50YBAJ9lYFbBRqB1a6C7jTuL7PkjVj90F3oiEFNoLyIOzkqTvEh4SOGLHK6OjrYgyN5VJCl6z3tl2Sqt3grGIzEUSbQYCt6qV9CdX_H8sBy_DUuuQgC2gljnk2L94KEC70MiFpInC0fpg9y54t-S6A3dukg0vL4tolR_57UuehFpqHHpwOXTJgPS0J4ct8qJnyYd97WHL6gl8f1suvogoJLiufL0IRx2s5U91MXo3g5gEFJBP_MGISyNbEHhLZ6C87wYmpqIfBGjvDNmbEPSu1pDfrpjcJorENsfmDT9pJdmjmXZJRsqxhAahrEgdbWA4zKvaVwhfAM94MWzuRhqmaG3OXQkHNWbB7-3hassZI0wKZI2__PFZ0CIdJRg65usyexT_ypbkJPfpcPTqrFhdt05puRBVpjG05hr8hEMKnaJCYmfJkwzygGueJqPfjh1Bu3bPOg4EFi-hWST5v31QElDSqTTqsm6OpYBLxLqwRp566KmOWQXuUBAHhsdUht5dobTD6Hmsn5C-Bc4vNJ0OrkslrtqOhFcal43UPbuHO4iZQMIIkjPHedXu30K1mH1dW3pAA_TA9vPhNRqlEzBrk9HIW2J8-1M4MQxLCFCziBPpIE9U39Xom10uoXm6p2o0v-Ux-n5BB0_SJ6jYXPJpp_NETT-vtvfVMG1cxjhChajdj2Qgzwn5kzKvfaHj9Pkzq87BfXjAl95RNLCuhPRkQtLg0XK8l2aZ8_srCZcOPEblhSi7bU77rFUceB96mjZjyP2OQSXC7O0aN8acLsNTGh6RSRLFopZUDZaYl6msy__wcqG0oRok8ZRNNmxBw9L_Hkn3lykG96GpmvyiqLCTHapj8Qcu-ouFMzbW2adxcFZtu6unN1jsm4GcP1EJLcHKIO-aBadhOx1Ro3khBma38a3HiYOGBPwk9ibgfzUMFnPFZHMoJoNzdQF4aV9WdSAtyTzcd5rDGnEBChVU2BL0D3wCMLnwd_OLt2t7rB4AwNWCQBrYipN3Cfw82eysSknGP5zZUEGjgl-beS9AqrAFJY_ldpEYlT0gz9nd4Kc7ea_pg4rBomNgTvJZUoXX_aCGJaXqE3Lp6cEfn2B1mqbhduywp7wLCEgQkp1_ZKp6NsNPCHq9jPuHq8dRRRPK2mQPuOhf07kH0RymC_ONbrq-Dm3Ei3Tbd6r6g02HjYwBI49nWJpENlMZbXw6c2PfPcBEAJ-1-6vibGLZBil3t8auNeVSWFYoqKPRhPom-FSDTFJV_sDRCzvj_aDo1EVTS6Du0Ck3Wv1DbkBwzxICp_Bi13XnKFmQK_A5YWB4ZNnCM1O2XNH1pp_-kOZbJDlHqeN8tzXWGaP5ICiz3qV9ygICAhvgAIsujfbaVeBrgIKqf0IQa4wlGpCkKOriabnUTePZRbyMgRgMTbI4oBM9wvLFzhobCQskf9FlLjwi58NxqhnlcTmTK-kI1SYChZdXJ6FUuj-cju3QhtKwfKFFqZAwCRwQWwHmtv74Zrbz816rKU92wBOTHhYUuU2bnWexd7huyd5qhoxfmg1hN-lVvibzGQQ9_w1wTSXUH8ax88glsFRm744JXMvw33uUzYLdL5AmidFODWQp5V9VGWWrFHhBph1PDV_LqnF_UVcy-TUkmrHsruXyY4D0PJxGEk0Oofc93Z5PwaiZ7lFjIoUNqSlPElnMICaimv0091xwFCfCbYdsknSUrO6d5Dib_pWY24tiilewnJX4xDPMHv1QJ4r1QRIvkIhkQxltj_L5snt5lVztxeVgEaREfc4hJZ7KhbUv4C_qH33g2lCFfFhlz93Wg3V_nW_YOaiX-5YSn8AJGOi3voZbbSPe17-uAjBQ_Spd2peED7H4_YCgmd8nFZv_y0-8CvxyALck_3MoLgO__09PqNpftVmlStx-3VYRZlv08gxdqbQniaSF80wTRSxT2TS_lqgWC57Fv5kkrv0rCe_EeZhwU71q_k4y9uuSTBdYHxHhfUQIACHzIGZZO1LbYPLCsd98gD2175MCeaMD_TuDzTcF9INuAhhoi9Yx8cqPEjwOpfWWwPj-3Jiq0RYzJdyxVSq2PqmRDVqLUHs7F-_7P2ffFK99FH8UhAb-89ESlRkE70veK5aLGkh0W4z1wWn3DI0BFL9o1FPFUhbSbEY6RIXXAUnEMvQkbfUskpHNMgSES9l-mky0AKbVIcFDE8JOCwN9GJ6rv2Qqn9V1hOUVu_ClLAgpIZm8_n4qRL-6qArvTlkwbLD9oP_xiO9VCaD4HSEknfNL5dM0oGnYQJsYH1WnxHzVGLsJLWCChd9ybmiFoNzjyGh0W1cfKD7dCgLwXfqoPFL6EMSYSTQST1WaYbMcdayvabbWvtOOyvjdWJjRho8hKpLZboj-eHHLvoR6KWt7U6WS05OVM5GJsYK-t4X5xf2uk2JB8OhR9k0TU-vsZToON5XcMY-0AkdFLBny_xFMJPy4EJI82uPYjKM0oI2MK8kPUFrT6YOsdrX8AdJK8bRA8lyclCzrt5qXhm5gt04Z_FsG3EXCLMk-8hdP7_te6ZhagyxCekvE2nqocF2LqQAmFmqwrR71dP0e3Hyc8Fm1Wc6IgTPzmiQ1xELj1QTD-_8gEO56PSSNpLGuwze3BWaCvz2OfPkTwNImsO8KfmRXUJDq01UPpJqfD_lAMrihUnyc-ZF8moVb6V8cCa4j9sp3HnJXLtuVnZl3yVQXyCiKgFpD1Z_ru67mFynkFW6Icb2bnGu1nYd2YO4MxeHehIrBCNaRL9a2o9D8v9he6kHZLEY395woNVkj0yrfoGk6p4Vvd9n0pwFbSvTMW-ZuezbX7i6SebZhHupWjRsN9pu1Jg9s5TEfPK4IbYBTcQKcj1UDuZGMBN0TKewiQY08TyGPROD18RTQ1V6p-Bh1sGZI93iCFzKEWPjBpw0aMsXDmN-pBMh7FpQ6V-xyJpwBHELBZt-ofnzmiyNorHznV68WbRaIqwMvHhdmU2Qx1FSnyKE5WFQ5O9W0ewacHvceBQ2F5N68zRKyKTpW3jd5z-GkP8xSfkYx9XzI-IT2oBFaucUflQKqwpW7AwAmC05SO0MsHgFKXqIzci68x5lntNva5ziHN03ZRn6TLFsftOYd1ak1n5PYKDMfQN3ATT1S3VC8PdGgbOIzT9yMU5Y8GdC0cxK7BXG0--IVDyQ82jH9y6P8fI4rUJgdngylEoaBHX1KIrvLjuA26snzxFGOAGQSajU2tDsLW0J1KksX2WGhh2cuN51F-ScPO4u8FreRYG7fHglFMd5UhIDwm_ifVdvHJlAuY0owcfK4O2Sjb4mMyuN0FWZVM8v2_kLyRxboArXJB0oboiLR7fRwjgLPc-AGl15unfuK4YsqniV-zdLtPXCBXMcvCkEzQMynLgRLnVz_IEbbSAylHq4EBU6UQy0xRrwUaJPPyiUWwcqaU6JpADhjD1LwI3B5NZ6IFC1oiItbJcWdkNxd4SlpvvdMG5DxqDt2oi93Zq5yNT0hbE_gKJXSpUI6MfiQgv1ZdEWZWCug4cBsfxTxPifIsZYzxc6ekM0eNOERBedlDFTMq0IMcgNkYvgdFJIORKo0HkWmaWi546BbBrV3AvG0ltqK3M6eYQxi4NklrhzBxW4OKq8Rmgp8L56VqJruvzdL_8tGdgc8W0VKfB5UbyiR1bCklsmUhMB-7X0bTbpUg_upPLnxzlpr6VzaSup_5IrQh2nY&cid=CAQSOwBygQiDHwZIpUvIPNdW3uWypQxXYrpFuv8kh9q1zjwKc-anhbWzivS8PW9RPbs8XwZTpTRFBqkmJWxEGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=11288165321896466000&adk=212707235&idt=76&cac=0&dtd=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce7aa9a76e1ef06e22d13a5c8678b9b7440f5b1f854ecb62b447ad383927abb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 18:13:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
46798
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10883
x-xss-protection
0
server
cafe
etag
6886435266232968791
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 18:13:51 GMT
rum
dsum-sec.casalemedia.com/ Frame 04FF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATi1W6brcymJ2HyWxl4OKM&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATi1W6brcymJ2HyWxl4OKM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUqvf8pR_XMOuOCISh0uhq08tU2-JE2g857SQVJn4n7v2tmxvSrNoqiYI-clvE5IUuzAGfNOMWZYA-fOkJ0Q90g6ThaSPJ1MuVLkiBcjknCFLEsdAnLDWMDgRfTVLMvX7QGkrzuN0AF5JEWnhbEO8Vs2T44Yz6KJn_3eMsNZUlltfNzS88
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATi1W6brcymJ2HyWxl4OKM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 04FF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZF3nLOeHDPsSilRSIOXp7wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATi1W6brcymJ2HyWxl4OKM&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATi1W6brcymJ2HyWxl4OKM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUqvf8pR_XMOuOCISh0uhq08tU2-JE2g857SQVJn4n7v2tmxvSrNoqiYI-clvE5IUuzAGfNOMWZYA-fOkJ0Q90g6ThaSPJ1MuVLkiBcjknCFLEsdAnLDWMDgRfTVLMvX7QGkrzuN0AF5JEWnhbEO8Vs2T44Yz6KJn_3eMsNZUlltfNzS88
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEATi1W6brcymJ2HyWxl4OKM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 04FF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDHzu-oQ061ff_5EnX7J6sg&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDHzu-oQ061ff_5EnX7J6sg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUqvf8pR_XMOuOCISh0uhq08tU2-JE2g857SQVJn4n7v2tmxvSrNoqiYI-clvE5IUuzAGfNOMWZYA-fOkJ0Q90g6ThaSPJ1MuVLkiBcjknCFLEsdAnLDWMDgRfTVLMvX7QGkrzuN0AF5JEWnhbEO8Vs2T44Yz6KJn_3eMsNZUlltfNzS88
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:49 GMT
AN-X-Request-Uuid
6816b251-7b7f-47e8-8db7-dfc927d605af
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDHzu-oQ061ff_5EnX7J6sg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 04FF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0MDIxMjg5NDcwOTY5MDIyMg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0MDIxMjg5NDcwOTY5MDIyMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYhLim1AEwAQ&v=APEucNUqvf8pR_XMOuOCISh0uhq08tU2-JE2g857SQVJn4n7v2tmxvSrNoqiYI-clvE5IUuzAGfNOMWZYA-fOkJ0Q90g6ThaSPJ1MuVLkiBcjknCFLEsdAnLDWMDgRfTVLMvX7QGkrzuN0AF5JEWnhbEO8Vs2T44Yz6KJn_3eMsNZUlltfNzS88
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 12 May 2023 07:13:49 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ebbf1a15-ddfd-4a69-88ba-84ca2a490d03
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc0MDIxMjg5NDcwOTY5MDIyMg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF3D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9444926743&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF3D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9444926743&version=m202301230201&ct=76&x=1&cor=10899176448837954000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame EF3D 		74 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzOV3fesjxZyThNb6T-iVKFzB_5-FiRzmvE3BNBUtlPGG50mHfWqz-0EZNCDnNkXnf7BH43RQBb16PxCCFOhpHzzhz_j4Ym-kFHW4gwnw6Z3HvMolG6Ug4YTDeVCUeIhn2W8Dp3V0iXbbd00AzPa1u9DXotOMvlwforf_c3ETwu5YJSc8&dbm_d=AKAmf-AIH6jHsXYatMRP21G8z5owKgAC6zliZMZe3_l5AOJ4gQ8jmi1iZecbYxeA4-OWs0iWl43qgnFlW3V2s-drGKnVdIKSg4f3wpY-WEWtvpXH_Is6LbMVFzuMhWbfgtoq2Qq1wJbcknNbSkXTxctf6NLNv9yNLA-ZHOQ4gMVr7W0GCum7PdiNeYEUFqZVpysVJW_OTL7l00katFmqKEIi4f_Jd_m3E8f_A9T5-PGiCL6deQQ8rJk7CL0GFa72elhvNiqT6BJe2u2biNwevagh0THUc_TVeTrnsYraTR-DUXBGsRSAYd9AlJpUbjOUm5sqVm7kxQYc5RwnLzg5TEBv7LQIB4vfMZQ0ATaIvYSKb2sZr_dapI-XVBcjY25EZC-1cmIcB9rHroqNOvYhyWAoh95lnJN_ohe6veg9SsCis8ln21CArQ1gtp_Steyl0L5aQnO2Gv7UsQVk4JqKNRl89HqnP9IjnlMnS89u42Vt1eXALoCH2Lj3sTChTD4LJ-A3_3d4GtxH7uAVCducSq0EdLiu_m-dWdp-TnrOlpAblmbbBjXKmAfXqP8GqyhCQV16aiElhykhWNqv7k2NpCFXeFcBFNiR1dV3lfSfhNDYfhB1RRy76_LPsZIOLwHf6ldRlm4hPU-12T-fwPy-41Z16uBtYsx2gTvLbBEySPityG-1FKWsAaLBwccA619NM_O1nbopwCB7eZl_LuZOwqARZs2pTBgPCSU4jWVLuTgzX8LFl0FoSiwGcIP1Jy2ilNaK1TorXJdkAjbg0uOgqGCtTqdQhv6x3nrATFgQlHxyF8GeeQGdiBEYWvJnoUpomrk8CZcGupLJ0ZayFcw53e4asccAPY1dgUM662GjipVAK77UZPbUwTByhSj4XKIDtfO62Z3PlawQCzo-_O6WyC01n4h7capYcM_tIN9rkyB9vmM500XKf0JtJyXIWfHmr4A0W4ucnpoBVCmrrQhPj0V_qGJw-Txi4tk1KfN24qWCfZRA9IO8-0FI0-HjIQI0blC17DBKYupxbHjOmjGPE5WJCX8rHda0H0mS7_I_pGc4xZv_4ltEzvDf78FD_94moYTgJfyDxHNiEX28U8ZXXaEyQE9vKm1n4G9TQzfR4N6N1HhY-6J7lGbtewOg-jUWEDLL2IqShBJE8RHW9oQ8glbhOPvE8BUpnKh2IrrykQB-7PKEtq5SKuysr_vSpVF4DkLXozUq05VACfiEtKe6mTbrSCkgd8nR2SrziK3hcTcjavs2uNgarQg87WlhtON4Ckxwa3X1gegB01cfUzhQMCtudlo4zMmcwd7-IQGTCkkgcXMi2er0K5DM6Jd_XTN4K4tLkT3Eh5L7SPU7Vu4dwAM0Tniry5ONeA2Xa6mY4UOCSZPuLhQ3MyRXRJrLjuMqYo_aBYbaW6yz4fP_uUQu5bBx-qvnTW2CKquB81mOHe0jmmjDKgL3_f8hug6i_tV_j6NKmGmrOkCc1_xEF6nfrej1SDRTAv7GGYG8DDWRHoKn5ZLxFvCawaWPc66XYIyht2wsBgcBB2ZkabtfIeJ1P_FCEHhdI9DUS31VlYIUr6i7PzgphN1bslMlAsaSCEf8cGHhL-KOUQO85M-gHP7_EJS5OLXc7-IeGzy45TAQro6JjFX8p1qLDTvAonoL6rBGYZ67NFfJSAndCyftaMXj97RlIEB9Lj1BpgXkmRaN_6bSK0uxs0ySXo6Btb6phCqLbvc3bo5dQVSpPDokcK43WETttS8IDutf3_wbW4yyGo-9VP9uvsvPWf2vaLEGQIwQpm-KnVIEPcoFd6VzjKDVNZguSdKmBKj1AaWXFYEWMs27-TERjiEPKg0IZZZx8K_6B-jks9oDtnChb9d5cEP5sLdh1LRG-Mmd04VRUsMsZxSQh--J53vZJMdKhXyIvm29WFUXm1gGxHcoP7dkw74pRileskmqrMw4MBYPUeRLkLQDR-IdYqM7iayKHRJ-jVrSysnKGtBcH5iFmqfr1YPK2FEkxID_klCGL8zUzqrvI6MoePCnibdlrASUMiSAj6NObZbSpKx3kmjNGUN1FgGkkH5jI8FdGiYYbAvTs7NXLRLbkzFYoSgNgcFY0HB4r1iRRDUnypljCemgeAlQfYXDPbRRbZLsZKOJ4JwPRZ6N90eYYygYqwWSapvcg7LYJF9yGjIODjfJc09TDthoUk7eYzPUrFsIL7uQbZti00GMhMARIFcpPZD_U3Y4SNR0D60UJnegAw2eaMff1wzjPs0IpxvFEmgwdnyf2w_KPkaxXSwf_-p5RX4hJH4xjSsc59YP5uy_fRdC3f6B4lVkJveADjkAZAtUvM8e8TvoTitu6YPMbj0ZafrhG6ZGCwqZG7LeAqtDDDInXh1647yQiB_aF-V2BDRSfLU6KsQjG2aBDXAabsdaf5vEepJ8W-F-Y33OFy3DCfkUiMl5Elvw33ZzSDMy9CBohi1uFRrcQE-rJVh9GoL1u2RhDSW7VdffwMsP0dmjbch8ZgA60bjNd1OJSKejIALE3C7mydTK3nM8FamRRP0kpIDQ72YtoTi47W8HNa4YGGxhQxQvRTZrLrI5P9XMwXkD7oy3N1eL4oRfcp3Y3q2QUgi1mMHKktD4PNNJEla759aFqIIRAsZn3nq3oK5wuvlAXUoG4vB9L9qXSQlAMb0uqUo29v-x-LBv48nZlyuuBTWAX3DGRxXuz86hNGLpkJiGWQsvMkYLrjJF2SlJQ0WMZi_DqetrWvmMOwF3qpvK06OQ5F7gG0lMKL7X9WfDFO1uaBUWTJZwgT4Gk-EK_HPdEZuxSlNiF_GhWjBl5FasECQ8THeE0LjimhnHJNuq5BYqKDqHQmZLqA2NWEiIBvmyhY8mP3YuzsnAEPnLODwQwgdInlxzKyP7Jy4aOc87PCYebwGXET4pMi8nSOqhChzn0KZxQfYkhBoDUDRL3DeQRd7lmtoim6ATI3lx6tlseoIKoSHbk3dd995TjhOS021f-RXk-Jz0yHxRjxHGD7NYpvJmtiaWPn0H_k0pkk0WfxZ0Zy1EkOSSX9cqKwu4HmfOSjPHZKzEZhRVZ_VzyrlabaNBbBLYB_U-SiXMD2jGngfR_qGPHq0kJVffErnu6AFtmj1EnXAfNMRzBKd1h6rB7J2_kuQ-FXvY0ni04r8eGDL3PImyLI5RJatJxKgeUaC7Mh_mD7lDxx9-gsOaOlb3ONlV76mMgDjpIUw2IvISSUi6Rnj6x8CR2ZgaKgzAieIfD2NQC4I-nGrDR8tYH9_BzMCaPE9r3Q6-A6oJuYchEDuIsXhc91JE_RYE-glR6b2Rf6OjLoim5OxnS5iSg9riJ0QlqP00vlbglrgEldmEifBtaya3fsgePcY-MZoqfnvl_UfmsxO_KJvnNG8lWYEAnzZSZvna-S-MBhYriDmDHeKgA1boShht3RYlWf-odIGeRAJCubZ9H1MsRuhOsFJLrxz2DuUB4DI4Itxe-QULJAETDGIYk87AvyvayPh9fMbWkyHNM7mTfdLTO0MPtSkMNp0WX7_Uv6lwvcpl8jenbo9_FhAwduqivBgd1AHnl7GG9sSo8TM9_wfbUGLZhrQZ5INTi30iixdeQiJNojlWH-ICn36IakWPUA9JF8HAXTb3U_-V_ZdtSs_bO7Slcfh2gWdmIk-hZ0At9AWnI42fLwmRslnIzhVu3XjIPGVN_LmcLyEDq9P9sFHtEmE5dSacEdsd1z7hSIlPRfYSTmDlwrL9IyEQsNy-FcrQ3T2vvqLM7OtdixU3__sYYf0W89ENFkwUjtHS&cid=CAQSOwBygQiDl8dNwd3GfehETPwvQSSVAQlxwhk63eQ1nJ0jeHOz8XpQaADAF0hu5a2sjjX9R_9h-1hfmFVcGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=10899176448837954000&adk=578009112&idt=78&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20c4aaf37220e8710036e4029f1c6099b09e384315e19a45ef2e0559e2b375a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35914
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8BC2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 19:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 May 2024 19:31:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8039 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:17:48 GMT
etag
48472445140208031
expires
Fri, 12 May 2023 15:17:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8BC2 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e76bfab32011dde372b854e7159a28a261f1f8d40929419e520d705253df47a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame F644 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Origin
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame F644 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4iKDH2w_IzYNcrY_vc4TVDLlW-vAT9IuP4w4wdkH4CD4pxVZFI7CRiJ5lim-8rVQYeutqVysLnhP7zUwwjoa0a7yOpt-5YmPzCf9_8vmukbazzfFwGNCUPaBfge1NE7iP5QESjmYCnSmaPI6MzkpjZkODSC-rds7bGTDlDPLmDdxFZbU&dbm_d=AKAmf-BwIrBglSSHPdR4jS3TDDsIMuicDaym4QJn_rNQ40AGSTVYjSLiLshQq9SYPidm9Q8DiaVtjkeAVCB-6zuNd9Vn2AaSWN_d2NmDOZ1W1EQtet8w1UOeor8n8ZV_P_eyZPAsTb9FwFPKglPsVC3xshO1uO1pWg4W5XFftCcEJHl8w06LvNssPxUPHefhjj83i-y3JHLa6vkWPBhJjcJ6FRHR0NESvkSuA_hgQ9RQa7LFmfhx_9quwcZXEM27X-y6PJDLd_xFu6rXIWWYZdURxqoBeweMVNzdR8X7YbtFKrfm_OJllnjTtEBjxjICybaI_Cl8t36PlVnBW4x6gG9oKMGl5fHX7pb3xBeXSJRET1mOCj2xSO3HqyWcA87dXMgsmsu33CYiKCLGPRrvg-K_N0rPLGLD9jNnIJy7Vv-9j-u_66DYJZhZlJ1GkfP8Cm6Hu9jmIZpYFJ4ZhD0N7w2vHi4rU4Sgb2eOModZyyMQkCkCqhZsVTjE_bumzJ-Kf4DIoFL5bAe0vJGP1EmuMgSv73pd4FEUHwq8WHX7oE-tkYKMWCCFAZDQxK71PiBmRC_Qx5lV_eRNdHHgLizGbucqqzIkbZSmIzx3V-L0jrvtFOF1DlLDFPoYC1-TIIQiVFiPqO9hdRqNlkAkjFYsz4nzn45us1Rp7QtB2fCKQVk0yoLujgtdPCeUj5Wmyath_4kBRVR0KTudgQiGFMEUcq5pmlr1_grC8BsXfN8SYmmW3Xqo81k6xeG816irXY30aGZ_grgOBIZ16GqCL-8FQp88IAAOe1MZvckGnneoo5fMawHQ3DI75uO6_XPfRf8w4UKopHOeii79o3MSXqfBTgvdgaNr1AK-agjZLLNIXMR1sXZ1s94FJ8AWzkkFzYUCBO5jA_mttvggwlFuc6z9eu7YhOOee8_tK9iAlwUvlXVaY3EMXpAsi7s79fduJYp-WXXVou7DSHUVEEnMlHrJPAxx8YHZLn-Mh_NWbV2jddpYs4DwEUhDY6g0JiuuZVD6Dr_DLDTxzxlDQtOvZcNw949UiF0fegwXtfNQu9zOTgK_ZbsMrYAlJzAvWMAT4z4tH_6GGAcCNZ_Pq_wclHsff398PogOggzmaJkU2gq37odGrLqo4M1R0d-Vt88Z9NoStpfP_wNd0av6B2glVgakHwMafjzAKvxkahwOxYlo6fNyQAfZgBFt52-NhLPlA9uWXctyX2q66pRw_xu775us3pGistlWcj1RzIVGHMAOlcX6ZqUby4KX7FgmUipuGY7aClwcopGODyfDZrSjA1W4OQKL2oKqZy87thMPzEme4vXr_7oXjnOG0pM1rZYUVnrCxHXzxUZH5PJ3HIvHiBul3wZP3vNp1am-YMZIGm8dlEpEa4CnTZnWc8nNT-ByjIS_6v_P_K3vzfjGP7OJXlH_R3hWOUTUxtbW5FJEj8llesaCDfLA7rjAQKQn6R8IwtCr1aBGPiPZYfCivuhfGwtULjjAlqduVaM9L69pnCsuxtbogFrPKAs9YWKoBccPhZooBLtuGAhDvaJyx2LaUUXowldUCWjdLzCXCZeVLULfVkfxD7sc7OnygEBKEVxhAJETp_8k9_e2mZDX_0IuwwV2M0Ja8aFrXu0hbzRHi_dmjpJvV4fluFuaK67CU7GlZIdHoLI_MxUy5v5Ru_tPlkkGbz66EdAOC237MpiMELBj8DkMD_Z-Bo6QLJmx7pmA3fZMKA1OqGWEaYT55K_wC4X6ApFcFi58c4CEooJbe26AZYgbNCplak6p06tibALQCHE-icoNZzeE54ov81HeRPPOXFkjI2M8qW35NAU_8WDkgChMLE1nQEUxzfg4z3f7EyawtSdybAwS8AuOwYFr8kjNhK1TBIYHte56ZUeqeIBl92__NKFk3gsGAgAaJyVES8U85NkljkBhK7a4ZKT_6gRqxR-W7ht-s50YE6GWE2PfYn-0dA9TFhflcnpKZYw3XNNeF45DeiLaZ72K_k92QbVOjpVIybCrIivSZMb2oNoPkvfNe22qrzLwn8hG4GDJAmdeJfWPbAutjSTaLLS60e5EeRhQHu8dcc7QgEkl3YCSUPhriVOA4zNK1DB57wxO4OLvRVlVV3Ocg64zA5wSukjR6ufwktQueuHjWTLxyQoZnomKGRQvAYABWuD3e0SDtNzN2y_tEHp9tRSOJ9dWAjedNLPbD4w0b2PVAxB4KMkmWCJ4r_S4QCuWu_JM_MvAC5zBYtxcHTKxVJkVd9TMTemHovxD9uxyy0HXCqBnFX58K9djzX4m6UIgJdIOE8aH4DjfTk4vhbEEPQkVu7Idn1VFyvo9SdN2i4K1bW_ughvYJ6Ck43cvzsdD9jROTXJB9Dg_kcUANyxCqOg_8uae42uROyoVZB_luvlLZXvwjtQ5HH_SkorEG_Py-kqwhCOLJIOUKgSCwiz4trHTrA7wkvxJDSlwG_IAVfUby6LpukxCSFeVhMunlyQa3OHa7JzFjJOdC_G28m_8zREBq6qbJk-LgmlA4QjfJH0CgjxtXrSgTuCCCBFV8WQ8axpvHQtox3BMdCRyx5sG47ISyk2yFHM0aYhRDy2l0FMPb1AcjtE9A83QNfunH2mvERDyKiN1gKLPUUM0aAu2zqVJFd068OtoAim3vYj4UTdYJyaF5g9I0w0gOH625zZh6ns45QNkDlHErGK3T9CwtrRPoRaVlyE2STeoPZ_m39mkfvy-vt9w_qo3OYyLkuNRhT6TmGRwGINtLp9_xtAoKpsMLrbwN6206di7nlfvsQGkYDmkPrSER62PY3n93NVK9r1mPwH-n8SRcmtqNIog0hxt5Un62JUoqfMBl9RO941ToGv1fPTju2FbAos4qMoHk4EG-lug_q22NYiYVGzEY3Z6nwfKHeHvAzCCqkINwHJZVVA27VHRg8YBjnC5QQ0jBgdMpLmJUQ71WDnU3ML9lB8acHLHWDNk6tqc1pi8nv2uP5bfMeswEjyyrQoM4Yxar00Nt4gAbF5Ol-eZNkzaZ6YQeP-5Y29TYlOd8jJuyYT671fEL6vn-5dQJSvALR4KLTYq8VMySKa89exLCftFJRDuZ3bHfOpNmi9cqdVv3EavUeGWjQ1LPHo9z5q4etXO7IpyLSIELSiOeUC2KVS47bhWL-Pgrlq2YBfSt7rphf_ipH2o-hJgK1x4mDfuX3jc_1QQpk9_Qr72exWhAiMyiPyyeAjYk3eefsVdCE2ajVIz_uxWiDnKB4L6b7wp2F0jVtyXwuswgo1PF-oPmiHXDDXesgBDLKPGrB7rO2wm20o9-P0GbaR2xGzGDSHBYSlZdTdOpL850sYuwZrcFRdxbfzihF6uEEcYKEXqHCa0BJssObZKW-Ml3KaC_OMvXL7I3xnm5hhkfZekYY7zXwn-_ZUFZUyKnkUm0kpoXrz7VB4t074FL8oyEoT_khbSxuDHHiZCG567yfIklW_32oc_r28FDyCntAqwQldzVxqRn4I-hNS6J3pRGWFznSl0766efJTYf3_xZWyTYOWdg_-H96W_6xKLQ7UTviAjHlfqCb3x4PCAlFQE2odAdImp_txcCdCYfZv6G9EAUCfbiAPhqrLJPei12aqLRCTqiilTsJ55TWcpgJPenQvI1qcwpBuY2nsEpS-dfpFBZyH7cJyfs121uHUXK_4ZlybpRMWHV_Gr3rUwFuiOiTwOXPDMcvsBMbob8-gBog7Rv_mcl0-RHH9MsJjQQPlGnxk5WjOhzVABMnN1lGLfkrwFOG-swnN4d1o&cid=CAQSOwBygQiD9VkOzmOMKZAPpjBsPIzrI7jp1s97ZmuMrEGGNjr1jGN-VrtERkUWkhFAZsY-mjRq41IAQbViGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=3496467626569839000&adk=3587751834&idt=170&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 18:09:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
47075
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 18:09:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame F644 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4iKDH2w_IzYNcrY_vc4TVDLlW-vAT9IuP4w4wdkH4CD4pxVZFI7CRiJ5lim-8rVQYeutqVysLnhP7zUwwjoa0a7yOpt-5YmPzCf9_8vmukbazzfFwGNCUPaBfge1NE7iP5QESjmYCnSmaPI6MzkpjZkODSC-rds7bGTDlDPLmDdxFZbU&dbm_d=AKAmf-BwIrBglSSHPdR4jS3TDDsIMuicDaym4QJn_rNQ40AGSTVYjSLiLshQq9SYPidm9Q8DiaVtjkeAVCB-6zuNd9Vn2AaSWN_d2NmDOZ1W1EQtet8w1UOeor8n8ZV_P_eyZPAsTb9FwFPKglPsVC3xshO1uO1pWg4W5XFftCcEJHl8w06LvNssPxUPHefhjj83i-y3JHLa6vkWPBhJjcJ6FRHR0NESvkSuA_hgQ9RQa7LFmfhx_9quwcZXEM27X-y6PJDLd_xFu6rXIWWYZdURxqoBeweMVNzdR8X7YbtFKrfm_OJllnjTtEBjxjICybaI_Cl8t36PlVnBW4x6gG9oKMGl5fHX7pb3xBeXSJRET1mOCj2xSO3HqyWcA87dXMgsmsu33CYiKCLGPRrvg-K_N0rPLGLD9jNnIJy7Vv-9j-u_66DYJZhZlJ1GkfP8Cm6Hu9jmIZpYFJ4ZhD0N7w2vHi4rU4Sgb2eOModZyyMQkCkCqhZsVTjE_bumzJ-Kf4DIoFL5bAe0vJGP1EmuMgSv73pd4FEUHwq8WHX7oE-tkYKMWCCFAZDQxK71PiBmRC_Qx5lV_eRNdHHgLizGbucqqzIkbZSmIzx3V-L0jrvtFOF1DlLDFPoYC1-TIIQiVFiPqO9hdRqNlkAkjFYsz4nzn45us1Rp7QtB2fCKQVk0yoLujgtdPCeUj5Wmyath_4kBRVR0KTudgQiGFMEUcq5pmlr1_grC8BsXfN8SYmmW3Xqo81k6xeG816irXY30aGZ_grgOBIZ16GqCL-8FQp88IAAOe1MZvckGnneoo5fMawHQ3DI75uO6_XPfRf8w4UKopHOeii79o3MSXqfBTgvdgaNr1AK-agjZLLNIXMR1sXZ1s94FJ8AWzkkFzYUCBO5jA_mttvggwlFuc6z9eu7YhOOee8_tK9iAlwUvlXVaY3EMXpAsi7s79fduJYp-WXXVou7DSHUVEEnMlHrJPAxx8YHZLn-Mh_NWbV2jddpYs4DwEUhDY6g0JiuuZVD6Dr_DLDTxzxlDQtOvZcNw949UiF0fegwXtfNQu9zOTgK_ZbsMrYAlJzAvWMAT4z4tH_6GGAcCNZ_Pq_wclHsff398PogOggzmaJkU2gq37odGrLqo4M1R0d-Vt88Z9NoStpfP_wNd0av6B2glVgakHwMafjzAKvxkahwOxYlo6fNyQAfZgBFt52-NhLPlA9uWXctyX2q66pRw_xu775us3pGistlWcj1RzIVGHMAOlcX6ZqUby4KX7FgmUipuGY7aClwcopGODyfDZrSjA1W4OQKL2oKqZy87thMPzEme4vXr_7oXjnOG0pM1rZYUVnrCxHXzxUZH5PJ3HIvHiBul3wZP3vNp1am-YMZIGm8dlEpEa4CnTZnWc8nNT-ByjIS_6v_P_K3vzfjGP7OJXlH_R3hWOUTUxtbW5FJEj8llesaCDfLA7rjAQKQn6R8IwtCr1aBGPiPZYfCivuhfGwtULjjAlqduVaM9L69pnCsuxtbogFrPKAs9YWKoBccPhZooBLtuGAhDvaJyx2LaUUXowldUCWjdLzCXCZeVLULfVkfxD7sc7OnygEBKEVxhAJETp_8k9_e2mZDX_0IuwwV2M0Ja8aFrXu0hbzRHi_dmjpJvV4fluFuaK67CU7GlZIdHoLI_MxUy5v5Ru_tPlkkGbz66EdAOC237MpiMELBj8DkMD_Z-Bo6QLJmx7pmA3fZMKA1OqGWEaYT55K_wC4X6ApFcFi58c4CEooJbe26AZYgbNCplak6p06tibALQCHE-icoNZzeE54ov81HeRPPOXFkjI2M8qW35NAU_8WDkgChMLE1nQEUxzfg4z3f7EyawtSdybAwS8AuOwYFr8kjNhK1TBIYHte56ZUeqeIBl92__NKFk3gsGAgAaJyVES8U85NkljkBhK7a4ZKT_6gRqxR-W7ht-s50YE6GWE2PfYn-0dA9TFhflcnpKZYw3XNNeF45DeiLaZ72K_k92QbVOjpVIybCrIivSZMb2oNoPkvfNe22qrzLwn8hG4GDJAmdeJfWPbAutjSTaLLS60e5EeRhQHu8dcc7QgEkl3YCSUPhriVOA4zNK1DB57wxO4OLvRVlVV3Ocg64zA5wSukjR6ufwktQueuHjWTLxyQoZnomKGRQvAYABWuD3e0SDtNzN2y_tEHp9tRSOJ9dWAjedNLPbD4w0b2PVAxB4KMkmWCJ4r_S4QCuWu_JM_MvAC5zBYtxcHTKxVJkVd9TMTemHovxD9uxyy0HXCqBnFX58K9djzX4m6UIgJdIOE8aH4DjfTk4vhbEEPQkVu7Idn1VFyvo9SdN2i4K1bW_ughvYJ6Ck43cvzsdD9jROTXJB9Dg_kcUANyxCqOg_8uae42uROyoVZB_luvlLZXvwjtQ5HH_SkorEG_Py-kqwhCOLJIOUKgSCwiz4trHTrA7wkvxJDSlwG_IAVfUby6LpukxCSFeVhMunlyQa3OHa7JzFjJOdC_G28m_8zREBq6qbJk-LgmlA4QjfJH0CgjxtXrSgTuCCCBFV8WQ8axpvHQtox3BMdCRyx5sG47ISyk2yFHM0aYhRDy2l0FMPb1AcjtE9A83QNfunH2mvERDyKiN1gKLPUUM0aAu2zqVJFd068OtoAim3vYj4UTdYJyaF5g9I0w0gOH625zZh6ns45QNkDlHErGK3T9CwtrRPoRaVlyE2STeoPZ_m39mkfvy-vt9w_qo3OYyLkuNRhT6TmGRwGINtLp9_xtAoKpsMLrbwN6206di7nlfvsQGkYDmkPrSER62PY3n93NVK9r1mPwH-n8SRcmtqNIog0hxt5Un62JUoqfMBl9RO941ToGv1fPTju2FbAos4qMoHk4EG-lug_q22NYiYVGzEY3Z6nwfKHeHvAzCCqkINwHJZVVA27VHRg8YBjnC5QQ0jBgdMpLmJUQ71WDnU3ML9lB8acHLHWDNk6tqc1pi8nv2uP5bfMeswEjyyrQoM4Yxar00Nt4gAbF5Ol-eZNkzaZ6YQeP-5Y29TYlOd8jJuyYT671fEL6vn-5dQJSvALR4KLTYq8VMySKa89exLCftFJRDuZ3bHfOpNmi9cqdVv3EavUeGWjQ1LPHo9z5q4etXO7IpyLSIELSiOeUC2KVS47bhWL-Pgrlq2YBfSt7rphf_ipH2o-hJgK1x4mDfuX3jc_1QQpk9_Qr72exWhAiMyiPyyeAjYk3eefsVdCE2ajVIz_uxWiDnKB4L6b7wp2F0jVtyXwuswgo1PF-oPmiHXDDXesgBDLKPGrB7rO2wm20o9-P0GbaR2xGzGDSHBYSlZdTdOpL850sYuwZrcFRdxbfzihF6uEEcYKEXqHCa0BJssObZKW-Ml3KaC_OMvXL7I3xnm5hhkfZekYY7zXwn-_ZUFZUyKnkUm0kpoXrz7VB4t074FL8oyEoT_khbSxuDHHiZCG567yfIklW_32oc_r28FDyCntAqwQldzVxqRn4I-hNS6J3pRGWFznSl0766efJTYf3_xZWyTYOWdg_-H96W_6xKLQ7UTviAjHlfqCb3x4PCAlFQE2odAdImp_txcCdCYfZv6G9EAUCfbiAPhqrLJPei12aqLRCTqiilTsJ55TWcpgJPenQvI1qcwpBuY2nsEpS-dfpFBZyH7cJyfs121uHUXK_4ZlybpRMWHV_Gr3rUwFuiOiTwOXPDMcvsBMbob8-gBog7Rv_mcl0-RHH9MsJjQQPlGnxk5WjOhzVABMnN1lGLfkrwFOG-swnN4d1o&cid=CAQSOwBygQiD9VkOzmOMKZAPpjBsPIzrI7jp1s97ZmuMrEGGNjr1jGN-VrtERkUWkhFAZsY-mjRq41IAQbViGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=3496467626569839000&adk=3587751834&idt=170&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce7aa9a76e1ef06e22d13a5c8678b9b7440f5b1f854ecb62b447ad383927abb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 18:13:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
46798
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10883
x-xss-protection
0
server
cafe
etag
6886435266232968791
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 18:13:51 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F644 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 19:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 May 2024 19:31:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 18E9 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:17:48 GMT
etag
48472445140208031
expires
Fri, 12 May 2023 15:17:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FE3A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
172503
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 07:18:46 GMT
expires
Thu, 09 May 2024 07:18:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F644 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
68007176df5ef70d7ec11cb5e38fc89747248fd9a7af1ab11a2aa51e20211fce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 8039
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEIpLav3D4RmQHOmMLIqgDqs&google_cver=1&google_push=ATf1kGPih1a1LrUhBfdMnU4u8DsKEdLYctbJauMHk9B2aTDpKqnNGEYs04yEHlSJoaLqpmrUGUSjyPrbOc-fgQUp3zUZXEO9H5qA
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=69E41AC40F32434298C79ABCBC4EE3DE&google_push=ATf1kGPih1a1LrUhBfdMnU4u8DsKEdLYctbJauMHk9B2aTDpKqnNGEYs04yEHlSJoaLqpmrUGUSjyPrbOc-fgQU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=69E41AC40F32434298C79ABCBC4EE3DE&google_push=ATf1kGPih1a1LrUhBfdMnU4u8DsKEdLYctbJauMHk9B2aTDpKqnNGEYs04yEHlSJoaLqpmrUGUSjyPrbOc-fgQUp3zUZXEO9H5qA
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 May 2023 07:13:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=69E41AC40F32434298C79ABCBC4EE3DE&google_push=ATf1kGPih1a1LrUhBfdMnU4u8DsKEdLYctbJauMHk9B2aTDpKqnNGEYs04yEHlSJoaLqpmrUGUSjyPrbOc-fgQUp3zUZXEO9H5qA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 11 May 2023 07:13:49 GMT
pixel
cm.g.doubleclick.net/ Frame 8039
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDYJogyAtFsEbMotPvwlqgk&google_cver=1&google_push=ATf1kGP-AHRoi5_6hnY7SYWYOG53kJqQTZ8KVRAJ0atJ76Z1l8rlYGtHzM-1b7_z1Fihrxq_-g2QKjGgzWj...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGP-AHRoi5_6hnY7SYWYOG53kJqQTZ8KVRAJ0atJ76Z1l8rlYGtHzM-1b7_z1Fihrxq_-g2QKjGgzWjW_MBALconlP9zOgA&google_hm=yxTPFXxITMKyyrFoVnLDmbg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGP-AHRoi5_6hnY7SYWYOG53kJqQTZ8KVRAJ0atJ76Z1l8rlYGtHzM-1b7_z1Fihrxq_-g2QKjGgzWjW_MBALconlP9zOgA&google_hm=yxTPFXxITMKyyrFoVnLDmbg
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGP-AHRoi5_6hnY7SYWYOG53kJqQTZ8KVRAJ0atJ76Z1l8rlYGtHzM-1b7_z1Fihrxq_-g2QKjGgzWjW_MBALconlP9zOgA&google_hm=yxTPFXxITMKyyrFoVnLDmbg
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 8039 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEBQCIqxpqz0EykSxGFlKsSc&google_cver=1&google_push=ATf1kGOHJXcAlzanDUjn-hVqfGoKzeVJTI89f-8FZCLS8AW58ED69MEoCOuje5b_wkjic_IUwKwDPnnvsJfmuyUQPWrRHIGXXbbQ
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
191329
expires
Fri, 12 May 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8039
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mBqurFgRTcKQrA6cg4hnxQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mBqurFgRTcKQrA6cg4hnxQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMIhHZt4b2NXal8tZnx9uW0ItFn6yQEqSYbqc_1eHVohQFKIaMuOVeTzSPCYeTMWHfpzIoDdAC-z97E0omZRfGBNqhdmh3O
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mBqurFgRTcKQrA6cg4hnxQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMIhHZt4b2NXal8tZnx9uW0ItFn6yQEqSYbqc_1eHVohQFKIaMuOVeTzSPCYeTMWHfpzIoDdAC-z97E0omZRfGBNqhdmh3O
date
Fri, 12 May 2023 07:13:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 8039
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEGUqfhqQWoK1eQ6MYA85c1w&google_cver=1&google_push=ATf1kGPVQwkDtvyuHFe0xzImb_vOErn2iKN2fSeuzT85m3l9J8lLfWwiF3ortteGi5wvBV8CTFPFO795QNvbSU-sMIn1AL...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGUqfhqQWoK1eQ6MYA85c1w&google_cver=1&google_push=ATf1kGPVQwkDtvyuHFe0xzImb_vOErn2iKN2fSeuzT85m3l9J8lLfWwiF3ortteGi5wvBV8CTFPFO795QNvbSU-s...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kwvJpEhZQsiZ8BP7zEu7qw&google_push=ATf1kGPVQwkDtvyuHFe0xzImb_vOErn2iKN2fSeuzT85m3l9J8lLfWwiF3ortteGi5wvBV8CTFPFO795QNvbSU-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kwvJpEhZQsiZ8BP7zEu7qw&google_push=ATf1kGPVQwkDtvyuHFe0xzImb_vOErn2iKN2fSeuzT85m3l9J8lLfWwiF3ortteGi5wvBV8CTFPFO795QNvbSU-sMIn1ALIfHzx7
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=kwvJpEhZQsiZ8BP7zEu7qw&google_push=ATf1kGPVQwkDtvyuHFe0xzImb_vOErn2iKN2fSeuzT85m3l9J8lLfWwiF3ortteGi5wvBV8CTFPFO795QNvbSU-sMIn1ALIfHzx7
access-control-allow-origin
*
date
Fri, 12 May 2023 07:13:49 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 8039
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGPO9bse9GV0HRcuyl88uLkKOONAPoLbRT8sSUjfk10svYDwj1kqaQXwiZV8tiGwUW3HxX7TuT7CBBQFmRlBM36ovirqDtMM&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-aaa96378-137a-4b01-8d45-67d34c274f62-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGPO9bse9GV0HRcuyl88u...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPO9bse9GV0HRcuyl88uLkKOONAPoLbRT8sSUjfk10svYDwj1kqaQXwiZV8tiGwUW3HxX7TuT7CBBQFmRlBM36ovirqDtMM&google_hm=A6qpY3gTeksBjUVn00wnT2I
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPO9bse9GV0HRcuyl88uLkKOONAPoLbRT8sSUjfk10svYDwj1kqaQXwiZV8tiGwUW3HxX7TuT7CBBQFmRlBM36ovirqDtMM&google_hm=A6qpY3gTeksBjUVn00wnT2I
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPO9bse9GV0HRcuyl88uLkKOONAPoLbRT8sSUjfk10svYDwj1kqaQXwiZV8tiGwUW3HxX7TuT7CBBQFmRlBM36ovirqDtMM&google_hm=A6qpY3gTeksBjUVn00wnT2I
date
Fri, 12 May 2023 07:13:49 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXaaa96378137a4b018d4567d34c274f62003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 8039
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEM9vEOoREgyl0WzBtv6boY0&google_cver=1&google_push=ATf1kGM8lAn44tWF6...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTc0MDIxMjg5NDcwOTY5MDIyMg%3D%3D&google_gid=CAESEM9vEOoREgyl0WzBtv6boY0&google_cver=1&google_push=ATf1kGM8lAn44tWF6jy-8946fzTGvcbQYR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTc0MDIxMjg5NDcwOTY5MDIyMg%3D%3D&google_gid=CAESEM9vEOoREgyl0WzBtv6boY0&google_cver=1&google_push=ATf1kGM8lAn44tWF6jy-8946fzTGvcbQYRN-cWM8BrZJ7wjnmrFoT-aORzXk-RcJdHW_ipsJOKG_LLWNAqmEcAsJMAJTs4MgATEIHg
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 12 May 2023 07:13:49 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8e856f85-b971-41e3-a758-fd934808686d
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTc0MDIxMjg5NDcwOTY5MDIyMg%3D%3D&google_gid=CAESEM9vEOoREgyl0WzBtv6boY0&google_cver=1&google_push=ATf1kGM8lAn44tWF6jy-8946fzTGvcbQYRN-cWM8BrZJ7wjnmrFoT-aORzXk-RcJdHW_ipsJOKG_LLWNAqmEcAsJMAJTs4MgATEIHg
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8039 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDI1MyfwOczNtncQxW03E_IH5xf9pMsAmCbIf-UYJU5XpmcOlPBus1FGaQFQcvXsi4M5cR3g
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
analytics.js
s.h.w55c.net/2/948461/ Frame 91AB 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE_CONTENTNETWORK&pp=ye-mek.net&ti=&pv=491ec925-2269-4887-8879-7ecce3b74f09&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE_CONTENTNETWORK&ob=0&ai=0DaDXCcU00&epid=R0N5ZS1tZWsubmV0&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRzobPsLhV&btid=RUJGRDhCNkMwNkNCNDlDREUyQjAxMjg2ODE0NDY2MkZ8R0ZacFdzZmRzenwxNjgzODc1NjI4ODk0fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDMwMjIxMTkzM19FWHw1NDExM3x8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEN3iGAa1kuFv-YFE2GvbT9c&spidu=GOOGLE_CONTENTNETWORK&pidu=ye-mek.net&hmpvu=491ec925-2269-4887-8879-7ecce3b74f09&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
61de8dcf7ab8f26adb474fe5e3a8280dc757e503ce597d9add72c22a67e47940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:49 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2889
Expires
0
index.html
s0.2mdn.net/sadbundle/11799348657721538044/ Frame 11BF 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11799348657721538044/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4cf33c16b5adc3b87b595f4e86e3d09c25bb499fa2e24a7f9d683adc30c04fef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
138750
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1505
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 16:41:19 GMT
expires
Thu, 09 May 2024 16:41:19 GMT
last-modified
Wed, 26 Oct 2022 05:46:51 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8BC2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssVxEnRKU_hfKK6yKElmqAKSDsZOR3rAz4qKDjmjgp1R5LLoFmV-fyQgROqL75WTaOfDX9vD_Dhrshk0YMRrwXDn1TFXg5C1LDCZ8unIz5fVATtGEw9ns5yFWPZWw0t-4uzIT7ebliwWhUAEWpM4R4nYL_-S4oDWajGeT6TKwXQHULbWWpm7twYlAAyj2vc0PtTOkqYvPL--W979mNR9S5IS-2HPKG7O3xBGSwFacoxaOFrw5vjMiYJfns_iQ_7SKEYwLWKrFh6WKdprqdQAJQ9VFIyyqI5dqOkEDvnRH1lk53BvhXuJ48iaUinv-lNsPeuGDkhrjSFXQJnUuadLcywNbAGRuxQ_mm3xNHH68igLPjUlXUVXi62Sb87T0JBuKF6PSqpJ2R_BGFkAUHg2dKjd6B43yYnm0Kce8AnIANN1yVSsxSJKa8sJy-Zi3uJdiGQSEPj1HDcGJh5whmcqrfDx6sUvn5xaYYg8c8zjp-VBvN5U8cWQMYOJYI-FG3txuTjLOkq1lkyL13sGjdbd1VeDUusxxXNg4AsAXAJic_sVPWXdeREelOnjN2zK4hOqQDzbeueG9ORHBRC4tfrCJQ2u65KhtPc4fGJPol8CsVjAAjReKkyaIchl-9UwYgClYoLyA-CBWmXItKx9cWDz3VbHO47KY_M4P-fjftEFg5hUkuc3g5kJJWl_cljvkQ0C7cNUHdoA6ZwjixXWGp4mEn7gszwkIGA1D2rmCYANIYR4ryR2MYnRZtLfNKD4rl_452AotCFiQGzTJ0TFQFk0l0bDnlJP0gvnxWsGZAeYEM3DxQF2YTmtPOpqtCHa8VV-P69UClaL9-XSDO-KDoqXqGbbZNTqPzUPc524S281rCT24C_UZPXAEBXQD_asOTMmZASDIT3RFD9glvjH6rLu4H7uVjksE2SQQt1f9o8qgaY-Hy4sJ0nYaj8oj9vEesP-NDfuS8P58ABnSlO2TblAkJsUsiz0I-6NdHoJ8mAQa_FC7r0smQr-jgiBvlUZ32v0IlVgbBZrY_kmA4YD9o7uJSyQVcdiWXqZYW_Wv7Jmrb7pMjQO4YUbyEM8Dw94OEPNJLO5Iek3Sdv0qLx35JG8tx01fYzwOcQVcpNq1dxyq0Z1RxWwDT7QhJOTQ4WCkG1AEmRQzu9m1yr_GU7Wklezq4bqFAQoy2NttdNuqH1Hl7l4INiaWqdPBgW4cUu69Gv30-qcQ5woTQFU-k0PTqk7rVSBZyFtotb0wnQTB4ywUL32Vy4HCTvmGHm-XRQ4_14O1zveiWcL2-zr5D2PjGvyhrpSgTRHPlDzVtizfyaiGvllxeaa67DkB1FDHpz8A47HsUlMMtkaUrcZEQ&sai=AMfl-YQBKCX_KSiavcU5WGR6D60PCWaZ6-BWoZgX-kiQfVdynz4xEtI69S-dR_4FOm4dBCDSHNW-EnI9aEyxoVdoVechHG9hfUKJVeL5kgDTZRxTVKQDBI219N668mmdd-ZZsx7blw4-H7EJFa5LJBtQWucDUJGzhsEuc444uHuJHjrTXUkaxa-LdDho5E9sSZ854vIs_tdgPrhdWn3RmTuuTkcSy88DakrTsmTsPw83_I4sJuOEcTGFCsU612ts4pBHST5v&sig=Cg0ArKJSzKubwxt4dYslEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=192&cbvp=1&cstd=188&cisv=r20230510.31947&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 May 2023 07:13:49 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:49 GMT
px.gif
d.adtriba.com/ Frame 8BC2
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202210_es_hunger_dv_pros_347628237&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
18.158.240.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-240-157.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 07:13:49 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Fri, 12 May 2023 07:13:49 GMT
Last-Modified
Fri, 12 May 2023 07:13:49 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E004 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:17:48 GMT
etag
48472445140208031
expires
Fri, 12 May 2023 15:17:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 91AB 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d33244b00924701f9d195c2a47d38c2d8c991ce25fffc62dfe2847ff166d5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame EF3D 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzOV3fesjxZyThNb6T-iVKFzB_5-FiRzmvE3BNBUtlPGG50mHfWqz-0EZNCDnNkXnf7BH43RQBb16PxCCFOhpHzzhz_j4Ym-kFHW4gwnw6Z3HvMolG6Ug4YTDeVCUeIhn2W8Dp3V0iXbbd00AzPa1u9DXotOMvlwforf_c3ETwu5YJSc8&dbm_d=AKAmf-AIH6jHsXYatMRP21G8z5owKgAC6zliZMZe3_l5AOJ4gQ8jmi1iZecbYxeA4-OWs0iWl43qgnFlW3V2s-drGKnVdIKSg4f3wpY-WEWtvpXH_Is6LbMVFzuMhWbfgtoq2Qq1wJbcknNbSkXTxctf6NLNv9yNLA-ZHOQ4gMVr7W0GCum7PdiNeYEUFqZVpysVJW_OTL7l00katFmqKEIi4f_Jd_m3E8f_A9T5-PGiCL6deQQ8rJk7CL0GFa72elhvNiqT6BJe2u2biNwevagh0THUc_TVeTrnsYraTR-DUXBGsRSAYd9AlJpUbjOUm5sqVm7kxQYc5RwnLzg5TEBv7LQIB4vfMZQ0ATaIvYSKb2sZr_dapI-XVBcjY25EZC-1cmIcB9rHroqNOvYhyWAoh95lnJN_ohe6veg9SsCis8ln21CArQ1gtp_Steyl0L5aQnO2Gv7UsQVk4JqKNRl89HqnP9IjnlMnS89u42Vt1eXALoCH2Lj3sTChTD4LJ-A3_3d4GtxH7uAVCducSq0EdLiu_m-dWdp-TnrOlpAblmbbBjXKmAfXqP8GqyhCQV16aiElhykhWNqv7k2NpCFXeFcBFNiR1dV3lfSfhNDYfhB1RRy76_LPsZIOLwHf6ldRlm4hPU-12T-fwPy-41Z16uBtYsx2gTvLbBEySPityG-1FKWsAaLBwccA619NM_O1nbopwCB7eZl_LuZOwqARZs2pTBgPCSU4jWVLuTgzX8LFl0FoSiwGcIP1Jy2ilNaK1TorXJdkAjbg0uOgqGCtTqdQhv6x3nrATFgQlHxyF8GeeQGdiBEYWvJnoUpomrk8CZcGupLJ0ZayFcw53e4asccAPY1dgUM662GjipVAK77UZPbUwTByhSj4XKIDtfO62Z3PlawQCzo-_O6WyC01n4h7capYcM_tIN9rkyB9vmM500XKf0JtJyXIWfHmr4A0W4ucnpoBVCmrrQhPj0V_qGJw-Txi4tk1KfN24qWCfZRA9IO8-0FI0-HjIQI0blC17DBKYupxbHjOmjGPE5WJCX8rHda0H0mS7_I_pGc4xZv_4ltEzvDf78FD_94moYTgJfyDxHNiEX28U8ZXXaEyQE9vKm1n4G9TQzfR4N6N1HhY-6J7lGbtewOg-jUWEDLL2IqShBJE8RHW9oQ8glbhOPvE8BUpnKh2IrrykQB-7PKEtq5SKuysr_vSpVF4DkLXozUq05VACfiEtKe6mTbrSCkgd8nR2SrziK3hcTcjavs2uNgarQg87WlhtON4Ckxwa3X1gegB01cfUzhQMCtudlo4zMmcwd7-IQGTCkkgcXMi2er0K5DM6Jd_XTN4K4tLkT3Eh5L7SPU7Vu4dwAM0Tniry5ONeA2Xa6mY4UOCSZPuLhQ3MyRXRJrLjuMqYo_aBYbaW6yz4fP_uUQu5bBx-qvnTW2CKquB81mOHe0jmmjDKgL3_f8hug6i_tV_j6NKmGmrOkCc1_xEF6nfrej1SDRTAv7GGYG8DDWRHoKn5ZLxFvCawaWPc66XYIyht2wsBgcBB2ZkabtfIeJ1P_FCEHhdI9DUS31VlYIUr6i7PzgphN1bslMlAsaSCEf8cGHhL-KOUQO85M-gHP7_EJS5OLXc7-IeGzy45TAQro6JjFX8p1qLDTvAonoL6rBGYZ67NFfJSAndCyftaMXj97RlIEB9Lj1BpgXkmRaN_6bSK0uxs0ySXo6Btb6phCqLbvc3bo5dQVSpPDokcK43WETttS8IDutf3_wbW4yyGo-9VP9uvsvPWf2vaLEGQIwQpm-KnVIEPcoFd6VzjKDVNZguSdKmBKj1AaWXFYEWMs27-TERjiEPKg0IZZZx8K_6B-jks9oDtnChb9d5cEP5sLdh1LRG-Mmd04VRUsMsZxSQh--J53vZJMdKhXyIvm29WFUXm1gGxHcoP7dkw74pRileskmqrMw4MBYPUeRLkLQDR-IdYqM7iayKHRJ-jVrSysnKGtBcH5iFmqfr1YPK2FEkxID_klCGL8zUzqrvI6MoePCnibdlrASUMiSAj6NObZbSpKx3kmjNGUN1FgGkkH5jI8FdGiYYbAvTs7NXLRLbkzFYoSgNgcFY0HB4r1iRRDUnypljCemgeAlQfYXDPbRRbZLsZKOJ4JwPRZ6N90eYYygYqwWSapvcg7LYJF9yGjIODjfJc09TDthoUk7eYzPUrFsIL7uQbZti00GMhMARIFcpPZD_U3Y4SNR0D60UJnegAw2eaMff1wzjPs0IpxvFEmgwdnyf2w_KPkaxXSwf_-p5RX4hJH4xjSsc59YP5uy_fRdC3f6B4lVkJveADjkAZAtUvM8e8TvoTitu6YPMbj0ZafrhG6ZGCwqZG7LeAqtDDDInXh1647yQiB_aF-V2BDRSfLU6KsQjG2aBDXAabsdaf5vEepJ8W-F-Y33OFy3DCfkUiMl5Elvw33ZzSDMy9CBohi1uFRrcQE-rJVh9GoL1u2RhDSW7VdffwMsP0dmjbch8ZgA60bjNd1OJSKejIALE3C7mydTK3nM8FamRRP0kpIDQ72YtoTi47W8HNa4YGGxhQxQvRTZrLrI5P9XMwXkD7oy3N1eL4oRfcp3Y3q2QUgi1mMHKktD4PNNJEla759aFqIIRAsZn3nq3oK5wuvlAXUoG4vB9L9qXSQlAMb0uqUo29v-x-LBv48nZlyuuBTWAX3DGRxXuz86hNGLpkJiGWQsvMkYLrjJF2SlJQ0WMZi_DqetrWvmMOwF3qpvK06OQ5F7gG0lMKL7X9WfDFO1uaBUWTJZwgT4Gk-EK_HPdEZuxSlNiF_GhWjBl5FasECQ8THeE0LjimhnHJNuq5BYqKDqHQmZLqA2NWEiIBvmyhY8mP3YuzsnAEPnLODwQwgdInlxzKyP7Jy4aOc87PCYebwGXET4pMi8nSOqhChzn0KZxQfYkhBoDUDRL3DeQRd7lmtoim6ATI3lx6tlseoIKoSHbk3dd995TjhOS021f-RXk-Jz0yHxRjxHGD7NYpvJmtiaWPn0H_k0pkk0WfxZ0Zy1EkOSSX9cqKwu4HmfOSjPHZKzEZhRVZ_VzyrlabaNBbBLYB_U-SiXMD2jGngfR_qGPHq0kJVffErnu6AFtmj1EnXAfNMRzBKd1h6rB7J2_kuQ-FXvY0ni04r8eGDL3PImyLI5RJatJxKgeUaC7Mh_mD7lDxx9-gsOaOlb3ONlV76mMgDjpIUw2IvISSUi6Rnj6x8CR2ZgaKgzAieIfD2NQC4I-nGrDR8tYH9_BzMCaPE9r3Q6-A6oJuYchEDuIsXhc91JE_RYE-glR6b2Rf6OjLoim5OxnS5iSg9riJ0QlqP00vlbglrgEldmEifBtaya3fsgePcY-MZoqfnvl_UfmsxO_KJvnNG8lWYEAnzZSZvna-S-MBhYriDmDHeKgA1boShht3RYlWf-odIGeRAJCubZ9H1MsRuhOsFJLrxz2DuUB4DI4Itxe-QULJAETDGIYk87AvyvayPh9fMbWkyHNM7mTfdLTO0MPtSkMNp0WX7_Uv6lwvcpl8jenbo9_FhAwduqivBgd1AHnl7GG9sSo8TM9_wfbUGLZhrQZ5INTi30iixdeQiJNojlWH-ICn36IakWPUA9JF8HAXTb3U_-V_ZdtSs_bO7Slcfh2gWdmIk-hZ0At9AWnI42fLwmRslnIzhVu3XjIPGVN_LmcLyEDq9P9sFHtEmE5dSacEdsd1z7hSIlPRfYSTmDlwrL9IyEQsNy-FcrQ3T2vvqLM7OtdixU3__sYYf0W89ENFkwUjtHS&cid=CAQSOwBygQiDl8dNwd3GfehETPwvQSSVAQlxwhk63eQ1nJ0jeHOz8XpQaADAF0hu5a2sjjX9R_9h-1hfmFVcGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=10899176448837954000&adk=578009112&idt=78&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce7aa9a76e1ef06e22d13a5c8678b9b7440f5b1f854ecb62b447ad383927abb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 18:13:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
46798
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10883
x-xss-protection
0
server
cafe
etag
6886435266232968791
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 18:13:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame EF3D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzOV3fesjxZyThNb6T-iVKFzB_5-FiRzmvE3BNBUtlPGG50mHfWqz-0EZNCDnNkXnf7BH43RQBb16PxCCFOhpHzzhz_j4Ym-kFHW4gwnw6Z3HvMolG6Ug4YTDeVCUeIhn2W8Dp3V0iXbbd00AzPa1u9DXotOMvlwforf_c3ETwu5YJSc8&dbm_d=AKAmf-AIH6jHsXYatMRP21G8z5owKgAC6zliZMZe3_l5AOJ4gQ8jmi1iZecbYxeA4-OWs0iWl43qgnFlW3V2s-drGKnVdIKSg4f3wpY-WEWtvpXH_Is6LbMVFzuMhWbfgtoq2Qq1wJbcknNbSkXTxctf6NLNv9yNLA-ZHOQ4gMVr7W0GCum7PdiNeYEUFqZVpysVJW_OTL7l00katFmqKEIi4f_Jd_m3E8f_A9T5-PGiCL6deQQ8rJk7CL0GFa72elhvNiqT6BJe2u2biNwevagh0THUc_TVeTrnsYraTR-DUXBGsRSAYd9AlJpUbjOUm5sqVm7kxQYc5RwnLzg5TEBv7LQIB4vfMZQ0ATaIvYSKb2sZr_dapI-XVBcjY25EZC-1cmIcB9rHroqNOvYhyWAoh95lnJN_ohe6veg9SsCis8ln21CArQ1gtp_Steyl0L5aQnO2Gv7UsQVk4JqKNRl89HqnP9IjnlMnS89u42Vt1eXALoCH2Lj3sTChTD4LJ-A3_3d4GtxH7uAVCducSq0EdLiu_m-dWdp-TnrOlpAblmbbBjXKmAfXqP8GqyhCQV16aiElhykhWNqv7k2NpCFXeFcBFNiR1dV3lfSfhNDYfhB1RRy76_LPsZIOLwHf6ldRlm4hPU-12T-fwPy-41Z16uBtYsx2gTvLbBEySPityG-1FKWsAaLBwccA619NM_O1nbopwCB7eZl_LuZOwqARZs2pTBgPCSU4jWVLuTgzX8LFl0FoSiwGcIP1Jy2ilNaK1TorXJdkAjbg0uOgqGCtTqdQhv6x3nrATFgQlHxyF8GeeQGdiBEYWvJnoUpomrk8CZcGupLJ0ZayFcw53e4asccAPY1dgUM662GjipVAK77UZPbUwTByhSj4XKIDtfO62Z3PlawQCzo-_O6WyC01n4h7capYcM_tIN9rkyB9vmM500XKf0JtJyXIWfHmr4A0W4ucnpoBVCmrrQhPj0V_qGJw-Txi4tk1KfN24qWCfZRA9IO8-0FI0-HjIQI0blC17DBKYupxbHjOmjGPE5WJCX8rHda0H0mS7_I_pGc4xZv_4ltEzvDf78FD_94moYTgJfyDxHNiEX28U8ZXXaEyQE9vKm1n4G9TQzfR4N6N1HhY-6J7lGbtewOg-jUWEDLL2IqShBJE8RHW9oQ8glbhOPvE8BUpnKh2IrrykQB-7PKEtq5SKuysr_vSpVF4DkLXozUq05VACfiEtKe6mTbrSCkgd8nR2SrziK3hcTcjavs2uNgarQg87WlhtON4Ckxwa3X1gegB01cfUzhQMCtudlo4zMmcwd7-IQGTCkkgcXMi2er0K5DM6Jd_XTN4K4tLkT3Eh5L7SPU7Vu4dwAM0Tniry5ONeA2Xa6mY4UOCSZPuLhQ3MyRXRJrLjuMqYo_aBYbaW6yz4fP_uUQu5bBx-qvnTW2CKquB81mOHe0jmmjDKgL3_f8hug6i_tV_j6NKmGmrOkCc1_xEF6nfrej1SDRTAv7GGYG8DDWRHoKn5ZLxFvCawaWPc66XYIyht2wsBgcBB2ZkabtfIeJ1P_FCEHhdI9DUS31VlYIUr6i7PzgphN1bslMlAsaSCEf8cGHhL-KOUQO85M-gHP7_EJS5OLXc7-IeGzy45TAQro6JjFX8p1qLDTvAonoL6rBGYZ67NFfJSAndCyftaMXj97RlIEB9Lj1BpgXkmRaN_6bSK0uxs0ySXo6Btb6phCqLbvc3bo5dQVSpPDokcK43WETttS8IDutf3_wbW4yyGo-9VP9uvsvPWf2vaLEGQIwQpm-KnVIEPcoFd6VzjKDVNZguSdKmBKj1AaWXFYEWMs27-TERjiEPKg0IZZZx8K_6B-jks9oDtnChb9d5cEP5sLdh1LRG-Mmd04VRUsMsZxSQh--J53vZJMdKhXyIvm29WFUXm1gGxHcoP7dkw74pRileskmqrMw4MBYPUeRLkLQDR-IdYqM7iayKHRJ-jVrSysnKGtBcH5iFmqfr1YPK2FEkxID_klCGL8zUzqrvI6MoePCnibdlrASUMiSAj6NObZbSpKx3kmjNGUN1FgGkkH5jI8FdGiYYbAvTs7NXLRLbkzFYoSgNgcFY0HB4r1iRRDUnypljCemgeAlQfYXDPbRRbZLsZKOJ4JwPRZ6N90eYYygYqwWSapvcg7LYJF9yGjIODjfJc09TDthoUk7eYzPUrFsIL7uQbZti00GMhMARIFcpPZD_U3Y4SNR0D60UJnegAw2eaMff1wzjPs0IpxvFEmgwdnyf2w_KPkaxXSwf_-p5RX4hJH4xjSsc59YP5uy_fRdC3f6B4lVkJveADjkAZAtUvM8e8TvoTitu6YPMbj0ZafrhG6ZGCwqZG7LeAqtDDDInXh1647yQiB_aF-V2BDRSfLU6KsQjG2aBDXAabsdaf5vEepJ8W-F-Y33OFy3DCfkUiMl5Elvw33ZzSDMy9CBohi1uFRrcQE-rJVh9GoL1u2RhDSW7VdffwMsP0dmjbch8ZgA60bjNd1OJSKejIALE3C7mydTK3nM8FamRRP0kpIDQ72YtoTi47W8HNa4YGGxhQxQvRTZrLrI5P9XMwXkD7oy3N1eL4oRfcp3Y3q2QUgi1mMHKktD4PNNJEla759aFqIIRAsZn3nq3oK5wuvlAXUoG4vB9L9qXSQlAMb0uqUo29v-x-LBv48nZlyuuBTWAX3DGRxXuz86hNGLpkJiGWQsvMkYLrjJF2SlJQ0WMZi_DqetrWvmMOwF3qpvK06OQ5F7gG0lMKL7X9WfDFO1uaBUWTJZwgT4Gk-EK_HPdEZuxSlNiF_GhWjBl5FasECQ8THeE0LjimhnHJNuq5BYqKDqHQmZLqA2NWEiIBvmyhY8mP3YuzsnAEPnLODwQwgdInlxzKyP7Jy4aOc87PCYebwGXET4pMi8nSOqhChzn0KZxQfYkhBoDUDRL3DeQRd7lmtoim6ATI3lx6tlseoIKoSHbk3dd995TjhOS021f-RXk-Jz0yHxRjxHGD7NYpvJmtiaWPn0H_k0pkk0WfxZ0Zy1EkOSSX9cqKwu4HmfOSjPHZKzEZhRVZ_VzyrlabaNBbBLYB_U-SiXMD2jGngfR_qGPHq0kJVffErnu6AFtmj1EnXAfNMRzBKd1h6rB7J2_kuQ-FXvY0ni04r8eGDL3PImyLI5RJatJxKgeUaC7Mh_mD7lDxx9-gsOaOlb3ONlV76mMgDjpIUw2IvISSUi6Rnj6x8CR2ZgaKgzAieIfD2NQC4I-nGrDR8tYH9_BzMCaPE9r3Q6-A6oJuYchEDuIsXhc91JE_RYE-glR6b2Rf6OjLoim5OxnS5iSg9riJ0QlqP00vlbglrgEldmEifBtaya3fsgePcY-MZoqfnvl_UfmsxO_KJvnNG8lWYEAnzZSZvna-S-MBhYriDmDHeKgA1boShht3RYlWf-odIGeRAJCubZ9H1MsRuhOsFJLrxz2DuUB4DI4Itxe-QULJAETDGIYk87AvyvayPh9fMbWkyHNM7mTfdLTO0MPtSkMNp0WX7_Uv6lwvcpl8jenbo9_FhAwduqivBgd1AHnl7GG9sSo8TM9_wfbUGLZhrQZ5INTi30iixdeQiJNojlWH-ICn36IakWPUA9JF8HAXTb3U_-V_ZdtSs_bO7Slcfh2gWdmIk-hZ0At9AWnI42fLwmRslnIzhVu3XjIPGVN_LmcLyEDq9P9sFHtEmE5dSacEdsd1z7hSIlPRfYSTmDlwrL9IyEQsNy-FcrQ3T2vvqLM7OtdixU3__sYYf0W89ENFkwUjtHS&cid=CAQSOwBygQiDl8dNwd3GfehETPwvQSSVAQlxwhk63eQ1nJ0jeHOz8XpQaADAF0hu5a2sjjX9R_9h-1hfmFVcGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=10899176448837954000&adk=578009112&idt=78&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 18:09:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
47075
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 May 2023 18:09:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EF3D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJAqvab02a00TY7FTfmkOTph1_NAr7C3lX0eHN_kSIVPC4sxgCAs-S9a721hQOiuAAUeJwiMsBd9-uoNmkBkugfXamNPRRt0GWkVbJaHoxpsh_nyCOEc6s9Li7dowF664YzT2wdGhe4Lr1DmWrYWRJVOSqqUlwFRWtmXs4y3VKjW6wodsoV33wsrWnmq_48912t4bnUSwcBPSWRo78fusvxCJiptRCQ07DA0NjBtFsvGBZ3AO2EXXH1iUh40lwccNXQnL2LFbF84UshTuFJpazHWyyvPIoqosqv8zr39nyixStXw4uGl-Bq_Q_6eRdrlMtbFqVwdX7Bc9qzOOZ0vxNuxIUi5DZ7i3Uia92iwzzFBmRUnNfKpX1PGmDCAeByRsOvkMnxqJFOuNJ3wNuuSugEJR2e6IwbELExsZUEHMNObbFrCTGpTdC_FcupGapiTiB55OlrbOUZZ-WNzfhcq95Ekxw9dSvGIM79oXKnZoahpepnid9n9RxCdzlUpfgn6VK_HEBp7qXAW1yL_yE8aYcuFL7K72xl3HqfijLuGAj3mM0i3PX2f4C9jiZcHLSdZnxBmEdtP4XDS2MG1SZHL0ql-YaYaTc_IYiah6cXH0-vwcjU6lIY3sS2dFnZd1JYROwxUP4uTl8AM8Isg4E6eVnIyGq1icWUZjmelOQCj4QA31RxRtppOdJ68QdpED7zuM3lBLDf7kV4_Sa9ATenVQHoAdl6pB5mPGgkAuQEro3jx9ziL9eas1qkLUmJsTJs4ChgLP2ec-RMe1ezbGIqQl1l3GwmTSuTgGQgiqB3yEFMcXBCUZ4xFOuJTfOXVwfAiIKJ8y8UtKjmxRJq6ZZx6DPpH4_zkDP4O6oy4wjQS4xA-8EAVYYY14MNuyO2cE9U0iC1_WtEIaGE8iSLk9aFK2jr8UYnB4Wuu-Vz-Pb9nuzyGQnkO-Phc_N7KL21MJQPgO9ROLqaanHv3etGNYNnsDgKGiij1FmBOsyqj3rzRq5mlESIVijkrIcw0zkeohUNDwlBUm266Kmup9mJmROpfkYDlowTNSbdr_UuJyTOS4tLUzawm4NNdh72QXoroyiUPhavdxYnfxPzJKUH8tb0MEGy_CT_yMiU8IWErALSRuPjTLof1aq1fepcEn4kXQiM2JUb_X4keY8c5Z9lHWWA2MdEJP8BzrIOuM4NTMKtGMHKvnRScUZRlF0zmcLKUVW8FGL5M0ih8hIHSHWYNtMGOITsMfiwrQ0TtOZuH-KrPPXubtpQrGgfG4HmXOsW2r0CXTKCIU4gOTpm1CNYhcwEQTAhyFycoBxGh7UGkx3Nr3o_X9Qbnfbc7BnwDqLbyGDGJHhD6rKzxh0SuHtpZr8RyE&sai=AMfl-YQf9-8WPwrqeCLXA5bJYu8ssmqcOsBxPzZkGSlCyAV813OVHS0d5OFUyyD2f02aJIehr0La7fZwz96cKpAn7Gp0HM6zkOqtLq_4FgtJUFz1pFzMIXK1vGh8M_nkb5yKvLCoCZDHhJGzizOnzSztB5L0zrxtQqi4bv2tsrBL-WSswlztchve1NnjHEmyIIJsFHU31jy2t8NdGMlzuUFZCMj9mXu2fVibNKd1g_iG75aauXhpKwTJCIJRdaarGcw3YrgZ&sig=Cg0ArKJSzIsDOhgj2SkwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230510.13589&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzOV3fesjxZyThNb6T-iVKFzB_5-FiRzmvE3BNBUtlPGG50mHfWqz-0EZNCDnNkXnf7BH43RQBb16PxCCFOhpHzzhz_j4Ym-kFHW4gwnw6Z3HvMolG6Ug4YTDeVCUeIhn2W8Dp3V0iXbbd00AzPa1u9DXotOMvlwforf_c3ETwu5YJSc8&dbm_d=AKAmf-AIH6jHsXYatMRP21G8z5owKgAC6zliZMZe3_l5AOJ4gQ8jmi1iZecbYxeA4-OWs0iWl43qgnFlW3V2s-drGKnVdIKSg4f3wpY-WEWtvpXH_Is6LbMVFzuMhWbfgtoq2Qq1wJbcknNbSkXTxctf6NLNv9yNLA-ZHOQ4gMVr7W0GCum7PdiNeYEUFqZVpysVJW_OTL7l00katFmqKEIi4f_Jd_m3E8f_A9T5-PGiCL6deQQ8rJk7CL0GFa72elhvNiqT6BJe2u2biNwevagh0THUc_TVeTrnsYraTR-DUXBGsRSAYd9AlJpUbjOUm5sqVm7kxQYc5RwnLzg5TEBv7LQIB4vfMZQ0ATaIvYSKb2sZr_dapI-XVBcjY25EZC-1cmIcB9rHroqNOvYhyWAoh95lnJN_ohe6veg9SsCis8ln21CArQ1gtp_Steyl0L5aQnO2Gv7UsQVk4JqKNRl89HqnP9IjnlMnS89u42Vt1eXALoCH2Lj3sTChTD4LJ-A3_3d4GtxH7uAVCducSq0EdLiu_m-dWdp-TnrOlpAblmbbBjXKmAfXqP8GqyhCQV16aiElhykhWNqv7k2NpCFXeFcBFNiR1dV3lfSfhNDYfhB1RRy76_LPsZIOLwHf6ldRlm4hPU-12T-fwPy-41Z16uBtYsx2gTvLbBEySPityG-1FKWsAaLBwccA619NM_O1nbopwCB7eZl_LuZOwqARZs2pTBgPCSU4jWVLuTgzX8LFl0FoSiwGcIP1Jy2ilNaK1TorXJdkAjbg0uOgqGCtTqdQhv6x3nrATFgQlHxyF8GeeQGdiBEYWvJnoUpomrk8CZcGupLJ0ZayFcw53e4asccAPY1dgUM662GjipVAK77UZPbUwTByhSj4XKIDtfO62Z3PlawQCzo-_O6WyC01n4h7capYcM_tIN9rkyB9vmM500XKf0JtJyXIWfHmr4A0W4ucnpoBVCmrrQhPj0V_qGJw-Txi4tk1KfN24qWCfZRA9IO8-0FI0-HjIQI0blC17DBKYupxbHjOmjGPE5WJCX8rHda0H0mS7_I_pGc4xZv_4ltEzvDf78FD_94moYTgJfyDxHNiEX28U8ZXXaEyQE9vKm1n4G9TQzfR4N6N1HhY-6J7lGbtewOg-jUWEDLL2IqShBJE8RHW9oQ8glbhOPvE8BUpnKh2IrrykQB-7PKEtq5SKuysr_vSpVF4DkLXozUq05VACfiEtKe6mTbrSCkgd8nR2SrziK3hcTcjavs2uNgarQg87WlhtON4Ckxwa3X1gegB01cfUzhQMCtudlo4zMmcwd7-IQGTCkkgcXMi2er0K5DM6Jd_XTN4K4tLkT3Eh5L7SPU7Vu4dwAM0Tniry5ONeA2Xa6mY4UOCSZPuLhQ3MyRXRJrLjuMqYo_aBYbaW6yz4fP_uUQu5bBx-qvnTW2CKquB81mOHe0jmmjDKgL3_f8hug6i_tV_j6NKmGmrOkCc1_xEF6nfrej1SDRTAv7GGYG8DDWRHoKn5ZLxFvCawaWPc66XYIyht2wsBgcBB2ZkabtfIeJ1P_FCEHhdI9DUS31VlYIUr6i7PzgphN1bslMlAsaSCEf8cGHhL-KOUQO85M-gHP7_EJS5OLXc7-IeGzy45TAQro6JjFX8p1qLDTvAonoL6rBGYZ67NFfJSAndCyftaMXj97RlIEB9Lj1BpgXkmRaN_6bSK0uxs0ySXo6Btb6phCqLbvc3bo5dQVSpPDokcK43WETttS8IDutf3_wbW4yyGo-9VP9uvsvPWf2vaLEGQIwQpm-KnVIEPcoFd6VzjKDVNZguSdKmBKj1AaWXFYEWMs27-TERjiEPKg0IZZZx8K_6B-jks9oDtnChb9d5cEP5sLdh1LRG-Mmd04VRUsMsZxSQh--J53vZJMdKhXyIvm29WFUXm1gGxHcoP7dkw74pRileskmqrMw4MBYPUeRLkLQDR-IdYqM7iayKHRJ-jVrSysnKGtBcH5iFmqfr1YPK2FEkxID_klCGL8zUzqrvI6MoePCnibdlrASUMiSAj6NObZbSpKx3kmjNGUN1FgGkkH5jI8FdGiYYbAvTs7NXLRLbkzFYoSgNgcFY0HB4r1iRRDUnypljCemgeAlQfYXDPbRRbZLsZKOJ4JwPRZ6N90eYYygYqwWSapvcg7LYJF9yGjIODjfJc09TDthoUk7eYzPUrFsIL7uQbZti00GMhMARIFcpPZD_U3Y4SNR0D60UJnegAw2eaMff1wzjPs0IpxvFEmgwdnyf2w_KPkaxXSwf_-p5RX4hJH4xjSsc59YP5uy_fRdC3f6B4lVkJveADjkAZAtUvM8e8TvoTitu6YPMbj0ZafrhG6ZGCwqZG7LeAqtDDDInXh1647yQiB_aF-V2BDRSfLU6KsQjG2aBDXAabsdaf5vEepJ8W-F-Y33OFy3DCfkUiMl5Elvw33ZzSDMy9CBohi1uFRrcQE-rJVh9GoL1u2RhDSW7VdffwMsP0dmjbch8ZgA60bjNd1OJSKejIALE3C7mydTK3nM8FamRRP0kpIDQ72YtoTi47W8HNa4YGGxhQxQvRTZrLrI5P9XMwXkD7oy3N1eL4oRfcp3Y3q2QUgi1mMHKktD4PNNJEla759aFqIIRAsZn3nq3oK5wuvlAXUoG4vB9L9qXSQlAMb0uqUo29v-x-LBv48nZlyuuBTWAX3DGRxXuz86hNGLpkJiGWQsvMkYLrjJF2SlJQ0WMZi_DqetrWvmMOwF3qpvK06OQ5F7gG0lMKL7X9WfDFO1uaBUWTJZwgT4Gk-EK_HPdEZuxSlNiF_GhWjBl5FasECQ8THeE0LjimhnHJNuq5BYqKDqHQmZLqA2NWEiIBvmyhY8mP3YuzsnAEPnLODwQwgdInlxzKyP7Jy4aOc87PCYebwGXET4pMi8nSOqhChzn0KZxQfYkhBoDUDRL3DeQRd7lmtoim6ATI3lx6tlseoIKoSHbk3dd995TjhOS021f-RXk-Jz0yHxRjxHGD7NYpvJmtiaWPn0H_k0pkk0WfxZ0Zy1EkOSSX9cqKwu4HmfOSjPHZKzEZhRVZ_VzyrlabaNBbBLYB_U-SiXMD2jGngfR_qGPHq0kJVffErnu6AFtmj1EnXAfNMRzBKd1h6rB7J2_kuQ-FXvY0ni04r8eGDL3PImyLI5RJatJxKgeUaC7Mh_mD7lDxx9-gsOaOlb3ONlV76mMgDjpIUw2IvISSUi6Rnj6x8CR2ZgaKgzAieIfD2NQC4I-nGrDR8tYH9_BzMCaPE9r3Q6-A6oJuYchEDuIsXhc91JE_RYE-glR6b2Rf6OjLoim5OxnS5iSg9riJ0QlqP00vlbglrgEldmEifBtaya3fsgePcY-MZoqfnvl_UfmsxO_KJvnNG8lWYEAnzZSZvna-S-MBhYriDmDHeKgA1boShht3RYlWf-odIGeRAJCubZ9H1MsRuhOsFJLrxz2DuUB4DI4Itxe-QULJAETDGIYk87AvyvayPh9fMbWkyHNM7mTfdLTO0MPtSkMNp0WX7_Uv6lwvcpl8jenbo9_FhAwduqivBgd1AHnl7GG9sSo8TM9_wfbUGLZhrQZ5INTi30iixdeQiJNojlWH-ICn36IakWPUA9JF8HAXTb3U_-V_ZdtSs_bO7Slcfh2gWdmIk-hZ0At9AWnI42fLwmRslnIzhVu3XjIPGVN_LmcLyEDq9P9sFHtEmE5dSacEdsd1z7hSIlPRfYSTmDlwrL9IyEQsNy-FcrQ3T2vvqLM7OtdixU3__sYYf0W89ENFkwUjtHS&cid=CAQSOwBygQiDl8dNwd3GfehETPwvQSSVAQlxwhk63eQ1nJ0jeHOz8XpQaADAF0hu5a2sjjX9R_9h-1hfmFVcGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=10899176448837954000&adk=578009112&idt=78&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 May 2023 07:13:49 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:49 GMT
px.gif
d.adtriba.com/ Frame EF3D
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202210_es_hunger_dv_pros_347628237&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
18.158.240.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-240-157.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 07:13:49 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Fri, 12 May 2023 07:13:49 GMT
Last-Modified
Fri, 12 May 2023 07:13:49 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EF3D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzOV3fesjxZyThNb6T-iVKFzB_5-FiRzmvE3BNBUtlPGG50mHfWqz-0EZNCDnNkXnf7BH43RQBb16PxCCFOhpHzzhz_j4Ym-kFHW4gwnw6Z3HvMolG6Ug4YTDeVCUeIhn2W8Dp3V0iXbbd00AzPa1u9DXotOMvlwforf_c3ETwu5YJSc8&dbm_d=AKAmf-AIH6jHsXYatMRP21G8z5owKgAC6zliZMZe3_l5AOJ4gQ8jmi1iZecbYxeA4-OWs0iWl43qgnFlW3V2s-drGKnVdIKSg4f3wpY-WEWtvpXH_Is6LbMVFzuMhWbfgtoq2Qq1wJbcknNbSkXTxctf6NLNv9yNLA-ZHOQ4gMVr7W0GCum7PdiNeYEUFqZVpysVJW_OTL7l00katFmqKEIi4f_Jd_m3E8f_A9T5-PGiCL6deQQ8rJk7CL0GFa72elhvNiqT6BJe2u2biNwevagh0THUc_TVeTrnsYraTR-DUXBGsRSAYd9AlJpUbjOUm5sqVm7kxQYc5RwnLzg5TEBv7LQIB4vfMZQ0ATaIvYSKb2sZr_dapI-XVBcjY25EZC-1cmIcB9rHroqNOvYhyWAoh95lnJN_ohe6veg9SsCis8ln21CArQ1gtp_Steyl0L5aQnO2Gv7UsQVk4JqKNRl89HqnP9IjnlMnS89u42Vt1eXALoCH2Lj3sTChTD4LJ-A3_3d4GtxH7uAVCducSq0EdLiu_m-dWdp-TnrOlpAblmbbBjXKmAfXqP8GqyhCQV16aiElhykhWNqv7k2NpCFXeFcBFNiR1dV3lfSfhNDYfhB1RRy76_LPsZIOLwHf6ldRlm4hPU-12T-fwPy-41Z16uBtYsx2gTvLbBEySPityG-1FKWsAaLBwccA619NM_O1nbopwCB7eZl_LuZOwqARZs2pTBgPCSU4jWVLuTgzX8LFl0FoSiwGcIP1Jy2ilNaK1TorXJdkAjbg0uOgqGCtTqdQhv6x3nrATFgQlHxyF8GeeQGdiBEYWvJnoUpomrk8CZcGupLJ0ZayFcw53e4asccAPY1dgUM662GjipVAK77UZPbUwTByhSj4XKIDtfO62Z3PlawQCzo-_O6WyC01n4h7capYcM_tIN9rkyB9vmM500XKf0JtJyXIWfHmr4A0W4ucnpoBVCmrrQhPj0V_qGJw-Txi4tk1KfN24qWCfZRA9IO8-0FI0-HjIQI0blC17DBKYupxbHjOmjGPE5WJCX8rHda0H0mS7_I_pGc4xZv_4ltEzvDf78FD_94moYTgJfyDxHNiEX28U8ZXXaEyQE9vKm1n4G9TQzfR4N6N1HhY-6J7lGbtewOg-jUWEDLL2IqShBJE8RHW9oQ8glbhOPvE8BUpnKh2IrrykQB-7PKEtq5SKuysr_vSpVF4DkLXozUq05VACfiEtKe6mTbrSCkgd8nR2SrziK3hcTcjavs2uNgarQg87WlhtON4Ckxwa3X1gegB01cfUzhQMCtudlo4zMmcwd7-IQGTCkkgcXMi2er0K5DM6Jd_XTN4K4tLkT3Eh5L7SPU7Vu4dwAM0Tniry5ONeA2Xa6mY4UOCSZPuLhQ3MyRXRJrLjuMqYo_aBYbaW6yz4fP_uUQu5bBx-qvnTW2CKquB81mOHe0jmmjDKgL3_f8hug6i_tV_j6NKmGmrOkCc1_xEF6nfrej1SDRTAv7GGYG8DDWRHoKn5ZLxFvCawaWPc66XYIyht2wsBgcBB2ZkabtfIeJ1P_FCEHhdI9DUS31VlYIUr6i7PzgphN1bslMlAsaSCEf8cGHhL-KOUQO85M-gHP7_EJS5OLXc7-IeGzy45TAQro6JjFX8p1qLDTvAonoL6rBGYZ67NFfJSAndCyftaMXj97RlIEB9Lj1BpgXkmRaN_6bSK0uxs0ySXo6Btb6phCqLbvc3bo5dQVSpPDokcK43WETttS8IDutf3_wbW4yyGo-9VP9uvsvPWf2vaLEGQIwQpm-KnVIEPcoFd6VzjKDVNZguSdKmBKj1AaWXFYEWMs27-TERjiEPKg0IZZZx8K_6B-jks9oDtnChb9d5cEP5sLdh1LRG-Mmd04VRUsMsZxSQh--J53vZJMdKhXyIvm29WFUXm1gGxHcoP7dkw74pRileskmqrMw4MBYPUeRLkLQDR-IdYqM7iayKHRJ-jVrSysnKGtBcH5iFmqfr1YPK2FEkxID_klCGL8zUzqrvI6MoePCnibdlrASUMiSAj6NObZbSpKx3kmjNGUN1FgGkkH5jI8FdGiYYbAvTs7NXLRLbkzFYoSgNgcFY0HB4r1iRRDUnypljCemgeAlQfYXDPbRRbZLsZKOJ4JwPRZ6N90eYYygYqwWSapvcg7LYJF9yGjIODjfJc09TDthoUk7eYzPUrFsIL7uQbZti00GMhMARIFcpPZD_U3Y4SNR0D60UJnegAw2eaMff1wzjPs0IpxvFEmgwdnyf2w_KPkaxXSwf_-p5RX4hJH4xjSsc59YP5uy_fRdC3f6B4lVkJveADjkAZAtUvM8e8TvoTitu6YPMbj0ZafrhG6ZGCwqZG7LeAqtDDDInXh1647yQiB_aF-V2BDRSfLU6KsQjG2aBDXAabsdaf5vEepJ8W-F-Y33OFy3DCfkUiMl5Elvw33ZzSDMy9CBohi1uFRrcQE-rJVh9GoL1u2RhDSW7VdffwMsP0dmjbch8ZgA60bjNd1OJSKejIALE3C7mydTK3nM8FamRRP0kpIDQ72YtoTi47W8HNa4YGGxhQxQvRTZrLrI5P9XMwXkD7oy3N1eL4oRfcp3Y3q2QUgi1mMHKktD4PNNJEla759aFqIIRAsZn3nq3oK5wuvlAXUoG4vB9L9qXSQlAMb0uqUo29v-x-LBv48nZlyuuBTWAX3DGRxXuz86hNGLpkJiGWQsvMkYLrjJF2SlJQ0WMZi_DqetrWvmMOwF3qpvK06OQ5F7gG0lMKL7X9WfDFO1uaBUWTJZwgT4Gk-EK_HPdEZuxSlNiF_GhWjBl5FasECQ8THeE0LjimhnHJNuq5BYqKDqHQmZLqA2NWEiIBvmyhY8mP3YuzsnAEPnLODwQwgdInlxzKyP7Jy4aOc87PCYebwGXET4pMi8nSOqhChzn0KZxQfYkhBoDUDRL3DeQRd7lmtoim6ATI3lx6tlseoIKoSHbk3dd995TjhOS021f-RXk-Jz0yHxRjxHGD7NYpvJmtiaWPn0H_k0pkk0WfxZ0Zy1EkOSSX9cqKwu4HmfOSjPHZKzEZhRVZ_VzyrlabaNBbBLYB_U-SiXMD2jGngfR_qGPHq0kJVffErnu6AFtmj1EnXAfNMRzBKd1h6rB7J2_kuQ-FXvY0ni04r8eGDL3PImyLI5RJatJxKgeUaC7Mh_mD7lDxx9-gsOaOlb3ONlV76mMgDjpIUw2IvISSUi6Rnj6x8CR2ZgaKgzAieIfD2NQC4I-nGrDR8tYH9_BzMCaPE9r3Q6-A6oJuYchEDuIsXhc91JE_RYE-glR6b2Rf6OjLoim5OxnS5iSg9riJ0QlqP00vlbglrgEldmEifBtaya3fsgePcY-MZoqfnvl_UfmsxO_KJvnNG8lWYEAnzZSZvna-S-MBhYriDmDHeKgA1boShht3RYlWf-odIGeRAJCubZ9H1MsRuhOsFJLrxz2DuUB4DI4Itxe-QULJAETDGIYk87AvyvayPh9fMbWkyHNM7mTfdLTO0MPtSkMNp0WX7_Uv6lwvcpl8jenbo9_FhAwduqivBgd1AHnl7GG9sSo8TM9_wfbUGLZhrQZ5INTi30iixdeQiJNojlWH-ICn36IakWPUA9JF8HAXTb3U_-V_ZdtSs_bO7Slcfh2gWdmIk-hZ0At9AWnI42fLwmRslnIzhVu3XjIPGVN_LmcLyEDq9P9sFHtEmE5dSacEdsd1z7hSIlPRfYSTmDlwrL9IyEQsNy-FcrQ3T2vvqLM7OtdixU3__sYYf0W89ENFkwUjtHS&cid=CAQSOwBygQiDl8dNwd3GfehETPwvQSSVAQlxwhk63eQ1nJ0jeHOz8XpQaADAF0hu5a2sjjX9R_9h-1hfmFVcGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=10899176448837954000&adk=578009112&idt=78&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 19:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 May 2024 19:31:46 GMT
10768712183287262174
s0.2mdn.net/simgad/ Frame EF3D 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10768712183287262174
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
066bbfcc0791d1dde12ec5f2d7fc1d5c6bccac6ebc91302ca4e903a2178cca34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 09:28:42 GMT
x-content-type-options
nosniff
age
510307
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40031
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:42:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 09:28:42 GMT
index.html
s0.2mdn.net/sadbundle/2643589595411275818/ Frame A6D1 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
934e4c5bf691cb219893679833277e4f7e475523532e0d123afe9b154507e76b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
520535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1505
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 06 May 2023 06:38:14 GMT
expires
Sun, 05 May 2024 06:38:14 GMT
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F644 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHPC8xsJmqI-f6n9UHLF1icBP_UfnYchiizTZlxXrJlnIGkcfFLX0p0PFvu5BRHl0BFJfUnVn0UnqzW8vxtMsvtwOioYWo3GHgAkqJix6j3HO7iWhMr0YYX_aKxSNxbwDRUuREaPVNAYw1sA-TQskSmeA9ViBrpiwqZQLjvTgw5BRROj6DNMnQ4bD544X5m4hBVoHF-ryFe8YMESpZga7dIYqKsws6uVT-8LbGw34zzIg0VpU2Pnru2ikxY77wNzfBso7ZfTy55lIBlITFSKUDvzpnmqjiKbo-0eBYpnItiq5UAEThwooiHrDLwnoWvoloZCGOa_43K4p-Xq0tLzVn0bt2sDuwaYfax__5B8NikzlER25AN1GEGXYAG5BVpgybvn3EZh5FYYM76R7T_MKWcMu6gUVoNTyU94Sf4H2hapTLULLsLu2jDtzIAzvslL6NTqUn2YjSn1WL_en-TXk8-31YjSd23Bzc92k-Frs09HquEbeEkjnPHLJ_aOahNpTO5N4SBr6RZuR-4hXhbUkATvngFf0n3ZozEDXQOTUGHzFOgJf7yi81UqquGUtLi-Y12Nts0XZFxiU1qsuOXo8TdMW4jAiaonHDotl-lqSTGzDNFDQs0DCMiuQc2AzC2N6bx9aLDmPO1PpXwUj461o8Z1kAlTy4w62irPnEwdUq-6K3MKn7LJ6ephCGaiZbzw4IcDUJ92RWxm57BNOJlLwuVE9XRhqo9kXOtGfDYcnM9VoWNN-_jO1S3uUZ7mZD2kbuGaqkXrCU_7Ua3hqdoq9B670ZnGQq5Rf95m2SXxNt4PtMcyWeuTt6ZKaToFOTDGv5Vl39HQ9yumlVwTmarpVvadxsaQ-Mfmojo4BKC91cZSF-oGQVQtnOCCnOwZ-cugjdmnOS-OLVgeVBhDb0yOOJ7EFLo4yao7MU5By2s3WlmlIh0L1h1Qjl12QQLh2NTN1AvN-YwoIjFVuhzMYBm09CmFuWvFqGH4FJ01Qk2ub0C_IjoV1hDPbPzCE4UFGj3U47VzCR3s2xxyVhR0cWuugfk0UrcJ4OlXM63xszytsJ7wn2_-Ct28Geh-SNmvKWEsfwtZ83IXl5QQM9Y98cuJ6Ih6-U7qyJHtqDvxu4IY3LqtxrtCJKdo28L99UHESn_36CJ0Qjqfgt835l84zu_t6ZLHW6lDHIEx_zTO9qA7fTZeNiM3dYptyPqEMTz1NaD8uliAGpfehGxV0FP4DHKEVNC-0yEUxXzlipiLBL1SKbRPS3-5jRl4Js4bE1RJ1ysHE15JMAAkrO95104hIJM0vNEse8-XAmvE6k2-m1pJUhhVxp2vfXgTtjFs5G6QhiZ8krOEzXH5VNjVs7&sai=AMfl-YQUT5qTUPcrua_qLQXq79_yc9RXQBmgdQapkhAOm0Z7qhI4aNFabcx0-2p0JRzR-yAPGEeIQ9ddDMJwzOk-ifXR_qfy0ooTTiLcseyFF4x0KIJSZ3B2QRWSMWPz3Eop4_AVjMaDP1igQiuhxd7MJ_mmqp3wr0hJccFSlYAisbH955xfEZl6KvcwOLeJwSG4y74HP2XnkXzr2ALXeJY9nRlcVeKqEp93nLym74u1NUHVaoWc5llRc0cgq6EbSoa-pY1b&sig=Cg0ArKJSzEkSEraj1j7YEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=144&cbvp=1&cstd=142&cisv=r20230510.78318&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 May 2023 07:13:49 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 12 May 2023 07:13:49 GMT
px.gif
d.adtriba.com/ Frame F644
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202210_es_hunger_dv_pros_347628237&atb_dpuid=di_dv&gdpr=&gdpr_consent=
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Server
18.158.240.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-240-157.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 07:13:49 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Fri, 12 May 2023 07:13:49 GMT
Last-Modified
Fri, 12 May 2023 07:13:49 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5F58 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
172503
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 07:18:46 GMT
expires
Thu, 09 May 2024 07:18:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 18E9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDgdpVbzgkFATWwYLu1VtC4&google_cver=1&google_push=ATf1kGODwTxsusAYMrDJNqHX_Yge4feK3VsLWNi_0vyljAtGCBTdwLNm12eBoSQDOXROUwuuntOJ-R34Ta2hx1W4MBcLKr4Bh5Tt
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTE3MDYyMzMwMTMxMjg3NDAzMw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFj5IAPE7JmaGf3Fst9Lrgo&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFj5IAPE7JmaGf3Fst9Lrgo&google_cver=1
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFj5IAPE7JmaGf3Fst9Lrgo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 18E9 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELFlzyi2YzoGdKCL3WRXSHQ&google_cver=1&google_push=ATf1kGOSY_U_7Y9TPU4o_soBOl7nxnDZwfRhIbiWeyR5oFzvyvTFoAfrXkJwpt-beimN1PRV1PhFZkPF0KFZo3Z-bCF0SWblXXNDPQ
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 18E9
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIRV2Q0F2djuBNZXTFZgRmE&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZGZmMHgzV0UxUFhtWWw1&google_gid=CAESEIRV2Q0F2djuBNZXTFZgRmE&google_cver=1&google_push=ATf1kGO5sb7znNe44VsX48xcjaoeHcW2-HCdNCHBIsK3d0u...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZGZmMHgzV0UxUFhtWWw1&google_gid=CAESEIRV2Q0F2djuBNZXTFZgRmE&google_cver=1&google_push=ATf1kGO5sb7znNe44VsX48xcjaoeHcW2-HCdNCHBIsK3d0unVh8KEfDIyD2R3Z-tEBZwmNxQIyk1-8xgWJXrETizDgmZDOKf2JtqOA
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:48 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0943143fd00beb9c6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZGZmMHgzV0UxUFhtWWw1&google_gid=CAESEIRV2Q0F2djuBNZXTFZgRmE&google_cver=1&google_push=ATf1kGO5sb7znNe44VsX48xcjaoeHcW2-HCdNCHBIsK3d0unVh8KEfDIyD2R3Z-tEBZwmNxQIyk1-8xgWJXrETizDgmZDOKf2JtqOA
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 18E9
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEEoYdhf2Cf3lRIZqTAIeHww&google_cver=1&google_push=ATf1kGO3f3YFbX3KG4GxcKQkm6ey65a90vy8OlCw1S0iAcAOLsNLUTrUQU-J-j8a1YtVqsHgDSi8Im_k2PVm_geXi_rzA5PeLg-L&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEoYdhf2Cf3lRIZqTAIeHww&google_cver=1&google_push=ATf1kGO3f3YFbX3KG4GxcKQkm6ey65a90vy8OlCw1S0iAcAOLsNLUTrUQU-J-j8a1YtVqsHgDSi8Im_k2PVm_geXi_rzA5PeLg-...
43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEoYdhf2Cf3lRIZqTAIeHww&google_cver=1&google_push=ATf1kGO3f3YFbX3KG4GxcKQkm6ey65a90vy8OlCw1S0iAcAOLsNLUTrUQU-J-j8a1YtVqsHgDSi8Im_k2PVm_geXi_rzA5PeLg-L&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO3f3YFbX3KG4GxcKQkm6ey65a90vy8OlCw1S0iAcAOLsNLUTrUQU-J-j8a1YtVqsHgDSi8Im_k2PVm_geXi_rzA5PeLg-L%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c60dc7c99e792b1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1489
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEoYdhf2Cf3lRIZqTAIeHww&google_cver=1&google_push=ATf1kGO3f3YFbX3KG4GxcKQkm6ey65a90vy8OlCw1S0iAcAOLsNLUTrUQU-J-j8a1YtVqsHgDSi8Im_k2PVm_geXi_rzA5PeLg-L&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO3f3YFbX3KG4GxcKQkm6ey65a90vy8OlCw1S0iAcAOLsNLUTrUQU-J-j8a1YtVqsHgDSi8Im_k2PVm_geXi_rzA5PeLg-L%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c60dc7b58fb92b1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 18E9 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESECvrLay1PSxhuE4yGRiAMY8&google_cver=1&google_push=ATf1kGMllWIsMT1PnNO17qx2-QkVkiyS_7fc2c3_OcqsVJ488nnm7ddVIP8DHnHnwDYgGeA3_Rv80_tk_ujwgSC2wFe8QnUTOr8iZg
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usersync.aspx
dis.criteo.com/dis/ Frame 18E9 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESENcccr_m5gVaNCJRdKXQ28I&google_cver=1&google_push=ATf1kGOGh7ePhvsmiSeKlE1vbzroHr7EqBKY2thLQPZSxd0W-BSK1-A7xfkPce8Lgq_vXKVpMV632J5B8h6Tvxn0wsmoxdDlrMA50Q
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
317678
expires
Fri, 12 May 2023 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 18E9 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEH3xdG2C-Qj310vnAZ3-2yQ&google_cver=1&google_push=ATf1kGOkMaebEtKzKPLvJdLRcE6qvwQPNU4Q97mDiYmFonvEfjwdw-rPlGyYNqHwK3IV7QTKg8pohGpDmh_IcLS-iFeUGJB64NvbJQ
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
tng79ef1m1g5s68opico6efujno67klr
attr
cm.g.doubleclick.net/pixel/ Frame 18E9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KVAyiv3M3Bl1OvDM5eyAaq4LZ2MXaa4O-1A5zfRFRtk60W451kckOV5G4DN6LuOV_t5kU6
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
styles.css
s0.2mdn.net/sadbundle/11799348657721538044/ Frame 11BF 		830 B
430 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11799348657721538044/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11799348657721538044/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92f5cc44b682dd86b0c7a777f990dbd1d8a8ce8a64076ae84199fcb9bedcdcb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11799348657721538044/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 22:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
462740
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
401
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:46:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 22:41:29 GMT
tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 11BF 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11799348657721538044/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11799348657721538044/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37530
x-xss-protection
0
last-modified
Tue, 06 Sep 2016 20:51:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 07:13:49 GMT
main.js
s0.2mdn.net/sadbundle/11799348657721538044/ Frame 11BF 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11799348657721538044/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11799348657721538044/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
520d28f0b4f96f76a15119e65355d3ee6cfccd7518520e3194fd1585eb12e6b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11799348657721538044/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 21:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
468670
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1399
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:46:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 21:02:39 GMT
A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
pagead2.googlesyndication.com/bg/ Frame FE3A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 05:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
5035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14779
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 05:49:54 GMT
pixel
cm.g.doubleclick.net/ Frame E004
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBAXAQImgBxV6_BMcRNElQc&google_cver=1&google_push=ATf1kGOJcvNs7SOA-duUgxkfLtzClPogzluRXaWsNjarGSVhAGqSrMZNjXdQrrfLdSn8KZk3pmsZ0ksbvQFmaOiI...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOJcvNs7SOA-duUgxkfLtzClPogzluRXaWsNjarGSVhAGqSrMZNjXdQrrfLdSn8KZk3pmsZ0ksbvQFmaOiIQ5bptwFHjSBHFmo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOJcvNs7SOA-duUgxkfLtzClPogzluRXaWsNjarGSVhAGqSrMZNjXdQrrfLdSn8KZk3pmsZ0ksbvQFmaOiIQ5bptwFHjSBHFmo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 12 May 2023 07:13:49 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x28 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOJcvNs7SOA-duUgxkfLtzClPogzluRXaWsNjarGSVhAGqSrMZNjXdQrrfLdSn8KZk3pmsZ0ksbvQFmaOiIQ5bptwFHjSBHFmo
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 May 2023 07:13:48 GMT
pixel
cm.g.doubleclick.net/ Frame E004
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEA-c1bunoqvT2vP6JVQtnSI&google_cver=1&google_push=ATf1kGMzSKeuYsk1UErXosldB-vqOtAJuK_sPHQgJj8pD0sw-DB6crMLZRoej5XztZdukO565pdgTKF7R6n...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMzSKeuYsk1UErXosldB-vqOtAJuK_sPHQgJj8pD0sw-DB6crMLZRoej5XztZdukO565pdgTKF7R6n4su7d6QtwOPfqqlcW4lM&google_hm=yxTPFXxITMKyyrFoV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMzSKeuYsk1UErXosldB-vqOtAJuK_sPHQgJj8pD0sw-DB6crMLZRoej5XztZdukO565pdgTKF7R6n4su7d6QtwOPfqqlcW4lM&google_hm=yxTPFXxITMKyyrFoVnLDmbg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGMzSKeuYsk1UErXosldB-vqOtAJuK_sPHQgJj8pD0sw-DB6crMLZRoej5XztZdukO565pdgTKF7R6n4su7d6QtwOPfqqlcW4lM&google_hm=yxTPFXxITMKyyrFoVnLDmbg
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E004
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBl51XH-xih1DywBxauG1qY&google_cver=1&google_push=ATf1kGOb2ZvhTMlYRj9rQeiYT8wo79tUdLRanh7rUGlqL9sRloS5nwgdddEHnoT6vBsRXvUEZ1XFj38Edw5Y55K1...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6Yt0YjJTQxmsn9CWhEyoPA2&google_push=ATf1kGOb2ZvhTMlYRj9rQeiYT8wo79tUdLRanh7rUGlqL9sRloS5nwgdddEHnoT6vBsRXvUEZ1XFj38Edw5Y55K11FY0-8_YJA3-xfs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6Yt0YjJTQxmsn9CWhEyoPA2&google_push=ATf1kGOb2ZvhTMlYRj9rQeiYT8wo79tUdLRanh7rUGlqL9sRloS5nwgdddEHnoT6vBsRXvUEZ1XFj38Edw5Y55K11FY0-8_YJA3-xfs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 May 2023 07:13:49 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6Yt0YjJTQxmsn9CWhEyoPA2&google_push=ATf1kGOb2ZvhTMlYRj9rQeiYT8wo79tUdLRanh7rUGlqL9sRloS5nwgdddEHnoT6vBsRXvUEZ1XFj38Edw5Y55K11FY0-8_YJA3-xfs
x-host
tde-deliveryengine-production-68bf66644b-xcrw7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame E004
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGbHi5P7KcqF_pWj87itvvo&google_cver=1&google_push=ATf1kGPpKugb-L6IiOp_o64PmjnBrGBGz564sQCJP_ssXynXv5Ux9VgO9s8znTlfbo5grVNpf7VeBb74iEdjWaHlkjHJ...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGbHi5P7KcqF_pWj87itvvo&google_cver=1&google_push=ATf1kGPpKugb-L6IiOp_o64PmjnBrGBGz564sQCJP_ssXynXv5Ux9VgO9s8znTlfbo5grVNpf7VeBb74iEdjWa...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPpKugb-L6IiOp_o64PmjnBrGBGz564sQCJP_ssXynXv5Ux9VgO9s8znTlfbo5grVNpf7VeBb74iEdjWaHlkjHJ_LHH_a14sQ&google_hm=8Ux7x1z6RrmjZ7ediWrg2A==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPpKugb-L6IiOp_o64PmjnBrGBGz564sQCJP_ssXynXv5Ux9VgO9s8znTlfbo5grVNpf7VeBb74iEdjWaHlkjHJ_LHH_a14sQ&google_hm=8Ux7x1z6RrmjZ7ediWrg2A==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPpKugb-L6IiOp_o64PmjnBrGBGz564sQCJP_ssXynXv5Ux9VgO9s8znTlfbo5grVNpf7VeBb74iEdjWaHlkjHJ_LHH_a14sQ&google_hm=8Ux7x1z6RrmjZ7ediWrg2A==
date
Fri, 12 May 2023 07:13:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame E004
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIiPadBqG7WZhEINk2a1Umk&google_cver=1&google_push=ATf1kGMSOZkLPTZlfW2PcnuYE_I0ukIaY7mEEEpFraZZf9DIKskQOEbF7iVUdRwqrwvrBn1IZzGlKSEZKmqintlTBn_1i8G...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMSOZkLPTZlfW2PcnuYE_I0ukIaY7mEEEpFraZZf9DIKskQOEbF7iVUdRwqrwvrBn1IZzGlKSEZKmqintlTBn_1i8GRc9zsIw&google_hm=eS1UaWwuVFRoRTJwSElO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMSOZkLPTZlfW2PcnuYE_I0ukIaY7mEEEpFraZZf9DIKskQOEbF7iVUdRwqrwvrBn1IZzGlKSEZKmqintlTBn_1i8GRc9zsIw&google_hm=eS1UaWwuVFRoRTJwSElOQUdrRVhYX2pTdERZejVqbDJyWX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 May 2023 07:13:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMSOZkLPTZlfW2PcnuYE_I0ukIaY7mEEEpFraZZf9DIKskQOEbF7iVUdRwqrwvrBn1IZzGlKSEZKmqintlTBn_1i8GRc9zsIw&google_hm=eS1UaWwuVFRoRTJwSElOQUdrRVhYX2pTdERZejVqbDJyWX5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame E004 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEPeU8oTEQOqSBB4Awb9I0Aw&google_cver=1&google_push=ATf1kGMh5I8WDKusyEMT8Zet6RZRFIYByjHlEYEw_760nIq_2y5dHNu6EOcH5Tv4UTAx5n3p74V5WKGzyQi-l-ZCKp2G2K0xEPH4tuI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
285186
expires
Fri, 12 May 2023 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame E004 		43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEBzx7Dci8jr6gIadIpZwRA4&google_cver=1&google_push=ATf1kGM43rvplI2OxFHA-xUK-8pm6d6iMu1HsX24N2S4fTfrOMSnjCGSCzIqYDvhmW0GUARWYkkVRwbzlV9F9j0HzJ4zss6e7d9qzP0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:48 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
lr83o1sr5ncmo8kqus6l029maug3cb0e
attr
cm.g.doubleclick.net/pixel/ Frame E004 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LiP8ZbEf8wf4k3144iPk8CpquhYVOj300quN3GZwEPVWUhgZQ7s8D4ZhDadn4ssxzM2SLv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198791085&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875628514&bpp=2&bdt=114&idt=259&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7072187039029&frm=8&ife=1&pv=1&ga_vid=394798252.1683875629&ga_sid=1683875629&ga_hid=1845346858&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=33134225&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44773810%2C44759837%2C44788442%2C44790154%2C21065724&oid=2&pvsid=4387797284332370&tmod=1638594040&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6c0eybry1l1n&fsb=1&dtd=264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
styles.css
s0.2mdn.net/sadbundle/2643589595411275818/ Frame A6D1 		829 B
431 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c3294ef598667c6169398d34721280ddbc9dffcba5bc3ac190357374f841347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 18:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132666
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
402
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 May 2024 18:22:43 GMT
tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A6D1 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37530
x-xss-protection
0
last-modified
Tue, 06 Sep 2016 20:51:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 May 2023 07:13:49 GMT
main.js
s0.2mdn.net/sadbundle/2643589595411275818/ Frame A6D1 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f66701275896763806723b24a98618b5ae17e48da67fea9132b98f31aaab60ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 09:29:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
510270
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1399
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 09:29:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DFC6 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 May 2023 15:17:48 GMT
etag
48472445140208031
expires
Fri, 12 May 2023 15:17:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EF3D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad899f1b1f18501cc694e0a7046183eb779931af7b2aed082a2b59edc56794e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame EF3D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJAqvab02a00TY7FTfmkOTph1_NAr7C3lX0eHN_kSIVPC4sxgCAs-S9a721hQOiuAAUeJwiMsBd9-uoNmkBkugfXamNPRRt0GWkVbJaHoxpsh_nyCOEc6s9Li7dowF664YzT2wdGhe4Lr1DmWrYWRJVOSqqUlwFRWtmXs4y3VKjW6wodsoV33wsrWnmq_48912t4bnUSwcBPSWRo78fusvxCJiptRCQ07DA0NjBtFsvGBZ3AO2EXXH1iUh40lwccNXQnL2LFbF84UshTuFJpazHWyyvPIoqosqv8zr39nyixStXw4uGl-Bq_Q_6eRdrlMtbFqVwdX7Bc9qzOOZ0vxNuxIUi5DZ7i3Uia92iwzzFBmRUnNfKpX1PGmDCAeByRsOvkMnxqJFOuNJ3wNuuSugEJR2e6IwbELExsZUEHMNObbFrCTGpTdC_FcupGapiTiB55OlrbOUZZ-WNzfhcq95Ekxw9dSvGIM79oXKnZoahpepnid9n9RxCdzlUpfgn6VK_HEBp7qXAW1yL_yE8aYcuFL7K72xl3HqfijLuGAj3mM0i3PX2f4C9jiZcHLSdZnxBmEdtP4XDS2MG1SZHL0ql-YaYaTc_IYiah6cXH0-vwcjU6lIY3sS2dFnZd1JYROwxUP4uTl8AM8Isg4E6eVnIyGq1icWUZjmelOQCj4QA31RxRtppOdJ68QdpED7zuM3lBLDf7kV4_Sa9ATenVQHoAdl6pB5mPGgkAuQEro3jx9ziL9eas1qkLUmJsTJs4ChgLP2ec-RMe1ezbGIqQl1l3GwmTSuTgGQgiqB3yEFMcXBCUZ4xFOuJTfOXVwfAiIKJ8y8UtKjmxRJq6ZZx6DPpH4_zkDP4O6oy4wjQS4xA-8EAVYYY14MNuyO2cE9U0iC1_WtEIaGE8iSLk9aFK2jr8UYnB4Wuu-Vz-Pb9nuzyGQnkO-Phc_N7KL21MJQPgO9ROLqaanHv3etGNYNnsDgKGiij1FmBOsyqj3rzRq5mlESIVijkrIcw0zkeohUNDwlBUm266Kmup9mJmROpfkYDlowTNSbdr_UuJyTOS4tLUzawm4NNdh72QXoroyiUPhavdxYnfxPzJKUH8tb0MEGy_CT_yMiU8IWErALSRuPjTLof1aq1fepcEn4kXQiM2JUb_X4keY8c5Z9lHWWA2MdEJP8BzrIOuM4NTMKtGMHKvnRScUZRlF0zmcLKUVW8FGL5M0ih8hIHSHWYNtMGOITsMfiwrQ0TtOZuH-KrPPXubtpQrGgfG4HmXOsW2r0CXTKCIU4gOTpm1CNYhcwEQTAhyFycoBxGh7UGkx3Nr3o_X9Qbnfbc7BnwDqLbyGDGJHhD6rKzxh0SuHtpZr8RyE&sai=AMfl-YQf9-8WPwrqeCLXA5bJYu8ssmqcOsBxPzZkGSlCyAV813OVHS0d5OFUyyD2f02aJIehr0La7fZwz96cKpAn7Gp0HM6zkOqtLq_4FgtJUFz1pFzMIXK1vGh8M_nkb5yKvLCoCZDHhJGzizOnzSztB5L0zrxtQqi4bv2tsrBL-WSswlztchve1NnjHEmyIIJsFHU31jy2t8NdGMlzuUFZCMj9mXu2fVibNKd1g_iG75aauXhpKwTJCIJRdaarGcw3YrgZ&sig=Cg0ArKJSzIsDOhgj2SkwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=76&vt=11&dtpt=74&dett=2&cstd=0&cisv=r20230510.13589&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzOV3fesjxZyThNb6T-iVKFzB_5-FiRzmvE3BNBUtlPGG50mHfWqz-0EZNCDnNkXnf7BH43RQBb16PxCCFOhpHzzhz_j4Ym-kFHW4gwnw6Z3HvMolG6Ug4YTDeVCUeIhn2W8Dp3V0iXbbd00AzPa1u9DXotOMvlwforf_c3ETwu5YJSc8&dbm_d=AKAmf-AIH6jHsXYatMRP21G8z5owKgAC6zliZMZe3_l5AOJ4gQ8jmi1iZecbYxeA4-OWs0iWl43qgnFlW3V2s-drGKnVdIKSg4f3wpY-WEWtvpXH_Is6LbMVFzuMhWbfgtoq2Qq1wJbcknNbSkXTxctf6NLNv9yNLA-ZHOQ4gMVr7W0GCum7PdiNeYEUFqZVpysVJW_OTL7l00katFmqKEIi4f_Jd_m3E8f_A9T5-PGiCL6deQQ8rJk7CL0GFa72elhvNiqT6BJe2u2biNwevagh0THUc_TVeTrnsYraTR-DUXBGsRSAYd9AlJpUbjOUm5sqVm7kxQYc5RwnLzg5TEBv7LQIB4vfMZQ0ATaIvYSKb2sZr_dapI-XVBcjY25EZC-1cmIcB9rHroqNOvYhyWAoh95lnJN_ohe6veg9SsCis8ln21CArQ1gtp_Steyl0L5aQnO2Gv7UsQVk4JqKNRl89HqnP9IjnlMnS89u42Vt1eXALoCH2Lj3sTChTD4LJ-A3_3d4GtxH7uAVCducSq0EdLiu_m-dWdp-TnrOlpAblmbbBjXKmAfXqP8GqyhCQV16aiElhykhWNqv7k2NpCFXeFcBFNiR1dV3lfSfhNDYfhB1RRy76_LPsZIOLwHf6ldRlm4hPU-12T-fwPy-41Z16uBtYsx2gTvLbBEySPityG-1FKWsAaLBwccA619NM_O1nbopwCB7eZl_LuZOwqARZs2pTBgPCSU4jWVLuTgzX8LFl0FoSiwGcIP1Jy2ilNaK1TorXJdkAjbg0uOgqGCtTqdQhv6x3nrATFgQlHxyF8GeeQGdiBEYWvJnoUpomrk8CZcGupLJ0ZayFcw53e4asccAPY1dgUM662GjipVAK77UZPbUwTByhSj4XKIDtfO62Z3PlawQCzo-_O6WyC01n4h7capYcM_tIN9rkyB9vmM500XKf0JtJyXIWfHmr4A0W4ucnpoBVCmrrQhPj0V_qGJw-Txi4tk1KfN24qWCfZRA9IO8-0FI0-HjIQI0blC17DBKYupxbHjOmjGPE5WJCX8rHda0H0mS7_I_pGc4xZv_4ltEzvDf78FD_94moYTgJfyDxHNiEX28U8ZXXaEyQE9vKm1n4G9TQzfR4N6N1HhY-6J7lGbtewOg-jUWEDLL2IqShBJE8RHW9oQ8glbhOPvE8BUpnKh2IrrykQB-7PKEtq5SKuysr_vSpVF4DkLXozUq05VACfiEtKe6mTbrSCkgd8nR2SrziK3hcTcjavs2uNgarQg87WlhtON4Ckxwa3X1gegB01cfUzhQMCtudlo4zMmcwd7-IQGTCkkgcXMi2er0K5DM6Jd_XTN4K4tLkT3Eh5L7SPU7Vu4dwAM0Tniry5ONeA2Xa6mY4UOCSZPuLhQ3MyRXRJrLjuMqYo_aBYbaW6yz4fP_uUQu5bBx-qvnTW2CKquB81mOHe0jmmjDKgL3_f8hug6i_tV_j6NKmGmrOkCc1_xEF6nfrej1SDRTAv7GGYG8DDWRHoKn5ZLxFvCawaWPc66XYIyht2wsBgcBB2ZkabtfIeJ1P_FCEHhdI9DUS31VlYIUr6i7PzgphN1bslMlAsaSCEf8cGHhL-KOUQO85M-gHP7_EJS5OLXc7-IeGzy45TAQro6JjFX8p1qLDTvAonoL6rBGYZ67NFfJSAndCyftaMXj97RlIEB9Lj1BpgXkmRaN_6bSK0uxs0ySXo6Btb6phCqLbvc3bo5dQVSpPDokcK43WETttS8IDutf3_wbW4yyGo-9VP9uvsvPWf2vaLEGQIwQpm-KnVIEPcoFd6VzjKDVNZguSdKmBKj1AaWXFYEWMs27-TERjiEPKg0IZZZx8K_6B-jks9oDtnChb9d5cEP5sLdh1LRG-Mmd04VRUsMsZxSQh--J53vZJMdKhXyIvm29WFUXm1gGxHcoP7dkw74pRileskmqrMw4MBYPUeRLkLQDR-IdYqM7iayKHRJ-jVrSysnKGtBcH5iFmqfr1YPK2FEkxID_klCGL8zUzqrvI6MoePCnibdlrASUMiSAj6NObZbSpKx3kmjNGUN1FgGkkH5jI8FdGiYYbAvTs7NXLRLbkzFYoSgNgcFY0HB4r1iRRDUnypljCemgeAlQfYXDPbRRbZLsZKOJ4JwPRZ6N90eYYygYqwWSapvcg7LYJF9yGjIODjfJc09TDthoUk7eYzPUrFsIL7uQbZti00GMhMARIFcpPZD_U3Y4SNR0D60UJnegAw2eaMff1wzjPs0IpxvFEmgwdnyf2w_KPkaxXSwf_-p5RX4hJH4xjSsc59YP5uy_fRdC3f6B4lVkJveADjkAZAtUvM8e8TvoTitu6YPMbj0ZafrhG6ZGCwqZG7LeAqtDDDInXh1647yQiB_aF-V2BDRSfLU6KsQjG2aBDXAabsdaf5vEepJ8W-F-Y33OFy3DCfkUiMl5Elvw33ZzSDMy9CBohi1uFRrcQE-rJVh9GoL1u2RhDSW7VdffwMsP0dmjbch8ZgA60bjNd1OJSKejIALE3C7mydTK3nM8FamRRP0kpIDQ72YtoTi47W8HNa4YGGxhQxQvRTZrLrI5P9XMwXkD7oy3N1eL4oRfcp3Y3q2QUgi1mMHKktD4PNNJEla759aFqIIRAsZn3nq3oK5wuvlAXUoG4vB9L9qXSQlAMb0uqUo29v-x-LBv48nZlyuuBTWAX3DGRxXuz86hNGLpkJiGWQsvMkYLrjJF2SlJQ0WMZi_DqetrWvmMOwF3qpvK06OQ5F7gG0lMKL7X9WfDFO1uaBUWTJZwgT4Gk-EK_HPdEZuxSlNiF_GhWjBl5FasECQ8THeE0LjimhnHJNuq5BYqKDqHQmZLqA2NWEiIBvmyhY8mP3YuzsnAEPnLODwQwgdInlxzKyP7Jy4aOc87PCYebwGXET4pMi8nSOqhChzn0KZxQfYkhBoDUDRL3DeQRd7lmtoim6ATI3lx6tlseoIKoSHbk3dd995TjhOS021f-RXk-Jz0yHxRjxHGD7NYpvJmtiaWPn0H_k0pkk0WfxZ0Zy1EkOSSX9cqKwu4HmfOSjPHZKzEZhRVZ_VzyrlabaNBbBLYB_U-SiXMD2jGngfR_qGPHq0kJVffErnu6AFtmj1EnXAfNMRzBKd1h6rB7J2_kuQ-FXvY0ni04r8eGDL3PImyLI5RJatJxKgeUaC7Mh_mD7lDxx9-gsOaOlb3ONlV76mMgDjpIUw2IvISSUi6Rnj6x8CR2ZgaKgzAieIfD2NQC4I-nGrDR8tYH9_BzMCaPE9r3Q6-A6oJuYchEDuIsXhc91JE_RYE-glR6b2Rf6OjLoim5OxnS5iSg9riJ0QlqP00vlbglrgEldmEifBtaya3fsgePcY-MZoqfnvl_UfmsxO_KJvnNG8lWYEAnzZSZvna-S-MBhYriDmDHeKgA1boShht3RYlWf-odIGeRAJCubZ9H1MsRuhOsFJLrxz2DuUB4DI4Itxe-QULJAETDGIYk87AvyvayPh9fMbWkyHNM7mTfdLTO0MPtSkMNp0WX7_Uv6lwvcpl8jenbo9_FhAwduqivBgd1AHnl7GG9sSo8TM9_wfbUGLZhrQZ5INTi30iixdeQiJNojlWH-ICn36IakWPUA9JF8HAXTb3U_-V_ZdtSs_bO7Slcfh2gWdmIk-hZ0At9AWnI42fLwmRslnIzhVu3XjIPGVN_LmcLyEDq9P9sFHtEmE5dSacEdsd1z7hSIlPRfYSTmDlwrL9IyEQsNy-FcrQ3T2vvqLM7OtdixU3__sYYf0W89ENFkwUjtHS&cid=CAQSOwBygQiDl8dNwd3GfehETPwvQSSVAQlxwhk63eQ1nJ0jeHOz8XpQaADAF0hu5a2sjjX9R_9h-1hfmFVcGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpcloak.blob.core.windows.net&ds=l&xdt=1&iif=1&cor=10899176448837954000&adk=578009112&idt=78&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 07:13:49 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6505 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
172503
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 07:18:46 GMT
expires
Thu, 09 May 2024 07:18:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
pagead2.googlesyndication.com/bg/ Frame 5F58 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 05:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
5035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14779
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 05:49:54 GMT
bg.jpg
s0.2mdn.net/sadbundle/11799348657721538044/ Frame 11BF 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11799348657721538044/bg.jpg
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0711e8b40705bfe578257b7ccd102e309411c0cec6ac0722ec487d827733388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11799348657721538044/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 21:15:07 GMT
x-content-type-options
nosniff
age
467922
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54848
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:46:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 21:15:07 GMT
band.png
s0.2mdn.net/sadbundle/11799348657721538044/ Frame 11BF 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11799348657721538044/band.png
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
607c41758097d2b8429fa6d3c628610701802c4a9ba8dec3901257491bf3cb7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11799348657721538044/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 22:56:53 GMT
x-content-type-options
nosniff
age
461816
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4859
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:46:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 22:56:53 GMT
text2.png
s0.2mdn.net/sadbundle/11799348657721538044/ Frame 11BF 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11799348657721538044/text2.png
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e97639114954ac5d65f5065c56d92d777ed1592dd283b3009959fa5473218cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11799348657721538044/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 05 May 2023 22:15:26 GMT
x-content-type-options
nosniff
age
550703
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6323
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:46:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 May 2024 22:15:26 GMT
text3.png
s0.2mdn.net/sadbundle/11799348657721538044/ Frame 11BF 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11799348657721538044/text3.png
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d70f5e3076126b0f029c2842e0f3374e5d02070a295f5d25e2c4a0c7c823ff1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11799348657721538044/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 06:38:38 GMT
x-content-type-options
nosniff
age
520511
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5214
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:46:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 06:38:38 GMT
cta.png
s0.2mdn.net/sadbundle/11799348657721538044/ Frame 11BF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11799348657721538044/cta.png
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6c6699a632aac7b20247601a044bcb1151bcf638d9b435ef4c29aac1d911b3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11799348657721538044/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 05 May 2023 10:21:58 GMT
x-content-type-options
nosniff
age
593511
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2416
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:46:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 May 2024 10:21:58 GMT
logo.png
s0.2mdn.net/sadbundle/11799348657721538044/ Frame 11BF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11799348657721538044/logo.png
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca5186c45c8b98fd128a56f0778172c5088be7086f94ab4d9c0fc0657081f29e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11799348657721538044/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 21:27:00 GMT
x-content-type-options
nosniff
age
467209
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2635
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:46:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 21:27:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8BC2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssVxEnRKU_hfKK6yKElmqAKSDsZOR3rAz4qKDjmjgp1R5LLoFmV-fyQgROqL75WTaOfDX9vD_Dhrshk0YMRrwXDn1TFXg5C1LDCZ8unIz5fVATtGEw9ns5yFWPZWw0t-4uzIT7ebliwWhUAEWpM4R4nYL_-S4oDWajGeT6TKwXQHULbWWpm7twYlAAyj2vc0PtTOkqYvPL--W979mNR9S5IS-2HPKG7O3xBGSwFacoxaOFrw5vjMiYJfns_iQ_7SKEYwLWKrFh6WKdprqdQAJQ9VFIyyqI5dqOkEDvnRH1lk53BvhXuJ48iaUinv-lNsPeuGDkhrjSFXQJnUuadLcywNbAGRuxQ_mm3xNHH68igLPjUlXUVXi62Sb87T0JBuKF6PSqpJ2R_BGFkAUHg2dKjd6B43yYnm0Kce8AnIANN1yVSsxSJKa8sJy-Zi3uJdiGQSEPj1HDcGJh5whmcqrfDx6sUvn5xaYYg8c8zjp-VBvN5U8cWQMYOJYI-FG3txuTjLOkq1lkyL13sGjdbd1VeDUusxxXNg4AsAXAJic_sVPWXdeREelOnjN2zK4hOqQDzbeueG9ORHBRC4tfrCJQ2u65KhtPc4fGJPol8CsVjAAjReKkyaIchl-9UwYgClYoLyA-CBWmXItKx9cWDz3VbHO47KY_M4P-fjftEFg5hUkuc3g5kJJWl_cljvkQ0C7cNUHdoA6ZwjixXWGp4mEn7gszwkIGA1D2rmCYANIYR4ryR2MYnRZtLfNKD4rl_452AotCFiQGzTJ0TFQFk0l0bDnlJP0gvnxWsGZAeYEM3DxQF2YTmtPOpqtCHa8VV-P69UClaL9-XSDO-KDoqXqGbbZNTqPzUPc524S281rCT24C_UZPXAEBXQD_asOTMmZASDIT3RFD9glvjH6rLu4H7uVjksE2SQQt1f9o8qgaY-Hy4sJ0nYaj8oj9vEesP-NDfuS8P58ABnSlO2TblAkJsUsiz0I-6NdHoJ8mAQa_FC7r0smQr-jgiBvlUZ32v0IlVgbBZrY_kmA4YD9o7uJSyQVcdiWXqZYW_Wv7Jmrb7pMjQO4YUbyEM8Dw94OEPNJLO5Iek3Sdv0qLx35JG8tx01fYzwOcQVcpNq1dxyq0Z1RxWwDT7QhJOTQ4WCkG1AEmRQzu9m1yr_GU7Wklezq4bqFAQoy2NttdNuqH1Hl7l4INiaWqdPBgW4cUu69Gv30-qcQ5woTQFU-k0PTqk7rVSBZyFtotb0wnQTB4ywUL32Vy4HCTvmGHm-XRQ4_14O1zveiWcL2-zr5D2PjGvyhrpSgTRHPlDzVtizfyaiGvllxeaa67DkB1FDHpz8A47HsUlMMtkaUrcZEQ&sai=AMfl-YQBKCX_KSiavcU5WGR6D60PCWaZ6-BWoZgX-kiQfVdynz4xEtI69S-dR_4FOm4dBCDSHNW-EnI9aEyxoVdoVechHG9hfUKJVeL5kgDTZRxTVKQDBI219N668mmdd-ZZsx7blw4-H7EJFa5LJBtQWucDUJGzhsEuc444uHuJHjrTXUkaxa-LdDho5E9sSZ854vIs_tdgPrhdWn3RmTuuTkcSy88DakrTsmTsPw83_I4sJuOEcTGFCsU612ts4pBHST5v&sig=Cg0ArKJSzKubwxt4dYslEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=356&vt=11&dtpt=164&dett=3&cstd=188&cisv=r20230510.31947&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 07:13:49 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame DFC6 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDggJ1w_aLMqC7BOyiHdbu8&google_cver=1&google_push=ATf1kGOskyhPBuahLv0VVymcBL2Dos50xwvmoTuK1towTXc9S5QHNgix_X7SPkTvhnnQz2nx0XuMqI2xop8z8MKaenhCPKSUMkU
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame DFC6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDXtKSRhhIQyWnUAkqs0ORk&google_cver=1&google_push=ATf1kGO7J81od5PhXCMy093Cz0fNneZEWxBCI8On47HyRIz5hfrtzp8QcVImzQ3OPgYqTaoP2XMbmuIQVSyMGM_6...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO7J81od5PhXCMy093Cz0fNneZEWxBCI8On47HyRIz5hfrtzp8QcVImzQ3OPgYqTaoP2XMbmuIQVSyMGM_6yntotqdB9ilB
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO7J81od5PhXCMy093Cz0fNneZEWxBCI8On47HyRIz5hfrtzp8QcVImzQ3OPgYqTaoP2XMbmuIQVSyMGM_6yntotqdB9ilB
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 12 May 2023 07:13:49 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x12 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO7J81od5PhXCMy093Cz0fNneZEWxBCI8On47HyRIz5hfrtzp8QcVImzQ3OPgYqTaoP2XMbmuIQVSyMGM_6yntotqdB9ilB
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 May 2023 07:13:48 GMT
pixel
cm.g.doubleclick.net/ Frame DFC6
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECOEGreAVPymI8Vl-00BOSU&google_cver=1&google_push=ATf1kGMIRQ_xrN84jCAo0bc7DbGYmbBIIqV0etm4gtTT_e1anDMBOsTqQQh4HhXxXP6J_fHo-fy3TR82BaAAchaj9aOe5e3gJvNm
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=69E41AC40F32434298C79ABCBC4EE3DE&google_push=ATf1kGMIRQ_xrN84jCAo0bc7DbGYmbBIIqV0etm4gtTT_e1anDMBOsTqQQh4HhXxXP6J_fHo-fy3TR82BaAAcha...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=69E41AC40F32434298C79ABCBC4EE3DE&google_push=ATf1kGMIRQ_xrN84jCAo0bc7DbGYmbBIIqV0etm4gtTT_e1anDMBOsTqQQh4HhXxXP6J_fHo-fy3TR82BaAAchaj9aOe5e3gJvNm
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 May 2023 07:13:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=69E41AC40F32434298C79ABCBC4EE3DE&google_push=ATf1kGMIRQ_xrN84jCAo0bc7DbGYmbBIIqV0etm4gtTT_e1anDMBOsTqQQh4HhXxXP6J_fHo-fy3TR82BaAAchaj9aOe5e3gJvNm
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 11 May 2023 07:13:49 GMT
pixel
cm.g.doubleclick.net/ Frame DFC6
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEM1p2tiC4tusaFy5qxNOeiI&google_cver=1&google_push=ATf1kGMBkBGvenb3DCuIuCXyaFG6rUUK3eHDaNUuvjiuTh70yqNhVyuUs352-Ltbixmh78fmCEoNSofUhLNAaF...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjE5MDc1NzA5NzM3MTgwMA%3D%3D&google_push=ATf1kGMBkBGvenb3DCuIuCXyaFG6rUUK3eHDaNUuvjiuTh70yqNhVyuUs352-Ltbixmh78fmCEoNSofUhLNAaFA6Nh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjE5MDc1NzA5NzM3MTgwMA%3D%3D&google_push=ATf1kGMBkBGvenb3DCuIuCXyaFG6rUUK3eHDaNUuvjiuTh70yqNhVyuUs352-Ltbixmh78fmCEoNSofUhLNAaFA6Nhv5nYgMywk
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMjE5MDc1NzA5NzM3MTgwMA%3D%3D&google_push=ATf1kGMBkBGvenb3DCuIuCXyaFG6rUUK3eHDaNUuvjiuTh70yqNhVyuUs352-Ltbixmh78fmCEoNSofUhLNAaFA6Nhv5nYgMywk
Date
Fri, 12 May 2023 07:13:49 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame DFC6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPPCpM0ywyST_HD3mAyq0Is&google_cver=1&google_push=ATf1kGN8n1mOOT8f9tdf0wL5lslPz8rC5ylkCElGwvbpNvoSLeGIVut5QWIfiRlTQPrO5Vxib2Pk2MBc...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPPCpM0ywyST_HD3mAyq0Is&google_cver=1&google_push=ATf1kGN8n1mOOT8f9tdf0wL5lslPz8rC5ylkCElGwvbpNvoSLeGIVut5QWIfiRlTQPrO5Vxib2P...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4ODkwODEzODczNjM1NDgxMQ&google_push=ATf1kGN8n1mOOT8f9tdf0wL5lslPz8rC5ylkCElGwvbpNvoSLeGIVut5QWIfiRlTQPrO5Vxib2Pk2M...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4ODkwODEzODczNjM1NDgxMQ&google_push=ATf1kGN8n1mOOT8f9tdf0wL5lslPz8rC5ylkCElGwvbpNvoSLeGIVut5QWIfiRlTQPrO5Vxib2Pk2MBcr6cp0Yk2U-Hwh0n0BYhi
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDA4ODkwODEzODczNjM1NDgxMQ&google_push=ATf1kGN8n1mOOT8f9tdf0wL5lslPz8rC5ylkCElGwvbpNvoSLeGIVut5QWIfiRlTQPrO5Vxib2Pk2MBcr6cp0Yk2U-Hwh0n0BYhi
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame DFC6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF17QCMJpLv9kAsO6NRWK6Q&google_cver=1&google_push=ATf1kGMs0Y9CRPe_YO4RxEz0zLna7i9OyH_jAF4SwgSRNJ5GDR3wUEA00WRcbXHsqOSdAmzw-Za...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhLODJNMkItVS1INDhX&google_push=ATf1kGMs0Y9CRPe_YO4RxEz0zLna7i9OyH_jAF4SwgSRNJ5GDR3wUEA00WRcbXHsqOSdAmzw-ZatQhdO32UCt25Dt1o8-Cz9Qhw0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhLODJNMkItVS1INDhX&google_push=ATf1kGMs0Y9CRPe_YO4RxEz0zLna7i9OyH_jAF4SwgSRNJ5GDR3wUEA00WRcbXHsqOSdAmzw-ZatQhdO32UCt25Dt1o8-Cz9Qhw0
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhLODJNMkItVS1INDhX&google_push=ATf1kGMs0Y9CRPe_YO4RxEz0zLna7i9OyH_jAF4SwgSRNJ5GDR3wUEA00WRcbXHsqOSdAmzw-ZatQhdO32UCt25Dt1o8-Cz9Qhw0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame DFC6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIS_bQN8vxr1e70MmGoQw58&google_cver=1&google_push=ATf1kGPmdHlLxGDRcH4KXp_oMAlZlV-D_k14UbviIYETeKUyhrXjBmPiH0z3VKjF5FF1xURNJB...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIS_bQN8vxr1e70MmGoQw58&google_cver=1&google_push=ATf1kGPmdHlLxGDRcH4KXp_oMAlZlV-D_k14UbviIYETeKUyhrXjBmPiH0z3VKjF5FF1xURNJB...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kZkpYRlFKRTJ1SHpCSkkwWUNsbFJYZXRfbFVaeWIuN35B&google_push=ATf1kGPmdHlLxGDRcH4KXp_oMAlZlV-D_k14UbviIYETeKUyhrXjBmPiH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kZkpYRlFKRTJ1SHpCSkkwWUNsbFJYZXRfbFVaeWIuN35B&google_push=ATf1kGPmdHlLxGDRcH4KXp_oMAlZlV-D_k14UbviIYETeKUyhrXjBmPiH0z3VKjF5FF1xURNJB500hqXWFXaHcElF0aSNNQbgU15Qw
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kZkpYRlFKRTJ1SHpCSkkwWUNsbFJYZXRfbFVaeWIuN35B&google_push=ATf1kGPmdHlLxGDRcH4KXp_oMAlZlV-D_k14UbviIYETeKUyhrXjBmPiH0z3VKjF5FF1xURNJB500hqXWFXaHcElF0aSNNQbgU15Qw
date
Fri, 12 May 2023 07:13:49 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame DFC6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3IiwD0NjZoNPAL5UaTn7Ae8ylQoJVblPMoXy-2hb5OM9oVkZEDCq5WBmBa9ss7__ewijf9w
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
bg.jpg
s0.2mdn.net/sadbundle/2643589595411275818/ Frame A6D1 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/bg.jpg
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c970c612c80d853bb998750b1cccf9aedbb8bb1108406a525c61b7a0e6b19a46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 08:27:13 GMT
x-content-type-options
nosniff
age
513996
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32240
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 08:27:13 GMT
band.png
s0.2mdn.net/sadbundle/2643589595411275818/ Frame A6D1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/band.png
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
147154470a9824945cb7ec7b51309b8d52066bc8c27bacafeb2d0a49a65d26e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 20:01:55 GMT
x-content-type-options
nosniff
age
472314
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3410
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 20:01:55 GMT
text2.png
s0.2mdn.net/sadbundle/2643589595411275818/ Frame A6D1 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/text2.png
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e97639114954ac5d65f5065c56d92d777ed1592dd283b3009959fa5473218cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 21:25:19 GMT
x-content-type-options
nosniff
age
467310
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6323
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 21:25:19 GMT
text3.png
s0.2mdn.net/sadbundle/2643589595411275818/ Frame A6D1 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/text3.png
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
209756ca5d587e33595747af61be5d7a42c1e20a78dc02d9526186c46bbbe0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 05 May 2023 22:15:41 GMT
x-content-type-options
nosniff
age
550688
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4639
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 May 2024 22:15:41 GMT
cta.png
s0.2mdn.net/sadbundle/2643589595411275818/ Frame A6D1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/cta.png
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6c6699a632aac7b20247601a044bcb1151bcf638d9b435ef4c29aac1d911b3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 19:58:44 GMT
x-content-type-options
nosniff
age
472505
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2416
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 19:58:44 GMT
logo.png
s0.2mdn.net/sadbundle/2643589595411275818/ Frame A6D1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2643589595411275818/logo.png
Requested by
Host: 08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
URL: https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca5186c45c8b98fd128a56f0778172c5088be7086f94ab4d9c0fc0657081f29e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2643589595411275818/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 09:29:19 GMT
x-content-type-options
nosniff
age
510270
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2635
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 05:45:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 05 May 2024 09:29:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F644 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHPC8xsJmqI-f6n9UHLF1icBP_UfnYchiizTZlxXrJlnIGkcfFLX0p0PFvu5BRHl0BFJfUnVn0UnqzW8vxtMsvtwOioYWo3GHgAkqJix6j3HO7iWhMr0YYX_aKxSNxbwDRUuREaPVNAYw1sA-TQskSmeA9ViBrpiwqZQLjvTgw5BRROj6DNMnQ4bD544X5m4hBVoHF-ryFe8YMESpZga7dIYqKsws6uVT-8LbGw34zzIg0VpU2Pnru2ikxY77wNzfBso7ZfTy55lIBlITFSKUDvzpnmqjiKbo-0eBYpnItiq5UAEThwooiHrDLwnoWvoloZCGOa_43K4p-Xq0tLzVn0bt2sDuwaYfax__5B8NikzlER25AN1GEGXYAG5BVpgybvn3EZh5FYYM76R7T_MKWcMu6gUVoNTyU94Sf4H2hapTLULLsLu2jDtzIAzvslL6NTqUn2YjSn1WL_en-TXk8-31YjSd23Bzc92k-Frs09HquEbeEkjnPHLJ_aOahNpTO5N4SBr6RZuR-4hXhbUkATvngFf0n3ZozEDXQOTUGHzFOgJf7yi81UqquGUtLi-Y12Nts0XZFxiU1qsuOXo8TdMW4jAiaonHDotl-lqSTGzDNFDQs0DCMiuQc2AzC2N6bx9aLDmPO1PpXwUj461o8Z1kAlTy4w62irPnEwdUq-6K3MKn7LJ6ephCGaiZbzw4IcDUJ92RWxm57BNOJlLwuVE9XRhqo9kXOtGfDYcnM9VoWNN-_jO1S3uUZ7mZD2kbuGaqkXrCU_7Ua3hqdoq9B670ZnGQq5Rf95m2SXxNt4PtMcyWeuTt6ZKaToFOTDGv5Vl39HQ9yumlVwTmarpVvadxsaQ-Mfmojo4BKC91cZSF-oGQVQtnOCCnOwZ-cugjdmnOS-OLVgeVBhDb0yOOJ7EFLo4yao7MU5By2s3WlmlIh0L1h1Qjl12QQLh2NTN1AvN-YwoIjFVuhzMYBm09CmFuWvFqGH4FJ01Qk2ub0C_IjoV1hDPbPzCE4UFGj3U47VzCR3s2xxyVhR0cWuugfk0UrcJ4OlXM63xszytsJ7wn2_-Ct28Geh-SNmvKWEsfwtZ83IXl5QQM9Y98cuJ6Ih6-U7qyJHtqDvxu4IY3LqtxrtCJKdo28L99UHESn_36CJ0Qjqfgt835l84zu_t6ZLHW6lDHIEx_zTO9qA7fTZeNiM3dYptyPqEMTz1NaD8uliAGpfehGxV0FP4DHKEVNC-0yEUxXzlipiLBL1SKbRPS3-5jRl4Js4bE1RJ1ysHE15JMAAkrO95104hIJM0vNEse8-XAmvE6k2-m1pJUhhVxp2vfXgTtjFs5G6QhiZ8krOEzXH5VNjVs7&sai=AMfl-YQUT5qTUPcrua_qLQXq79_yc9RXQBmgdQapkhAOm0Z7qhI4aNFabcx0-2p0JRzR-yAPGEeIQ9ddDMJwzOk-ifXR_qfy0ooTTiLcseyFF4x0KIJSZ3B2QRWSMWPz3Eop4_AVjMaDP1igQiuhxd7MJ_mmqp3wr0hJccFSlYAisbH955xfEZl6KvcwOLeJwSG4y74HP2XnkXzr2ALXeJY9nRlcVeKqEp93nLym74u1NUHVaoWc5llRc0cgq6EbSoa-pY1b&sig=Cg0ArKJSzEkSEraj1j7YEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=281&vt=11&dtpt=137&dett=3&cstd=142&cisv=r20230510.78318&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 07:13:49 GMT
A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
pagead2.googlesyndication.com/bg/ Frame 6505 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 05:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
5035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14779
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 05:49:54 GMT
postback
s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/ Frame 91AB 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/postback?oz_pl=1&pd=avt&md=1&pi=XRzobPsLhV&pv=491ec925-2269-4887-8879-7ecce3b74f09&de=2&si=&ac=Xmwo1n97Q8&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ap=&sr=GOOGLE_CONTENTNETWORK&dm=728x90&gt=DE&ui=&ti=&to=3&psv=2.92.0&_x=1
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE_CONTENTNETWORK&pp=ye-mek.net&ti=&pv=491ec925-2269-4887-8879-7ecce3b74f09&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 07:13:49 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.h.w55c.net/2/2.92.0/ Frame 91AB 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/main.js
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE_CONTENTNETWORK&pp=ye-mek.net&ti=&pv=491ec925-2269-4887-8879-7ecce3b74f09&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0310d06b42963760d784418ad04a7ccd0de2c3e325f289edea62ef95c696a661
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 07:13:49 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
55694
Expires
Mon, 18 Jan 2055 06:13:40 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ Frame 9F42 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 13 May 2023 07:13:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE3A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWlrdLOddZLrCOPys9u8P4uW8uAsAAAAAOAHgBAI&bg=!OTqlOm7NAAYldGN0BXQ7ADkAdvg8WsBGy_BlV7tnRLUBbT3k2PZ6mFzI3ANVQVbcncDbUXH_DaEYnTgyPXea1zUn7rck6K69TkICAAAAtVIAAAADaAEHmQMGw8RPFlWQYBdzWWqnVuRYTBgHWvN-UzfqFyF5z7J9apelyNZl322nYWg2xB4VsAKKj3Yyyz7Sif1tghE9nF5__5CDNl9EWDqXajTC_begvC0ShdrouC5QF1laTve3ulB-xkHe__GoPdyf5n_DWc3mKL4ftLPZny98JovpinJTC5_zqG6F13AKodFj2l1TtQ-BQKHBVjPulQMMWicguhUNPSCVxjrO4a8t2B_lw_wba_Hpb4Alm7CbbsinGYun0ymGUL3_NIi39-c0VqwZlE9AdiEJOOOPJNPE-kmtDHc07z0JmX4lgSozG1Iee_vU3mFeV9mnPGd708m1KlycGarZZQY5YuqN0nb3bWXjFOuJK8wLWpfe_b641p_zNBHH754dPbllI9-H_-VMin2ftmS12nZABDf3VNafGxuofQwuNn1It5-oEIOs0FoiNyBOXGIOj0ubLd1iBIO2Gnm5yo2g0-QTSJcGRPcKY9_enymcjX2JIpq9Wf7ngSyPlCcujI7PLM-n7X0i3yBWD7S-WzBiVZxGZzGheEZ3UdiuWBnDRM6yKUprEOpByG1Zzsi5Np2gWKY13vCLsxwu1TalVjsg52WRuanx_bjlLLx6SD11ZaSXEcviJ2muhH9z98cYrZy1qAK6b0dT4CLqlBCZXJEkvbhuIpF7il4-g4LqB-tyiWNUB-JDSRaHZla1IQeqNWmp11TTc5xGQ4vZ5GZyxwbBV490WBMqjxFw9Us87xnScL-x9Wp7OigrUV4s6iz3EhT8jqrov4-APuBNvUdF8pEQUK_aT4Y7ngAPf1Gnq7hVcHR1G_Ct0Pb4_jJGy47bh30T7izx2_ZCKBxyNU-suyrUUXSKEF45wA7KC7EwsBesqvLZ0Lmb9vnT1HCrOWorFl_yaUSooXT2DBRKO3ihJbW3AbtN2Q3E03kYU-Ve9-MCkkcWI6gX31LmDqPw1Uqfo46OVqyyoVd8HJLubmBblt0AjnnKS39_FOgUej3Er1VCXKxzpTL9JNoH2-7ycNl8BJO6aV1NGPzV
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F58 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BC3U3LeddZJnUAcPB9u8PzYWMiA4AAAAAOAHgBAI&bg=!QEOlQxfNAAYldGN0BXQ7ADkAdvg8WjxST4FKXaW8hwvDNJEfvotBzUs7EkiqZkNO6RHVXYIZGv5JNnrc1Kaqr6Hc_EjYCSknhwYCAAAAq1IAAAADaAEHmQMRm8PLQiqk4zUNHH_VmCDiQ6FYFBryabYdddjBCgvbH3EOtNkUqsyGmt8hX4pCXSsoEnLHG7bEkoSJlhSakvRgSXEnur38X7sQWKt8C19hNdbzFr2I4ijbDkC5OJMiqA1Kmkvkeh437aRsWjJeCfi0wKGv5qHjw47I_J9nnv2EUafQE_wjMgDZKOUrwP6xPbiOCFOgba_1kINnZwPkySc0YjMS-pkkvNknX5yt8XMrPNHXt4kGgo3eHxz2nwsmrwUyd1a1yoYwNkTIt8nwluWWJ59zgzmQcXdrpDLsOE7PDAvPsKqCC0Ub_e68rTCahZeTgSgPPpNLXSRrT-0mPEbYfXW31lUFecz7xROv2AZ_DVS8YN_OiT7-TdRb2-isaFfs1XVsH7tA0GZ742szspi2hWe8apPF3iwPq_1FR8Wqgj8gNyiI9GLsrnVM2tiu1_GK_hKSnV3zPukmC7xseKOn7GJob622C1C0XqFfxuLPs7CmZLkrcIY_xrhCmn242jJvrW3GQB_ab9L-f23OVEUFL_ljEKwQBKlS8T-HzRP8eLwEjqjc8FsprFr9f8BQxC9ikQ6lFwzhUTjUJ3KQd5Ej4Jc34e7XR1qX5rh1_3sNN05_vtE5flqWSbmxQ_dsgb0urvwkhr3AuRRN8MhcHBLS3BA4Zsf7FIWt-df6G1FndRzeggTO6Nxr5l_t_IrRtUe8ekzmDsIh9Jh8-5f5A-P4B4nnb-HhzidmP_i8i-70Z3gpJ4h4DpJkwYJQ0bQMxbIoJIskgbYsXsCs77_GUcGZCx6DxPiVqbU0xvN1W94HeWuUGn9ipSBflHEdJqkV8GB8QZzjrMPXQisR1GZmz8BYao0e7nYFqzay-rJYLWyKwEltjKUkZhDBPzfQ7Q1540Ls99YVclpBar65SBzIv34wo-ObRwu2iprsm-h0PTu6NZ3YIVkUwsrlM65ZpqiAK23ATg4Sw1HIytZlKZSm-Go1XkHciHOQOAENxc6Yc6RAwDHMyNFcyjZvR9CXLmpsng7yAWqVIrnCnTGoXst72xQauuQ
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6505 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2a11LeddZJGSBf279u8PooOUgAsAAAAAOAHgBAI&bg=!CAulC1_NAAYldGN0BXQ7ADkAdvg8WgI4zv3Cxp12W-FHlo-rLZeYXe94_4qISGKlXUwVX7c7O5aY4hU-RwHmLJHEhXzKs1iGQHYCAAAAeVIAAAADaAEHmQMHxOC8kYuDQ6bnG7ED1uUgVaEgbiohPRt4uczFqNUXN7Xa-Sbal2Kig1RIbEuYH_LXLZqEKbiOyNWzKMV3FSKpvuN8qECcEj0xch_GtdlNVSriR4oXhJWwk5NquwoURjrzTnoCAHLzvQqGKsEMvySUxO-H27rBxGO9_Vm8kjg8dMPdJ6y4PM4k13npWz0m1hqNVT_5L6ORU2DzBvqvhDM5zb6Zg7XB9dOqFXxncTfHoVSsK_MqOCng3acuwM2N1gBCI9-3k7ELxialU-G0hd3JwHGdE5BOK4JpRF5IMQzvcQ9-hD1Ep36mDMhOvEQIBJnP40vAyb97I8b3NYXRwXEFOM0eEYbVjPXrEDIZ7D7hlF7And0YO17ZppfeauExjgNrvmwVnjTOLVo3_WEuqK-agt-JrCoi7pN7fL0403Jy9Vu3Ik12LLz-KijThzwS5dMEqmacMJ8_7GBIww-UW1DxUW1oQ9IldZ2xivK076m-ghglCWvV6q-P7YqNU0JhvO5Hyzd8N8tNDKs2-5VJAsNgwCZ9J1RN8IQU7JYO3orHupldagCHvNW4UzsEJSAmX3gC4-Iq3xS_7BEF5mmfsDa23q53_Cqq_UBknjiU8V7z8-h2dEVi8Es6xZ9zhYeUCdPqGcClsZAvruY49iq80_0CtVmoAF4cjwzgZsAvBskgls7jfLwa9DvV_BO98dQgf24XxBdss8s4ckQH0pr_a79JV0J0YTYo64SaltGXO9Lg2ctg1t5EjtW_yRoqAnB6n325eGO-n0JAcKvLa-q7_in2BcjaV_3SvFXyiAT975bka-TsFf3jEYqACcQfZDmSTKQ_KuM9LOHchtO5LDpxHTKnd--lkBhbc_zW6puNp0eboxe-9V0SoA2IOij7orNGyqENXPwhjkDilxl5jjx-u_zzCI43w_KRtLB0BJhLTEiZPmkUE2o9pTp96YywjvnohZ9_QuXbXjWos1DyQhw9dO5AQvF3d2i1PyQeDAetlGDwvDqHaK86BFGA7DJrLSNgJqAbYVWW-KH65Q
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/ Frame 91AB 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/postback?oz_pl=1&pd=avt&md=1&pi=XRzobPsLhV&pv=491ec925-2269-4887-8879-7ecce3b74f09&de=2&si=&ac=Xmwo1n97Q8&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ap=&sr=GOOGLE_CONTENTNETWORK&dm=728x90&gt=DE&ui=&ti=&to=3&psv=2.92.0&_x=1
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/948461/analytics.js?dt=9484611597092707615000&pd=avt&di=https%3A%2F%2Fye-mek.net&ui=&ap=&sr=GOOGLE_CONTENTNETWORK&pp=ye-mek.net&ti=&pv=491ec925-2269-4887-8879-7ecce3b74f09&to=3&de=2&md=1&si=&dm=728x90&pi=XRzobPsLhV&gt=DE&ac=Xmwo1n97Q8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 07:13:49 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
view
securepubads.g.doubleclick.net/pcs/ Frame 121B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFPXRqSPGaEAmsqWfTJsstl8-zwy8zKWatX5FQmzFM25HbBYYCEakav_pyt9pLGmbGEgAftsyCMpXeNW2A8JaEwFduX41-ZOK16mtV6JCgkaVXLJ3jAxHyqc9fbDccrarn4C7MXuvECN8SLh7FE_3heGSwYp17Ps0trotZ826D35P2cPhsEmWPsLcOVFzfqnNBVNMnyp2v1awa6nIWlLV4qPIekk7TowYfgiz-5P3gcIIZlourEjBrHvYQly6hpH4fyOVP1qlYUKQprTWASZ2chHexGlmKAr6dQnyq_NuqaG2hpreWwrrzj4_a1cjLWfaTQtz6gwPmQzwXCihVZ7R2mCRedLUuNG_aHVGEds9O7G9ozh4&sai=AMfl-YTxqna_SfHA0sG1QaC56g7aD9F7oU1vWqWpH6KiQAWpZsADqezrlpMkqay2ilqSa5m7m_4lJW-9-WtLWESN7Pnqy3VuiOeGUzHH17kRwjw&sig=Cg0ArKJSzKDfq7SWrVhpEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 May 2023 07:13:49 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 121B 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5df07b7c868c5df78b09c4e3028f497a2fab2b5cb7ca4163a75948ad685f89b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11003
x-xss-protection
0
5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame 9F42 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1683875627587&userId=vneta053d54b-47d2-4394-ad52-d3209bb3e68e
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 07:13:49 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
postback
s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/ Frame 91AB 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/postback?pd=avt&md=1&pi=XRzobPsLhV&pv=491ec925-2269-4887-8879-7ecce3b74f09&de=2&si=&ac=Xmwo1n97Q8&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ap=&sr=GOOGLE_CONTENTNETWORK&dm=728x90&gt=DE&ui=&ti=&to=3&sid=Af6BIb0MEAMpoGIm&oz_sc=916c559863f5dbe8fad17624&oz_df=1683875629660&oz_l=1203&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 07:13:49 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 9F42 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 13 May 2023 07:13:49 GMT
Philips_utu_DB.mp4
rek-n18.nktcdn.com/data/ads/mockups/philips/ Frame 9F42 		29 KB
30 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.218 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
a9baef98a9f2b4098a8e9e4c62b30f1d89054be3b7dbca5058a7f13fe95a1887

Request headers

Referer
https://ye-mek.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=2883584-

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
last-modified
Wed, 19 Apr 2023 06:23:17 GMT
server
openresty/1.15.8.3
x-amz-request-id
tx00000000000000bcab3a5-006453c679-9e2f20a7-default
content-type
video/mp4
Content-Range
bytes 2883584-2913708/2913709
cache-control
max-age=5184000
Content-Length
30125
activeview
pagead2.googlesyndication.com/pcs/ Frame ED5B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstebMGtFu_TUsVSls5iua3puJOpDty_rhw1csd2f8wp58xMhMWIe9fdpSzj3Mx2_9uTve_Z1Jgomsvi7zdHZ-WmTc5yTNbQvtU0RYy6u-WC0pu0jn5a4vhBxT8oPBQJMVxDZOabAJaf09iEQPXpv52Tx67u1v0r9RUzfmLnZmpbSzTbCcUNKock5Mc7C6xHsWvtJz59_pd819TcIIheKErZowek36AVM6kXRYc&sai=AMfl-YTWd_ZB-mDhDg9vjXCrb4QnW-5PaoiKqjqRbtIlrP9jix-d2q2qTkb5JvWfV_fFGs8vS4JYVCspZKtbarm-rVai7Lz33CUrTd5mQdASyym5nXBbQV3AiNfr5xE&sig=Cg0ArKJSzD4Bbiwy66oBEAE&id=lidar2&mcvt=1000&p=0,0,100,100&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3698513385&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683875628622&rpt=79&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
308b6369-4373-4742-a108-bbb1c4b0d9be
https://googleads.g.doubleclick.net/ Frame B5D1 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://googleads.g.doubleclick.net/308b6369-4373-4742-a108-bbb1c4b0d9be
Requested by
Host: ye-mek.net
URL: https://ye-mek.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 121B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 May 2023 07:13:49 GMT
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-51c60ec002340f16/ Frame 9F42 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-51c60ec002340f16/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
80a6bc8e05e84df98ca33712aaf3b520db8e4eb53cb97429d0a3f72fdb8bb35b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
content-encoding
gzip
etag
2086319854--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=51, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
1267
300lo.json
m.addthis.com/live/red_lojson/ Frame 9F42 		88 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=645de72bbdbd6758&bkl=0&bl=1&pdt=364&sid=645de72bbdbd6758&pub=ra-51c60ec002340f16&rev=v8.28.8-wp&ln=tr&pc=men&cb=0&ab=-&dp=ye-mek.net&dr=pcloak.blob.core.windows.net&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&colc=1683875629752&jsl=129&skipb=1&callback=addthis.cbs.jsonp__2546686038219210
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
547c7fef6a681d674ddff147a155d7ecc48d582b5cb2eabbf50feb253c4b7233

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
88
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame F389 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2A34 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Fri, 12 May 2023 07:13:49 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
client.tr.min.json
s7.addthis.com/l10n/ Frame 9F42 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/l10n/client.tr.min.json
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
1f5a2a979149a9192bb49e10899322a37fbfda94dd47567b029823950adc0e2f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Fri, 12 May 2023 07:13:49 GMT
last-modified
Tue, 10 Sep 2019 15:15:17 GMT
server
nginx/1.15.8
etag
W/"5d77be05-d99"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, s-maxage=604800
x-host
s7.addthis.com
timing-allow-origin
*
content-length
1685
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9F42 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd1c00de84bbbdbbd015a619b69a05f50fbb5be6b09f8d2385737460a092f72b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11251
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 3D9C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pcloak.blob.core.windows.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:13:50 GMT
server
Kestrel
server-processing-duration-in-ticks
1123325
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EF36 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1608
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 06:47:01 GMT
expires
Sat, 11 May 2024 06:47:01 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 228A 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4fde1d44e25d5e2a98453f5411d31b235eee117933782d63cbe349f6e5ac9c65
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-89I19kon_P6OTpjwOGpAHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-89I19kon_P6OTpjwOGpAHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:13:49 GMT
expires
Fri, 12 May 2023 07:13:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9F42 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 May 2023 07:13:49 GMT
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ Frame 9F42 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Fri, 12 May 2023 07:13:49 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
sodar
pagead2.googlesyndication.com/pagead/ Frame 228A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=4387797284332370&rc=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
pagead2.googlesyndication.com/bg/ Frame EF36 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 05:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
5035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14779
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 05:49:54 GMT
postback
s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/ Frame 91AB 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/postback?pd=avt&md=1&pi=XRzobPsLhV&pv=491ec925-2269-4887-8879-7ecce3b74f09&de=2&si=&ac=Xmwo1n97Q8&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ap=&sr=GOOGLE_CONTENTNETWORK&dm=728x90&gt=DE&ui=&ti=&to=3&sid=Af6BIb0MEAMpoGIm&oz_sc=916c559863f5dbe8fad17624&oz_df=1683875629862&oz_l=5789&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 07:13:49 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
Philips_utu_DB.mp4
rek-n18.nktcdn.com/data/ads/mockups/philips/ Frame 9F42 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://rek-n18.nktcdn.com/data/ads/mockups/philips/Philips_utu_DB.mp4
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.218 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash

Request headers

Referer
https://ye-mek.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=65536-

Response headers

date
Fri, 12 May 2023 07:13:49 GMT
last-modified
Wed, 19 Apr 2023 06:23:17 GMT
server
openresty/1.15.8.3
x-amz-request-id
tx00000000000000bcab3a5-006453c679-9e2f20a7-default
content-type
video/mp4
Content-Range
bytes 65536-2913708/2913709
cache-control
max-age=5184000
Content-Length
2848173
truncated
/ Frame 9F42 		443 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
140.61020b6c086bdb8bc696.js
s7.addthis.com/static/ Frame 9F42 		2 KB
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/140.61020b6c086bdb8bc696.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Fri, 12 May 2023 07:13:49 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-688"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
770
143.3d8bb49f121080f7c65c.js
s7.addthis.com/static/ Frame 9F42 		625 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/143.3d8bb49f121080f7c65c.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Fri, 12 May 2023 07:13:49 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-271"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
x-host
s7.addthis.com
timing-allow-origin
*
content-length
404
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 363F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1608
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 06:47:01 GMT
expires
Sat, 11 May 2024 06:47:01 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D834 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
72dcb59b8278f98ab2444ffda3f43b2a76bc9baebe60836c046eb6c4f147e139
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GAXctU0n26H9FEx20iAyJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-GAXctU0n26H9FEx20iAyJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:13:49 GMT
expires
Fri, 12 May 2023 07:13:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame EF36 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4QAfZQ
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame D834 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305090101&jk=2648781072102199&rc=
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
pagead2.googlesyndication.com/bg/ Frame 363F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 05:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
5036
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14779
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 May 2024 05:49:54 GMT
postback
s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/ Frame 91AB 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/postback?pd=avt&md=1&pi=XRzobPsLhV&pv=491ec925-2269-4887-8879-7ecce3b74f09&de=2&si=&ac=Xmwo1n97Q8&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ap=&sr=GOOGLE_CONTENTNETWORK&dm=728x90&gt=DE&ui=&ti=&to=3&sid=Af6BIb0MEAMpoGIm&oz_sc=916c559863f5dbe8fad17624&oz_df=1683875630030&oz_l=2859&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 07:13:49 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
generate_204
tpc.googlesyndication.com/ Frame 363F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?s4TQ7Q
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F644 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfucGlRPNHF4jSIXiI3neCUsWTI8a5y-93laLBSzv3JZ0Sh9arBxPpIwVA6VV6Mj9iX3gEwPgIogV7yioSVv3F5sc9_qu7za7lspB0vip6qAlcy0NH6tiPZ4KhipnBDjfHfRNltg&sai=AMfl-YQfasUo1Kn9KRxpv3hDOXyf5n-4efoauWCKgvHPROvEF04AhOtqmL67a-tI28PbOcF-_9NTHTpUQA8AO3Rwtxi2qsFkq_oq1fIZeqBHS1CdOUbzjY3qAZ6u-nQ&sig=Cg0ArKJSzF5CEYogiMA9EAE&cid=CAQSOwBygQiD9VkOzmOMKZAPpjBsPIzrI7jp1s97ZmuMrEGGNjr1jGN-VrtERkUWkhFAZsY-mjRq41IAQbViGAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683875628784&rpt=389&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/ Frame 91AB 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/postback?pd=avt&md=1&pi=XRzobPsLhV&pv=491ec925-2269-4887-8879-7ecce3b74f09&de=2&si=&ac=Xmwo1n97Q8&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ap=&sr=GOOGLE_CONTENTNETWORK&dm=728x90&gt=DE&ui=&ti=&to=3&sid=Af6BIb0MEAMpoGIm&oz_sc=916c559863f5dbe8fad17624&oz_df=1683875630182&oz_l=73&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 07:13:49 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
c004d8ad-1f57-42ff-a1d8-11f428d5afae
https://googleads.g.doubleclick.net/ Frame 91AB 		802 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://googleads.g.doubleclick.net/c004d8ad-1f57-42ff-a1d8-11f428d5afae
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28960a9aa0071776192259a5836f4d2c1acc9e978c1f3f1a8f3a7e5bc67a65ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length
802
Content-Type
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BC2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9574254681292&version=m202301230201&ct=76&x=1&cor=11288165321896466000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF3D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9444926743&version=m202301230201&ct=76&x=1&cor=10899176448837954000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F644 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3815707240819&version=m202301230201&ct=76&x=1&cor=3496467626569839000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame 9F42 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1683875627587&userId=vneta053d54b-47d2-4394-ad52-d3209bb3e68e
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 07:13:50 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
sodar
pagead2.googlesyndication.com/pagead/ Frame 121B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=4387797284332370&bg=!2Nul24_NAAYldGN0BXQ7ADkAdvg8Woae5fIsbNGOGoFlYmDeNqwTWnachIZyf2AdPympnuWejpASHzJhuYyN4uomtX6U3oWkvBICAAAAsFIAAAADaAEHCgA4Rn-7v5joejk0l1BhjexFQFwTJG0Iz3GPaVItr0bNJDTQnTwkuvb9BbfR7rxuYNX9M-NnG5tA1lWZAwY0dwnO7PMMnHhOfxi38y8WA1ziYitOLuVa7I9ifwT8mpSRJgV6gegkCBmHEYHUov4Bi1t8tJSLm7YF24ckc12HZR06RRy9uc0YsevOOgimeuTbsRRAQMwHMzKgYLwBVgCGdKHpg9PO_Gnv5FLgggDM6dbUtIVs61LzpqIDOayDBRKS_V17TO9CLgSgkJMeCIt5P0Na6zVRjosym60iF450TE7q7ooXigI7AanDnWhFTwzCJSQ7NI0gbs1T7BXiqdJcfLsTm1kMhr5ZKG-_00ZIHangfV8v_CDYY2ktm_WXTaNdn1lKhEewFLFP9SPczbTEYhKsB5ICsjSMOgG9n22oRSdjqFrWYg0VZJl7mgRyZKfv51LiPDbVMPb8Vr0nO8p8adFFdx2hpGLwORkXglJFn21e_I9X3G6EYUPRi4nmZYY1RbpIQWZErS1Qlvv06l6S4MMLKo9FtvTyK_M0YfVKe_2mamgXIbjO4XWw-sel1aPc6xrPFObvJ51koImWgFCQwyf1s-TuV4JAcolq6BSOZ_SUfd_gNZWdb93qnum7aiNwbsG068c0BW6lSqYNJugVlzOgOKM5xkIfuB9IHQFt9gWorpr3qPgUDqgX9JntLofZ-ZfOzMfWg0kXXZXlWqoHScGlcTuBIIkZCTdzn2en_o3fUWjjZXlLwBePTrsFWfYSQV6YkX1xvUN_JfRZP5YqPH7PEDCeXV_-SPUDjnJRnFkSEG0SrMhxJmGdohL-sZaQNWzqWTw8xfFx9xY7Djg-HugMkJxvjLP71zz8nMG-0uIGiaIVDrTWDl36lD21Tp47Fs78gAv_pK-OLPHI0H7LR1p3bFYwmbxKPPtCYGvzbATvqn9TLUq2VRZD8v90-9gthKHtzlsTY0WWWHfh5eN9ewZ5oGoWac4207PLBUYY_o4V5kYVqOWKNBTWnImuIYXl4RQvVNv10MmgU5WKJDGm6IGF2euSd2J1whATcqd7iBmwl7iobiFh6i0qj1Hm2hCWDv38sXUr69nCj8TuBTjfUdF8Mao
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
postback
s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/ Frame 91AB 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/postback?pd=avt&md=1&pi=XRzobPsLhV&pv=491ec925-2269-4887-8879-7ecce3b74f09&de=2&si=&ac=Xmwo1n97Q8&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ap=&sr=GOOGLE_CONTENTNETWORK&dm=728x90&gt=DE&ui=&ti=&to=3&sid=Af6BIb0MEAMpoGIm&oz_sc=916c559863f5dbe8fad17624&oz_df=1683875630622&oz_l=950&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 07:13:50 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sid
mug.criteo.com/ Frame 3D9C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ye-mek.net&sn=ChromeSyncframe&so=0&topUrl=pcloak.blob.core.windows.net&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=doY0AXxkOVlRRjVvbDNWYloyV2NaWTVzTXM0Y1Npc2Q0cHNLQWxheVZMVlVBSk4yVGZiYjBOSjkrRWhsOUQyNnNxUk9OUFdnelp1UUxLU3dkUGN6R3ROb0M3S3hxd1NHWnpldWhrS3VYSk42REhNSGxkWVM2YTBjUlA4YV...
433 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=doY0AXxkOVlRRjVvbDNWYloyV2NaWTVzTXM0Y1Npc2Q0cHNLQWxheVZMVlVBSk4yVGZiYjBOSjkrRWhsOUQyNnNxUk9OUFdnelp1UUxLU3dkUGN6R3ROb0M3S3hxd1NHWnpldWhrS3VYSk42REhNSGxkWVM2YTBjUlA4YVJwdjRoemh2K3ZoNEJyWVF2QzQydjREdm45RWtKVE1ENnVQc3B5b2tFN2U0NVozY3hqcm1kNHA1WGZTU2pJa3NPWEFROXVVcWlHZVNUL29IUk5UVS9pT0U5UEMyOGJNdHhMS240S0QvWnV3U2hMR2V1VGM5ZkdycG14R25nY1Z6RTJTdFVqUXQwbVozYVhVNWdLQ0hzMHoyNDhPQzBzaHg2TGkwOFpCV3ZtR1Zjb3BRNGo4ND18&cppv=2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Server
178.250.7.13 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
2557dcf9b148401623099948dc0a62d62adbafdd94f6c339695ed98f0622af9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1374604
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=doY0AXxkOVlRRjVvbDNWYloyV2NaWTVzTXM0Y1Npc2Q0cHNLQWxheVZMVlVBSk4yVGZiYjBOSjkrRWhsOUQyNnNxUk9OUFdnelp1UUxLU3dkUGN6R3ROb0M3S3hxd1NHWnpldWhrS3VYSk42REhNSGxkWVM2YTBjUlA4YVJwdjRoemh2K3ZoNEJyWVF2QzQydjREdm45RWtKVE1ENnVQc3B5b2tFN2U0NVozY3hqcm1kNHA1WGZTU2pJa3NPWEFROXVVcWlHZVNUL29IUk5UVS9pT0U5UEMyOGJNdHhMS240S0QvWnV3U2hMR2V1VGM5ZkdycG14R25nY1Z6RTJTdFVqUXQwbVozYVhVNWdLQ0hzMHoyNDhPQzBzaHg2TGkwOFpCV3ZtR1Zjb3BRNGo4ND18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
398142
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 9F42 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305090101&jk=2648781072102199&bg=!qKulq__NAAYldGN0BXQ7ADkAdvg8WrqlaowNy-ANibVwloH8m9vVRu9qlx1MEa1AF9Pp2rdgtOM0VdNOip9-ZBkI1Vkk-BIi4FkCAAAAXFIAAAADaAEHmQLa5jhIrz1N5gD4_qWgLu24UVauBrIrDgWqgDWYz_e-HhiEotmKbfHDgABCF91h8xiNwZdZMC2bfO_SuedoeTdW4arsdP7AOw6FbN1uRKIitvTtMxIJKsnOUVzA7uxpv5Z2zN7ihTp1Kuz-3qh-_JE490sfmf4UgnnGKXHm9AdXwRo4MCtJWAWBNP5ExvDKtv4tJ7hVwqPLG_Tu7_tVZlGdR1LU1FLIDRYm5FcF7QVB4E41Tn8NMlvkPEt7YBWUrwyDj3ucXHrCSkc5i1mjwyS4VcWK-7pe9Y5jp2VvlG-58GyIUdn-5r04op5FJKh6uUZoYIeri_b4Ca-GGgGaXFaknoBBVZs8Raz4eznaqnae5xUJGAV0Lt89AZlydXeuwthfD7cA5OaP-FJsmAUpN0J0WJnXNtxl0T7quoYp2rhs3C4xTnLqQM0xO-W5AmMAzViinZt93i22zxrOwoc-Y1Vk4FEpOnJraypY0_gb8fDn--MXmvu0NpHwSvkcJT6kzrkj10EVTqAKhLOvp8oUhBU7wV8fTGSGbv0srirTgH-O5cA6IRnzzJRJy9nfjnLVtQT7CvcHv-jxxwCA4TJuP0HjmT_A8S_ESBIKEPWEYSwkiif8R_GkZ7HdwaJyQSOWYuUM2sldXo7LAZsvD-bhRxFHv5Q86IC8Var17WFYUHef4ieKbk1nU8Rk5yyVDyqIqHJtCLpPkkC8bYwvX2QrDm15k8CR2BlLP0xESH7VcS0Tp0jSlAn9DQssbrr6VqpTkZWtKdMwRYi5del9kfqFLHDqJoysXQr0IexbBEjGxwvcBgLegBru3C1g-XsPxAPNE5lu6e81KP_lPwHj5k1JPm2wif3RMPmeOsbiZx0lDGSkJsQOqY8BvGTsib8QIuvbQAIUjyytP8JvcNcNhrKykM50IKohDjAAxKPuYwibBt6Hc_cl4ch7DDk4MIZQgNbBoIDfQqxC1Xo0nHUmtg
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
postback
s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/ Frame 91AB 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/postback?pd=avt&md=1&pi=XRzobPsLhV&pv=491ec925-2269-4887-8879-7ecce3b74f09&de=2&si=&ac=Xmwo1n97Q8&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ap=&sr=GOOGLE_CONTENTNETWORK&dm=728x90&gt=DE&ui=&ti=&to=3&sid=Af6BIb0MEAMpoGIm&oz_sc=916c559863f5dbe8fad17624&oz_df=1683875630782&oz_l=7505&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 07:13:50 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame 9F42 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1683875630852&userId=vneta053d54b-47d2-4394-ad52-d3209bb3e68e
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 07:13:50 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
60b91f99e4b0b65b3ce7bc5b
ng.virgul.com/tck/i_vb2/ Frame 9F42 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/60b91f99e4b0b65b3ce7bc5b?l=&r=153493@site_geneli@yemek_net:site_geneli&cs=1683875630852&userId=vneta053d54b-47d2-4394-ad52-d3209bb3e68e
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 07:13:50 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
postback
s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/ Frame 91AB 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.h.w55c.net/2/2.92.0/948461/Af6BIb0MEAMpoGIm/postback?pd=avt&md=1&pi=XRzobPsLhV&pv=491ec925-2269-4887-8879-7ecce3b74f09&de=2&si=&ac=Xmwo1n97Q8&ci=948461&dt=9484611597092707615000&di=https%3A%2F%2Fye-mek.net&pp=ye-mek.net&ap=&sr=GOOGLE_CONTENTNETWORK&dm=728x90&gt=DE&ui=&ti=&to=3&sid=Af6BIb0MEAMpoGIm&oz_sc=916c559863f5dbe8fad17624&oz_df=1683875630948&oz_l=492&cv=3
Requested by
Host: s.h.w55c.net
URL: https://s.h.w55c.net/2/2.92.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 May 2023 07:13:50 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
rid
match.adsrvr.org/track/ Frame 9F42 		63 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e123c89304102743bb55fb39dc2cdb0e1d8af399a7bc27e1b702ec15577dc996

Request headers

Referer
https://ye-mek.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 May 2023 07:13:51 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ye-mek.net
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sun, 11 Jun 2023 07:13:51 GMT
check.html
biddr.brealtime.com/ Frame 1972 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DA77 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=97853
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 12 May 2023 07:13:51 GMT
expires
Sat, 13 May 2023 10:24:44 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A6B8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
3099
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 12 May 2023 07:13:51 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 May 2023 06:21:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1020, 24664
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230048-FRA
X-Timer
S1683875631.463550,VS0,VE0
beacon
ap.lijit.com/ Frame F151 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13442375
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Fri, 12 May 2023 07:13:51 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ams1
usync.html
eus.rubiconproject.com/ Frame 7C3F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ye-mek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 May 2023 07:13:51 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame 9F42 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1683875627587&userId=vneta053d54b-47d2-4394-ad52-d3209bb3e68e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://ye-mek.net
date
Fri, 12 May 2023 07:13:51 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
PugMaster
image6.pubmatic.com/AdServer/ Frame DA77 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26057201&p=159432&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a2c9562327669da2c1398e3024e24ec27279e1dae7817b9d014b9aa10ccf554b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 12 May 2023 07:13:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 7C3F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8846180af4c5402d3a9eccff27202a85c7235d96e826a3648254d684abc6daf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Fri, 12 May 2023 07:13:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2023 12:27:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18838
Connection
keep-alive
Content-Length
10020
Expires
Fri, 12 May 2023 12:27:49 GMT
async_usersync
ib.adnxs.com/ Frame A6B8 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:51 GMT
AN-X-Request-Uuid
93c930c7-9db0-45b2-ad1c-465588105867
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9F9E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:532e645d-e72d-4b00-8111-9e7618c3c741&gdpr=0&gdpr_consent=
42 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:532e645d-e72d-4b00-8111-9e7618c3c741&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 07:13:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 12 May 2023 07:13:51 GMT
Expires
Fri, 12 May 2023 07:13:50 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master cdg-pixel-x33 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:532e645d-e72d-4b00-8111-9e7618c3c741&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 34BA
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455419138778665
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455419138778665
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 07:13:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 12 May 2023 07:13:51 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455419138778665
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame D696
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 07:13:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 07:13:50 GMT
expires
Fri, 12 May 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1182482
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame CBEB
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3584376253566737382
42 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3584376253566737382
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 07:13:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3584376253566737382
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame A4A0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1740212894709690222&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1740212894709690222&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 07:13:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
ea60bc4b-8e6c-41f5-b89d-ffe0502a3697
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 12 May 2023 07:13:51 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1740212894709690222&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.23.2
X-Proxy-Origin
84.19.175.184; 84.19.175.184; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DA77
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mBqurFgRTcKQrA6cg4hnxQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:51 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=97853
accept-ranges
bytes
content-length
5554
expires
Sat, 13 May 2023 10:24:44 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame DA77 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=981AAEAC-5811-4DC2-90AC-0E9C838867C5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.208.98 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.14.38
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame DA77
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1086327568
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=981AAEAC-5811-4DC2-90AC-0E9C838867C5
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=981AAEAC-5811-4DC2-90AC-0E9C838867C5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
34.111.131.239 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:51 GMT
via
1.1 google
last-modified
Fri, 12 May 2023 07:13:51 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=981AAEAC-5811-4DC2-90AC-0E9C838867C5
date
Fri, 12 May 2023 07:13:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame DA77
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=981AAEAC-5811-4DC2-90AC-0E9C838867C5
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NWltTmQ1Y1VnLThRQ1dacktvQ01KT01qZw==&google_redir=http%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIi...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W3sibmFtZSI6ImFkZm9ybSJ9XX0%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W119&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4088908138736354811&r=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W119
  • https://a.audrte.com/p
68 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
18.66.122.70 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:52 GMT
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
server
nginx/1.18.0
x-amz-cf-pop
FRA60-P2
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
true
content-length
68
x-amz-cf-id
0De-i-D-QUmSkRfFyg935-Hr1pvktF6TRAshszHqyCV8Z_UOEhIw-Q==

Redirect headers

date
Fri, 12 May 2023 07:13:51 GMT
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
server
nginx/1.18.0
x-amz-cf-pop
FRA60-P2
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
location
http://a.audrte.com:80/p
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
LXz_WPA-WCuN9IXhGmL0FCkIoTnkWqjVq9vx07Q9b_vky9Bwnd_U6g==
Pug
image2.pubmatic.com/AdServer/ Frame DA77
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTgxQUFFQUMtNTgxMS00REMyLTkwQUMtMEU5QzgzODg2N0M1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 07:13:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DA77
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJU246iTr4QzwImBr3H9Kqo&google_cver=1
42 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJU246iTr4QzwImBr3H9Kqo&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 07:13:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJU246iTr4QzwImBr3H9Kqo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame DA77 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:51 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 11 May 2023 07:13:51 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DA77
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4088908138736354811
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4088908138736354811
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 12 May 2023 07:13:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4088908138736354811
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame DA77 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 12 May 2023 07:13:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 7C3F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ZjfNv5IYaNVK4sskfpVJyQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ShXVhx1E2oLTkeDekjkrMOaBgNR2yA9OfOrpcg--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ShXVhx1E2oLTkeDekjkrMOaBgNR2yA9OfOrpcg--~A
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 12 May 2023 07:13:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ShXVhx1E2oLTkeDekjkrMOaBgNR2yA9OfOrpcg--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 7C3F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJyz_7F6ido4XyB1k3_XrPk&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJyz_7F6ido4XyB1k3_XrPk&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJyz_7F6ido4XyB1k3_XrPk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 7C3F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHK82M2B-U-H48W
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHK82M2B-U-H48W
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:51 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 1A3439A0ED1F40DFA5A6E537E7574533 Ref B: DUS30EDGE0720 Ref C: 2023-05-12T07:13:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX7edjiIVj4TrlGVF7oIQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHK82M2B-U-H48W
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 7C3F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GhTxcln3TcCnSvnevFYnwQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GhTxcln3TcCnSvnevFYnwQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GhTxcln3TcCnSvnevFYnwQ
Protocol
HTTP/1.1
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SG7EDSKMV3XXQDRP18WX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GhTxcln3TcCnSvnevFYnwQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 7C3F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 12 May 2023 07:13:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7C3F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhLODJNMkItVS1INDhX
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJskVG08LAYCFzPkfAGuyzA&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhLODJNMkItVS1INDhX&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhLODJNMkItVS1INDhX&google_push=
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhLODJNMkItVS1INDhX&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7C3F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=e5EPSTEKTBGSZSTpyWmZ8A&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=e5EPSTEKTBGSZSTpyWmZ8A
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=e5EPSTEKTBGSZSTpyWmZ8A
Protocol
HTTP/1.1
Server
67.220.228.201 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 May 2023 07:13:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N2P962HW95TD3TDRCVQW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=e5EPSTEKTBGSZSTpyWmZ8A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7C3F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjlmODA2NjQ0ZDdjY2JmYWVmZjUzZTJhZDJlN2FjM2JmZTM5ZDVmMw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjlmODA2NjQ0ZDdjY2JmYWVmZjUzZTJhZDJlN2FjM2JmZTM5ZDVmMw
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 May 2023 07:13:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjlmODA2NjQ0ZDdjY2JmYWVmZjUzZTJhZDJlN2FjM2JmZTM5ZDVmMw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
avw.gif
c.4dex.io/ Frame 9F42 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&evt=start&pv_id=90de5c49-2591-4471-b762-ae4cf7a93d47&adu_el_id=div-gpt-ad-1455783126174-15337821728129623web_yemeknet_kategori_sayfalari_728x90_2&v=0&tz_off=0&js_late=1&js_ts=&size=728x90&pbjs_sizes=728x90%2C468x60&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=0&pg_durat=4583&pg_paused=0&pg_exp=4583&vsbl=0&adsrv_vsbl=0&adsrv_att_delta=0&clk_time=&reset=0&adsrv_adu_exp=0&navs_ts=1683875626677&trgr_ts=1683875628716&init_ts=1683875628716&start_ts=1683875628717&reset_ts=&vsbl_ts=&adsrv_vsbl_ts=&auct_id=d9347d66-e1cc-41ee-afd5-53e4fcd2ee49&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_kategori_sayfalari_728x90_2&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=2414810363&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=728x90&adgjsv=1.16.2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:51 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
avw.gif
c.4dex.io/ Frame 9F42 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&evt=vsbl_actvw&pv_id=90de5c49-2591-4471-b762-ae4cf7a93d47&adu_el_id=div-gpt-ad-1455783126174-15337721728129623web_yemeknet_kategori_sayfalari_ust_728x90&v=0&tz_off=0&js_late=1&js_ts=&size=728x90&pbjs_sizes=728x90%2C468x60&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=2901&pg_durat=4656&pg_paused=0&pg_exp=4656&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=717&clk_time=&reset=0&adsrv_adu_exp=2231&navs_ts=1683875626677&trgr_ts=1683875628789&init_ts=1683875628790&start_ts=1683875628790&reset_ts=&vsbl_ts=1683875629900&adsrv_vsbl_ts=1683875630617&auct_id=d9347d66-e1cc-41ee-afd5-53e4fcd2ee49&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_kategori_sayfalari_ust_728x90&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=2414810363&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=728x90&adgjsv=1.16.2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:51 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
avw.gif
c.4dex.io/ Frame 9F42 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&evt=start&pv_id=90de5c49-2591-4471-b762-ae4cf7a93d47&adu_el_id=div-gpt-ad-1455783126174-15337921728129623web_yemeknet_kategori_sayfalari_728x90_repeating&v=0&tz_off=0&js_late=1&js_ts=&size=728x90&pbjs_sizes=728x90%2C468x60&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=0&pg_durat=4800&pg_paused=0&pg_exp=4800&vsbl=0&adsrv_vsbl=0&adsrv_att_delta=0&clk_time=&reset=0&adsrv_adu_exp=0&navs_ts=1683875626677&trgr_ts=1683875628934&init_ts=1683875628934&start_ts=1683875628935&reset_ts=&vsbl_ts=&adsrv_vsbl_ts=&auct_id=d9347d66-e1cc-41ee-afd5-53e4fcd2ee49&featv=1&pn=1&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=food&env=web&org_id=1066&pgtyp=allpages&plcmt=web_yemeknet_kategori_sayfalari_728x90_repeating&site=ye-mek-net&subcat=&adsrv=dfp&adsrv_advrt_id=4640999434&adsrv_cmpgn_id=2414810363&adsrv_crea_id=&adsrv_empty=0&adsrv_lnitem_id=&adsrv_size=728x90&adgjsv=1.16.2
Requested by
Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ye-mek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 07:13:51 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
event
unilever.demdex.net/ Frame 9F42 		0
0
5ed7706de4b07a92411bc042
ng2.virgul.com/tck/imp/ Frame 9F42 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=1500&ts=1683875627963&src=pbjs
Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
biddr.brealtime.com
URL
https://biddr.brealtime.com/check.html
Domain
unilever.demdex.net
URL
https://unilever.demdex.net/event?d_sid=25453995&cs=1683875631986
Domain
ng2.virgul.com
URL
https://ng2.virgul.com/tck/imp/5ed7706de4b07a92411bc042?g=1&t=gb&r=153379@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1683875627587&userId=vneta053d54b-47d2-4394-ad52-d3209bb3e68e

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| cloakan string| data object| xmlHttp number| data2 string| hash object| ifrm

42 Cookies

Domain/Path Name / Value
.adnxs.com/ Name: icu
Value: ChgIlrpzEAoYASABKAEwrM73ogY4AUABSAEQrM73ogYYAA..
.adnxs.com/ Name: uuid2
Value: 1740212894709690222
.rubiconproject.com/ Name: khaos
Value: LHK82M2B-U-H48W
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qq1Oqyjg6H+BubASkO6QPb7E03ikE5KqM3ix8/D4moDzK9qzpfcVMLW8NhzLov3/0MOwzHLtYfPBBoZUFBBzTvW0A+VO7RH1E0=
.casalemedia.com/ Name: CMPS
Value: 5186
.casalemedia.com/ Name: CMPRO
Value: 5186
.doubleclick.net/ Name: IDE
Value: AHWqTUnxWSbtkqjWcB_Syql03XzxpBKsE7SAAFOjKMIu0FA4dRhvrs6KeQDvywT2q4U
.casalemedia.com/ Name: CMID
Value: ZF3nLOeHDPsSilRSIOXp7wAA
.w55c.net/ Name: wfivefivec
Value: dff0x3WE1PXmYl5
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>3hQSE!!]tcR8i_iqf!oN/@E'zz<*Z0Q*U^VtmBFQC4[0X/K_68/$bm_-nhOf_pMwX^TD._*PlZ[C[-kX-?%Ddg
.hspvst.com/ Name: VI2677
Value: %7B%22time%22%3A1683875628%2C%22utid%22%3A%22af25379bfe131f6ae4a83c38a4fdd095%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/ Name: VIP2677
Value: 1
.ctnsnet.com/ Name: gid_CAESEDYJogyAtFsEbMotPvwlqgk
Value: 1
.simpli.fi/ Name: suid
Value: 69E41AC40F32434298C79ABCBC4EE3DE
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-aaa96378-137a-4b01-8d45-67d34c274f62-003%22%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 981AAEAC-5811-4DC2-90AC-0E9C838867C5
.ctnsnet.com/ Name: gid_CAESEA-c1bunoqvT2vP6JVQtnSI
Value: 1
.ctnsnet.com/ Name: cid
Value: cb14cf157c484cc2b2cab1685672c399
.360yield.com/ Name: tuuid
Value: 930bc9a4-4859-42c8-99f0-13fbcc4bbbab
.360yield.com/ Name: tuuid_lu
Value: 1683875629
.adtriba.com/ Name: atbgdid
Value: a0de0bb5-5111-4691-b88b-a07e3eb9435c
.quantserve.com/ Name: d
Value: EEwBCQH8KIEA
.quantserve.com/ Name: mc
Value: 645de72d-52bb0-4fdb8-02dae
.bidswitch.net/ Name: tuuid
Value: f14c7bc7-5cfa-46b9-a367-b79d896ae0d8
.bidswitch.net/ Name: c
Value: 1683875629
.bidswitch.net/ Name: tuuid_lu
Value: 1683875629
.w55c.net/ Name: matchgoogle
Value: 5
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22E98B7462-3253-4319-AC9F-D096844CA83C%22%7D
.turn.com/ Name: uid
Value: 9170623301312874033
.mathtag.com/ Name: mt_mop
Value: 4:1683875629
.bidswitch.net/ Name: google_push
Value: ATf1kGPpKugb-L6IiOp_o64PmjnBrGBGz564sQCJP_ssXynXv5Ux9VgO9s8znTlfbo5grVNpf7VeBb74iEdjWaHlkjHJ_LHH_a14sQ
.mathtag.com/ Name: uuid
Value: 532e645d-e72d-4b00-8111-9e7618c3c741
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-aaa96378-137a-4b01-8d45-67d34c274f62-003%22%7D
.adfarm1.adition.com/ Name: UserID1
Value: 7232190757097371800
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBC3nXWQCELiqQnIXssiixGvS8NLjZLYFEgEBAQE4X2RnZOAPyiMA_eMAAA&S=AQAAAp2WncvrjykIL6YBvTVwqk8
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~2blj
.adform.net/ Name: uid
Value: 4088908138736354811
.tribalfusion.com/ Name: ANON_ID
Value: aonseFq0I1f9yNy6Qwm4HVZcBF5NQ7IyGI5VTQjUT912iFkQVndKUst2mdgfPkaG7ny1oUVQ01dYRMCDZahqLZd
.addthis.com/ Name: uvc
Value: 1%7C19
.addthis.com/ Name: loc
Value: MDAwMDBFVURFVEgyMzAxMTkxMDAwODAwMDBDSA==

7 Console Messages

Source Level URL
Text
network error URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript error URL: https://ye-mek.net/(Line 39)
Message:
Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x6uf5z9e3262.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network error URL: https://hb.emxdgt.com/?t=1500&ts=1683875627963&src=pbjs
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683875627775&bpp=4&bdt=848&idt=231&shv=r20230510&mjsv=m202305080101&ptt=9&saldr=aa&nras=1&correlator=4587312634858&frm=24&ife=1&pv=2&ga_vid=1195969361.1683875627&ga_sid=1683875628&ga_hid=1414178609&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44773809%2C44759876%2C44759927%2C42532089%2C42532185%2C44759837%2C44788441%2C44789779&oid=2&pvsid=2648781072102199&tmod=300938915&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.j7vueekla53t&fsb=1&dtd=245
Message:
Failed to load resource: the server responded with a status of 403 ()
worker error URL: blob:https://googleads.g.doubleclick.net/308b6369-4373-4742-a108-bbb1c4b0d9be
Message:
Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/308b6369-4373-4742-a108-bbb1c4b0d9be' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://googleads.g.doubleclick.net/308b6369-4373-4742-a108-bbb1c4b0d9be
Message:
Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/308b6369-4373-4742-a108-bbb1c4b0d9be' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=981AAEAC-5811-4DC2-90AC-0E9C838867C5&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

08a42f2cd77c2fd4075bf90823149cd9.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
ads.travelaudience.com
ads.w55c.net
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
ap.lijit.com
bidder.criteo.com
biddr.brealtime.com
c.4dex.io
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cdn.ye-mek.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cpm.programattik.com
cr.frontend.weborama.fr
cti.w55c.net
d.adtriba.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
feed.pghub.io
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
i.w55c.net
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.dmca.com
imasdk.googleapis.com
m.addthis.com
match.360yield.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
ng.virgul.com
ng2.virgul.com
p.rfihub.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pghub.io
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
px.ads.linkedin.com
r.turn.com
rek-n18.nktcdn.com
rek.izlesene.com
rtb.openx.net
s.amazon-adsystem.com
s.h.w55c.net
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
static.criteo.net
static.virgul.com
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.targeting.unrulymedia.com
t.hspvst.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
unilever.demdex.net
ups.analytics.yahoo.com
v1.addthisedge.com
www.cloakan.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ye-mek.net
z.moatads.com
biddr.brealtime.com
hb.emxdgt.com
ng2.virgul.com
s7.addthis.com
unilever.demdex.net
108.138.201.216
13.224.225.68
142.250.184.194
151.101.65.108
151.139.128.10
154.58.197.185
172.217.16.194
178.250.1.9
178.250.7.13
18.158.240.157
18.184.195.22
18.194.201.98
18.203.131.238
18.66.122.70
185.29.134.244
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.7.176.218
185.7.176.221
185.7.176.223
185.80.39.216
192.229.233.53
193.0.160.131
20.60.220.36
2001:678:cb4:bbbb::11
213.155.156.185
213.19.147.45
216.52.2.16
23.201.255.110
23.206.208.114
23.32.185.123
23.35.236.201
2600:9000:2491:6000:1b:f040:3600:93a1
2602:803:c003:200::51
2606:4700:20::ac43:4bf1
2606:4700::6812:19ad
2606:4700::6812:272
2620:100:a001::18
2620:100:a001::c
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a02:2638:3::3
2a02:6ea0:c700::11
2a02:fa8:8806:16::1400
2a03:2880:f084:d:face:b00c:0:3
2a05:d018:d29:3601:1a95:7ea:ebf7:b0a7
3.120.144.155
3.125.249.165
3.33.220.150
3.75.62.37
34.102.243.38
34.111.129.221
34.111.131.239
34.249.208.98
34.91.62.186
35.186.193.173
35.186.253.211
35.190.0.66
35.241.34.106
35.241.45.217
37.157.5.132
37.157.6.254
37.252.172.123
52.46.128.147
54.76.83.155
67.220.228.201
69.173.144.165
77.245.159.14
85.111.6.48
85.114.159.93
94.138.206.83
95.101.149.35
00b84b6e0b5e6b6017c143a7b927a5de0f2172cf7a8ddb2b2c86d9643ab00340
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
015f01ac1de281b59184590acd3cd394181b4f2d309e08b8d527de820a968420
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
0210c85818d68e70d5b2b7173b9c3ae65774adee772ad11018f968403f1abcc4
02f5595ff7049365dadd3a70792382b925323401d409b7f8b1cab3d61ea159dd
0310d06b42963760d784418ad04a7ccd0de2c3e325f289edea62ef95c696a661
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05c72250b7b0da8e896799e32f88440d53848a083665b797629e25bad1bde6fd
066bbfcc0791d1dde12ec5f2d7fc1d5c6bccac6ebc91302ca4e903a2178cca34
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07849c46f2c450b07dfccf7163e986d80d942edd003d11dbe02f083bc21ac008
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0863d199b018e75865317de60a161721a899ca66ff152136475df3bf0e5204bd
08ea981d8e95685d3e51862b19b49ffad381b140f8389b86658b47b5eed2b0e9
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d33244b00924701f9d195c2a47d38c2d8c991ce25fffc62dfe2847ff166d5ce
0f7226a27d44ba3b13a34640b036b2d2666f057b039861b781576c4bf8308642
10a926255dc419d01f05cf651efaf27b224c58581450f8bb20f02c1a8f285771
11bdeef13c43bc54e3d8c6059983a8e53ee7dedf433f863c725f9252b4500c26
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147154470a9824945cb7ec7b51309b8d52066bc8c27bacafeb2d0a49a65d26e7
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1f5a2a979149a9192bb49e10899322a37fbfda94dd47567b029823950adc0e2f
204be8afb130957abf83d87a592dfb6de645dcfc7035fafefec72e676dfe05e9
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
209756ca5d587e33595747af61be5d7a42c1e20a78dc02d9526186c46bbbe0c5
20c4aaf37220e8710036e4029f1c6099b09e384315e19a45ef2e0559e2b375a4
22fee539734d38c9e84e3982188b21bafc9457236279a136ce1b3b9d55667437
2557dcf9b148401623099948dc0a62d62adbafdd94f6c339695ed98f0622af9d
25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6
28960a9aa0071776192259a5836f4d2c1acc9e978c1f3f1a8f3a7e5bc67a65ea
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2c436d2ba8f49d08bce6f99abf4b4924338f199f9f972240f50a9c1284f89b40
2dfa62171c6667988d674799a042b576b12881c34464cb9a78ff2138ed3faa94
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
34036b7ceed88b75d9cf9fcc6b414372042896bcc28954b304766f6f1bf8e8bd
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
3bc501087c297a6f3d740843828eabab1f7f9de9787718f2ec63952faedbec0e
3bf48016240e2a08d327f70eed169e186b2fca957544ed5c02e9b7c6c9af7d94
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
3f064267c64c1eeca604b20f9d60538c32c14e90528441d0524c2f30161f8b47
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4343356117396bfb8ed39ef51da72a77b9ce2006eb82fa3f09b4ff5ae75650a3
436484b452f8f1c015d37c79077fd81dcfbb053f58e6f0b586692ef9de9fc2d8
4418e8eb99d17f14de0b993f9c8b5e0ce194ebda0245e0c06d98fa6a4cceb7c7
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f0cc2e9c125cb90661c6b6a21f72fae9ae4f908b1874e189fe9fa1927fe4f0
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47797ddf9560867d1c7d4c4e37e7b8816ae87b8082d3c2d915b0b3f822fac371
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4900d8728f3bf4dcdd3eef34e5ccfa3e10485f28aea8ff6e8de2a18068890982
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf33c16b5adc3b87b595f4e86e3d09c25bb499fa2e24a7f9d683adc30c04fef
4db3292f4d48701915b46f5de3cc365ad20985486373d51af771c1e3d9ce7baa
4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e114ad0f73b9f3e1a252a7bfc15c82f169e8d84f6961d20655c19f7e5c0caa5
4fde1d44e25d5e2a98453f5411d31b235eee117933782d63cbe349f6e5ac9c65
5044b68fb02ec958a800bc49e306cfe424ae5143f4eb907a291128bbf85e273c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
520d28f0b4f96f76a15119e65355d3ee6cfccd7518520e3194fd1585eb12e6b9
547c7fef6a681d674ddff147a155d7ecc48d582b5cb2eabbf50feb253c4b7233
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ddcabedf2600fc561ab8ea1d690461ad399c9b8f77f82214d905b21310c71e
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5aa2370fd272d30acd5cb39f9b191a243d55a2adab6f0d7ff1950c39f028d331
5b486fb2c76cecda2be72306ada458464547f8a65d8423bb2a6cea53b21be6e7
5c4a38af2471142f60f0034c5b0b5657f718da28011a6ced27e9e3e56183d07e
5d867d8101d7d263052fd7656e7e10f585b485c3c38cb96e2c7bca172f579491
5df07b7c868c5df78b09c4e3028f497a2fab2b5cb7ca4163a75948ad685f89b3
5f34fddd1249e637892e6a17905cd4fbbcaff31ac09a1626f98aaa45b5953599
607c41758097d2b8429fa6d3c628610701802c4a9ba8dec3901257491bf3cb7d
60a7a84a62766e4ee1b9cd4662372eaf402d99549cf92dcea1ddaa1b136d496d
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
6186cdfa3c371aed90c7f2c822df1a8e1db780cffb7a2c4d0fc15874a7237dd3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61de8dcf7ab8f26adb474fe5e3a8280dc757e503ce597d9add72c22a67e47940
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306
65fb4798ce5d6c245da63cc949a4909180b95d36906efdbd49e5a3789d262266
68007176df5ef70d7ec11cb5e38fc89747248fd9a7af1ab11a2aa51e20211fce
6a6b89640e1cf136f687e85107323fe46d3eb0bf6572903005ba9e6829d2dd27
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a88e0d82ba2998038cc86adc47bfb48d21e6114e18d97f0ecd05f5df519a95f
6bab7b7ca4f11f4d8ae815868cc1e93b3b27904e1500147a870fe639852c1add
6bfe09f0e69c4c09277d895b1146f4217b705d6bee219c661b36031742c24dd0
6c3294ef598667c6169398d34721280ddbc9dffcba5bc3ac190357374f841347
70c1047262a463128cdda479f9ffc5ef1fb3caa7c1c3ab42e5ffd3e930ae41a6
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72dcb59b8278f98ab2444ffda3f43b2a76bc9baebe60836c046eb6c4f147e139
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77017d3007821ab79e69cdd1da0c3b5e72308f78b8b9d1f3a34730de4b144302
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7d9fcac1fb7114def5ff3d03c471a461834e48dd9bdeb94f803a76bfe01a3a37
7e97639114954ac5d65f5065c56d92d777ed1592dd283b3009959fa5473218cf
7fb65548f1070a02531030355eb69c1dbdaa000acc7997f5c2af52e01bc29aa4
80a6bc8e05e84df98ca33712aaf3b520db8e4eb53cb97429d0a3f72fdb8bb35b
81fa8db261275be7531fb128593cece26d5e679e6e7a633f28f77add13a0d217
83bb06fedf748e77418bf8c58cb98297d9e093ae1d018c24d2b377af89023284
840f32948f13a31acb240f2481999e70efe9eabea0d423581bb2e4f9e53aafb3
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
886aadb9d7fd797e07b70c67dfc5e3f40f8cb9a350bee05e5cc4db9c078613c4
89a6171a0c1696d59b7e25f7eb79f536d2c3655d70d7e069d9598002540bc788
8bcbeaea0fdb111e7cb0373e3c1e3aa846128818fbe1afb55466227dddc9bab8
8c47b44c2eb52f803ff7faa3cc7043d75a2814f83cf9c1dd66a1c669184e68f8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d70f5e3076126b0f029c2842e0f3374e5d02070a295f5d25e2c4a0c7c823ff1
8ef632787197eed4d48c94b8bf69add99b244a562f4927b491f8ec1f4d27e8e2
9133b1a03fbaae9ea9cc0430b15c8f9a20dbff26288ab9eef75a9959d775c6ef
92f5cc44b682dd86b0c7a777f990dbd1d8a8ce8a64076ae84199fcb9bedcdcb8
934e4c5bf691cb219893679833277e4f7e475523532e0d123afe9b154507e76b
96e22a33f827f042ac4b239c21f468a17c87545df3f6b90e100d3a91b253a1e7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1ec654e529d91133a96b94592f569bdef2932fa03d52c6fdb164a5195d7b9b
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0711e8b40705bfe578257b7ccd102e309411c0cec6ac0722ec487d827733388
a09a0a0b27c17ceedfae9a0c2db6819018ce22c4630ae3b4f8b0a75bbb0a86ae
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2c9562327669da2c1398e3024e24ec27279e1dae7817b9d014b9aa10ccf554b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f3838eb274c796c020d1f20b49561a1f4053a9a7e571c145364667c9055bf2
a5b385a6e3635652fa541617d26939d25f47ee873fab1b119ef2685b85e678c3
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
a9baef98a9f2b4098a8e9e4c62b30f1d89054be3b7dbca5058a7f13fe95a1887
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
ad899f1b1f18501cc694e0a7046183eb779931af7b2aed082a2b59edc56794e3
b11986b7afdf2de1efe4081e4438499553d09cae22d8b21109be645d45e523cb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ecd92de7982ef4ffd3778b02d62aaef7341b3c9ac5f4e53e749a9bde702119
b5b76542cdb6e9a9ff341907d66f2cd74f8b5544666fb975d5fb80db46194cbf
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
bd1c00de84bbbdbbd015a619b69a05f50fbb5be6b09f8d2385737460a092f72b
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96
c1213bb180d29b3b030ae1e3cc9b89f0823b2af4ace4d0cb42d18e1326f39ba1
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c8846180af4c5402d3a9eccff27202a85c7235d96e826a3648254d684abc6daf
c970c612c80d853bb998750b1cccf9aedbb8bb1108406a525c61b7a0e6b19a46
ca5186c45c8b98fd128a56f0778172c5088be7086f94ab4d9c0fc0657081f29e
ce7aa9a76e1ef06e22d13a5c8678b9b7440f5b1f854ecb62b447ad383927abb6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d36dfe6d6d9da7b8fca74c7e5587a057a719eed2d2d1eae4fcd7af0e2d12f21f
d3b45b06882fe1aa9b47a8d88df978f19ce55a249840cc1b44eed3974a0fcd6a
d3c70a5ecb1b5c16ddff716d6a83d189efa57a07c4210acf01c978093e3a80eb
d5413d515eef98dd488b9d4addfa8f594b1a505233eb79a00a76870685e75a64
d5e9a3b63640ba8e6b388a6596295a1a01225f6ac3192357d01f1f4cad6cb11b
d6c6699a632aac7b20247601a044bcb1151bcf638d9b435ef4c29aac1d911b3f
d82c4906e4b728e92a7fcec80c1f8bcb5b16502d30a9de09a361dc503a70145a
d8b4887a05128d173df033ad7b0ecf00bba347394d67b8800b831a90dfeff00c
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
e041f359812b31ffb3d561c106435550a58d86540a0262a93e6e462624fada6f
e0a2e59733d6e88bc887e607fad372e4a59e36c08fa9a7b71e15ba1b8bd4fb51
e123c89304102743bb55fb39dc2cdb0e1d8af399a7bc27e1b702ec15577dc996
e183dfed35d6921278c39359a5d34fbb9dfaaf4f990ec6d210a7217a95e897db
e333cb1305d380d1fea95d56af2665209ad86d60e8df0d3d0b1d6aba56d5836f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e76bfab32011dde372b854e7159a28a261f1f8d40929419e520d705253df47a0
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea68e20514296ce314c3ca1eb5ff2cd1c1a1fc396b303b41c2364ffbd31e1550
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22e44016410fdcef01a56b89401973c22cc1d5fc740e615ed904add45ad7ffe
f66701275896763806723b24a98618b5ae17e48da67fea9132b98f31aaab60ae
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
f87a5e9c361a20e11c94a19a78b0bb96fa5dbefa264404070c617213015295b0
fb9ee137734c9d4933d908d02325dc37c4dd86dd58614a2c7d9d5a01890aefd2
fcc58cc9d4be09fdd40a74ca3a453622a269f2bdd1c598a863f54d2bd07a2126
fcc8d02d1890db4b4310e06955eb7c309069e9672717fe97e043d6114cd105ae
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4