pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Submission: On July 01 via api (July 1st 2023, 3:41:45 pm UTC) from TR — Scanned from DE

Summary HTTP 249 Redirects Behaviour Indicators

Summary

This website contacted 36 IPs in 3 countries across 44 domains to perform 249 HTTP transactions. The main IP is 20.60.220.36, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pcloak.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.

This is the only time pcloak.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	77.245.159.14 77.245.159.14	42868 (NIOBEBILI...) (NIOBEBILISIMHIZMETLERI)
2	94.138.206.83 94.138.206.83	49126 (AS49126) (AS49126)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
40	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
20	185.7.176.223 185.7.176.223	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
24	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.138.185 18.66.138.185	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
25	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	35.156.85.133 35.156.85.133	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:225... 2600:9000:2251:9400:3:4706:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:25e... 2600:9000:25eb:e200:1b:f040:3600:93a1	16509 (AMAZON-02) (AMAZON-02)
6	154.58.197.185 154.58.197.185	() ()
8	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	() ()
2 2	185.29.134.248 185.29.134.248	() ()
1 33	142.250.185.194 142.250.185.194	() ()
1 2	2606:4700::68... 2606:4700::6812:19ad	() ()
2 2	35.190.0.66 35.190.0.66	() ()
1 1	2a05:d018:d29... 2a05:d018:d29:3605:c958:4a7f:3095:994e	() ()
1	3.75.62.37 3.75.62.37	() ()
7 7	3.70.92.75 3.70.92.75	() ()
2 2	151.101.66.49 151.101.66.49	() ()
2 2	213.155.156.184 213.155.156.184	() ()
1 1	2600:9000:25e... 2600:9000:25eb:3000:1b:5138:8a40:93a1	() ()
2 2	54.76.77.34 54.76.77.34	() ()
2 2	13.248.245.213 13.248.245.213	() ()
2	185.86.139.104 185.86.139.104	() ()
3 3	20.127.253.7 20.127.253.7	() ()
3	162.19.138.82 162.19.138.82	() ()
1	34.96.105.8 34.96.105.8	() ()
3	35.227.252.103 35.227.252.103	() ()
1 1	69.173.144.165 69.173.144.165	() ()
6 6	216.52.2.86 216.52.2.86	() ()
9 9	46.228.174.117 46.228.174.117	() ()
4 4	185.89.210.141 185.89.210.141	() ()
2 2	108.128.57.78 108.128.57.78	() ()
1 1	35.186.193.173 35.186.193.173	() ()
1 1	51.75.86.98 51.75.86.98	() ()
1 2	2.16.97.41 2.16.97.41	() ()
1 1	54.93.94.222 54.93.94.222	() ()
1	178.250.1.9 178.250.1.9	() ()
249	36

4 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pcloak.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.159.14 (Turkey)

ASN42868 (NIOBEBILISIMHIZMETLERI, TR)
PTR: stilgar.wlsrv.com

www.cloakan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.138.206.83 (Turkey)

ASN49126 (AS49126, TR)

ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ye-mek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.138.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-138-185.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

feed.pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.156.85.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-85-133.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2251:9400:3:4706:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:25eb:e200:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 154.58.197.185 (None, )

ASN- ()

t.hspvst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:b314:a0ef:ab7c:d546 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.248 (None, ) 2 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 142.250.185.194 (None, ) 1 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (None, ) 2 redirects

ASN- ()

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:c958:4a7f:3095:994e (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (None, )

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.70.92.75 (None, ) 7 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25eb:3000:1b:5138:8a40:93a1 (None, ) 1 redirects

ASN- ()

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.77.34 (None, ) 2 redirects

ASN- ()

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (None, ) 2 redirects

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.104 (None, )

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.127.253.7 (None, ) 3 redirects

ASN- ()

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.82 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (None, )

ASN- ()

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (None, )

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (None, ) 1 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.52.2.86 (None, ) 6 redirects

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 46.228.174.117 (None, ) 9 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.141 (None, ) 4 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.57.78 (None, ) 2 redirects

ASN- ()

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (None, ) 1 redirects

ASN- ()

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (None, ) 1 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (None, ) 1 redirects

ASN- ()

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.94.222 (None, ) 1 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	534 KB
54	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net	262 KB
42	ye-mek.net ye-mek.net cdn.ye-mek.net	611 KB
19	w55c.net 1 redirects i.w55c.net — Cisco Umbrella Rank: 2590 cti.w55c.net — Cisco Umbrella Rank: 4192 ads.w55c.net — Cisco Umbrella Rank: 12943 pm.w55c.net	270 KB
18	virgul.com static.virgul.com — Cisco Umbrella Rank: 81866 ng.virgul.com — Cisco Umbrella Rank: 65490 ng2.virgul.com — Cisco Umbrella Rank: 74231	233 KB
12	google.com adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	2 KB
7	bidswitch.net 7 redirects x.bidswitch.net	4 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	392 KB
6	1rx.io 6 redirects sync.1rx.io	5 KB
6	lijit.com 6 redirects ap.lijit.com	4 KB
6	hspvst.com t.hspvst.com	5 KB
4	adnxs.com 4 redirects secure.adnxs.com	5 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 353 aax.amazon-adsystem.com — Cisco Umbrella Rank: 438	62 KB
4	windows.net pcloak.blob.core.windows.net	3 KB
3	unrulymedia.com 3 redirects sync.targeting.unrulymedia.com	2 KB
3	openx.net rtb.openx.net	451 B
3	id5-sync.com id5-sync.com	3 KB
3	inmobi.com 3 redirects sync.inmobi.com	2 KB
3	quantserve.com cms.quantserve.com	1 KB
2	teads.tv 1 redirects sync.teads.tv	449 B
2	avct.cloud 2 redirects ads.avct.cloud	1 KB
2	smartadserver.com ssbsync.smartadserver.com	89 B
2	3lift.com 2 redirects eb2.3lift.com	957 B
2	360yield.com 2 redirects match.360yield.com	812 B
2	de17a.com 2 redirects d5p.de17a.com	647 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	898 B
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	835 B
2	travelaudience.com 2 redirects ads.travelaudience.com	932 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 136022	131 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 2090 feed.pghub.io — Cisco Umbrella Rank: 2360	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	89 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 13228	6 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 433 imasdk.googleapis.com — Cisco Umbrella Rank: 500	212 KB
2	cloakan.co www.cloakan.co	1 KB
1	criteo.com dis.criteo.com	363 B
1	onetag-sys.com 1 redirects onetag-sys.com	336 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	608 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	blismedia.com tr.blismedia.com	173 B
1	smaato.net 1 redirects s.ad.smaato.net	442 B
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2484	361 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	82 KB
249	44

	Domain	Requested by
40	cdn.ye-mek.net	ye-mek.net cdn.ye-mek.net
33	cm.g.doubleclick.net	1 redirects 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
25	tpc.googlesyndication.com	3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
22	pagead2.googlesyndication.com	static.virgul.com pagead2.googlesyndication.com 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com tpc.googlesyndication.com ye-mek.net securepubads.g.doubleclick.net www.googletagservices.com
17	securepubads.g.doubleclick.net	static.virgul.com securepubads.g.doubleclick.net 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com pcloak.blob.core.windows.net www.googletagservices.com
8	www.google.com	3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com tpc.googlesyndication.com
8	3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
8	ng.virgul.com	static.virgul.com ye-mek.net
7	x.bidswitch.net	7 redirects
7	www.googletagservices.com	3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
7	static.virgul.com	ye-mek.net static.virgul.com pcloak.blob.core.windows.net
6	sync.1rx.io	6 redirects
6	ap.lijit.com	6 redirects
6	t.hspvst.com	3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
6	ads.w55c.net	3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
6	cti.w55c.net	3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
6	i.w55c.net	pcloak.blob.core.windows.net 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
4	secure.adnxs.com	4 redirects
4	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	pcloak.blob.core.windows.net	pcloak.blob.core.windows.net
3	sync.targeting.unrulymedia.com	3 redirects
3	rtb.openx.net	3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
3	id5-sync.com
3	sync.inmobi.com	3 redirects
3	cms.quantserve.com	3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
3	ng2.virgul.com	ye-mek.net
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
2	sync.teads.tv	1 redirects
2	ads.avct.cloud	2 redirects
2	ssbsync.smartadserver.com	3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
2	eb2.3lift.com	2 redirects
2	match.360yield.com	2 redirects
2	d5p.de17a.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ads.travelaudience.com	2 redirects
2	sync.mathtag.com	2 redirects
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
2	connect.facebook.net	ye-mek.net connect.facebook.net
2	images.dmca.com	ye-mek.net
2	ye-mek.net	www.cloakan.co ye-mek.net
2	www.cloakan.co	pcloak.blob.core.windows.net
1	dis.criteo.com	3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
1	pm.w55c.net	1 redirects
1	onetag-sys.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	tr.blismedia.com	3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	ups.analytics.yahoo.com	3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	imasdk.googleapis.com	c1.imgiz.com
1	feed.pghub.io	pghub.io
1	pghub.io	static.virgul.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	s7.addthis.com	ye-mek.net
1	www.googletagmanager.com	ye-mek.net
1	ajax.googleapis.com	ye-mek.net
249	60

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2023-03-22` - `2024-03-22`	a year	crt.sh
cpanel.cloakan.co R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
www.ye-mek.net RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-29` - `2023-07-07`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
1099124734.rsc.cdn77.org R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
images.dmca.com R3	`2023-05-13` - `2023-08-11`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-09-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-07-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-27` - `2023-09-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.w55c.net Amazon RSA 2048 M02	`2023-05-30` - `2024-06-27`	a year	crt.sh
*.hspvst.com Gandi Standard SSL CA 2	`2022-12-12` - `2023-12-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh

This page contains 26 frames:

Primary Page: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Frame ID: 534ED53DD53E6BA79FC5F0F5F02F9D2A
Requests: 6 HTTP requests in this frame

Frame: https://ye-mek.net/
Frame ID: 990E9D1C241D3DC09AC7164B4BD1CBF4
Requests: 91 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: 54DEDD8AAD349C70D1720A8E5E35520A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html
Frame ID: 1B2D449290C3F92F7C78322FE2CEF9F1
Requests: 1 HTTP requests in this frame

Frame: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: BA72109E81C59775A4C4440DA1F63030
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 6A1521C253C6196C7D3192F525A736FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688226102375&bpp=3&bdt=1034&idt=290&shv=r20230627&mjsv=m202306270101&ptt=9&saldr=aa&nras=1&correlator=6463411842196&frm=24&ife=1&pv=2&ga_vid=1308400559.1688226103&ga_sid=1688226103&ga_hid=559899350&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075625%2C31075721%2C44772268%2C44788441&oid=2&pvsid=3277620352513465&tmod=1631040865&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.i40oqmbruh5z&fsb=1&dtd=302
Frame ID: 3DF4AE6A35D7BA9C1C8478F634DAA2FC
Requests: 1 HTTP requests in this frame

Frame: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7A3D5DFB8EF38D0BCF009AE315AF622D
Requests: 12 HTTP requests in this frame

Frame: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 747B62AF56813FF8D32DBD78472462FF
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688226103203&bpp=8&bdt=150&idt=175&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&nras=1&correlator=3470181749899&frm=8&ife=1&pv=2&ga_vid=1365672597.1688226103&ga_sid=1688226103&ga_hid=2101940259&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3253033599&scr_x=-12245933&scr_y=-12245933&eid=42532277%2C44759926%2C44759842%2C44759875%2C42532279%2C44772268%2C44788441&oid=2&pvsid=4045573871849722&tmod=503388927&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.d1op6dsaj4sg&fsb=1&dtd=190
Frame ID: 6B2799B4BEB97F446274B2B9ADC49AB8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688226103211&bpp=2&bdt=158&idt=184&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3470181749899&frm=8&ife=1&pv=1&ga_vid=1365672597.1688226103&ga_sid=1688226103&ga_hid=2101940259&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3253033599&scr_x=-12245933&scr_y=-12245933&eid=42532277%2C44759926%2C44759842%2C44759875%2C42532279%2C44772268%2C44788441&oid=2&pvsid=4045573871849722&tmod=503388927&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6de29fgcz7z9&fsb=1&dtd=190
Frame ID: 9BB571ED6C30F8FB2C649AEEBF9D2098
Requests: 1 HTTP requests in this frame

Frame: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 629E9D1E152C179B858181240902B816
Requests: 13 HTTP requests in this frame

Frame: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 48DF48A1E5242F93785796A373D66819
Requests: 13 HTTP requests in this frame

Frame: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: DBB1302536B49B9459FFFA4403EB5EB1
Requests: 13 HTTP requests in this frame

Frame: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 889429BD5384EB59FAD27F32F7BCA83D
Requests: 12 HTTP requests in this frame

Frame: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: AA6C6D9A3FCCE30034E04A3DE19142B0
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C8DE8FC8E646293A49546318B24FBC95
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BB334D29B7DA2877FD6CE5569C2A3C7A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B72347EF9AF51FBCCA83F5455C47E389
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4F9EC328A40052E8B4601396362F2636
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9CEFA136A0065C8A9D41B45D491E367A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 067CCB85F654E6B98DC99D39B378160F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F82443F5BF091237404B16D8868E9BE9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 40B037807CD204C88CE8F5D000F1ABB1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 23EC4305D2F5232EB0AFEACDA5EB4A8D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DED64CF8F944AF154CD742EC98E043E1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AddThis (Widgets) Expand

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

249
Requests

88 %
HTTPS

32 %
IPv6

44
Domains

60
Subdomains

36
IPs

3
Countries

2907 kB
Transfer

6732 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 182

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKuM67-LhCtiCgXnQKNxolI&google_cver=1&google_push=AaAOQGFLk5sL2Jz70bktBzozEF7GKuURcii9vMMlKpk4TsgUnO6EQ6dO4KAutqPgAk0vdAE5BC6asP2iLtiwShv9uE11xDq0O14 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFLk5sL2Jz70bktBzozEF7GKuURcii9vMMlKpk4TsgUnO6EQ6dO4KAutqPgAk0vdAE5BC6asP2iLtiwShv9uE11xDq0O14

Request Chain 183

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJnfsUtMlHhS04VruVEZjGQ&google_cver=1&google_push=AaAOQGGjtBMvLU0T2R16ag3SFbOfs6OzB8X0Ym1hwVpkVMNUk6R5LCR2fc6sZAAASg0wX4aQqbaTZ6OoKIgr7sRsc2FN_Hh7Osih&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGjtBMvLU0T2R16ag3SFbOfs6OzB8X0Ym1hwVpkVMNUk6R5LCR2fc6sZAAASg0wX4aQqbaTZ6OoKIgr7sRsc2FN_Hh7Osih%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJnfsUtMlHhS04VruVEZjGQ&google_cver=1&google_push=AaAOQGGjtBMvLU0T2R16ag3SFbOfs6OzB8X0Ym1hwVpkVMNUk6R5LCR2fc6sZAAASg0wX4aQqbaTZ6OoKIgr7sRsc2FN_Hh7Osih&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGjtBMvLU0T2R16ag3SFbOfs6OzB8X0Ym1hwVpkVMNUk6R5LCR2fc6sZAAASg0wX4aQqbaTZ6OoKIgr7sRsc2FN_Hh7Osih%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 184

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOr4l_ra0HfXfOhCFJ8gBr4&google_cver=1&google_push=AaAOQGEldBZ6wSaCxIzFZkXy3x_UMLREao8L-XuhDYbiH6hStqh7tLMo-HObhJ7M5ciPbgRS7MHtxXNPzYwelmFXf5oSEXqz5vc2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BKOpccvzSZCgBQILag7_nQ2&google_push=AaAOQGEldBZ6wSaCxIzFZkXy3x_UMLREao8L-XuhDYbiH6hStqh7tLMo-HObhJ7M5ciPbgRS7MHtxXNPzYwelmFXf5oSEXqz5vc2

Request Chain 185

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEArqPaugn9WpXz2YyhJvcl8&google_cver=1&google_push=AaAOQGEDgcs78k8PLT8VM7f9xn0HBBXT-mzoPsUU6tRIB5FS4364hEYo3cnro7yt9Um9I0-jsgl53DVBTVR61xaMtHHLJP0p0ii1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEDgcs78k8PLT8VM7f9xn0HBBXT-mzoPsUU6tRIB5FS4364hEYo3cnro7yt9Um9I0-jsgl53DVBTVR61xaMtHHLJP0p0ii1&google_hm=eS1LTloydVRGRTJwR2dtbDgwTk9FcVNzd0swTG1UT21zS35B

Request Chain 187

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEHz5Hj1Yy32ancDaWwx2XPA&google_cver=1&google_push=AaAOQGEFcmuca-4bMH5O8Yu0rtSmOjKpqq-F4TVfMY6y5JUTp7Q6wwDdLiYTSWWFUdTKVxI10j8s4Xp1_SJOuTL3uv8U2wnLL5WLEw HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEHz5Hj1Yy32ancDaWwx2XPA&google_cver=1&google_push=AaAOQGEFcmuca-4bMH5O8Yu0rtSmOjKpqq-F4TVfMY6y5JUTp7Q6wwDdLiYTSWWFUdTKVxI10j8s4Xp1_SJOuTL3uv8U2wnLL5WLEw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=06571b73-e120-41ee-9560-309fb0593dab&%%GOOGLE_PUSH_PAIR%%

Request Chain 189

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDwrt3jS0FMgfSuPxih3jXQ&google_cver=1&google_push=AaAOQGGOVU_1CQlds7vv14j2InUDpyYEbn0FmmR5Ym2zt5kV1zymSAfWbH0hgT4FEEfOWfjrz5-StaOgu7DNkFd_sMleoo-n_yU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDwrt3jS0FMgfSuPxih3jXQ&google_push=AaAOQGGOVU_1CQlds7vv14j2InUDpyYEbn0FmmR5Ym2zt5kV1zymSAfWbH0hgT4FEEfOWfjrz5-StaOgu7DNkFd_sMleoo-n_yU

Request Chain 190

https://d5p.de17a.com/cookies/google?google_gid=CAESEFm0SEyVltnZg3vCwBiYJ0c&google_cver=1&google_push=AaAOQGFwTdrdiA50Ze-anZbi57JuS005vB_gqhvEaBqnc5JsaN01-Mke_5EUqYRomYjrzFWcnM3HJs7W5MAorj4JkMLv5BVKuQAF HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFm0SEyVltnZg3vCwBiYJ0c&google_cver=1&google_push=AaAOQGFwTdrdiA50Ze-anZbi57JuS005vB_gqhvEaBqnc5JsaN01-Mke_5EUqYRomYjrzFWcnM3HJs7W5MAorj4JkMLv5BVKuQAF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFwTdrdiA50Ze-anZbi57JuS005vB_gqhvEaBqnc5JsaN01-Mke_5EUqYRomYjrzFWcnM3HJs7W5MAorj4JkMLv5BVKuQAF

Request Chain 191

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIRV-O9HLNKj_PoasufAfPk&google_cver=1&google_push=AaAOQGEH0VzDtaIE3wzUMjOgC92-UVvPtmNh446d_uL7fhG-9nAFOBGw7ePLMKgmtCKTGdnbbQwDfjhDFAqjYgH4gncSnhbARM8d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGEH0VzDtaIE3wzUMjOgC92-UVvPtmNh446d_uL7fhG-9nAFOBGw7ePLMKgmtCKTGdnbbQwDfjhDFAqjYgH4gncSnhbARM8d

Request Chain 192

https://match.360yield.com/match/ebda?google_gid=CAESEB6NC2AKrv39kRC_evI8Z6I&google_cver=1&google_push=AaAOQGHj-CDKreTkkjD56SUEyI8qXlnBwWS1_BAnPvznXy3zc08u3CbK4SD0eTGQmdN5pL0b289_OBiRV8CAaIT6S1cxAKCVv42z HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEB6NC2AKrv39kRC_evI8Z6I&google_cver=1&google_push=AaAOQGHj-CDKreTkkjD56SUEyI8qXlnBwWS1_BAnPvznXy3zc08u3CbK4SD0eTGQmdN5pL0b289_OBiRV8CAaIT6S1cxAKCVv42z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GzT25BGiQdm9QmLAI1N3Wg&google_push=AaAOQGHj-CDKreTkkjD56SUEyI8qXlnBwWS1_BAnPvznXy3zc08u3CbK4SD0eTGQmdN5pL0b289_OBiRV8CAaIT6S1cxAKCVv42z

Request Chain 193

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFuFHWrBZvg0d_L4daI7YQI&google_cver=1&google_push=AaAOQGEaSKAVSbyQn91-HJCmXZorrkwuSzCbYyc56aRR2qQ3-Tu-9J9WOv9-t2VRlJs_OBLnfiW-Wxb3dTppyTNrK4Y5LBUCWGG5 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGEaSKAVSbyQn91-HJCmXZorrkwuSzCbYyc56aRR2qQ3-Tu-9J9WOv9-t2VRlJs_OBLnfiW-Wxb3dTppyTNrK4Y5LBUCWGG5&google_gid=CAESEFuFHWrBZvg0d_L4daI7YQI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY1OTIyNTYyNzA5NTY5MzI1NTUyNg%3D%3D&google_push=AaAOQGEaSKAVSbyQn91-HJCmXZorrkwuSzCbYyc56aRR2qQ3-Tu-9J9WOv9-t2VRlJs_OBLnfiW-Wxb3dTppyTNrK4Y5LBUCWGG5

Request Chain 195

https://sync.inmobi.com/gob?google_gid=CAESEMFO1KywL4sCn4snwiD0WbI&google_cver=1&google_push=AaAOQGH7SLCei5zrFtlFvC7DPry9TYe_Fo03-fwVl8eD32LkZxkEUynLaLi8WC9Ix-Wn1mMV5h2FgbDjFQwUQZwx91vm2tSwG67rlQ HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGH7SLCei5zrFtlFvC7DPry9TYe_Fo03-fwVl8eD32LkZxkEUynLaLi8WC9Ix-Wn1mMV5h2FgbDjFQwUQZwx91vm2tSwG67rlQ

Request Chain 199

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJzFzxt6-DX7dVFJXYzE3zk&google_cver=1&google_push=AaAOQGERb32YVF6LlUrd7nyVXxInJ19CYNY1_HFMuVCb3eMrPyJtwLELS-HbzzBMngflYbsgvuIPHOUn4L1Z_HiDAd46iYOPOb5z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGERb32YVF6LlUrd7nyVXxInJ19CYNY1_HFMuVCb3eMrPyJtwLELS-HbzzBMngflYbsgvuIPHOUn4L1Z_HiDAd46iYOPOb5z

Request Chain 202

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBqT7rAGnhbeveFJWtFcgdg&google_cver=1&google_push=AaAOQGGOw84xyAKgN1a8CbWHkIssS7_X66m35uWTqwmQOMOdFptJDpOCK5ViYBQmtzkaxa9jxMFmm3OkGFkUYV10QeYJNWvkLk9z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpLNjhGNFQtMjgtQk5XTg==&google_push=AaAOQGGOw84xyAKgN1a8CbWHkIssS7_X66m35uWTqwmQOMOdFptJDpOCK5ViYBQmtzkaxa9jxMFmm3OkGFkUYV10QeYJNWvkLk9z

Request Chain 203

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECNbPiScOzidcln49rdW2HA&google_cver=1&google_push=AaAOQGH5UsjbUJUz70MoTbEAaIQ26SCyjNyrOR8uoZ-_-HoJj_5ZeZnXp2T2TPuIjHHJx16Vq-_gmgvVLH1JY7zJp01oJgS0QCM HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECNbPiScOzidcln49rdW2HA&google_cver=1&google_push=AaAOQGH5UsjbUJUz70MoTbEAaIQ26SCyjNyrOR8uoZ-_-HoJj_5ZeZnXp2T2TPuIjHHJx16Vq-_gmgvVLH1JY7zJp01oJgS0QCM&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGH5UsjbUJUz70MoTbEAaIQ26SCyjNyrOR8uoZ-_-HoJj_5ZeZnXp2T2TPuIjHHJx16Vq-_gmgvVLH1JY7zJp01oJgS0QCM&google_hm=G6JNsGZHA9kR_hPURlqraEDj

Request Chain 204

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECWmSvJmWWyTcYTgVsCDNCE&google_cver=1&google_push=AaAOQGHXzXQc_IW1WsPWwkOl1DFLJXOPgYzd92pZ7gK1H8eSRewCfDlCbXImjJg93KFk5HXLRQNJeeLwYfcGdhlj7Zci8H7GQxDL HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGHXzXQc_IW1WsPWwkOl1DFLJXOPgYzd92pZ7gK1H8eSRewCfDlCbXImjJg93KFk5HXLRQNJeeLwYfcGdhlj7Zci8H7GQxDL&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1688226104464 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-abcc2280-cf72-4d40-8dd4-d20e3e2d9c2e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGHXzXQc_IW1WsPWwkOl1DFLJXOPgYzd92pZ7gK1H8eSRewCfDlCbXImjJg93KFk5HXLRQNJeeLwYfcGdhlj7Zci8H7GQxDL%26google_hm%3DA6vMIoDPck1AjdTSDj4tnC4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHXzXQc_IW1WsPWwkOl1DFLJXOPgYzd92pZ7gK1H8eSRewCfDlCbXImjJg93KFk5HXLRQNJeeLwYfcGdhlj7Zci8H7GQxDL&google_hm=A6vMIoDPck1AjdTSDj4tnC4

Request Chain 205

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENnD3ZI48DUlDhA5dex5ypA&google_cver=1&google_push=AaAOQGH7Z52LeMRr6RO5KfpDKWk5ggaMBjyW6QEJQEjA2vp8ngwBZ1YxiJyQNXQUSJJNDlNKzemPYkzooMlQzR5wmZ_Bu7RrvLq6bA HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENnD3ZI48DUlDhA5dex5ypA%26google_cver%3D1%26google_push%3DAaAOQGH7Z52LeMRr6RO5KfpDKWk5ggaMBjyW6QEJQEjA2vp8ngwBZ1YxiJyQNXQUSJJNDlNKzemPYkzooMlQzR5wmZ_Bu7RrvLq6bA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzQxMzI4NTUyMDA2NDU3ODQwMQ%3D%3D&google_gid=CAESENnD3ZI48DUlDhA5dex5ypA&google_cver=1&google_push=AaAOQGH7Z52LeMRr6RO5KfpDKWk5ggaMBjyW6QEJQEjA2vp8ngwBZ1YxiJyQNXQUSJJNDlNKzemPYkzooMlQzR5wmZ_Bu7RrvLq6bA

Request Chain 209

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOD8p5pQqhLWNa9D4Ef-hZQ&google_cver=1&google_push=AaAOQGHny1wLsN2xBnF-oWYL2Nz1kywMvKJ-Y2ZWrVy2GnqWZPN51IFX_G3oI6UxWZUoJWCY3p6j6HME9mJIqaMHz_P1X0tJCKIY HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=29uLP2OBSPm-p1eOgGkj0A2&google_push=AaAOQGHny1wLsN2xBnF-oWYL2Nz1kywMvKJ-Y2ZWrVy2GnqWZPN51IFX_G3oI6UxWZUoJWCY3p6j6HME9mJIqaMHz_P1X0tJCKIY

Request Chain 210

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDzMghjlXcI0cqqjaHonhOY&google_cver=1&google_push=AaAOQGFEJSKXeslvmIYV9asI6tJMVsFDDC3Xo1Fxw_vqGokY2k9fjlxVaIUJd1qfMz70aBRfGuabjn4mu823kr0cV-GEPEriqTw HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDzMghjlXcI0cqqjaHonhOY&google_cver=1&google_push=AaAOQGFEJSKXeslvmIYV9asI6tJMVsFDDC3Xo1Fxw_vqGokY2k9fjlxVaIUJd1qfMz70aBRfGuabjn4mu823kr0cV-GEPEriqTw HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=4aa5e0e7-b683-4f87-83ff-5e0c6aa11d3f&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFEJSKXeslvmIYV9asI6tJMVsFDDC3Xo1Fxw_vqGokY2k9fjlxVaIUJd1qfMz70aBRfGuabjn4mu823kr0cV-GEPEriqTw&google_hm=Blcbc-EgQe6VYDCfsFk9qw==

Request Chain 212

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPArKBFEIivUBOTFEEb14zo&google_cver=1&google_push=AaAOQGHpzdFY3PF2Ug8HZsmX42uX4gkjby9uveP9aQ2HGFPgJRkyFuD_zvDTA_Y4eXdgXO1kVI_3WGbKwFexAFTN634WxL7ZgkHm HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPArKBFEIivUBOTFEEb14zo&google_cver=1&google_push=AaAOQGHpzdFY3PF2Ug8HZsmX42uX4gkjby9uveP9aQ2HGFPgJRkyFuD_zvDTA_Y4eXdgXO1kVI_3WGbKwFexAFTN634WxL7ZgkHm&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGHpzdFY3PF2Ug8HZsmX42uX4gkjby9uveP9aQ2HGFPgJRkyFuD_zvDTA_Y4eXdgXO1kVI_3WGbKwFexAFTN634WxL7ZgkHm&google_hm=G6JNsGZHA9kR_hPURlqraEDj

Request Chain 213

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECp534Zj4QJma0tIG9Cyv9g&google_cver=1&google_push=AaAOQGFyUe4KQ7ErIAzS0DrHp90sKw4fwMD6MrIbFlwgbho7rQIEzD2hdrBylTy2E3pTPGjnbOG4XdUiPexszK0dDTggsF1-ETNG HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGFyUe4KQ7ErIAzS0DrHp90sKw4fwMD6MrIbFlwgbho7rQIEzD2hdrBylTy2E3pTPGjnbOG4XdUiPexszK0dDTggsF1-ETNG&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1688226104463 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-abcc2280-cf72-4d40-8dd4-d20e3e2d9c2e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGFyUe4KQ7ErIAzS0DrHp90sKw4fwMD6MrIbFlwgbho7rQIEzD2hdrBylTy2E3pTPGjnbOG4XdUiPexszK0dDTggsF1-ETNG%26google_hm%3DA6vMIoDPck1AjdTSDj4tnC4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGFyUe4KQ7ErIAzS0DrHp90sKw4fwMD6MrIbFlwgbho7rQIEzD2hdrBylTy2E3pTPGjnbOG4XdUiPexszK0dDTggsF1-ETNG&google_hm=A6vMIoDPck1AjdTSDj4tnC4

Request Chain 214

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDCpn18vbmwjFZi6dgxqzqs&google_cver=1&google_push=AaAOQGGrQfN8SWx76K9vXj6DoCpbPe74y9D9qzhdmTzEBiGuKzHwGIl1A1a9_HixawYevPSCKP0RG9gINsEO3CMIheNQtBCSVKBhUw HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDCpn18vbmwjFZi6dgxqzqs&google_cver=1&google_push=AaAOQGGrQfN8SWx76K9vXj6DoCpbPe74y9D9qzhdmTzEBiGuKzHwGIl1A1a9_HixawYevPSCKP0RG9gINsEO3CMIheNQtBCSVKBhUw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=06571b73-e120-41ee-9560-309fb0593dab&%%GOOGLE_PUSH_PAIR%%

Request Chain 216

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEI5WLOM3kXm8E3JBHoKCAjc&google_cver=1&google_push=AaAOQGGarNg35bOYG4kN3D1IQQ7GgH9wB7k9oGPIwabx7B9AxFXwJkaz64eaR0IiDBwzM522Rml9MpO0yatd5p7Ej1E1FcZnei8U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGarNg35bOYG4kN3D1IQQ7GgH9wB7k9oGPIwabx7B9AxFXwJkaz64eaR0IiDBwzM522Rml9MpO0yatd5p7Ej1E1FcZnei8U&google_hm=I2Kq9BG1SWGrE52n1MNL4Rk

Request Chain 218

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHcVNIW4KKPgw96HFaBFBxs&google_cver=1&google_push=AaAOQGFlgscOLv4hvwRUIQlVrsD9_sHKPEyWpN8Iwe-09P0r6MSAuL9cKr16veF362AJnE8A_n3xX56W-gMghIxzQB2qmxZObeNA HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHcVNIW4KKPgw96HFaBFBxs&google_cver=1&google_push=AaAOQGFlgscOLv4hvwRUIQlVrsD9_sHKPEyWpN8Iwe-09P0r6MSAuL9cKr16veF362AJnE8A_n3xX56W-gMghIxzQB2qmxZObeNA&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFlgscOLv4hvwRUIQlVrsD9_sHKPEyWpN8Iwe-09P0r6MSAuL9cKr16veF362AJnE8A_n3xX56W-gMghIxzQB2qmxZObeNA&google_hm=G6JNsGZHA9kR_hPURlqraEDj

Request Chain 219

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEI4CDiVfkjpTw4w2jaAZOVA&google_cver=1&google_push=AaAOQGEbs7AnFIv_E6mvuqxp0-FDQad7HkrXGK8dfBDVqAl84nSpScJFOSQq2OGZ0INfFTJgM_P1RTMRRb6lWzSoU1uuFzFPjtPQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEbs7AnFIv_E6mvuqxp0-FDQad7HkrXGK8dfBDVqAl84nSpScJFOSQq2OGZ0INfFTJgM_P1RTMRRb6lWzSoU1uuFzFPjtPQ

Request Chain 220

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO061HSJvfCzW-72xoWCpU0&google_cver=1&google_push=AaAOQGFGF0AX6X30aoBWssRn-lLKOvKtstsT8c_TuuXM-SISCCSaFx464GMxq-SSXpee6oUQ-EfGcUFag6a4AaVysxzPiaCg8eo8 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGFGF0AX6X30aoBWssRn-lLKOvKtstsT8c_TuuXM-SISCCSaFx464GMxq-SSXpee6oUQ-EfGcUFag6a4AaVysxzPiaCg8eo8&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1688226104464 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-abcc2280-cf72-4d40-8dd4-d20e3e2d9c2e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGFGF0AX6X30aoBWssRn-lLKOvKtstsT8c_TuuXM-SISCCSaFx464GMxq-SSXpee6oUQ-EfGcUFag6a4AaVysxzPiaCg8eo8%26google_hm%3DA6vMIoDPck1AjdTSDj4tnC4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGFGF0AX6X30aoBWssRn-lLKOvKtstsT8c_TuuXM-SISCCSaFx464GMxq-SSXpee6oUQ-EfGcUFag6a4AaVysxzPiaCg8eo8&google_hm=A6vMIoDPck1AjdTSDj4tnC4

Request Chain 221

https://sync.inmobi.com/gob?google_gid=CAESEM0jMcCi59TkH1pPHGEOEf0&google_cver=1&google_push=AaAOQGFG6qPamIY6pk0tViW3z9xfZkIxfa4eIJEdxbg6YQ2zfsXS3OYWFCVpz5YSYvJb8OVn2fZnkfSH2O5iIH_c_Wj6I2nUcxkW HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGFG6qPamIY6pk0tViW3z9xfZkIxfa4eIJEdxbg6YQ2zfsXS3OYWFCVpz5YSYvJb8OVn2fZnkfSH2O5iIH_c_Wj6I2nUcxkW

Request Chain 222

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEErfK_69R2dVsWSI1ep8chM&google_cver=1&google_push=AaAOQGFlVYZvGCYkrHTFQM015qmynXa9HyZ0r_Cuf5TlTkTo6yLnCOQxVS69HH-Xofg-uLC52yZxxeoCXf1kaN0KDaeyp8scEsqq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFlVYZvGCYkrHTFQM015qmynXa9HyZ0r_Cuf5TlTkTo6yLnCOQxVS69HH-Xofg-uLC52yZxxeoCXf1kaN0KDaeyp8scEsqq HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 227

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGvWxI_cilnslI7aaw9sgXQ&google_cver=1&google_push=AaAOQGGs871v04g81IXQ-OSwXeF87uCt8dYyj0opgK9uN5ObsDIKR9Y5QrialuQSKaUDp5Kz50ZFtK0dFLS0Ovmknzsnw6nFwJ0rtQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NFBtbDl3Zm0xUWZDSmk1&google_gid=CAESEGvWxI_cilnslI7aaw9sgXQ&google_cver=1&google_push=AaAOQGGs871v04g81IXQ-OSwXeF87uCt8dYyj0opgK9uN5ObsDIKR9Y5QrialuQSKaUDp5Kz50ZFtK0dFLS0Ovmknzsnw6nFwJ0rtQ

Request Chain 228

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEN1X2uIvxRUv3hPgxb2LWKw&google_cver=1&google_push=AaAOQGF1tM17nu7juUBWVlZ0BZ60Ft3LiwMBDG_33JvqcNwHeK8-96J9QahJspTvPwaGNpME2vJ5Src2miQTEkdYX9s5eSsrnpSNjA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN1X2uIvxRUv3hPgxb2LWKw&google_push=AaAOQGF1tM17nu7juUBWVlZ0BZ60Ft3LiwMBDG_33JvqcNwHeK8-96J9QahJspTvPwaGNpME2vJ5Src2miQTEkdYX9s5eSsrnpSNjA

Request Chain 231

https://sync.inmobi.com/gob?google_gid=CAESEGBujzC8ZfrWVtDduPDTlRo&google_cver=1&google_push=AaAOQGEYtjvD58JvCoDOVzfn71MfpCXTBwg5uC01UTEP2PlUHo1HibE315g1ENh9ydqtqOBQxOoMITGO6uNUxqCDc2zsrP_66tAG3zc HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEYtjvD58JvCoDOVzfn71MfpCXTBwg5uC01UTEP2PlUHo1HibE315g1ENh9ydqtqOBQxOoMITGO6uNUxqCDc2zsrP_66tAG3zc

Request Chain 232

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEItXwXJ_dHtYqZ7-z7tmUaM&google_cver=1&google_push=AaAOQGGBprjWGdWqj6lEhytjRE5Q2T5cZW3hPqtsDjxLKx00JDyLiCe4XZprWZ8oiLz080Xj2fFbb114189BuhvxK8AfkXrAHRnJ37U HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEItXwXJ_dHtYqZ7-z7tmUaM%26google_cver%3D1%26google_push%3DAaAOQGGBprjWGdWqj6lEhytjRE5Q2T5cZW3hPqtsDjxLKx00JDyLiCe4XZprWZ8oiLz080Xj2fFbb114189BuhvxK8AfkXrAHRnJ37U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzQxMzI4NTUyMDA2NDU3ODQwMQ%3D%3D&google_gid=CAESEItXwXJ_dHtYqZ7-z7tmUaM&google_cver=1&google_push=AaAOQGGBprjWGdWqj6lEhytjRE5Q2T5cZW3hPqtsDjxLKx00JDyLiCe4XZprWZ8oiLz080Xj2fFbb114189BuhvxK8AfkXrAHRnJ37U

249 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 6x69807j0b5.html Show response
pcloak.blob.core.windows.net/web/ 1 KB
2 KB 471ms
110ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1318
Content-MD5: +Dz/d7Mp2GQfilgWrAkqiw==
Content-Type: text/html
Date: Sat, 01 Jul 2023 15:41:39 GMT
ETag: 0x8DB5ED0599CC10C
Last-Modified: Sat, 27 May 2023 16:35:15 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 3ab31d81-301e-001a-2e32-ac23d2000000
x-ms-version: 2009-09-19

GET
H/1.1 404
The specified blob does not exist. jquery.min.js
pcloak.blob.core.windows.net/web/ 0
0 107ms
107ms Script
application/xml 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/jquery.min.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-request-id: 3ab31ddb-301e-001a-7e32-ac23d2000000
Date: Sat, 01 Jul 2023 15:41:39 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 200
OK cloakan.js Show response
pcloak.blob.core.windows.net/web/ 308 B
717 B 330ms
114ms Script
text/javascript 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 01 Jul 2023 15:41:40 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zPiKctHo6j8i1UGOFPpInw==
ETag: 0x8DA4D4A263C11C2
Content-Type: text/javascript
x-ms-request-id: 3ab31e7b-301e-001a-0c32-ac23d2000000
x-ms-version: 2009-09-19
Content-Length: 308

GET
H/1.1 200
OK style.css
pcloak.blob.core.windows.net/web/ 166 B
568 B 216ms
109ms Stylesheet
text/css 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pcloak.blob.core.windows.net/web/style.css
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 01 Jul 2023 15:41:39 GMT
Last-Modified: Mon, 13 Jun 2022 14:36:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 9ruAIrm4XHnQO3/sM8J0AQ==
ETag: 0x8DA4D4A26527CA0
Content-Type: text/css
x-ms-request-id: 3ab31e31-301e-001a-4a32-ac23d2000000
x-ms-version: 2009-09-19
Content-Length: 166

GET
H2 200 px.php Show response
www.cloakan.co/ 743 B
681 B 297ms
140ms XHR
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/px.php?id=6x69807j0b5
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:38 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 404

GET
H2 200 nv.php Show response
www.cloakan.co/ 232 B
385 B 296ms
154ms Script
text/html 77.245.159.14
NIOBEBILISIMHIZME...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/cloakan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS: stilgar.wlsrv.com
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcloak.blob.core.windows.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:38 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.33
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 112

GET
H2 200 / Show response
ye-mek.net/ Frame 990E 76 KB
76 KB 423ms
174ms Document
text/html 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/
Requested by: Host: www.cloakan.co
URL: https://www.cloakan.co/nv.php?id=6x69807j0b5-m
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 45ce3710e0dd18b6bd362d986c5a0adda78c2c9e5ba72a57aef203b9379571cb

Request headers

Referer: https://pcloak.blob.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 77907
content-type: text/html; charset=utf-8
date: Sat, 01 Jul 2023 15:41:40 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 990E 90 KB
91 KB 90ms
21ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 18:18:28 GMT
x-content-type-options: nosniff
age: 76993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92629
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jun 2024 18:18:28 GMT

GET
H2 200 yemeknet.js Show response
ye-mek.net/js/ Frame 990E 10 KB
2 KB 107ms
107ms Script
application/javascript 94.138.206.83
AS49126

General

Check archive.org

Show headers Download Go to

Full URL: https://ye-mek.net/js/yemeknet.js?v=1
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.138.206.83 , Turkey, ASN49126 (AS49126, TR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 01 Jul 2023 15:41:40 GMT
content-encoding: br
last-modified: Tue, 20 Aug 2019 13:15:54 GMT
server: Microsoft-IIS/10.0
etag: "0a144655957d51:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
content-length: 2179

GET
H2 200 maincss.css
cdn.ye-mek.net/ Frame 990E 40 KB
12 KB 278ms
28ms Stylesheet
text/css 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ye-mek.net/maincss.css?v=434
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 6416648
x-accel-date: 1681809453
x-77-nzt: AcO1qhFz6Pn/COlhAA
x-accel-expires: @1713345453
last-modified: Tue, 24 Nov 2020 00:00:32 GMT
server: CDN77-Turbo
etag: W/"5fbc4d20-9e5b"
x-77-nzt-ray: 4c1562244bef929f3549a064c3568e23
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 990E 233 KB
82 KB 86ms
38ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6B70JBQEWN

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

013fc60df48b7f9806d0b79112a4fb38e65cc29678f48cdb35f4eb4e4bf179a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83412
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 01 Jul 2023 15:41:41 GMT

GET
H2 200 searchButton.png
cdn.ye-mek.net/App_UI/Img/ Frame 990E 542 B
895 B 30ms
30ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/searchButton.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416713
x-accel-date: 1681809388
content-length: 542
x-77-nzt: AcO1qhHy4Vr/SelhAA
x-accel-expires: @1713345388
last-modified: Sat, 22 Oct 2022 20:00:57 GMT
server: CDN77-Turbo
etag: "63544bf9-21e"
x-77-nzt-ray: 4c1562244bef929f3549a0643f2f8424
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ara.png
cdn.ye-mek.net/App_UI/Img/ Frame 990E 2 KB
2 KB 28ms
28ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/ara.png
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416648
x-accel-date: 1681809453
content-length: 1651
x-77-nzt: AcO1qhF8csH/COlhAA
x-accel-expires: @1713345453
last-modified: Mon, 14 May 2018 22:41:08 GMT
server: CDN77-Turbo
etag: "5afa1084-673"
x-77-nzt-ray: 4c1562244bef929f3549a0646509b925
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 terbiyeli-kabak-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/07/ Frame 990E 11 KB
11 KB 34ms
34ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/07/terbiyeli-kabak-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3cf33fd1cc895fe26505c0677f183cec819f5d55d54905a1adf8e95322d67c19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 60812
x-accel-date: 1688165289
content-length: 11302
x-77-nzt: AcO1qhFvJP7/jO0AAA
x-accel-expires: @1719701289
last-modified: Fri, 30 Jun 2023 22:20:09 GMT
server: CDN77-Turbo
etag: "649f5519-2c26"
x-77-nzt-ray: 4c1562244bef929f3549a064f495ef26
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 soguk-kahve-resimli-yemek-tarifi(8).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 990E 10 KB
10 KB 39ms
35ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/soguk-kahve-resimli-yemek-tarifi(8).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 66f57830eba3793b6d407a90dc0636b5e5e028f466bec6045ebc0813acaf7afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 151602
x-accel-date: 1688074499
content-length: 9818
x-77-nzt: AcO1qhGjaKH/MlACAA
x-accel-expires: @1719610499
last-modified: Thu, 29 Jun 2023 21:14:19 GMT
server: CDN77-Turbo
etag: "649df42b-265a"
x-77-nzt-ray: 4c1562244bef929f3549a064c0313627
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mangal-icin-et-marinesi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 990E 14 KB
15 KB 50ms
45ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/mangal-icin-et-marinesi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6501e50ffffdc89ec56c93111f32c70f697610d4af971fb38ae964b5824c7eb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 235147
x-accel-date: 1687990954
content-length: 14815
x-77-nzt: AcO1qhHh6yT/i5YDAA
x-accel-expires: @1719526954
last-modified: Wed, 28 Jun 2023 22:12:14 GMT
server: CDN77-Turbo
etag: "649cb03e-39df"
x-77-nzt-ray: 4c1562244bef929f3549a0641b7e4c27
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ic-baklali-enginar-salatasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ Frame 990E 15 KB
16 KB 62ms
57ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/06/ic-baklali-enginar-salatasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: eab1145c02ae44ca45370dbdb689a98d1756fe3726fde675886a95730fee691d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 323629
x-accel-date: 1687902472
content-length: 15738
x-77-nzt: AcO1qhHV3I//LfAEAA
x-accel-expires: @1719438472
last-modified: Tue, 27 Jun 2023 21:35:10 GMT
server: CDN77-Turbo
etag: "649b560e-3d7a"
x-77-nzt-ray: 4c1562244bef929f3549a06416465327
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-sebzeli-tavuk-sote-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/11/ Frame 990E 13 KB
14 KB 73ms
68ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/11/firinda-sebzeli-tavuk-sote-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b2ecd92de7982ef4ffd3778b02d62aaef7341b3c9ac5f4e53e749a9bde702119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416502
x-accel-date: 1681809599
content-length: 13621
x-77-nzt: AcO1qhFK+iv/duhhAA
x-accel-expires: @1713345599
last-modified: Sat, 16 Nov 2019 21:54:33 GMT
server: CDN77-Turbo
etag: "5dd07019-3535"
x-77-nzt-ray: 4c1562244bef929f3549a064cc285827
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tarhana-koftesi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/05/ Frame 990E 15 KB
15 KB 74ms
69ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/05/tarhana-koftesi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a7bdc5489a06f3c3cc24119a5a76f4d5af38e07c2b7e4e458ce411993eb12e7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416576
x-accel-date: 1681809525
content-length: 15200
x-77-nzt: AcO1qhHO5n//wOhhAA
x-accel-expires: @1713345525
last-modified: Sun, 16 May 2021 23:23:16 GMT
server: CDN77-Turbo
etag: "60a1a964-3b60"
x-77-nzt-ray: 4c1562244bef929f3549a064de1c5b27
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-etimekli-besamel-soslu-tavuk-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2016/12/ Frame 990E 12 KB
13 KB 74ms
69ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2016/12/firinda-etimekli-besamel-soslu-tavuk-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e041f359812b31ffb3d561c106435550a58d86540a0262a93e6e462624fada6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6413719
x-accel-date: 1681812382
content-length: 12566
x-77-nzt: AcO1qhGEPaT/l91hAA
x-accel-expires: @1713348382
last-modified: Wed, 01 May 2019 23:10:13 GMT
server: CDN77-Turbo
etag: "5cca2755-3116"
x-77-nzt-ray: 4c1562244bef929f3549a06421765d27
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ramazan-pidesinden-yalanci-iskender-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2013/07/ Frame 990E 17 KB
17 KB 74ms
69ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2013/07/ramazan-pidesinden-yalanci-iskender-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3002b527e1cb5e6d8601854825ff1a291b37dfe3e190c02eb7ac1ad76cb12898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6415733
x-accel-date: 1681810368
content-length: 17200
x-77-nzt: AcO1qhH3pQz/deVhAA
x-accel-expires: @1713346368
last-modified: Wed, 01 May 2019 22:16:10 GMT
server: CDN77-Turbo
etag: "5cca1aaa-4330"
x-77-nzt-ray: 4c1562244bef929f3549a064ce1e6427
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 yagli-kofte-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/12/ Frame 990E 15 KB
15 KB 74ms
69ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/12/yagli-kofte-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 61ef244a7f7b27ce2c69ff28e1bb69f7bac2e6be7fe6dbbbcb82feeb11db7d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6414394
x-accel-date: 1681811707
content-length: 15394
x-77-nzt: AcO1qhFjZD//OuBhAA
x-accel-expires: @1713347707
last-modified: Fri, 17 Dec 2021 23:00:27 GMT
server: CDN77-Turbo
etag: "61bd168b-3c22"
x-77-nzt-ray: 4c1562244bef929f3549a0647a3d6727
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 badem-tatlisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/03/ Frame 990E 13 KB
13 KB 74ms
69ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/03/badem-tatlisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 10b43d3e90245cb8bf52bd969b4b7ce4fa9996f56f23679e334053f679533386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416576
x-accel-date: 1681809525
content-length: 12938
x-77-nzt: AcO1qhFpv+//wOhhAA
x-accel-expires: @1713345525
last-modified: Wed, 01 May 2019 23:32:23 GMT
server: CDN77-Turbo
etag: "5cca2c87-328a"
x-77-nzt-ray: 4c1562244bef929f3549a064abf26a27
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 bugu-kebabi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/07/ Frame 990E 11 KB
12 KB 74ms
69ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/07/bugu-kebabi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7de327885eb13552b4d8343d92108ecd9f34c139b358c2e2e4573227be944949

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6414260
x-accel-date: 1681811841
content-length: 11750
x-77-nzt: AcO1qhEL2RX/tN9hAA
x-accel-expires: @1713347841
last-modified: Wed, 01 May 2019 23:21:23 GMT
server: CDN77-Turbo
etag: "5cca29f3-2de6"
x-77-nzt-ray: 4c1562244bef929f3549a064b23b6d27
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 nohutlu-misket-kofte-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2014/02/ Frame 990E 13 KB
13 KB 74ms
70ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2014/02/nohutlu-misket-kofte-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 50282fee83281adfa1bd8aa7771950d435a2799ca90959ae8f3a483ff4fb0be0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6415733
x-accel-date: 1681810368
content-length: 13272
x-77-nzt: AcO1qhESZC3/deVhAA
x-accel-expires: @1713346368
last-modified: Wed, 01 May 2019 22:22:18 GMT
server: CDN77-Turbo
etag: "5cca1c1a-33d8"
x-77-nzt-ray: 4c1562244bef929f3549a064e8667627
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kofteli-orman-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/05/ Frame 990E 12 KB
13 KB 74ms
70ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/05/kofteli-orman-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2ee4854a38ad37b61a8727c71e98305037bc4711d65f4bac43420986b4c9455f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416576
x-accel-date: 1681809525
content-length: 12566
x-77-nzt: AcO1qhE5PJv/wOhhAA
x-accel-expires: @1713345525
last-modified: Sat, 25 May 2019 22:23:34 GMT
server: CDN77-Turbo
etag: "5ce9c066-3116"
x-77-nzt-ray: 4c1562244bef929f3549a064ac0b2e28
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-patlican-kebabi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2014/05/ Frame 990E 15 KB
15 KB 74ms
70ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2014/05/firinda-patlican-kebabi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fe665a455aceb9598500cae8ccd808cbffe5a3525c32cdc7bcbaa0e83a58ac0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416225
x-accel-date: 1681809876
content-length: 15015
x-77-nzt: AcO1qhEe7Yz/YedhAA
x-accel-expires: @1713345876
last-modified: Wed, 01 May 2019 22:25:01 GMT
server: CDN77-Turbo
etag: "5cca1cbd-3aa7"
x-77-nzt-ray: 4c1562244bef929f3549a064b3143628
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mantar-soslu-kofte-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/04/ Frame 990E 14 KB
15 KB 74ms
70ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/04/mantar-soslu-kofte-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 63b3428dab8c9858bfec0fdd1766207549e01494b99c89a230937546c926592d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6415957
x-accel-date: 1681810144
content-length: 14751
x-77-nzt: AcO1qhEQjEH/VeZhAA
x-accel-expires: @1713346144
last-modified: Thu, 21 Apr 2022 11:59:00 GMT
server: CDN77-Turbo
etag: "62614704-399f"
x-77-nzt-ray: 4c1562244bef929f3549a064c7fc3828
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-etli-karnabahar-yemegi-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/11/ Frame 990E 16 KB
16 KB 74ms
70ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/11/firinda-etli-karnabahar-yemegi-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 537d42962737bc550bbf34d1404e336cebc1b46ced111cc3c5b1ab744d38bb85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416131
x-accel-date: 1681809970
content-length: 16427
x-77-nzt: AcO1qhFygKz/A+dhAA
x-accel-expires: @1713345970
last-modified: Wed, 01 May 2019 22:50:41 GMT
server: CDN77-Turbo
etag: "5cca22c1-402b"
x-77-nzt-ray: 4c1562244bef929f3549a0641c1f3d28
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 mantarli-kori-soslu-tavuk-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2023/03/ Frame 990E 15 KB
15 KB 74ms
70ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2023/03/mantarli-kori-soslu-tavuk-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2efed30acdac9725b233f6d3d5bd8a16a9049980ceaa91525e061cc9c63da1e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6415819
x-accel-date: 1681810282
content-length: 15410
x-77-nzt: AcO1qhH8j8//y+VhAA
x-accel-expires: @1713346282
last-modified: Tue, 07 Mar 2023 20:31:42 GMT
server: CDN77-Turbo
etag: "64079f2e-3c32"
x-77-nzt-ray: 4c1562244bef929f3549a064bfa24728
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 firinda-tavuk-pirzola-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/06/ Frame 990E 12 KB
13 KB 75ms
71ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/06/firinda-tavuk-pirzola-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 09d46eb1397a55833670832dcac4edf7f7e1d2b170b3eb7c11557cadcfe0a784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6415164
x-accel-date: 1681810937
content-length: 12609
x-77-nzt: AcO1qhFTn3b/PONhAA
x-accel-expires: @1713346937
last-modified: Wed, 01 May 2019 23:19:17 GMT
server: CDN77-Turbo
etag: "5cca2975-3141"
x-77-nzt-ray: 4c1562244bef929f3549a0640b325028
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 tavuk-kroket-resimli-yemek-tarifi(20).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2022/05/ Frame 990E 14 KB
15 KB 75ms
71ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2022/05/tavuk-kroket-resimli-yemek-tarifi(20).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 05c72250b7b0da8e896799e32f88440d53848a083665b797629e25bad1bde6fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6415967
x-accel-date: 1681810134
content-length: 14613
x-77-nzt: AcO1qhFosnL/X+ZhAA
x-accel-expires: @1713346134
last-modified: Thu, 26 May 2022 23:00:23 GMT
server: CDN77-Turbo
etag: "62900687-3915"
x-77-nzt-ray: 4c1562244bef929f3549a06408525228
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 citir-tavuk-gogsu-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/06/ Frame 990E 12 KB
12 KB 75ms
71ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/06/citir-tavuk-gogsu-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b869a852368eaa119ee4b5b375ad2c86eb2c8eedaceafc3aff741faf14dc48b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6415926
x-accel-date: 1681810175
content-length: 11895
x-77-nzt: AcO1qhFF9jH/NuZhAA
x-accel-expires: @1713346175
last-modified: Thu, 20 Jun 2019 22:35:57 GMT
server: CDN77-Turbo
etag: "5d0c0a4d-2e77"
x-77-nzt-ray: 4c1562244bef929f3549a0645f195828
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 karnabahar-mantisi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/12/ Frame 990E 16 KB
16 KB 75ms
71ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/12/karnabahar-mantisi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 167b361207c0dbe5cc3e6a4aded1c1523af5ca6241dd25f5087a33d63ed89ed0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 61046
x-accel-date: 1688165055
content-length: 15923
x-77-nzt: AcO1qhEWQsz/du4AAA
x-accel-expires: @1719701055
last-modified: Thu, 30 Dec 2021 20:54:18 GMT
server: CDN77-Turbo
etag: "61ce1c7a-3e33"
x-77-nzt-ray: 4c1562244bef929f3549a064ac935f28
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kremali-sebzeli-makarna-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/09/ Frame 990E 17 KB
17 KB 75ms
71ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/09/kremali-sebzeli-makarna-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8e080429f5f69e47f9092b6106ca96eb4a31191dc00cbef1f20104561b44f10b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416428
x-accel-date: 1681809673
content-length: 17091
x-77-nzt: AcO1qhHyMhb/LOhhAA
x-accel-expires: @1713345673
last-modified: Wed, 15 Sep 2021 21:52:55 GMT
server: CDN77-Turbo
etag: "61426b37-42c3"
x-77-nzt-ray: 4c1562244bef929f3549a064903c6e28
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 yesil-mercimekli-ispanak-yemegi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/08/ Frame 990E 15 KB
15 KB 75ms
71ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/08/yesil-mercimekli-ispanak-yemegi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: da91387680a9a55651afd3e8937cb5e32defb01d582dbf5cb791fa812e8d893b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 178190
x-accel-date: 1688047911
content-length: 15001
x-77-nzt: AcO1qhHQKsj/DrgCAA
x-accel-expires: @1719583911
last-modified: Sat, 14 Aug 2021 21:03:21 GMT
server: CDN77-Turbo
etag: "61182f99-3a99"
x-77-nzt-ray: 4c1562244bef929f3549a064ed1f7228
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 bal-kabagi-sinkonta-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/02/ Frame 990E 11 KB
12 KB 75ms
72ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/02/bal-kabagi-sinkonta-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6e1330041e6221db02bceb99117262e8223c801c9c2708e99630521939b3f0d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 87938
x-accel-date: 1688138163
content-length: 11672
x-77-nzt: AcO1qhGqC4T/glcBAA
x-accel-expires: @1719674163
last-modified: Tue, 25 Feb 2020 22:03:55 GMT
server: CDN77-Turbo
etag: "5e5599cb-2d98"
x-77-nzt-ray: 4c1562244bef929f3549a064ef128b28
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 gendime-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2019/05/ Frame 990E 9 KB
10 KB 75ms
72ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2019/05/gendime-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9133b1a03fbaae9ea9cc0430b15c8f9a20dbff26288ab9eef75a9959d775c6ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416544
x-accel-date: 1681809557
content-length: 9686
x-77-nzt: AcO1qhF1kL//oOhhAA
x-accel-expires: @1713345557
last-modified: Wed, 15 May 2019 23:07:19 GMT
server: CDN77-Turbo
etag: "5cdc9ba7-25d6"
x-77-nzt-ray: 4c1562244bef929f3549a064b9979128
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sakala-carpan-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 990E 14 KB
14 KB 75ms
72ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/sakala-carpan-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: efb6dfb64e21ed016f93813c7b6995a3e3692b1cc0eb1baeaa282c63a2982931

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416072
x-accel-date: 1681810029
content-length: 14165
x-77-nzt: AcO1qhHdBKf/yOZhAA
x-accel-expires: @1713346029
last-modified: Mon, 11 May 2020 23:56:30 GMT
server: CDN77-Turbo
etag: "5eb9e62e-3755"
x-77-nzt-ray: 4c1562244bef929f3549a06488959528
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 balkabagi-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2015/11/ Frame 990E 14 KB
14 KB 75ms
72ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2015/11/balkabagi-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 37696e118071c7484a8001f32a4e80edaab20322d5c8ae8e2b1f48a1c45baad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 146770
x-accel-date: 1688079331
content-length: 13941
x-77-nzt: AcO1qhHWMtj/Uj0CAA
x-accel-expires: @1719615331
last-modified: Wed, 01 May 2019 22:51:05 GMT
server: CDN77-Turbo
etag: "5cca22d9-3675"
x-77-nzt-ray: 4c1562244bef929f3549a064ad6b9828
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sutlu-karnabahar-corbasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/11/ Frame 990E 12 KB
12 KB 75ms
72ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/11/sutlu-karnabahar-corbasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4c77f8aab3efdc86229d1c28f8275fc0d19491711970bb5be4b8b79d011e2b55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6411919
x-accel-date: 1681814182
content-length: 12053
x-77-nzt: AcO1qhHWx7v/j9ZhAA
x-accel-expires: @1713350182
last-modified: Wed, 25 Nov 2020 22:49:41 GMT
server: CDN77-Turbo
etag: "5fbedf85-2f15"
x-77-nzt-ray: 4c1562244bef929f3549a0648dbe9b28
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 ev-yapimi-puding-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/09/ Frame 990E 12 KB
12 KB 75ms
72ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/09/ev-yapimi-puding-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7fb5acaef87323202589a768ca2f6852b1ff651c1b2a4f6b3e0914c433cab044

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6415851
x-accel-date: 1681810250
content-length: 12384
x-77-nzt: AcO1qhG9PO3/6+VhAA
x-accel-expires: @1713346250
last-modified: Wed, 01 May 2019 23:39:45 GMT
server: CDN77-Turbo
etag: "5cca2e41-3060"
x-77-nzt-ray: 4c1562244bef929f3549a0643e00a328
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kesme-muhallebi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/03/ Frame 990E 15 KB
15 KB 76ms
73ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/03/kesme-muhallebi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 90b76298736807f5f931fb06b8902492b849ec52f2f045549a0242b99b3aaaba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416305
x-accel-date: 1681809796
content-length: 15141
x-77-nzt: AcO1qhFc6lj/sedhAA
x-accel-expires: @1713345796
last-modified: Fri, 19 Mar 2021 21:04:56 GMT
server: CDN77-Turbo
etag: "605511f8-3b25"
x-77-nzt-ray: 4c1562244bef929f3549a064ffbaa928
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 kadayifli-etimek-tatl%C4%B1s%C4%B1-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2017/10/ Frame 990E 11 KB
12 KB 76ms
73ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2017/10/kadayifli-etimek-tatl%C4%B1s%C4%B1-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 976c546d7233891d42bbe8ef3d19db7d8808cf1038dd4b20fc95326d24c03921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416484
x-accel-date: 1681809617
content-length: 11561
x-77-nzt: AcO1qhHuxsj/ZOhhAA
x-accel-expires: @1713345617
last-modified: Wed, 01 May 2019 23:25:24 GMT
server: CDN77-Turbo
etag: "5cca2ae4-2d29"
x-77-nzt-ray: 4c1562244bef929f3549a0648a2fb328
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sufle-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/05/ Frame 990E 13 KB
14 KB 76ms
73ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/05/sufle-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4595241cedd0561ea7df5dae27079da65aff6eea25ca9a06869c82524835bd44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6415866
x-accel-date: 1681810235
content-length: 13763
x-77-nzt: AcO1qhFFwLX/+uVhAA
x-accel-expires: @1713346235
last-modified: Mon, 04 May 2020 00:10:13 GMT
server: CDN77-Turbo
etag: "5eaf5d65-35c3"
x-77-nzt-ray: 4c1562244bef929f3549a0641187b528
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 peynirli-sigara-boregi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/01/ Frame 990E 11 KB
12 KB 76ms
73ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/01/peynirli-sigara-boregi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e8c63d2d30b5ec92225ddec525d42bd96820b0d352bbc94d89cefbb627dc6f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416077
x-accel-date: 1681810024
content-length: 11501
x-77-nzt: AcO1qhFQmtD/zeZhAA
x-accel-expires: @1713346024
last-modified: Wed, 01 May 2019 23:29:05 GMT
server: CDN77-Turbo
etag: "5cca2bc1-2ced"
x-77-nzt-ray: 4c1562244bef929f3549a064fe10c428
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 pirasali-kek-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2020/12/ Frame 990E 14 KB
14 KB 76ms
73ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2020/12/pirasali-kek-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 504638cbcafafa2aaa5ed5d0551239803a52f81ffc79c42508e7ff8deea5311f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 60583
x-accel-date: 1688165518
content-length: 13879
x-77-nzt: AcO1qhHnpHn/p+wAAA
x-accel-expires: @1719701518
last-modified: Wed, 16 Dec 2020 23:01:31 GMT
server: CDN77-Turbo
etag: "5fda91cb-3637"
x-77-nzt-ray: 4c1562244bef929f3549a06466fed428
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 sosyete-pogacasi-resimli-yemek-tarifi(12).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2018/03/ Frame 990E 14 KB
15 KB 76ms
74ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2018/03/sosyete-pogacasi-resimli-yemek-tarifi(12).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5190a205bf30235a69098c5a28efa26c0802c43319c21b0ecf454cd3c0d1385b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416062
x-accel-date: 1681810039
content-length: 14541
x-77-nzt: AcO1qhHd/Y7/vuZhAA
x-accel-expires: @1713346039
last-modified: Wed, 01 May 2019 23:31:20 GMT
server: CDN77-Turbo
etag: "5cca2c48-38cd"
x-77-nzt-ray: 4c1562244bef929f3549a0643f3ed928
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 karmaca-resimli-yemek-tarifi(16).jpg
cdn.ye-mek.net/App_UI/Img/out/270/2021/11/ Frame 990E 15 KB
16 KB 76ms
74ms Image
image/jpeg 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/App_UI/Img/out/270/2021/11/karmaca-resimli-yemek-tarifi(16).jpg?w=270&h=202
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2eb2914e0253d3d949c2aad28f6f109c7b3a67ef37696a4496592837c0f9d7a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416553
x-accel-date: 1681809548
content-length: 15740
x-77-nzt: AcO1qhH07MD/qehhAA
x-accel-expires: @1713345548
last-modified: Mon, 15 Nov 2021 22:38:31 GMT
server: CDN77-Turbo
etag: "6192e167-3d7c"
x-77-nzt-ray: 4c1562244bef929f3549a064aaa0db28
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 _dmca_premi_badge_5.png
images.dmca.com/Badges/ Frame 990E 5 KB
6 KB 70ms
21ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=da1d399b-5fd3-4da3-b5cd-8af692c19999
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:41 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: Microsoft-IIS/10.0
etag: "8ae3cdbd420cc1:0"
x-powered-by: ASP.NET
x-hw: 1688226101.cds344.fr8.hn,1688226101.cds153.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length: 5605

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame 990E 56 B
361 B 117ms
24ms Script
text/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 01 Jul 2023 15:41:41 GMT
server: Oracle API Gateway
opc-request-id: /FB9BD7C62349521DFC8165362423BB98/9746F7ACC1C085383EEDD4B5A99F9918
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ Frame 990E 465 B
584 B 77ms
28ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:41 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: Microsoft-IIS/10.0
etag: "26b181f16d28d51:0"
x-powered-by: ASP.NET
x-hw: 1688226101.cds344.fr8.hn,1688226101.cds057.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 395

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ Frame 990E 75 KB
26 KB 477ms
63ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19539
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 66413d92e3b48b21f37de7968a4c6ee6dafb956f4963d0557959a3d10db2c492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
content-encoding: gzip
last-modified: Fri, 23 Jun 2023 06:55:07 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 990E 3 KB
2 KB 59ms
19ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js

Requested by

Host: ye-mek.net
URL: https://ye-mek.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a2496d78de3097a5fd65955a0c6a5c974c05fee0e380a06ff997ebb1a65e2ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 01 Jul 2023 15:41:41 GMT
content-md5: C6aOVi9YZ9z9piaUbLx0wQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-debug: GZiuWSKQvWIsebPSoahmfbqeMBmQNrX2eCbLLMVPMLZBRbWQURWtDN46qThBifvLKv2wLMuA0zhV/7MzkOsI0Q==
x-fb-content-md5: d75d128b5cece189cb9551842eab0ebd
cross-origin-opener-policy: same-origin-allow-popups
etag: "8aea3f9241ce55667a166c57fd62a06b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jul 2023 15:45:07 GMT

GET
H2 200 sprite_3.png
cdn.ye-mek.net/grafik/ Frame 990E 21 KB
21 KB 74ms
74ms Image
image/png 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ye-mek.net/grafik/sprite_3.png
Requested by: Host: cdn.ye-mek.net
URL: https://cdn.ye-mek.net/maincss.css?v=434
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ye-mek.net/maincss.css?v=434
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 01 Jul 2023 15:41:41 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 6416648
x-accel-date: 1681809453
content-length: 21525
x-77-nzt: AcO1qhEa+7f/COlhAA
x-accel-expires: @1713345453
last-modified: Mon, 14 May 2018 20:55:05 GMT
server: CDN77-Turbo
etag: "5af9f7a9-5415"
x-77-nzt-ray: 4c1562244bef929f3549a0648cf8dd28
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H3 200 sdk.js Show response
connect.facebook.net/tr_TR/ Frame 990E 307 KB
87 KB 42ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/tr_TR/sdk.js?hash=ebe4f12b6e24b1c14900a6a9bdc0e723

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6234bb54881f067b302e79cf9b656901eea31a2b1c03f05b468cc43cf7ad4e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 01 Jul 2023 15:41:41 GMT
content-md5: jJQ7kNZl7SvgwCaFC4hFNA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88851
x-fb-debug: w5fxFmW3TKd3JjXvrtoDe8ZpFaGlt8stpfSj293dzh0ZK+DEYyopHKE0fBf5YZsRjq/kfY9N8C2gI9JPWNrf7Q==
x-fb-content-md5: 3148f8567c5926b8ae9e85f08cde6cdb
cross-origin-opener-policy: same-origin-allow-popups
etag: "26ea1dba6eb00cc7f5839e5b8eb55837"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 30 Jun 2024 14:43:26 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 990E 75 KB
26 KB 130ms
84ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19539

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c1235e8727d2460550da65bf27279e56d3979e37324d658192448b5514665bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26082
x-xss-protection: 0
server: cafe
etag: 754 / 19539 / m202306270101 / config-hash: 4433571151520717869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 15:41:42 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ Frame 990E 120 B
306 B 59ms
59ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19539
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame 54DE 891 B
1 KB 59ms
59ms Document
text/html 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19539
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Sat, 01 Jul 2023 15:41:42 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 990E 139 KB
48 KB 139ms
90ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19539

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

911f26dd0f9ec06ebb4945e97fd4741a4d417b58a9a78b2c526252f1ee37b208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Origin: https://ye-mek.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48765
x-xss-protection: 0
server: cafe
etag: 14663393281157871119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 15:41:42 GMT

GET
H2 200 prebid7.38.0.js Show response
static.virgul.com/theme/mockups/outside/ Frame 990E 489 KB
182 KB 63ms
63ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19539
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:56:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 990E 236 KB
58 KB 95ms
23ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19539
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:35:05 GMT
content-encoding: gzip
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 21:03:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 398
x-amz-server-side-encryption: AES256
etag: W/"9352f20e556bff9fea6fd0461aac850d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: d8XaJj2UeUDMX1xmTFqZl9zs39Qszq6HrAyilSclSOOytQ2l_2TybQ==

GET
H2 200 pageview Show response
ng.virgul.com/ Frame 990E 37 KB
7 KB 338ms
107ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1688226102198&v=https%3A%2F%2Fye-mek.net%2F&r=yemek_net:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.47290881536804275
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19539
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 38461e624a108d65cc4d41e53e87c020378d22fb9f4252648becdd03389204b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/fallback/ Frame 990E 12 KB
2 KB 59ms
59ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/yemek_net.js?dts=19539
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19539
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 21:45:07 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 hb Show response
ng.virgul.com/ Frame 990E 50 KB
5 KB 306ms
76ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=yemek_net&dts=468951
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19539
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 30a65660d3bee25b460cd23885a800f1c6dc244f9fa41ce36c84a843f0c763e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://ye-mek.net
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 990E 0
307 B 20ms
19ms XHR
text/plain 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fye-mek.net&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 10:06:53 GMT
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 20089
x-cache: Hit from cloudfront
access-control-allow-origin: https://ye-mek.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 7rCRSQrJ5DlMz4imYtvupEStcR-NVVGMuJvkASkfwEvjrg6g5Ytxgg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 990E 6 KB
3 KB 73ms
35ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
date: Sat, 01 Jul 2023 05:29:28 GMT
x-amz-cf-pop: FRA56-P3
age: 36749
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: xiuBgDHu2Aw3l5JmiiF-rnBKAdOD99SfFS6C5tYY3nee4uPXi48_0w==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ Frame 990E 392 KB
125 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 08:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27500
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127740
x-xss-protection: 0
server: cafe
etag: 1744020965594933375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 30 Jun 2024 08:03:22 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306270101/ Frame 990E 344 KB
118 KB 147ms
96ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31075721

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

963aad0fa55ae911ea2660ba2f6bcd8342a56dfbf669567ffb9eb60879dc5510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120870
x-xss-protection: 0
server: cafe
etag: 12712479803954122823
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 15:41:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/ Frame 1B2D 10 KB
5 KB 69ms
18ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 07:34:18 GMT
etag: 12368291122986407432
expires: Sat, 15 Jul 2023 07:34:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 empowerwebplayer3.js Show response
static.virgul.com/theme/mockups/outside/ Frame 990E 10 KB
3 KB 59ms
59ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 13:36:40 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 990E 23 B
460 B 423ms
351ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pr=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&pid=SenVfF2twCoXg&cb=0&ws=1600x1200&v=23.612.1758&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338221728129623web_yemeknet_right_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_right_tower%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15336621728129623web_yemeknet_masthead%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%22200x200%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_masthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1455783126174-15338321728129623web_yemeknet_left_tower%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21728129623%2Fweb_yemeknet_left_tower%22%7D%5D&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: F19J8V5RFQWVYF3KGZKE
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ye-mek.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: eTAiNUUXXk0oj64R5xQXV6tZCGU7UpFjyx0VS7R-VHlbzAr6Xr-tTA==

GET
H2 200 yemek_net.js Show response
static.virgul.com/theme/mockups/sites/ Frame 990E 11 KB
5 KB 58ms
58ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/yemek_net.js?dts=468951
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19539
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 09:08:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ Frame 990E 17 KB
5 KB 85ms
22ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19539
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:10:14 GMT
content-encoding: gzip
age: 1888
x-guploader-uploadid: ADPycdvJLlxqepTJMCO6FKhX0iMFm4iIfNrKU2LZmO0BD2YdCeMk56RgO5spCrjMNqHzZWtrnw9KcZ3SYalTnLkbH1cDO3KG2Ck8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5009
last-modified: Mon, 05 Jun 2023 16:36:50 GMT
server: UploadServer
etag: "47a886353056caf33a998c6041e20896"
vary: Accept-Encoding
x-goog-generation: 1685983010517890
x-goog-hash: crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 5009
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ Frame 990E 0
209 B 58ms
58ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1688226102545&v=https%3A%2F%2Fye-mek.net%2F&r=153366@153377@153378@153379@153379@153382@153383:yemek_net&userId=vnetf3e1f78c-ae40-42e6-bfd2-763ca0c5e0c6&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.5102339213938354
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 01 Jul 2023 15:41:42 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 990E 107 B
456 B 88ms
33ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 990E 28 KB
12 KB 375ms
374ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3277620352513465&correlator=1444901619854174&eid=31075594&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=2&adks=3733009076&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688226102198%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetf3e1f78c-ae40-42e6-bfd2-763ca0c5e0c6%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetf3e1f78cae4042e6bfd2763ca0c5e0c6&sc=1&cdm=ye-mek.net&abxe=1&dt=1688226102577&lmt=1688226102&dlt=1688226101341&idt=1079&adxs=436&adys=2665&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=7jpffp8alzfh&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&ga_vid=1308400559.1688226103&ga_sid=1688226103&ga_hid=559899350&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a58af39da6d397b687cf6721c2efd0d9a3a5c22e05eafacbc30f8076e983a03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11879
x-xss-protection: 0
google-lineitem-id: 6241543851
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425583933
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BA72 6 KB
3 KB 108ms
26ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:41:42 GMT
expires: Sun, 30 Jun 2024 15:41:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ Frame 990E 7 KB
3 KB 326ms
62ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19539
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sat, 08 Jul 2023 15:41:42 GMT

GET
H2 200 zoneview
ng.virgul.com/ Frame 990E 0
209 B 59ms
59ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1688226102627&v=https%3A%2F%2Fye-mek.net%2F&r=153394@153493:yemek_net&userId=vnetf3e1f78c-ae40-42e6-bfd2-763ca0c5e0c6&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1,gprec%3Dyemek%26rec_ing%3D&info=&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&rdmt=0.8120697856712416
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 01 Jul 2023 15:41:42 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 tag Show response
feed.pghub.io/ Frame 6A15 13 B
257 B 95ms
38ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.pghub.io/tag?referrer_url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&page_url=https%3A%2F%2Fye-mek.net%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Sat, 01 Jul 2023 15:41:42 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 990E 107 B
165 B 31ms
31ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=ye-mek.net&bust=31075721

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3DF4 603 B
218 B 178ms
177ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688226102375&bpp=3&bdt=1034&idt=290&shv=r20230627&mjsv=m202306270101&ptt=9&saldr=aa&nras=1&correlator=6463411842196&frm=24&ife=1&pv=2&ga_vid=1308400559.1688226103&ga_sid=1688226103&ga_hid=559899350&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075625%2C31075721%2C44772268%2C44788441&oid=2&pvsid=3277620352513465&tmod=1631040865&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.i40oqmbruh5z&fsb=1&dtd=302

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:41:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 990E 361 KB
121 KB 43ms
29ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19539

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Sat, 01 Jul 2023 15:41:42 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ Frame 990E 398 KB
128 KB 64ms
64ms Script
application/javascript 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/1/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19539
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:42 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2023 18:51:56 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sat, 08 Jul 2023 15:41:42 GMT

GET
H2 200 container.html Show response
3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7A3D 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:41:42 GMT
expires: Sun, 30 Jun 2024 15:41:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 990E 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye-mek.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 990E 36 KB
15 KB 381ms
381ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3277620352513465&correlator=333739070910675&eid=31075594&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_left_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=3&adks=3299242717&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688226102198%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetf3e1f78c-ae40-42e6-bfd2-763ca0c5e0c6%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetf3e1f78cae4042e6bfd2763ca0c5e0c6&sc=1&cdm=ye-mek.net&abxe=1&dt=1688226103002&lmt=1688226103&dlt=1688226101341&idt=1079&adxs=122&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=v3l6uetleck&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABnkTfDeZvS9G6hvqE2bXC50UWgN7BUATdJUiFqRzh2y2epmAHKM8BOmYE2fdErMbw-O-3DIbHTeo0IGr6vaMrY0Tw&ga_vid=1308400559.1688226103&ga_sid=1688226103&ga_hid=559899350&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10f822c68d1bd99ea03b8c10cc382ef0739f538b95f6398143a03d72bdf653e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14861
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 990E 36 KB
15 KB 296ms
295ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3277620352513465&correlator=3899518425402393&eid=31075594&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=4&adks=345722362&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688226102198%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetf3e1f78c-ae40-42e6-bfd2-763ca0c5e0c6%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetf3e1f78cae4042e6bfd2763ca0c5e0c6&sc=1&cdm=ye-mek.net&abxe=1&dt=1688226103037&lmt=1688226103&dlt=1688226101341&idt=1079&adxs=436&adys=1389&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=rwzb0hc91yx2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABnkTfDeZvS9G6hvqE2bXC50UWgN7BUATdJUiFqRzh2y2epmAHKM8BOmYE2fdErMbw-O-3DIbHTeo0IGr6vaMrY0Tw&ga_vid=1308400559.1688226103&ga_sid=1688226103&ga_hid=559899350&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b416a8845aebd5d6b32b5a69441731ec63039fdfdf997e4753a024634b266f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15000
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 990E 36 KB
15 KB 446ms
446ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3277620352513465&correlator=1135985865288648&eid=31075594&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_right_tower&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600%7C120x600%7C120x240%7C160x800&fluid=height&ifi=5&adks=3203893797&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688226102198%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetf3e1f78c-ae40-42e6-bfd2-763ca0c5e0c6%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetf3e1f78cae4042e6bfd2763ca0c5e0c6&sc=1&cdm=ye-mek.net&abxe=1&dt=1688226103040&lmt=1688226103&dlt=1688226101341&idt=1079&adxs=1318&adys=150&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=qxnl2v5y0434&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=160x-1&msz=160x-1&fws=900&ohw=160&psts=ABnkTfDeZvS9G6hvqE2bXC50UWgN7BUATdJUiFqRzh2y2epmAHKM8BOmYE2fdErMbw-O-3DIbHTeo0IGr6vaMrY0Tw&ga_vid=1308400559.1688226103&ga_sid=1688226103&ga_hid=559899350&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c841ff4eafc691d5a5ec410c4f0f30379bca0dbf5944a36b84c73b1be0f2f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15021
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 990E 36 KB
14 KB 353ms
352ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3277620352513465&correlator=142177689002258&eid=31075594&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160%7C640x205&fluid=height&ifi=6&adks=3050045420&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688226102198%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetf3e1f78c-ae40-42e6-bfd2-763ca0c5e0c6%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetf3e1f78cae4042e6bfd2763ca0c5e0c6&sc=1&cdm=ye-mek.net&abxe=1&dt=1688226103042&lmt=1688226103&dlt=1688226101341&idt=1079&adxs=315&adys=158&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=natfu3j0w26e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=996x0&msz=996x0&fws=388&ohw=1600&psts=ABnkTfDeZvS9G6hvqE2bXC50UWgN7BUATdJUiFqRzh2y2epmAHKM8BOmYE2fdErMbw-O-3DIbHTeo0IGr6vaMrY0Tw&ga_vid=1308400559.1688226103&ga_sid=1688226103&ga_hid=559899350&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cf21e36751bdc587710b7774f41413d6814eeea1198740907d6ab41707b02c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14811
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 990E 36 KB
14 KB 346ms
345ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3277620352513465&correlator=3668727023379112&eid=31075594&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_ust_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=7&adks=456810305&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688226102198%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetf3e1f78c-ae40-42e6-bfd2-763ca0c5e0c6%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetf3e1f78cae4042e6bfd2763ca0c5e0c6&sc=1&cdm=ye-mek.net&abxe=1&dt=1688226103045&lmt=1688226103&dlt=1688226101341&idt=1079&adxs=436&adys=751&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=v9jb3fuju5de&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABnkTfDeZvS9G6hvqE2bXC50UWgN7BUATdJUiFqRzh2y2epmAHKM8BOmYE2fdErMbw-O-3DIbHTeo0IGr6vaMrY0Tw&ga_vid=1308400559.1688226103&ga_sid=1688226103&ga_hid=559899350&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f556d86a444693a8395a406f43aaafe3195074466032ed8f4e9e339bab4b67db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14795
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 990E 40 KB
16 KB 425ms
424ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3277620352513465&correlator=635654616108211&eid=31075594&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fif&iu_parts=21728129623%3A33502485%2Cweb_yemeknet_kategori_sayfalari_728x90_repeating&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=8&adks=2157304621&sfv=1-0-40&eri=1&cust_params=category%3Dsite_geneli%26plm%3Dnull%26viewable%3D2%26site%3Dyemek_net%26mt%3D1688226102198%26pager%3D1%2540site_geneli%2540yemek_net%253Asite_geneli%26policy%3D0%26host%3Dye-mek.net%26url%3Dhttps%253A%2520%2520ye%2520mek.net%2520%26targetCtr%3D0%26pid%3Dvnetf3e1f78c-ae40-42e6-bfd2-763ca0c5e0c6%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0%26rec%3Dyemek%26rec_ing%3D&ppid=vnetf3e1f78cae4042e6bfd2763ca0c5e0c6&sc=1&cdm=ye-mek.net&abxe=1&dt=1688226103048&lmt=1688226103&dlt=1688226101341&idt=1079&adxs=436&adys=2027&biw=-12245933&bih=-12245933&isw=1600&ish=1200&scr_x=-12245933&scr_y=-12245933&ucis=lhb7urnzmwgy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fye-mek.net%2F&ref=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&top=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&frm=24&vis=1&psz=976x0&msz=996x0&fws=388&ohw=1600&psts=ABnkTfDeZvS9G6hvqE2bXC50UWgN7BUATdJUiFqRzh2y2epmAHKM8BOmYE2fdErMbw-O-3DIbHTeo0IGr6vaMrY0Tw&ga_vid=1308400559.1688226103&ga_sid=1688226103&ga_hid=559899350&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6beaef746fb9c6b55dd671146333d355d716f7cfc2ac3386b7fe92abb909cff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16442
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ye-mek.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7A3D 24 KB
7 KB 80ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 272332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7A3D 140 KB
48 KB 111ms
110ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4484d2c35523fb6c7488dac22a6c826a3b0cccb87b2b50335dfa533f7138f010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
Origin: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49227
x-xss-protection: 0
server: cafe
etag: 3844515852038018472
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 15:41:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A3D 179 KB
56 KB 38ms
31ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jul 2023 15:41:43 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7A3D 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssywLbOUiMcV1ew5HOuUDAL5OSU0wYnr6hGC7epQ7z9Wm496dKPCFNFwh9HT-51PmGxqGE0TaciQBLzzmGNhQEXRMxMlxkvhrC2OitYZhDPMjILkKr9uTbVGFbity73zlO0nBO5ibh3cIvFHX36-uRUEmIbMZWrGNQxgINkAMKvHHqR5Z8JF7PBjQtVaU74M_jU1i2Ws0E14f75AbtL2T2YWMttOADBMEkeX-rm6rhggkIM1cM8YDqILlegyoJv5cFv-5D5FDdIpy42RhrWgy3AoPuDzvOeqpnRHk_MxQFULX1slO0SGgs3yXH7lFELLFb-DDImlIQvXtFI_PmDuLXdE_OJCGgmEiQTO7kONX7yDOGoR3KaR8rcOg&sai=AMfl-YQfSKFg76G93cMJ_iuCe-Ax_VPbUPzaoqsrdfvT1d9HLIVBskZ0_cq00bulam97zOCpxD4zai6EX06N8PwX-YT2REbQEfRcHT4VcUUHfRA&sig=Cg0ArKJSzGNbwG2muvBwEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Jul 2023 15:41:43 GMT

GET
DATA 200
OK truncated
/ Frame 7A3D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6b85d08e7740b6041bcda06b4124e53446c1408317baca2bf95c7d927fd3741

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/ Frame 7A3D 346 KB
119 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6593523210010154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

279640665adc92d4244ed1cfbf8e8dc558eda38fc5bcf56cb9d8bad0c5c5de91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121735
x-xss-protection: 0
server: cafe
etag: 12685644302287297552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 15:41:43 GMT

GET
H3 200 container.html Show response
3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 747B 6 KB
3 KB 30ms
23ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:41:42 GMT
expires: Sun, 30 Jun 2024 15:41:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7A3D 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6593523210010154&plah=3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B27 0
16 B 250ms
243ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3407250215&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye-mek.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688226103203&bpp=8&bdt=150&idt=175&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&nras=1&correlator=3470181749899&frm=8&ife=1&pv=2&ga_vid=1365672597.1688226103&ga_sid=1688226103&ga_hid=2101940259&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3253033599&scr_x=-12245933&scr_y=-12245933&eid=42532277%2C44759926%2C44759842%2C44759875%2C42532279%2C44772268%2C44788441&oid=2&pvsid=4045573871849722&tmod=503388927&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.d1op6dsaj4sg&fsb=1&dtd=190

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:41:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9BB5 436 B
233 B 424ms
418ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&h=90&slotname=9586219513&adk=1165138949&adf=4198790052&pi=t.ma~as.9586219513&w=728&format=728x90&url=https%3A%2F%2Fye-mek.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688226103211&bpp=2&bdt=158&idt=184&shv=r20230627&mjsv=m202306220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3470181749899&frm=8&ife=1&pv=1&ga_vid=1365672597.1688226103&ga_sid=1688226103&ga_hid=2101940259&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3253033599&scr_x=-12245933&scr_y=-12245933&eid=42532277%2C44759926%2C44759842%2C44759875%2C42532279%2C44772268%2C44788441&oid=2&pvsid=4045573871849722&tmod=503388927&uas=0&nvt=1&top=https%3A%2F%2Fpcloak.blob.core.windows.net&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6de29fgcz7z9&fsb=1&dtd=190

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18c48f4b7bccba5e4a301f9f5b83eb71cb2351cb810b8009b582da31c3f76bdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:41:43 GMT
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 629E 6 KB
3 KB 29ms
23ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:41:42 GMT
expires: Sun, 30 Jun 2024 15:41:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 48DF 6 KB
3 KB 29ms
24ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:41:42 GMT
expires: Sun, 30 Jun 2024 15:41:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DBB1 6 KB
3 KB 29ms
24ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:41:42 GMT
expires: Sun, 30 Jun 2024 15:41:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5ed7638be4b07a92411bbffe
ng2.virgul.com/tck/imp/ Frame 990E 0
209 B 65ms
59ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7638be4b07a92411bbffe?g=1&t=gb&r=153366@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1688226102198&userId=vnetf3e1f78c-ae40-42e6-bfd2-763ca0c5e0c6
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 01 Jul 2023 15:41:43 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 container.html Show response
3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8894 6 KB
3 KB 29ms
25ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:41:42 GMT
expires: Sun, 30 Jun 2024 15:41:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AA6C 6 KB
3 KB 29ms
26ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:41:42 GMT
expires: Sun, 30 Jun 2024 15:41:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 747B 0
0 107ms
107ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWfueN0mgZIfkBsDJ7_UP4PqVqAq6iLSPXJzX7u6pCMCNtwEQASAAYJXqmIKsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMByAMCqgT2AU_Q1oFovXJfhHT7wW34F0LXa1aBTOw_x5Y1oR9VT1W6qVUk01yg6jLoiogQviXUGeca7iXiC_wN7EB8ZVRd7u7IP30oUktk4AGDizT5mHyBil0iw3DR61acm2KTVQQ0cTSQTEAA1T2pFyg68H59UjyIx_9GTHsohvJ-H03Ijdg1tPkt54z_anIPTIq682D_p0G_PtYjl-O1bhelRyEhLQYCX85HDiGXpIvJXc_h3AQzP36T-VVLWzluxBMj78bJmgiYILjeBJCEDYKdnmq3IXGAzBcw7D_ArgWx-Piv4bgDvZASPN1LbsWpVuWv8Oc7GpeO4nYXFOAEAYAG0cmll-ullpXrAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=qjmp7CfWsl4&uach_m=[UACH]&cid=CAQSOwBygQiDHH7OP3JLi37Vmy_r3YGK5eY244J-VpYkCyzN-hhQZHMR3DGMmPDhycbnhZx_cZJ5qsIHD7-gGAE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200 a.gif Show response
i.w55c.net/ Frame 747B 42 B
582 B 547ms
20ms Fetch
image/gif 35.156.85.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=NTRDODU0MzMxMTgxOUEyRTQyMzgwNTc2MURDNTdFRjZ8R0ZCREtGVmoyd3wxNjg4MjI2MTAzMTkxfDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDEzOTQ1ODQ1OTdfRVh8MTM1NTIyfHx8fC4wUHxVU0Q&ei=GOOGLE&wp_exchange=ZKBJNwABsgcIu-TAAAV9YK63QFekYFpYl9iB9g&ac=WFMwUE56aXZTMTpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCOCMwLjYyMjQwNjA3fElBQjgtOCMwLjQ2MTU1MzN8SUFCOC03IzAuMDgwMzE0NzJ8SUFCWDI3IzAuMDQxODE3MjZ8SUFCOSMwLjA0MTgxNzI2fElBQlgyNy0xIzAuMDQxODE3MjZ8SUFCOS05IzAuMDQxODE3MjZ8SUFCMTUjMC4wMzk0NDE2MjM&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=ye-mek.net&s=https%3A%2F%2Fye-mek.net&ts=1688226103195&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=NI&m=0&pc=37127&rnd=2854523493081455&epid=R0wxNTIyMg&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1udVZVV21Ndg&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=0&euid=Q0FFU0VDS242Y0xxTGVnajd3UjZZQTlmZE5n&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=FgW3GFgu7RLEAX_z_QNRig&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESECKn6cLqLegj7wR6YA9fdNg&spidu=GOOGLE&pidu=15222&hmpvu=3c92735c-907c-416e-abf1-b627d8ea1eb2&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.85.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-85-133.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-008a7b4f528d14c6d@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jul 2023 15:41:43 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-008a7b4f528d14c6d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame 747B 5 KB
2 KB 531ms
19ms Script
application/javascript 2600:9000:2251:9400:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRzobPsLhV&btid=NTRDODU0MzMxMTgxOUEyRTQyMzgwNTc2MURDNTdFRjZ8R0ZCREtGVmoyd3wxNjg4MjI2MTAzMTkxfDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDEzOTQ1ODQ1OTdfRVh8MTM1NTIyfHx8fC4wUHxVU0Q&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESECKn6cLqLegj7wR6YA9fdNg&spidu=GOOGLE&pidu=15222&hmpvu=3c92735c-907c-416e-abf1-b627d8ea1eb2&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:9400:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
date: Wed, 28 Jun 2023 05:53:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 294502
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: t5wrweI0STQj7hobU2iiruNTbZxEGbxyZeT3ik8OGgXZpe6nTnGrxA==

GET
H2 200 XassetrGVaWW53.png
ads.w55c.net/t/d/ Frame 747B 43 KB
44 KB 545ms
32ms Image
image/png 2600:9000:25eb:e200:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetrGVaWW53.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=NTRDODU0MzMxMTgxOUEyRTQyMzgwNTc2MURDNTdFRjZ8R0ZCREtGVmoyd3wxNjg4MjI2MTAzMTkxfDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDEzOTQ1ODQ1OTdfRVh8MTM1NTIyfHx8fC4wUHxVU0Q&ei=GOOGLE&ac=WFMwUE56aXZTMTpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCOCMwLjYyMjQwNjA3fElBQjgtOCMwLjQ2MTU1MzN8SUFCOC03IzAuMDgwMzE0NzJ8SUFCWDI3IzAuMDQxODE3MjZ8SUFCOSMwLjA0MTgxNzI2fElBQlgyNy0xIzAuMDQxODE3MjZ8SUFCOS05IzAuMDQxODE3MjZ8SUFCMTUjMC4wMzk0NDE2MjM&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fye-mek.net&ts=1688226103195&c=DE&r=NI&m=0&pc=37127&epid=R0wxNTIyMg&mi=d2Vi&wp_exchange=NWP
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25eb:e200:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96e22a33f827f042ac4b239c21f468a17c87545df3f6b90e100d3a91b253a1e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 77muH8mujF9NEC9ipS.55iMMWqUaEtvK
date: Sat, 01 Jul 2023 07:52:43 GMT
via: 1.1 2ed8b710d99a964ef414e41b544ffb2e.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P3
age: 31144
x-amz-server-side-encryption: AES256
x-amz-meta-width: 728
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 44534
x-amz-meta-height: 90
content-length: 44534
last-modified: Wed, 03 May 2023 17:26:36 GMT
server: AmazonS3
etag: "ccf751b21647e448aa5dadd8c05f5ac6"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: onFBBe_mWmHtyFHMFxwz1WQqlhqZmQmwXF_9RbHUaUZza_Yq6FspKg==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame 747B 95 B
916 B 605ms
48ms Image
image/png 154.58.197.185

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=2854523493081455
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 -, , ASN (),
Reverse DNS
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 01 Jul 2023 17:14:35 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Tue, 28 Jun 2033 17:14:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 747B 3 KB
1 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 13:42:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 13:42:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 747B 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 17:50:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 747B 0
0 85ms
36ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWXyiMKkmIbZy5nQSMLx1KaU_UJDLKOjabgX1DCR4KLUh8Gax3U3m7NHNRwxxajY_RlvD-f3JM3huJTlBqqVqKEv0-Tw
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 747B 24 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 272332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 747B 179 KB
56 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jul 2023 15:41:43 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 629E 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-4hwN0mgZOuUB9787_UP8t-K2A66iLSPXJzX7u6pCMCNtwEQASAAYJWCkIKgB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMByAMCqgT4AU_QbZrT6wrz2B6iBODYoojb4RBFMz2to4ybknhQ-WM4hxmnAsnvURLvqCS7pf1Vv7juNGD_06vMYRVSDV_JU_66xpNaK_EGQegYT4SVoxbG1nkyllSOI15Yxca6dajI8Xk2wiBtQ5MEtr3Z6pxMAfIj5lm2XXSyQPXkmNRwENr0MAqJl2T9o0S0pJExjuJymvWuqG-vjCnUmCip9HidR2hTyYoOIEqh2lhaKzLmpYPH-5IZpAZnZAEqvgLOPWiZExPEqVgeYBDa5Llr1LIR5UdmUIiRbe_BbuKB1QLfcemEUuPRs8X8ewL-knVfoTX-bLBlTmqfEDqZ4AQBgAbRyaWX66WWlesBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc5ODM2NTEyNTc4MzgyODIY6sFt&sigh=MWvHRQa6UCg&uach_m=[UACH]&cid=CAQSOwBygQiDD5IQEDkYunhusH0FlHkCqd1CVnLLP1laVncCDXdJ_64wGf-dKKpapEnxBGwsfCoFi83GKMciGAE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200 a.gif Show response
i.w55c.net/ Frame 629E 42 B
582 B 541ms
20ms Fetch
image/gif 35.156.85.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=QUJDRkYyNkQzQUE2QkIwMzNCMkJBNDcyNzM4MEY3NzZ8R0Y3V1UwTEpuY3wxNjg4MjI2MTAzMjA5fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfC03Mjc1MDY4NDhfRVh8MTM1NTIyfHx8fC4wUHxVU0Q&ei=GOOGLE&wp_exchange=ZKBJNwABymsIu_5eAAKv8rjrOWZDLbaoNJarQQ&ac=WFMwUE56aXZTMTpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCOCMwLjYyMjQwNjA3fElBQjgtOCMwLjQ2MTU1MzN8SUFCOC03IzAuMDgwMzE0NzJ8SUFCWDI3IzAuMDQxODE3MjZ8SUFCOSMwLjA0MTgxNzI2fElBQlgyNy0xIzAuMDQxODE3MjZ8SUFCOS05IzAuMDQxODE3MjZ8SUFCMTUjMC4wMzk0NDE2MjM&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=ye-mek.net&s=https%3A%2F%2Fye-mek.net&ts=1688226103212&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=HE&m=0&pc=64289&rnd=4705797191538309&epid=R0wxNTIyMg&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1udVZVV21Ndg&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=0&euid=Q0FFU0VIOVRRaWNfMWh5RGhjelFySVdVWi13&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=7zquQq7_nmkQs42INBhqqA&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEH9TQic_1hyDhczQrIWUZ-w&spidu=GOOGLE&pidu=15222&hmpvu=c0e18d60-0be8-4768-a19b-380fc2496d6f&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.85.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-85-133.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-0caa68a19e3c1fdac@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jul 2023 15:41:43 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-0caa68a19e3c1fdac@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame 629E 5 KB
2 KB 525ms
19ms Script
application/javascript 2600:9000:2251:9400:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRzobPsLhV&btid=QUJDRkYyNkQzQUE2QkIwMzNCMkJBNDcyNzM4MEY3NzZ8R0Y3V1UwTEpuY3wxNjg4MjI2MTAzMjA5fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfC03Mjc1MDY4NDhfRVh8MTM1NTIyfHx8fC4wUHxVU0Q&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEH9TQic_1hyDhczQrIWUZ-w&spidu=GOOGLE&pidu=15222&hmpvu=c0e18d60-0be8-4768-a19b-380fc2496d6f&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:9400:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
date: Wed, 28 Jun 2023 05:53:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 294502
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: Smt7WnEU-XFoXKzzZn8F-Jti8JyYUZDvbQElER_sKBWnVyuRlmtxxg==

GET
H2 200 XassetrGVaWW53.png
ads.w55c.net/t/d/ Frame 629E 43 KB
44 KB 593ms
88ms Image
image/png 2600:9000:25eb:e200:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetrGVaWW53.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=QUJDRkYyNkQzQUE2QkIwMzNCMkJBNDcyNzM4MEY3NzZ8R0Y3V1UwTEpuY3wxNjg4MjI2MTAzMjA5fDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfC03Mjc1MDY4NDhfRVh8MTM1NTIyfHx8fC4wUHxVU0Q&ei=GOOGLE&ac=WFMwUE56aXZTMTpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCOCMwLjYyMjQwNjA3fElBQjgtOCMwLjQ2MTU1MzN8SUFCOC03IzAuMDgwMzE0NzJ8SUFCWDI3IzAuMDQxODE3MjZ8SUFCOSMwLjA0MTgxNzI2fElBQlgyNy0xIzAuMDQxODE3MjZ8SUFCOS05IzAuMDQxODE3MjZ8SUFCMTUjMC4wMzk0NDE2MjM&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fye-mek.net&ts=1688226103212&c=DE&r=HE&m=0&pc=64289&epid=R0wxNTIyMg&mi=d2Vi&wp_exchange=NWP
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25eb:e200:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96e22a33f827f042ac4b239c21f468a17c87545df3f6b90e100d3a91b253a1e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 77muH8mujF9NEC9ipS.55iMMWqUaEtvK
date: Sat, 01 Jul 2023 07:52:43 GMT
via: 1.1 2ed8b710d99a964ef414e41b544ffb2e.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P3
age: 31144
x-amz-server-side-encryption: AES256
x-amz-meta-width: 728
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 44534
x-amz-meta-height: 90
content-length: 44534
last-modified: Wed, 03 May 2023 17:26:36 GMT
server: AmazonS3
etag: "ccf751b21647e448aa5dadd8c05f5ac6"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: DW2PTKAM0YspBYIrYaskD4LxqDnYCLtt1pljQ-OTOf1WPo0fk6VbCg==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame 629E 95 B
916 B 599ms
49ms Image
image/png 154.58.197.185

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=4705797191538309
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 -, , ASN (),
Reverse DNS
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 01 Jul 2023 15:41:44 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Tue, 28 Jun 2033 15:41:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 629E 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 13:42:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 13:42:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 629E 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 17:50:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 629E 0
0 78ms
35ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5R1d9LWWeLljn7tgC2Xo-hZM9RMeyU-1ReAnm9g-pBSSZRbff0fzIP03WOyzWXpKdXZ3hHUwlYPQuTBrLvwrlOR3Weg
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 629E 24 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 272332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 629E 179 KB
56 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jul 2023 15:41:43 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 48DF 0
0 80ms
79ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHmVjN0mgZI-0Bp-d9u8Pv4WY8Aq6iLSPXJzX7u6pCMCNtwEQASAAYJXqmIKsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMByAMCqgTkAU_QUtkQGScdmaHKs_cVXWoT9-GAEAl5Byre6fjm5UPHGnAX0swL_HU8fJuJt5g_AwRNiTryDZm1wOuJVeo-mQSax9pAncuJybVaDljElA0drhXNsK0vD7MnEqtXMWBJrC8d0qYclWFmF3YV1CqvHwK8RdWRAeLuiorNBw5Gmnn6pqlmkY60wkgF1qgyrVKmRyg4IK_2hvICzJmRy7tDm6x0dp8B0roTvI2pYewuTyxyGuHBVNzGtz43AVPc7ysKu7GOyJ3KveFg7DGKEigWoCs0tq8wR95QRGvmXxTm0t1MvrCYV-AEAYAG0cmll-ullpXrAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzI3NTUyODQ1MzE2MjMwOYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=_Qv_KY8rWz0&uach_m=[UACH]&cid=CAQSOwBygQiD2biVfAVsdMadQgr1hlI3D5Mho_AydMFsB5zg2bL2r-IqTrW9WAMwLzrlIlPCR2Ovz5Qj1bwqGAE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200 a.gif Show response
i.w55c.net/ Frame 48DF 42 B
582 B 535ms
21ms Fetch
image/gif 35.156.85.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=N0Q5MjdGNTYxOUFDQzQ1MTFDODJBNTFGRTQzNjFCREZ8R0ZObU1GRGFRMnwxNjg4MjI2MTAzMjAzfDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDkxODg4MDc4N19FWHwxMzU1MjJ8fHx8LjBQfFVTRA&ei=GOOGLE&wp_exchange=ZKBJNwABmg8H_Y6fAAYCv9hzSIjID8VPefnwLw&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCOCMwLjYyMjQwNjA3fElBQjgtOCMwLjQ2MTU1MzN8SUFCOC03IzAuMDgwMzE0NzJ8SUFCWDI3IzAuMDQxODE3MjZ8SUFCOSMwLjA0MTgxNzI2fElBQlgyNy0xIzAuMDQxODE3MjZ8SUFCOS05IzAuMDQxODE3MjZ8SUFCMTUjMC4wMzk0NDE2MjM&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=ye-mek.net&s=https%3A%2F%2Fye-mek.net&ts=1688226103205&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=NI&m=0&pc=37127&rnd=1868680683214217&epid=R0wxNTIyMg&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1udVZVV21Ndg&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=0&euid=Q0FFU0VMYWoydFEyLVFtSEtuWTZnQlJlWTJj&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=bvSTeD8xgtitCIq3NQmu4Q&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESELaj2tQ2-QmHKnY6gBReY2c&spidu=GOOGLE&pidu=15222&hmpvu=e4c22275-8a16-4ef3-b26d-325e965a3cbd&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.85.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-85-133.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-008a7b4f528d14c6d@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jul 2023 15:41:43 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-008a7b4f528d14c6d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame 48DF 5 KB
2 KB 520ms
20ms Script
application/javascript 2600:9000:2251:9400:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRzobPsLhV&btid=N0Q5MjdGNTYxOUFDQzQ1MTFDODJBNTFGRTQzNjFCREZ8R0ZObU1GRGFRMnwxNjg4MjI2MTAzMjAzfDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDkxODg4MDc4N19FWHwxMzU1MjJ8fHx8LjBQfFVTRA&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESELaj2tQ2-QmHKnY6gBReY2c&spidu=GOOGLE&pidu=15222&hmpvu=e4c22275-8a16-4ef3-b26d-325e965a3cbd&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRzobPsLhV&

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:9400:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
date: Wed, 28 Jun 2023 05:53:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 294502
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: kWMCnw1n-0YWtuFWEv1FC8bA-rKiZh_9OMnu2PqoqF-t76F6UQMubw==

GET
H2 200 XassetrGVaWW53.png
ads.w55c.net/t/d/ Frame 48DF 43 KB
44 KB 575ms
76ms Image
image/png 2600:9000:25eb:e200:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetrGVaWW53.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=N0Q5MjdGNTYxOUFDQzQ1MTFDODJBNTFGRTQzNjFCREZ8R0ZObU1GRGFRMnwxNjg4MjI2MTAzMjAzfDF8WG1FS1o4a2t0eHxYUnpvYlBzTGhWfDkxODg4MDc4N19FWHwxMzU1MjJ8fHx8LjBQfFVTRA&ei=GOOGLE&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCOCMwLjYyMjQwNjA3fElBQjgtOCMwLjQ2MTU1MzN8SUFCOC03IzAuMDgwMzE0NzJ8SUFCWDI3IzAuMDQxODE3MjZ8SUFCOSMwLjA0MTgxNzI2fElBQlgyNy0xIzAuMDQxODE3MjZ8SUFCOS05IzAuMDQxODE3MjZ8SUFCMTUjMC4wMzk0NDE2MjM&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fye-mek.net&ts=1688226103205&c=DE&r=NI&m=0&pc=37127&epid=R0wxNTIyMg&mi=d2Vi&wp_exchange=NWP
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25eb:e200:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96e22a33f827f042ac4b239c21f468a17c87545df3f6b90e100d3a91b253a1e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 77muH8mujF9NEC9ipS.55iMMWqUaEtvK
date: Sat, 01 Jul 2023 07:52:43 GMT
via: 1.1 2ed8b710d99a964ef414e41b544ffb2e.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P3
age: 31144
x-amz-server-side-encryption: AES256
x-amz-meta-width: 728
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 44534
x-amz-meta-height: 90
content-length: 44534
last-modified: Wed, 03 May 2023 17:26:36 GMT
server: AmazonS3
etag: "ccf751b21647e448aa5dadd8c05f5ac6"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: CZIwN6UGMJkdr7Z0HCca8Y0dXCSOt2ZdQCHivsXOs94CrH5brVrdvQ==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame 48DF 95 B
916 B 594ms
50ms Image
image/png 154.58.197.185

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=1868680683214217
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 -, , ASN (),
Reverse DNS
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 01 Jul 2023 17:14:35 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Tue, 28 Jun 2033 17:14:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 48DF 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 13:42:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 13:42:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 48DF 20 KB
8 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 17:50:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 48DF 0
0 72ms
36ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4A5BljSw0NKQBIyeR1qGSLo1oWUi89MB6UCa24R2txFh0VaHwxKS7ZaLzzc5KgUdSRW2o0n8fahmF-8o6hsknuC17pw
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 48DF 24 KB
6 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 272332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 48DF 179 KB
56 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jul 2023 15:41:43 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DBB1 0
0 80ms
79ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXZdNN0mgZIWMCJ--9u8PmeS_mA-6iLSPXJzX7u6pCMCNtwEQASAAYJXqmIKsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMByAMCqgTmAU_QNpc7ZFrFq6NfPdXl6NzIsgkrrJu13Im1cLiHzoJ5A5DsAHnfIwF-cxzuAqXBnS05wnvvnFbpy-IsmSC9lms2RZb9cjNozM8NWLvrRhUuvUoAYl_xRjsCcDftFgvjcdAiZehd2XrBdfZjHfALbdbmm6qlQGjPhDkVeZkP3MaXvSRI6ruItgiu2yPMTpR0ik3XngHSDTdJUq-eFk_TdVt3jtscAOZyogAmOhbq0dg8qRPie3xjXwNVX8o7cFNQ0gatI7DVO7wIgfyar_5UeTKR0xZaWw2ExgmMGI41SVjp-ayhHyjt4AQBgAbossbM2N-ItGqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=fm9pQ7NmugA&uach_m=[UACH]&cid=CAQSOwBygQiD7K3QPCRUHZHWjfaLM4WqR8V4ZLcwnln1SG--FKwz769xgpNfRoQeyHmB_KPX9c0f0rOPUaRxGAE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200 a.gif Show response
i.w55c.net/ Frame DBB1 42 B
582 B 532ms
21ms Fetch
image/gif 35.156.85.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=RTRCNTcyRTVDMDRGRTEzMUE0NUNCMEVFRUVEQTIxMzZ8R0Z2WklmMkF1cHwxNjg4MjI2MTAzMjI2fDF8WG1FS1o4a2t0eHxYUmZuMUQ0bXltfC0xMTY0Nzc5MDk3X0VYfDEzNTUyMnx8fHwuMFB8VVNE&ei=GOOGLE&wp_exchange=ZKBJNwACBgUH_Z8fAA_yGfhvzwTV0BKHoQtWZA&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCOCMwLjYyMjQwNjA3fElBQjgtOCMwLjQ2MTU1MzN8SUFCOC03IzAuMDgwMzE0NzJ8SUFCWDI3IzAuMDQxODE3MjZ8SUFCOSMwLjA0MTgxNzI2fElBQlgyNy0xIzAuMDQxODE3MjZ8SUFCOS05IzAuMDQxODE3MjZ8SUFCMTUjMC4wMzk0NDE2MjM&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=ye-mek.net&s=https%3A%2F%2Fye-mek.net&ts=1688226103234&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=NI&m=0&pc=37127&rnd=4867113101612767&epid=R0wxNTIyMg&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1udVZVV21Ndg&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=0&euid=Q0FFU0VMUlpoanYwc19KNUlyWjdSZmFhNGJB&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=MisQN0nTlpagNPhjqNiY2Q&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESELRZhjv0s_J5IrZ7Rfaa4bA&spidu=GOOGLE&pidu=15222&hmpvu=849f1d3d-67db-47c7-8e50-d1dbd186fdbf&hmtsu=3&odtu=2&mtfu=1&crdmu=160x600&cridu=XRfn1D4mym&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.85.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-85-133.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-036c9e308bb7e39b5@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jul 2023 15:41:43 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-036c9e308bb7e39b5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame DBB1 5 KB
2 KB 516ms
20ms Script
application/javascript 2600:9000:2251:9400:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=160&h=600&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRfn1D4mym&btid=RTRCNTcyRTVDMDRGRTEzMUE0NUNCMEVFRUVEQTIxMzZ8R0Z2WklmMkF1cHwxNjg4MjI2MTAzMjI2fDF8WG1FS1o4a2t0eHxYUmZuMUQ0bXltfC0xMTY0Nzc5MDk3X0VYfDEzNTUyMnx8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESELRZhjv0s_J5IrZ7Rfaa4bA&spidu=GOOGLE&pidu=15222&hmpvu=849f1d3d-67db-47c7-8e50-d1dbd186fdbf&hmtsu=3&odtu=2&mtfu=1&crdmu=160x600&cridu=XRfn1D4mym&

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:9400:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
date: Wed, 28 Jun 2023 05:53:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 294502
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: -PxF4Boc5HjWQabL8yggJ36EA_rXgfHJif5gIct1cW7xhVk0BejgtA==

GET
H2 200 XassetKJacfDc1.png
ads.w55c.net/t/d/ Frame DBB1 44 KB
45 KB 554ms
59ms Image
image/png 2600:9000:25eb:e200:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetKJacfDc1.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=RTRCNTcyRTVDMDRGRTEzMUE0NUNCMEVFRUVEQTIxMzZ8R0Z2WklmMkF1cHwxNjg4MjI2MTAzMjI2fDF8WG1FS1o4a2t0eHxYUmZuMUQ0bXltfC0xMTY0Nzc5MDk3X0VYfDEzNTUyMnx8fHwuMFB8VVNE&ei=GOOGLE&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCOCMwLjYyMjQwNjA3fElBQjgtOCMwLjQ2MTU1MzN8SUFCOC03IzAuMDgwMzE0NzJ8SUFCWDI3IzAuMDQxODE3MjZ8SUFCOSMwLjA0MTgxNzI2fElBQlgyNy0xIzAuMDQxODE3MjZ8SUFCOS05IzAuMDQxODE3MjZ8SUFCMTUjMC4wMzk0NDE2MjM&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fye-mek.net&ts=1688226103234&c=DE&r=NI&m=0&pc=37127&epid=R0wxNTIyMg&mi=d2Vi&wp_exchange=NWP
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25eb:e200:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c4369c2efa02f134768da1cdf4db9c273d5a5e81b34b9ce976b385184238e45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: bEZv23MiAoUVmHX_bG6Zre2gPjqLeF6P
date: Sat, 01 Jul 2023 15:27:28 GMT
via: 1.1 2ed8b710d99a964ef414e41b544ffb2e.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P3
age: 4526
x-amz-server-side-encryption: AES256
x-amz-meta-width: 160
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 45325
x-amz-meta-height: 600
content-length: 45325
last-modified: Thu, 15 Jun 2023 15:29:43 GMT
server: AmazonS3
etag: "58ddc8c3ee5caa791a314c1aa2f7d7b0"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: ouHqM-CwbF_Ir5H3j1W7go9bc7s8Sx4gYU3LuyxKM-a1AAgCSY57DA==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame DBB1 95 B
916 B 590ms
50ms Image
image/png 154.58.197.185

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=4867113101612767
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 -, , ASN (),
Reverse DNS
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 01 Jul 2023 15:41:44 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Tue, 28 Jun 2033 15:41:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame DBB1 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 13:42:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 13:42:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame DBB1 20 KB
8 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 17:50:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DBB1 0
0 126ms
94ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQh64Vb7YECzdiVC6_a4DTTmn3gqRvtizs4gCmI7bpRE_9d6MiqH2CSrcclZyzqv5QuXXV8TO-g0Z-3cuqa9BbVX8eShg
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DBB1 24 KB
6 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 272332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBB1 179 KB
56 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jul 2023 15:41:43 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame 8894 5 KB
2 KB 511ms
21ms Script
application/javascript 2600:9000:2251:9400:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRK8N4Rwai&btid=NzhDNENCQTkwNkEwREQ5N0E3NjhFOTM1MDUyNjM3N0R8R0ZoeTNNdThaQXwxNjg4MjI2MTAzMjQ3fDF8WG1FS1o4a2t0eHxYUks4TjRSd2FpfC0xNjQzNTU4OTk3X0VYfDEzNTUyMnx8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEF1xVU6RKkKOXwXdR3LmjQY&spidu=GOOGLE&pidu=15222&hmpvu=24dd16f1-c1f9-4407-8aa5-091fecd1652a&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRK8N4Rwai&

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:9400:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
date: Wed, 28 Jun 2023 05:53:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 294502
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: unv3UdVCL2WfgjSXbQIkHn7tJi5WABfy5lk4YbiUsUMWvMjqN7C37Q==

GET
H2 200 XassetJtVGFj2g.png
ads.w55c.net/t/d/ Frame 8894 29 KB
30 KB 523ms
33ms Image
image/png 2600:9000:25eb:e200:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetJtVGFj2g.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=NzhDNENCQTkwNkEwREQ5N0E3NjhFOTM1MDUyNjM3N0R8R0ZoeTNNdThaQXwxNjg4MjI2MTAzMjQ3fDF8WG1FS1o4a2t0eHxYUks4TjRSd2FpfC0xNjQzNTU4OTk3X0VYfDEzNTUyMnx8fHwuMFB8VVNE&ei=GOOGLE&ac=WFMwUE56aXZTMTpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCOCMwLjYyMjQwNjA3fElBQjgtOCMwLjQ2MTU1MzN8SUFCOC03IzAuMDgwMzE0NzJ8SUFCWDI3IzAuMDQxODE3MjZ8SUFCOSMwLjA0MTgxNzI2fElBQlgyNy0xIzAuMDQxODE3MjZ8SUFCOS05IzAuMDQxODE3MjZ8SUFCMTUjMC4wMzk0NDE2MjM&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fye-mek.net&ts=1688226103251&c=DE&r=NI&m=0&pc=37127&epid=R0wxNTIyMg&mi=d2Vi&wp_exchange=NWP
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25eb:e200:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c5275956fa1bf68a0418dddb092a5881af6b6be10f6dca54dfacda6ba41992a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 06:47:06 GMT
x-amz-version-id: 8SPBXJhT_RiSNmerbyVsLrwEkkTx88nO
via: 1.1 2ed8b710d99a964ef414e41b544ffb2e.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P3
age: 32079
x-amz-server-side-encryption: AES256
x-amz-meta-width: 728
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 29942
x-amz-meta-height: 90
content-length: 29942
last-modified: Thu, 15 Jun 2023 15:29:43 GMT
server: AmazonS3
etag: "1ff110a85bc3d8deeb9bac4954656b3b"
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: jDidKgADk-8jhjWb2mQSJExyD1y5GJnWwfgr-gSv62WXU1XIl086TQ==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame 8894 95 B
916 B 587ms
51ms Image
image/png 154.58.197.185

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=6579617875834885
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 -, , ASN (),
Reverse DNS
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 01 Jul 2023 15:41:44 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Tue, 28 Jun 2033 15:41:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 8894 3 KB
1 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 13:42:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 13:42:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 8894 20 KB
8 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 17:50:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8894 0
0 121ms
94ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsiQdfeTd7N3nMkck7qMp_RnYOl5S3WCECvOmqJNz8nuBh4TBSRjIZ2dHiNj74gIgvnItTgGNef_j9fq5Sgjzz3NGgFg
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8894 24 KB
6 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 272332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8894 179 KB
56 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jul 2023 15:41:43 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AA6C 0
0 94ms
92ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cl8P8N0mgZKrlB8aX9u8PhJSMGLqItI9cnNfu7qkIwI23ARABIABgleqYgqwHggEXY2EtcHViLTc5ODM2NTEyNTc4MzgyODLIAQngAgCoAwHIAwKqBOcBT9DSfB6x0eGs8gxBTMIAJLwPIPy4POf_Rbbg_t9WVMB0mNxyVE7mSACPLAxWUwnXRadsUqB06HQOQsQ5EWhu-jXrTcAS3SfQsDCe7cDiVueg2TnW25-MFuwLEYmL_Z98LzPA3p_7o8fiXywIExRirZJEFXLpqkTJQUAbYzOXwwh8m9GOCMFryxTkLy4DHMAlNU7tF9Gyr5YHslBkdCpG2ZaSv8GXUJt45l33Z9uAm0dbALRzDoC4H8twIu-9FOK2cb5f4Kw7ZHUeJIJCKYvaMim-MS8FQcJ5oA0iKLYzAwyRg5FLHF6Z4AQBgAbossbM2N-ItGqgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTcyNzU1Mjg0NTMxNjIzMDmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzk4MzY1MTI1NzgzODI4MhjqwW0&sigh=KN_1XW4cVS0&uach_m=[UACH]&cid=CAQSOwBygQiD5eTFJrpwlXvE46d4Fsyy_YzpthEYP8bWcoPfZ6O7qzurmemULqi5v5a9gul3FoKiW-CCSvU-GAE
Requested by: Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200 a.gif Show response
i.w55c.net/ Frame AA6C 42 B
582 B 522ms
21ms Fetch
image/gif 35.156.85.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=NUFERjVDQkNGOTM4M0NGRkJGQTQ0NDQ2MjEwMUM0NzR8R0Y5WGxQWFRqYnwxNjg4MjI2MTAzMjI3fDF8WG1FS1o4a2t0eHxYUmZuMUQ0bXltfC03MjI5MTI1NTNfRVh8MTM1NTIyfHx8fC4wUHxVU0Q&ei=GOOGLE&wp_exchange=ZKBJNwAB8qoH_YvGAAMKBBewjZG0hmYoTas4nw&ac=WFMwUE56aXZTMTpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCOCMwLjYyMjQwNjA3fElBQjgtOCMwLjQ2MTU1MzN8SUFCOC03IzAuMDgwMzE0NzJ8SUFCWDI3IzAuMDQxODE3MjZ8SUFCOSMwLjA0MTgxNzI2fElBQlgyNy0xIzAuMDQxODE3MjZ8SUFCOS05IzAuMDQxODE3MjZ8SUFCMTUjMC4wMzk0NDE2MjM&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=ye-mek.net&s=https%3A%2F%2Fye-mek.net&ts=1688226103258&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=NI&m=0&pc=37127&rnd=7535066703482533&epid=R0wxNTIyMg&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1udVZVV21Ndg&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=0&euid=Q0FFU0VHdld4SV9jaWxuc2xJN2FhdzlzZ1hR&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=Q_QhlrObG3xO07jmWIpphg&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEGvWxI_cilnslI7aaw9sgXQ&spidu=GOOGLE&pidu=15222&eridu=GOOGLE-5ADF5CBCF9383CFFBFA444462101C474-1688226103227&hmtsu=0&odtu=2&mtfu=1&crdmu=160x600&cridu=XRfn1D4mym&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif

Requested by

Host: pcloak.blob.core.windows.net
URL: https://pcloak.blob.core.windows.net/web/6x69807j0b5.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.85.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-85-133.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-008a7b4f528d14c6d@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jul 2023 15:41:43 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-008a7b4f528d14c6d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame AA6C 5 KB
2 KB 507ms
22ms Script
application/javascript 2600:9000:2251:9400:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=160&h=600&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxNTIyMg&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fye-mek.net&ciu=XRfn1D4mym&btid=NUFERjVDQkNGOTM4M0NGRkJGQTQ0NDQ2MjEwMUM0NzR8R0Y5WGxQWFRqYnwxNjg4MjI2MTAzMjI3fDF8WG1FS1o4a2t0eHxYUmZuMUQ0bXltfC03MjI5MTI1NTNfRVh8MTM1NTIyfHx8fC4wUHxVU0Q&c=DE&dt=2dt0005&sd=ye-mek.net&cip=1&hmt=1&uidu=CAESEGvWxI_cilnslI7aaw9sgXQ&spidu=GOOGLE&pidu=15222&eridu=GOOGLE-5ADF5CBCF9383CFFBFA444462101C474-1688226103227&hmtsu=0&odtu=2&mtfu=1&crdmu=160x600&cridu=XRfn1D4mym&

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:9400:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
date: Wed, 28 Jun 2023 05:53:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 294502
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: xUr6udzDfgfvUpCB8vGNWCPo-9wJfxyk3nAm_NA9d_NLt4yqfLe9vQ==

GET
H2 200 XassetKJacfDc1.png
ads.w55c.net/t/d/ Frame AA6C 44 KB
45 KB 573ms
88ms Image
image/png 2600:9000:25eb:e200:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetKJacfDc1.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=NUFERjVDQkNGOTM4M0NGRkJGQTQ0NDQ2MjEwMUM0NzR8R0Y5WGxQWFRqYnwxNjg4MjI2MTAzMjI3fDF8WG1FS1o4a2t0eHxYUmZuMUQ0bXltfC03MjI5MTI1NTNfRVh8MTM1NTIyfHx8fC4wUHxVU0Q&ei=GOOGLE&ac=WFMwUE56aXZTMTpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCOCMwLjYyMjQwNjA3fElBQjgtOCMwLjQ2MTU1MzN8SUFCOC03IzAuMDgwMzE0NzJ8SUFCWDI3IzAuMDQxODE3MjZ8SUFCOSMwLjA0MTgxNzI2fElBQlgyNy0xIzAuMDQxODE3MjZ8SUFCOS05IzAuMDQxODE3MjZ8SUFCMTUjMC4wMzk0NDE2MjM&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fye-mek.net&ts=1688226103258&c=DE&r=NI&m=0&pc=37127&epid=R0wxNTIyMg&mi=d2Vi&wp_exchange=NWP
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25eb:e200:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c4369c2efa02f134768da1cdf4db9c273d5a5e81b34b9ce976b385184238e45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: bEZv23MiAoUVmHX_bG6Zre2gPjqLeF6P
date: Sat, 01 Jul 2023 15:27:28 GMT
via: 1.1 2ed8b710d99a964ef414e41b544ffb2e.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P3
age: 4526
x-amz-server-side-encryption: AES256
x-amz-meta-width: 160
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 45325
x-amz-meta-height: 600
content-length: 45325
last-modified: Thu, 15 Jun 2023 15:29:43 GMT
server: AmazonS3
etag: "58ddc8c3ee5caa791a314c1aa2f7d7b0"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: qX3IB0Dygm2dIf1sZyDvMGMNalJ-PK5xXTUrAt3R5gVs5NDoIAlW5g==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame AA6C 95 B
916 B 581ms
50ms Image
image/png 154.58.197.185

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=7535066703482533
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 -, , ASN (),
Reverse DNS
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 01 Jul 2023 17:14:35 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Tue, 28 Jun 2033 17:14:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame AA6C 3 KB
1 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 13:42:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 13:42:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame AA6C 20 KB
8 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 17:50:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AA6C 0
0 117ms
95ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTnuN_dqixlX0IOzCB2Ngd_HfrJgzJxhUnpRRuJZOwkUfyBL_EF262fjk8oiZzamzfKYVwCmHnmCW72SzIj4GdbfAEXrQ
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AA6C 24 KB
6 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 272332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jun 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA6C 179 KB
56 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jul 2023 15:41:43 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7A3D 0
0 97ms
58ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgwJiV-tz6g7X4EeO2adW10_VA0LRF97rWacCB7ZjzZIXIsAKf-tYFCOnrxu9PIlBc3EqCPjaj3iLanEg3x8wVywJ8dS8C7BcsEk0JrWBOJDkP4gb15Hbt305I-1SVwmMNUp_ZMr1SmOFuV6pe167EsfhK8_ChpnoFtwAJ47LWRI_v9mGcWBTN497Hfl1bkt92MOW81D20EAzIq9fk-UM67AtGv-DLJFuitLvodLEs4KYsYQkXBnqbgnoae0iJenofNIk94fVm3F1c1nbR_9r6hGpKIEzZFpAZU2Q9j6vVsWEFQD5qJ6_UG0hfyNmM-lolvlauAcqcWvOQvkTe9lGPqDfpQkDCLpG0I8dMEbJKHWX5GiOE-dskK9fW&sai=AMfl-YS5ycylkC57TfkpdA6ymdJoX_YpS2IWMgiyO_PoPvN60-jW35MfYtPUK--agOxFivUK9KNY_KD1oPQimbhs2m16bl5_RKqYPNshPrpwhyw&sig=Cg0ArKJSzFW9j3aIpWmpEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Jul 2023 15:41:44 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7A3D 15 KB
11 KB 72ms
72ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230627&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80e89ab93ab92c6723a516cc74768f6c16f5c82a5c074ec31af225648be521d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11372
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C8DE 1 KB
643 B 19ms
19ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:04:22 GMT
etag: 48472445140208031
expires: Sun, 02 Jul 2023 15:04:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 747B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c3b646e12d7ee40bf57c8b03deb7fe18ad8126f86c303cc0b06c0f55bb72e2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BB33 1 KB
643 B 19ms
19ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:04:22 GMT
etag: 48472445140208031
expires: Sun, 02 Jul 2023 15:04:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B723 1 KB
643 B 18ms
18ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:04:22 GMT
etag: 48472445140208031
expires: Sun, 02 Jul 2023 15:04:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 629E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b1f0e311569efa4ea023be14979870fb54497579d73f6954d8a28c6df85fb66

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 48DF 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 985d370290186c9cf33775d7a7463d2f90b57047ff842ff8b1fcde3799303596

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4F9E 1 KB
643 B 22ms
19ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:04:22 GMT
etag: 48472445140208031
expires: Sun, 02 Jul 2023 15:04:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A3D 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 01 Jul 2023 15:41:44 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9CEF 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:04:22 GMT
etag: 48472445140208031
expires: Sun, 02 Jul 2023 15:04:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8894 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7922eed1c8ba3aa0a8c5a5add2fca6bc82e5f38a9cdce9181538ef77c3f1feb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 067C 1 KB
643 B 18ms
18ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:04:22 GMT
etag: 48472445140208031
expires: Sun, 02 Jul 2023 15:04:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DBB1 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10b071d9da2f3b60c6e5e584285c229e240a91ff66d45199bb959d742275004e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AA6C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bc365e1ed3dcc32eb12b13bb0715a5b91a2a9dffc8b88e0986e8a5630e0828c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame C8DE 35 B
464 B 91ms
22ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDQ-TN5Z4mNqhgCI-hp4J_I&google_cver=1&google_push=AaAOQGFxaq0krt2KL-T2N42T8paj2m24kkSbGjRSNHbze6xViamzvTfl-XQs9h2S8IFVpJ-zy3q0rD3TNgK-XZ85sm_L_cEW14U

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C8DE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKuM67-LhCtiCgXnQKNxolI&google_cver=1&google_push=AaAOQGFLk5sL2Jz70bktBzozEF7GKuURcii9vMMlKpk4TsgUnO6EQ6dO4KAutqPgAk0vdAE5BC6asP2iLtiwShv9...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFLk5sL2Jz70bktBzozEF7GKuURcii9vMMlKpk4TsgUnO6EQ6dO4KAutqPgAk0vdAE5BC6asP2iLtiwShv9uE11xDq0O14

170 B
329 B

31ms
30ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFLk5sL2Jz70bktBzozEF7GKuURcii9vMMlKpk4TsgUnO6EQ6dO4KAutqPgAk0vdAE5BC6asP2iLtiwShv9uE11xDq0O14

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 01 Jul 2023 15:41:44 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x11 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFLk5sL2Jz70bktBzozEF7GKuURcii9vMMlKpk4TsgUnO6EQ6dO4KAutqPgAk0vdAE5BC6asP2iLtiwShv9uE11xDq0O14
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 01 Jul 2023 15:41:43 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame C8DE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJnfsUtMlHhS04VruVEZjGQ&google_cver=1&google_push=AaAOQGGjtBMvLU0T2R16ag3SFbOfs6OzB8X0Ym1hwVpkVMNUk6R5LCR2fc6sZAAASg0wX4aQqbaTZ6OoKIgr7sRsc2FN_Hh7Osih&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJnfsUtMlHhS04VruVEZjGQ&google_cver=1&google_push=AaAOQGGjtBMvLU0T2R16ag3SFbOfs6OzB8X0Ym1hwVpkVMNUk6R5LCR2fc6sZAAASg0wX4aQqbaTZ6OoKIgr7sRsc2FN_Hh7Osi...

43 B
416 B

211ms
193ms

Image
image/gif

2606:4700::6812:19ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJnfsUtMlHhS04VruVEZjGQ&google_cver=1&google_push=AaAOQGGjtBMvLU0T2R16ag3SFbOfs6OzB8X0Ym1hwVpkVMNUk6R5LCR2fc6sZAAASg0wX4aQqbaTZ6OoKIgr7sRsc2FN_Hh7Osih&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGjtBMvLU0T2R16ag3SFbOfs6OzB8X0Ym1hwVpkVMNUk6R5LCR2fc6sZAAASg0wX4aQqbaTZ6OoKIgr7sRsc2FN_Hh7Osih%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7dffc142fa363688-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 21
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJnfsUtMlHhS04VruVEZjGQ&google_cver=1&google_push=AaAOQGGjtBMvLU0T2R16ag3SFbOfs6OzB8X0Ym1hwVpkVMNUk6R5LCR2fc6sZAAASg0wX4aQqbaTZ6OoKIgr7sRsc2FN_Hh7Osih&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGjtBMvLU0T2R16ag3SFbOfs6OzB8X0Ym1hwVpkVMNUk6R5LCR2fc6sZAAASg0wX4aQqbaTZ6OoKIgr7sRsc2FN_Hh7Osih%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7dffc1409ea43688-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C8DE
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOr4l_ra0HfXfOhCFJ8gBr4&google_cver=1&google_push=AaAOQGEldBZ6wSaCxIzFZkXy3x_UMLREao8L-XuhDYbiH6hStqh7tLMo-HObhJ7M5ciPbgRS7MHtxXNPzYwelmFX...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BKOpccvzSZCgBQILag7_nQ2&google_push=AaAOQGEldBZ6wSaCxIzFZkXy3x_UMLREao8L-XuhDYbiH6hStqh7tLMo-HObhJ7M5ciPbgRS7MHtxXNPzYwelmFXf5oSEXqz5vc2

170 B
232 B

31ms
31ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BKOpccvzSZCgBQILag7_nQ2&google_push=AaAOQGEldBZ6wSaCxIzFZkXy3x_UMLREao8L-XuhDYbiH6hStqh7tLMo-HObhJ7M5ciPbgRS7MHtxXNPzYwelmFXf5oSEXqz5vc2

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 01 Jul 2023 15:41:44 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BKOpccvzSZCgBQILag7_nQ2&google_push=AaAOQGEldBZ6wSaCxIzFZkXy3x_UMLREao8L-XuhDYbiH6hStqh7tLMo-HObhJ7M5ciPbgRS7MHtxXNPzYwelmFXf5oSEXqz5vc2
x-host: tde-deliveryengine-production-7c97bc8457-srkr8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8DE
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEArqPaugn9WpXz2YyhJvcl8&google_cver=1&google_push=AaAOQGEDgcs78k8PLT8VM7f9xn0HBBXT-mzoPsUU6tRIB5FS4364hEYo3cnro7yt9Um9I0-jsgl53DVBTVR61xaMtHHLJP0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEDgcs78k8PLT8VM7f9xn0HBBXT-mzoPsUU6tRIB5FS4364hEYo3cnro7yt9Um9I0-jsgl53DVBTVR61xaMtHHLJP0p0ii1&google_hm=eS1LTloydVRGRTJwR2dtbD...

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEDgcs78k8PLT8VM7f9xn0HBBXT-mzoPsUU6tRIB5FS4364hEYo3cnro7yt9Um9I0-jsgl53DVBTVR61xaMtHHLJP0p0ii1&google_hm=eS1LTloydVRGRTJwR2dtbDgwTk9FcVNzd0swTG1UT21zS35B

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 01 Jul 2023 15:41:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEDgcs78k8PLT8VM7f9xn0HBBXT-mzoPsUU6tRIB5FS4364hEYo3cnro7yt9Um9I0-jsgl53DVBTVR61xaMtHHLJP0p0ii1&google_hm=eS1LTloydVRGRTJwR2dtbDgwTk9FcVNzd0swTG1UT21zS35B
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame C8DE 0
125 B 108ms
23ms Image
text/plain 3.75.62.37

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECmhzR0NbbyqG1AzsEMuVCI&google_cver=1&google_push=AaAOQGEN8yzC2_5oHSTboj1RGRIamm0fgx1x6vzDGhaAWqosCQZHETdslPLrv6V5N_oufZ5YldgHuz5VDXmloUpulqmEiWmtzdxh

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 -, , ASN (),

Reverse DNS

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:44 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8DE
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEHz5Hj1Yy...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEHz...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=06571b73-e120-41ee-9560-309fb0593dab&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=06571b73-e120-41ee-9560-309fb0593dab&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=06571b73-e120-41ee-9560-309fb0593dab&%%GOOGLE_PUSH_PAIR%%
date: Sat, 01 Jul 2023 15:41:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C8DE 0
40 B 88ms
30ms Image
text/html 142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1-rUAV2DwazsXAsC2YuzCitagJSqWoR2langA8FWv4H8qp3zewCMmNb59yhqr48SdM0axJuM

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB33
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDwrt3jS0FMgfSuPxih3jXQ&google_push=AaAOQGGOVU_1CQlds7vv14j2InUDpyYEbn0FmmR5Ym2zt5kV1zymSAfWbH...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDwrt3jS0FMgfSuPxih3jXQ&google_push=AaAOQGGOVU_1CQlds7vv14j2InUDpyYEbn0FmmR5Ym2zt5kV1zymSAfWbH0hgT4FEEfOWfjrz5-StaOgu7DNkFd_sMleoo-n_yU

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230106-FRA
pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1688226104.431960,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDwrt3jS0FMgfSuPxih3jXQ&google_push=AaAOQGGOVU_1CQlds7vv14j2InUDpyYEbn0FmmR5Ym2zt5kV1zymSAfWbH0hgT4FEEfOWfjrz5-StaOgu7DNkFd_sMleoo-n_yU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB33
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFm0SEyVltnZg3vCwBiYJ0c&google_cver=1&google_push=AaAOQGFwTdrdiA50Ze-anZbi57JuS005vB_gqhvEaBqnc5JsaN01-Mke_5EUqYRomYjrzFWcnM3HJs7W5MAorj4JkMLv5BV...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFm0SEyVltnZg3vCwBiYJ0c&google_cver=1&google_push=AaAOQGFwTdrdiA50Ze-anZbi57JuS005vB_gqhvEaBqnc5JsaN01-Mke_5EUqYRomYjrzFWcnM3HJs7W5MAorj4JkMLv5...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFwTdrdiA50Ze-anZbi57JuS005vB_gqhvEaBqnc5JsaN01-Mke_5EUqYRomYjrzFWcnM3HJs7W5MAorj4JkMLv5BVKuQAF

170 B
188 B

28ms
28ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFwTdrdiA50Ze-anZbi57JuS005vB_gqhvEaBqnc5JsaN01-Mke_5EUqYRomYjrzFWcnM3HJs7W5MAorj4JkMLv5BVKuQAF

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGFwTdrdiA50Ze-anZbi57JuS005vB_gqhvEaBqnc5JsaN01-Mke_5EUqYRomYjrzFWcnM3HJs7W5MAorj4JkMLv5BVKuQAF
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BB33
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIRV-O9HLNKj_PoasufAfPk&google_cver=1&google_push=AaAOQGEH0VzDtaIE3wzUMjOgC92-UVvPtmNh446d_uL7fhG-9nAFOBGw7ePLMKgmtCKTGdnbbQwDfjhDFAqjYgH4...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGEH0VzDtaIE3wzUMjOgC92-UVvPtmNh446d_uL7fhG-9nAFOBGw7ePLMKgmtCKTGdnbbQwDfjhDFAqjYgH4gncSnhbARM8d

170 B
232 B

31ms
31ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGEH0VzDtaIE3wzUMjOgC92-UVvPtmNh446d_uL7fhG-9nAFOBGw7ePLMKgmtCKTGdnbbQwDfjhDFAqjYgH4gncSnhbARM8d

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 01 Jul 2023 15:41:44 GMT
via: 1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MXP53-P3
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGEH0VzDtaIE3wzUMjOgC92-UVvPtmNh446d_uL7fhG-9nAFOBGw7ePLMKgmtCKTGdnbbQwDfjhDFAqjYgH4gncSnhbARM8d
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: bavkjChk3YYQOHFBqCUn0j4VXTXriWnsg5d6E00llDe3CkpAiZc6Pg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB33
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEB6NC2AKrv39kRC_evI8Z6I&google_cver=1&google_push=AaAOQGHj-CDKreTkkjD56SUEyI8qXlnBwWS1_BAnPvznXy3zc08u3CbK4SD0eTGQmdN5pL0b289_OBiRV8CAaIT6S1cxAK...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEB6NC2AKrv39kRC_evI8Z6I&google_cver=1&google_push=AaAOQGHj-CDKreTkkjD56SUEyI8qXlnBwWS1_BAnPvznXy3zc08u3CbK4SD0eTGQmdN5pL0b289_OBiRV8CAaIT6...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GzT25BGiQdm9QmLAI1N3Wg&google_push=AaAOQGHj-CDKreTkkjD56SUEyI8qXlnBwWS1_BAnPvznXy3zc08u3CbK4SD0eTGQmdN5pL0b289_OBiRV8CAaIT...

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GzT25BGiQdm9QmLAI1N3Wg&google_push=AaAOQGHj-CDKreTkkjD56SUEyI8qXlnBwWS1_BAnPvznXy3zc08u3CbK4SD0eTGQmdN5pL0b289_OBiRV8CAaIT6S1cxAKCVv42z

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GzT25BGiQdm9QmLAI1N3Wg&google_push=AaAOQGHj-CDKreTkkjD56SUEyI8qXlnBwWS1_BAnPvznXy3zc08u3CbK4SD0eTGQmdN5pL0b289_OBiRV8CAaIT6S1cxAKCVv42z
access-control-allow-origin: *
date: Sat, 01 Jul 2023 15:41:44 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BB33
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFuFHWrBZvg0d_L4daI7YQI&google_cver=1&google_push=AaAOQGEaSKAVSbyQn91-HJCmXZorrkwuSzCbYyc56aRR2qQ3-Tu-9J9WOv9-t2VRlJs_OBLnfiW-Wxb3dTppyTNrK4Y5LBUCWGG5
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGEaSKAVSbyQn91-HJCmXZorrkwuSzCbYyc56aRR2qQ3-Tu-9J9WOv9-t2VRlJs_OBLnfiW-Wxb3dTppyTNrK4Y5LBUCWGG...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY1OTIyNTYyNzA5NTY5MzI1NTUyNg%3D%3D&google_push=AaAOQGEaSKAVSbyQn91-HJCmXZorrkwuSzCbYyc56aRR2qQ3-Tu-9J9W...

170 B
232 B

31ms
31ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY1OTIyNTYyNzA5NTY5MzI1NTUyNg%3D%3D&google_push=AaAOQGEaSKAVSbyQn91-HJCmXZorrkwuSzCbYyc56aRR2qQ3-Tu-9J9WOv9-t2VRlJs_OBLnfiW-Wxb3dTppyTNrK4Y5LBUCWGG5

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY1OTIyNTYyNzA5NTY5MzI1NTUyNg%3D%3D&google_push=AaAOQGEaSKAVSbyQn91-HJCmXZorrkwuSzCbYyc56aRR2qQ3-Tu-9J9WOv9-t2VRlJs_OBLnfiW-Wxb3dTppyTNrK4Y5LBUCWGG5
date: Sat, 01 Jul 2023 15:41:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame BB33 0
44 B 433ms
28ms Image
text/plain 185.86.139.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFEthj21BfpqUbm2IJS4Fxo&google_cver=1&google_push=AaAOQGHeuIc2BPHkQxRrrmnIjCT6MLx4SS0uKBuxBATNhXG9DMT74X8cl1__yVSLzAHdTcWmarevaRk_mDG4xqwd28CXIyYy0kI
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:43 GMT
content-length: 0

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame BB33
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEMFO1KywL4sCn4snwiD0WbI&google_cver=1&google_push=AaAOQGH7SLCei5zrFtlFvC7DPry9TYe_Fo03-fwVl8eD32LkZxkEUynLaLi8WC9Ix-Wn1mMV5h2FgbDjFQwUQZwx91vm2tSwG67rlQ
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGH7SLCei5zrFtlFvC7DPry9TYe_Fo03-fwVl8eD32Lk...

43 B
1 KB

76ms
21ms

Image
image/gif

162.19.138.82

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGH7SLCei5zrFtlFvC7DPry9TYe_Fo03-fwVl8eD32LkZxkEUynLaLi8WC9Ix-Wn1mMV5h2FgbDjFQwUQZwx91vm2tSwG67rlQ

Protocol

HTTP/1.1

Server

162.19.138.82 -, , ASN (),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 01 Jul 2023 15:41:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Sat, 01 Jul 2023 15:41:44 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGH7SLCei5zrFtlFvC7DPry9TYe_Fo03-fwVl8eD32LkZxkEUynLaLi8WC9Ix-Wn1mMV5h2FgbDjFQwUQZwx91vm2tSwG67rlQ
x-download-options: noopen
vary: Accept
content-length: 273
x-xss-protection: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BB33 0
49 B 81ms
37ms Image
text/html 142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHWA7QrfZwcrUdi3o-Dqzg7gER3TCSQgVGiXAGVm7FkINlNN_jo6nCvaY1CKVfxncOK-AZPA

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8894 0
0 68ms
68ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTK3UN0mgZNuwBsTE7_UPsMqm6AK6iLSPXJzX7u6pCMCNtwEQASAAYJXqmIKsB4IBF2NhLXB1Yi03OTgzNjUxMjU3ODM4MjgyyAEJ4AIAqAMByAMCqgT-AU_QfHapU4vVe4OIJIKvS4q6IadsoEbSVNfnZ480wvgE9HCMlB-18jcsP1wfauOaowJWSeMW4GsNCsEs8OuwculG-mQ_Oz11qqZiD-dHzr-yI94mkYJaLO1ko9KNbLer9ClnDSYdMhJZXMQ0hObLJZU1ruj8U8xLup1pO8cEgIsvN-Sju7FKtbF02gzHpVfM3r3tvtAOE7l69F9DiXeR5tmV9TA6wJqPZBL6uALklN8X7Bp5KukJHtVYnhlaktY0WKAeFh3qTejwp74wuo5VZ0gJjgC2Ile4gun5jTP2FKNQ4wCUC8eIlgdmJNQvcy-_KsP1gs2CHB8Rv3EBbtwi4AQBgAa2ufLw3vTjxIsBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi03Mjc1NTI4NDUzMTYyMzA5gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc5ODM2NTEyNTc4MzgyODIY6sFt&sigh=mpViDcUqQQY&uach_m=[UACH]&cid=CAQSOwBygQiD0a4kWRAwrPOB8x_S6woNQQeE9R4b5mPhxcuQlf79q9KJ3ojURzYmdAgds07YDGgaKHDBXucNGAE&cbvp=2&vis=1
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200 a.gif
i.w55c.net/ Frame 8894 42 B
582 B 22ms
21ms Image
image/gif 35.156.85.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=NzhDNENCQTkwNkEwREQ5N0E3NjhFOTM1MDUyNjM3N0R8R0ZoeTNNdThaQXwxNjg4MjI2MTAzMjQ3fDF8WG1FS1o4a2t0eHxYUks4TjRSd2FpfC0xNjQzNTU4OTk3X0VYfDEzNTUyMnx8fHwuMFB8VVNE&ei=GOOGLE&wp_exchange=ZKBJNwABmFsIu-JEAAmlMKeIJbcYdfRoBceceg&ac=WFMwUE56aXZTMTpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCOCMwLjYyMjQwNjA3fElBQjgtOCMwLjQ2MTU1MzN8SUFCOC03IzAuMDgwMzE0NzJ8SUFCWDI3IzAuMDQxODE3MjZ8SUFCOSMwLjA0MTgxNzI2fElBQlgyNy0xIzAuMDQxODE3MjZ8SUFCOS05IzAuMDQxODE3MjZ8SUFCMTUjMC4wMzk0NDE2MjM&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=ye-mek.net&s=https%3A%2F%2Fye-mek.net&ts=1688226103251&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=NI&m=0&pc=37127&rnd=6579617875834885&epid=R0wxNTIyMg&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1udVZVV21Ndg&l=dHJ8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=0&euid=Q0FFU0VGMXhWVTZSS2tLT1h3WGRSM0xtalFZ&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=auQejb_Adulejf4fUfSvuQ&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEF1xVU6RKkKOXwXdR3LmjQY&spidu=GOOGLE&pidu=15222&hmpvu=24dd16f1-c1f9-4407-8aa5-091fecd1652a&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRK8N4Rwai&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif&cbvp=2

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.85.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-85-133.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-0afa2568184f9f5d2@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jul 2023 15:41:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-782-g97d928b#rel-ec2-master i-0afa2568184f9f5d2@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B723
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJzFzxt6-DX7dVFJXYzE3zk&google_cver=1&google_push=AaAOQGERb32YVF6LlUrd7nyVXxInJ19CYNY1_HFMuVCb3eMrPyJtwLELS-HbzzBMngflYbsgvuIPHOUn4L1Z_HiD...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGERb32YVF6LlUrd7nyVXxInJ19CYNY1_HFMuVCb3eMrPyJtwLELS-HbzzBMngflYbsgvuIPHOUn4L1Z_HiDAd46iYOPOb5z

170 B
232 B

30ms
29ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGERb32YVF6LlUrd7nyVXxInJ19CYNY1_HFMuVCb3eMrPyJtwLELS-HbzzBMngflYbsgvuIPHOUn4L1Z_HiDAd46iYOPOb5z

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 01 Jul 2023 15:41:44 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x14 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGERb32YVF6LlUrd7nyVXxInJ19CYNY1_HFMuVCb3eMrPyJtwLELS-HbzzBMngflYbsgvuIPHOUn4L1Z_HiDAd46iYOPOb5z
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 01 Jul 2023 15:41:43 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame B723 0
173 B 77ms
27ms Image
text/plain 34.96.105.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEH0p1JtM4Ko-21_JVODosgc&google_cver=1&google_push=AaAOQGEomX-9Imw7GuEHrCkjN5Il7jTWdP45exLBeHwgWviqoANR_lirw54uCijn9NF-C7ZmCnzndtzrklUiKmV2ugwK26TqOLJM
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 dds
rtb.openx.net/sync/ Frame B723 43 B
103 B 98ms
27ms Image
image/gif 35.227.252.103

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIf8pVyzsaHUUT7EqMX8Vwo&google_cver=1&google_push=AaAOQGEX8GZ1APwcQAonYu44fPO_xUO6rcUN_syqZCJKZvKFa_A4yygFYeOnn8PrJb-uEU2KuuGXXRlvj5gYYe62P93uzGxlnI-s
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B723
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBqT7rAGnhbeveFJWtFcgdg&google_cver=1&google_push=AaAOQGGOw84xyAKgN1a8CbWHkIssS7_X66m35uWTqwmQOMOdFptJDpOCK5ViYBQmtzkaxa9jxMF...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpLNjhGNFQtMjgtQk5XTg==&google_push=AaAOQGGOw84xyAKgN1a8CbWHkIssS7_X66m35uWTqwmQOMOdFptJDpOCK5ViYBQmtzkaxa9jxMFmm3OkGFkUYV10QeYJNWvkLk9z

170 B
232 B

31ms
30ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpLNjhGNFQtMjgtQk5XTg==&google_push=AaAOQGGOw84xyAKgN1a8CbWHkIssS7_X66m35uWTqwmQOMOdFptJDpOCK5ViYBQmtzkaxa9jxMFmm3OkGFkUYV10QeYJNWvkLk9z

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpLNjhGNFQtMjgtQk5XTg==&google_push=AaAOQGGOw84xyAKgN1a8CbWHkIssS7_X66m35uWTqwmQOMOdFptJDpOCK5ViYBQmtzkaxa9jxMFmm3OkGFkUYV10QeYJNWvkLk9z
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B723
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECNbPiScOzidcln49rdW2HA&google_cver=1&google_push=AaAOQGH5UsjbUJUz70MoTbEAaIQ26SCyjNyrOR8uoZ-_-HoJj_5ZeZnXp2T2TPuIjHHJx16Vq-_gmgvVLH1JY7zJp...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECNbPiScOzidcln49rdW2HA&google_cver=1&google_push=AaAOQGH5UsjbUJUz70MoTbEAaIQ26SCyjNyrOR8uoZ-_-HoJj_5ZeZnXp2T2TPuIjHHJx16Vq-_gmgvVLH1JY7zJp...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGH5UsjbUJUz70MoTbEAaIQ26SCyjNyrOR8uoZ-_-HoJj_5ZeZnXp2T2TPuIjHHJx16Vq-_gmgvVLH1JY7zJp01oJgS0QCM&google_hm=G6JNsGZHA9kR_hPURlqraEDj

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGH5UsjbUJUz70MoTbEAaIQ26SCyjNyrOR8uoZ-_-HoJj_5ZeZnXp2T2TPuIjHHJx16Vq-_gmgvVLH1JY7zJp01oJgS0QCM&google_hm=G6JNsGZHA9kR_hPURlqraEDj

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 01 Jul 2023 15:41:44 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGH5UsjbUJUz70MoTbEAaIQ26SCyjNyrOR8uoZ-_-HoJj_5ZeZnXp2T2TPuIjHHJx16Vq-_gmgvVLH1JY7zJp01oJgS0QCM&google_hm=G6JNsGZHA9kR_hPURlqraEDj
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B723
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGHXzXQc_IW1WsPWwkOl1DFLJXOPgYzd92pZ7gK1H8eSRewCfDlCbXImjJg93KFk5HXLRQNJeeLwYfcGdhlj7Zci8H7GQxDL&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-abcc2280-cf72-4d40-8dd4-d20e3e2d9c2e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGHXzXQc_IW1WsPWwkOl1...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHXzXQc_IW1WsPWwkOl1DFLJXOPgYzd92pZ7gK1H8eSRewCfDlCbXImjJg93KFk5HXLRQNJeeLwYfcGdhlj7Zci8H7GQxDL&google_hm=A6vMIoDPck1AjdTSDj4tnC4

170 B
188 B

37ms
36ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHXzXQc_IW1WsPWwkOl1DFLJXOPgYzd92pZ7gK1H8eSRewCfDlCbXImjJg93KFk5HXLRQNJeeLwYfcGdhlj7Zci8H7GQxDL&google_hm=A6vMIoDPck1AjdTSDj4tnC4

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHXzXQc_IW1WsPWwkOl1DFLJXOPgYzd92pZ7gK1H8eSRewCfDlCbXImjJg93KFk5HXLRQNJeeLwYfcGdhlj7Zci8H7GQxDL&google_hm=A6vMIoDPck1AjdTSDj4tnC4
date: Sat, 01 Jul 2023 15:41:44 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXabcc2280cf724d408dd4d20e3e2d9c2e003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B723
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENnD3ZI48DUlDhA5dex5ypA&google_cver=1&google_push=AaAOQGH7Z52LeMRr6...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENnD3ZI48DUlDhA5dex5ypA%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzQxMzI4NTUyMDA2NDU3ODQwMQ%3D%3D&google_gid=CAESENnD3ZI48DUlDhA5dex5ypA&google_cver=1&google_push=AaAOQGH7Z52LeMRr6RO5KfpDKWk5ggaMBj...

170 B
188 B

28ms
28ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzQxMzI4NTUyMDA2NDU3ODQwMQ%3D%3D&google_gid=CAESENnD3ZI48DUlDhA5dex5ypA&google_cver=1&google_push=AaAOQGH7Z52LeMRr6RO5KfpDKWk5ggaMBjyW6QEJQEjA2vp8ngwBZ1YxiJyQNXQUSJJNDlNKzemPYkzooMlQzR5wmZ_Bu7RrvLq6bA

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 01 Jul 2023 15:41:44 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.25; 217.114.218.25; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5919e093-47ef-4b08-b8a0-6ca98a2a7da6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzQxMzI4NTUyMDA2NDU3ODQwMQ%3D%3D&google_gid=CAESENnD3ZI48DUlDhA5dex5ypA&google_cver=1&google_push=AaAOQGH7Z52LeMRr6RO5KfpDKWk5ggaMBjyW6QEJQEjA2vp8ngwBZ1YxiJyQNXQUSJJNDlNKzemPYkzooMlQzR5wmZ_Bu7RrvLq6bA
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B723 0
40 B 55ms
28ms Image
text/html 142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13INv8sh7qsHvfq34qUXdKWcDms4tsl1MVAiz7cbd2rcAJ6oFC9lYJ_vqipqNczVIXdxh18nuA

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 5ed76f76e4b07a92411bc03a
ng2.virgul.com/tck/imp/ Frame 990E 0
209 B 60ms
60ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed76f76e4b07a92411bc03a?g=1&t=gb&r=153377@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1688226102198&userId=vnetf3e1f78c-ae40-42e6-bfd2-763ca0c5e0c6
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 01 Jul 2023 15:41:44 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4F9E 35 B
465 B 52ms
21ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDynaS90eDpgThGkiY1_dR8&google_cver=1&google_push=AaAOQGFHwrT8ov4c2_ra8pFF4kyCko1jojYx3esoMaic9hgJqraY7JpAqVqhaxCrz1XZP48d_gsXp2pVmbzYol_CoMvT-gw2ZtO1

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4F9E
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOD8p5pQqhLWNa9D4Ef-hZQ&google_cver=1&google_push=AaAOQGHny1wLsN2xBnF-oWYL2Nz1kywMvKJ-Y2ZWrVy2GnqWZPN51IFX_G3oI6UxWZUoJWCY3p6j6HME9mJIqaMH...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=29uLP2OBSPm-p1eOgGkj0A2&google_push=AaAOQGHny1wLsN2xBnF-oWYL2Nz1kywMvKJ-Y2ZWrVy2GnqWZPN51IFX_G3oI6UxWZUoJWCY3p6j6HME9mJIqaMHz_P1X0tJCKIY

170 B
232 B

31ms
31ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=29uLP2OBSPm-p1eOgGkj0A2&google_push=AaAOQGHny1wLsN2xBnF-oWYL2Nz1kywMvKJ-Y2ZWrVy2GnqWZPN51IFX_G3oI6UxWZUoJWCY3p6j6HME9mJIqaMHz_P1X0tJCKIY

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 01 Jul 2023 15:41:44 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=29uLP2OBSPm-p1eOgGkj0A2&google_push=AaAOQGHny1wLsN2xBnF-oWYL2Nz1kywMvKJ-Y2ZWrVy2GnqWZPN51IFX_G3oI6UxWZUoJWCY3p6j6HME9mJIqaMHz_P1X0tJCKIY
x-host: tde-deliveryengine-production-7c97bc8457-9jmpk
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F9E
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDzMghjlXcI0cqqjaHonhOY&google_cver=1&google_push=AaAOQGFEJSKXeslvmIYV9asI6tJMVsFDDC3Xo1Fxw_vqGokY2k9fjlxVaIUJd1qfMz70aBRfGuabjn4mu823kr0cV-GE...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDzMghjlXcI0cqqjaHonhOY&google_cver=1&google_push=AaAOQGFEJSKXeslvmIYV9asI6tJMVsFDDC3Xo1Fxw_vqGokY2k9fjlxVaIUJd1qfMz70aBRfGuabjn4mu823kr...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=4aa5e0e7-b683-4f87-83ff-5e0c6aa11d3f&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFEJSKXeslvmIYV9asI6tJMVsFDDC3Xo1Fxw_vqGokY2k9fjlxVaIUJd1qfMz70aBRfGuabjn4mu823kr0cV-GEPEriqTw&google_hm=Blcbc-EgQe6VYDCfsFk9qw==

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFEJSKXeslvmIYV9asI6tJMVsFDDC3Xo1Fxw_vqGokY2k9fjlxVaIUJd1qfMz70aBRfGuabjn4mu823kr0cV-GEPEriqTw&google_hm=Blcbc-EgQe6VYDCfsFk9qw==

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFEJSKXeslvmIYV9asI6tJMVsFDDC3Xo1Fxw_vqGokY2k9fjlxVaIUJd1qfMz70aBRfGuabjn4mu823kr0cV-GEPEriqTw&google_hm=Blcbc-EgQe6VYDCfsFk9qw==
date: Sat, 01 Jul 2023 15:41:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4F9E 43 B
245 B 90ms
26ms Image
image/gif 35.227.252.103

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELfIk3x1cKID8qbTLz3oClY&google_cver=1&google_push=AaAOQGGaNNI1Robr8mQmHOP_iz5XZGQSmqXaLoZ1zj1UV4uklmh8XvecE6Wziew39PmHh7WKoOuBbDC7nDbBwvexiDf39sw6IxU
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F9E
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPArKBFEIivUBOTFEEb14zo&google_cver=1&google_push=AaAOQGHpzdFY3PF2Ug8HZsmX42uX4gkjby9uveP9aQ2HGFPgJRkyFuD_zvDTA_Y4eXdgXO1kVI_3WGbKwFexAFTN6...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPArKBFEIivUBOTFEEb14zo&google_cver=1&google_push=AaAOQGHpzdFY3PF2Ug8HZsmX42uX4gkjby9uveP9aQ2HGFPgJRkyFuD_zvDTA_Y4eXdgXO1kVI_3WGbKwFexAFTN6...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGHpzdFY3PF2Ug8HZsmX42uX4gkjby9uveP9aQ2HGFPgJRkyFuD_zvDTA_Y4eXdgXO1kVI_3WGbKwFexAFTN634WxL7ZgkHm&google_hm=G6JNsGZHA9kR_hPURlqraEDj

170 B
188 B

29ms
28ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGHpzdFY3PF2Ug8HZsmX42uX4gkjby9uveP9aQ2HGFPgJRkyFuD_zvDTA_Y4eXdgXO1kVI_3WGbKwFexAFTN634WxL7ZgkHm&google_hm=G6JNsGZHA9kR_hPURlqraEDj

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 01 Jul 2023 15:41:44 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGHpzdFY3PF2Ug8HZsmX42uX4gkjby9uveP9aQ2HGFPgJRkyFuD_zvDTA_Y4eXdgXO1kVI_3WGbKwFexAFTN634WxL7ZgkHm&google_hm=G6JNsGZHA9kR_hPURlqraEDj
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F9E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGFyUe4KQ7ErIAzS0DrHp90sKw4fwMD6MrIbFlwgbho7rQIEzD2hdrBylTy2E3pTPGjnbOG4XdUiPexszK0dDTggsF1-ETNG&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-abcc2280-cf72-4d40-8dd4-d20e3e2d9c2e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGFyUe4KQ7ErIAzS0DrHp...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGFyUe4KQ7ErIAzS0DrHp90sKw4fwMD6MrIbFlwgbho7rQIEzD2hdrBylTy2E3pTPGjnbOG4XdUiPexszK0dDTggsF1-ETNG&google_hm=A6vMIoDPck1AjdTSDj4tnC4

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGFyUe4KQ7ErIAzS0DrHp90sKw4fwMD6MrIbFlwgbho7rQIEzD2hdrBylTy2E3pTPGjnbOG4XdUiPexszK0dDTggsF1-ETNG&google_hm=A6vMIoDPck1AjdTSDj4tnC4

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGFyUe4KQ7ErIAzS0DrHp90sKw4fwMD6MrIbFlwgbho7rQIEzD2hdrBylTy2E3pTPGjnbOG4XdUiPexszK0dDTggsF1-ETNG&google_hm=A6vMIoDPck1AjdTSDj4tnC4
date: Sat, 01 Jul 2023 15:41:44 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXabcc2280cf724d408dd4d20e3e2d9c2e003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F9E
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDCpn18vb...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDC...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=06571b73-e120-41ee-9560-309fb0593dab&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=06571b73-e120-41ee-9560-309fb0593dab&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=06571b73-e120-41ee-9560-309fb0593dab&%%GOOGLE_PUSH_PAIR%%
date: Sat, 01 Jul 2023 15:41:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4F9E 0
40 B 49ms
29ms Image
text/html 142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IAqA32r2WtqEkjtvFxyXEkacdUW-12FbM1c8Sjj9h5Zjl1fEJjyquLnXUSbtb1H9S8PlEL-Q

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9CEF
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEI5WLOM3kXm8E3JBHoKCAjc&google_cver=1&google_push=AaAOQGGarNg35bOYG4kN3D1IQQ7GgH9wB7k9oGPIwabx7B9AxFXwJkaz64eaR0IiDBwzM522Rml9MpO0yat...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGarNg35bOYG4kN3D1IQQ7GgH9wB7k9oGPIwabx7B9AxFXwJkaz64eaR0IiDBwzM522Rml9MpO0yatd5p7Ej1E1FcZnei8U&google_hm=I2Kq9BG1SWGrE52n1MNL4Rk

170 B
232 B

32ms
32ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGarNg35bOYG4kN3D1IQQ7GgH9wB7k9oGPIwabx7B9AxFXwJkaz64eaR0IiDBwzM522Rml9MpO0yatd5p7Ej1E1FcZnei8U&google_hm=I2Kq9BG1SWGrE52n1MNL4Rk

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:43 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGarNg35bOYG4kN3D1IQQ7GgH9wB7k9oGPIwabx7B9AxFXwJkaz64eaR0IiDBwzM522Rml9MpO0yatd5p7Ej1E1FcZnei8U&google_hm=I2Kq9BG1SWGrE52n1MNL4Rk
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 9CEF 43 B
103 B 89ms
28ms Image
image/gif 35.227.252.103

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELmn6rMve8fNls9eZwft8dw&google_cver=1&google_push=AaAOQGFWfE35_73AFkMcxX_i8NTDSNia3aLAjN_Kjv4RjwhsF0uI6ON1bkpbXqHhGfCDE6hJROq0suRbHHYonl68QdjyQjsJMJ0
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9CEF
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHcVNIW4KKPgw96HFaBFBxs&google_cver=1&google_push=AaAOQGFlgscOLv4hvwRUIQlVrsD9_sHKPEyWpN8Iwe-09P0r6MSAuL9cKr16veF362AJnE8A_n3xX56W-gMghIxzQ...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHcVNIW4KKPgw96HFaBFBxs&google_cver=1&google_push=AaAOQGFlgscOLv4hvwRUIQlVrsD9_sHKPEyWpN8Iwe-09P0r6MSAuL9cKr16veF362AJnE8A_n3xX56W-gMghIxzQ...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFlgscOLv4hvwRUIQlVrsD9_sHKPEyWpN8Iwe-09P0r6MSAuL9cKr16veF362AJnE8A_n3xX56W-gMghIxzQB2qmxZObeNA&google_hm=G6JNsGZHA9kR_hPURlqraEDj

170 B
188 B

31ms
29ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFlgscOLv4hvwRUIQlVrsD9_sHKPEyWpN8Iwe-09P0r6MSAuL9cKr16veF362AJnE8A_n3xX56W-gMghIxzQB2qmxZObeNA&google_hm=G6JNsGZHA9kR_hPURlqraEDj

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 01 Jul 2023 15:41:44 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFlgscOLv4hvwRUIQlVrsD9_sHKPEyWpN8Iwe-09P0r6MSAuL9cKr16veF362AJnE8A_n3xX56W-gMghIxzQB2qmxZObeNA&google_hm=G6JNsGZHA9kR_hPURlqraEDj
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9CEF
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEI4CDiVfkjpTw4w2jaAZOVA&google_cver=1&google_push=AaAOQGEbs7AnFIv_E6mvuqxp0-FDQad7HkrXGK8dfBDVqAl84nSpScJFOSQq2OGZ0INfFTJgM_P1RTMRRb6l...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEbs7AnFIv_E6mvuqxp0-FDQad7HkrXGK8dfBDVqAl84nSpScJFOSQq2OGZ0INfFTJgM_P1RTMRRb6lWzSoU1uuFzFPjtPQ

170 B
232 B

32ms
32ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEbs7AnFIv_E6mvuqxp0-FDQad7HkrXGK8dfBDVqAl84nSpScJFOSQq2OGZ0INfFTJgM_P1RTMRRb6lWzSoU1uuFzFPjtPQ

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEbs7AnFIv_E6mvuqxp0-FDQad7HkrXGK8dfBDVqAl84nSpScJFOSQq2OGZ0INfFTJgM_P1RTMRRb6lWzSoU1uuFzFPjtPQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9CEF
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGFGF0AX6X30aoBWssRn-lLKOvKtstsT8c_TuuXM-SISCCSaFx464GMxq-SSXpee6oUQ-EfGcUFag6a4AaVysxzPiaCg8eo8&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-abcc2280-cf72-4d40-8dd4-d20e3e2d9c2e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGFGF0AX6X30aoBWssRn-...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGFGF0AX6X30aoBWssRn-lLKOvKtstsT8c_TuuXM-SISCCSaFx464GMxq-SSXpee6oUQ-EfGcUFag6a4AaVysxzPiaCg8eo8&google_hm=A6vMIoDPck1AjdTSDj4tnC4

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGFGF0AX6X30aoBWssRn-lLKOvKtstsT8c_TuuXM-SISCCSaFx464GMxq-SSXpee6oUQ-EfGcUFag6a4AaVysxzPiaCg8eo8&google_hm=A6vMIoDPck1AjdTSDj4tnC4

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGFGF0AX6X30aoBWssRn-lLKOvKtstsT8c_TuuXM-SISCCSaFx464GMxq-SSXpee6oUQ-EfGcUFag6a4AaVysxzPiaCg8eo8&google_hm=A6vMIoDPck1AjdTSDj4tnC4
date: Sat, 01 Jul 2023 15:41:44 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXabcc2280cf724d408dd4d20e3e2d9c2e003
content-type: text/html

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 9CEF
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEM0jMcCi59TkH1pPHGEOEf0&google_cver=1&google_push=AaAOQGFG6qPamIY6pk0tViW3z9xfZkIxfa4eIJEdxbg6YQ2zfsXS3OYWFCVpz5YSYvJb8OVn2fZnkfSH2O5iIH_c_Wj6I2nUcxkW
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGFG6qPamIY6pk0tViW3z9xfZkIxfa4eIJEdxbg6YQ2z...

43 B
1 KB

76ms
21ms

Image
image/gif

162.19.138.82

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGFG6qPamIY6pk0tViW3z9xfZkIxfa4eIJEdxbg6YQ2zfsXS3OYWFCVpz5YSYvJb8OVn2fZnkfSH2O5iIH_c_Wj6I2nUcxkW

Protocol

HTTP/1.1

Server

162.19.138.82 -, , ASN (),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 01 Jul 2023 15:41:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Sat, 01 Jul 2023 15:41:44 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGFG6qPamIY6pk0tViW3z9xfZkIxfa4eIJEdxbg6YQ2zfsXS3OYWFCVpz5YSYvJb8OVn2fZnkfSH2O5iIH_c_Wj6I2nUcxkW
x-download-options: noopen
vary: Accept
content-length: 271
x-xss-protection: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 9CEF
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEErfK_69R2dV...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFlVYZvGCYkrHTFQM015qmynXa9HyZ0r_Cuf5TlTkTo6yLnCOQxVS69HH-Xofg-uLC52yZxxeoCXf1kaN0KDaeyp8scEsqq
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

44ms
44ms

Image
image/gif

2.16.97.41

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.16.97.41 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 01 Jul 2023 15:41:44 GMT
pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9CEF 0
130 B 45ms
28ms Image
text/html 142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KcQ4mgVZqBXuiUjXjs188UuCbLqUfcGw_uyQDCzyHfK_ncvhsFJu4XJmqrxqIzsdHQatQ0xSM

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F824 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 14:46:54 GMT
expires: Sun, 30 Jun 2024 14:46:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 40B0 783 B
1001 B 38ms
29ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

97f538109f326c56c07e09bf99c396700db18558a071cec59b29317a17d53dd0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qODb32awFCF5HoAXEE-fzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-qODb32awFCF5HoAXEE-fzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:41:44 GMT
expires: Sat, 01 Jul 2023 15:41:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dpixel
cms.quantserve.com/ Frame 067C 35 B
464 B 43ms
22ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENGjBIWH9KDcmGi0-G9RNRA&google_cver=1&google_push=AaAOQGHS_X0Hy2sHQkCpEQzKxrBTf9rRgp-DKrkYyFDbzDzqt7TWEnIYZnEexvBlywtTm07njylsepO3VssKaopFYCA9xXB195eC

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 067C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGvWxI_cilnslI7aaw9sgXQ&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NFBtbDl3Zm0xUWZDSmk1&google_gid=CAESEGvWxI_cilnslI7aaw9sgXQ&google_cver=1&google_push=AaAOQGGs871v04g81IXQ-OSwXeF87uCt8dYyj0opgK9uN5O...

170 B
232 B

31ms
31ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NFBtbDl3Zm0xUWZDSmk1&google_gid=CAESEGvWxI_cilnslI7aaw9sgXQ&google_cver=1&google_push=AaAOQGGs871v04g81IXQ-OSwXeF87uCt8dYyj0opgK9uN5ObsDIKR9Y5QrialuQSKaUDp5Kz50ZFtK0dFLS0Ovmknzsnw6nFwJ0rtQ

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 01 Jul 2023 15:41:43 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-008a7b4f528d14c6d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NFBtbDl3Zm0xUWZDSmk1&google_gid=CAESEGvWxI_cilnslI7aaw9sgXQ&google_cver=1&google_push=AaAOQGGs871v04g81IXQ-OSwXeF87uCt8dYyj0opgK9uN5ObsDIKR9Y5QrialuQSKaUDp5Kz50ZFtK0dFLS0Ovmknzsnw6nFwJ0rtQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 067C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN1X2uIvxRUv3hPgxb2LWKw&google_push=AaAOQGF1tM17nu7juUBWVlZ0BZ60Ft3LiwMBDG_33JvqcNwHeK8-96J9Qa...

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN1X2uIvxRUv3hPgxb2LWKw&google_push=AaAOQGF1tM17nu7juUBWVlZ0BZ60Ft3LiwMBDG_33JvqcNwHeK8-96J9QahJspTvPwaGNpME2vJ5Src2miQTEkdYX9s5eSsrnpSNjA

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230106-FRA
pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1688226104.431961,VS0,VE99
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEN1X2uIvxRUv3hPgxb2LWKw&google_push=AaAOQGF1tM17nu7juUBWVlZ0BZ60Ft3LiwMBDG_33JvqcNwHeK8-96J9QahJspTvPwaGNpME2vJ5Src2miQTEkdYX9s5eSsrnpSNjA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 067C 43 B
363 B 93ms
25ms Image
image/gif 178.250.1.9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESENnUFbdEW10xaNGByMXheAY&google_cver=1&google_push=AaAOQGESp3O0R0pw7GCrf_B9cg8BUNG-9rB8are5K65wT1qqw2PMGw1r7aBdRDfP4cO9_cH73qtQZtOOBKiTubiVD7IxoOuai-URjA

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 262782
expires: Sat, 01 Jul 2023 00:00:00 GMT

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 067C 0
45 B 398ms
28ms Image
text/plain 185.86.139.104

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFlpsI3wVEMRP88zGC0yOpg&google_cver=1&google_push=AaAOQGGIP89VwrBTMxkgJNiZyFIbsINT7jdDqyfisVZjMzyhh1UDUH8ne75nDWKeSQwBfnnZkDm_FZoq_cMaHlKI0N5dJ0V6vFpY
Requested by: Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:44 GMT
content-length: 0

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 067C
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEGBujzC8ZfrWVtDduPDTlRo&google_cver=1&google_push=AaAOQGEYtjvD58JvCoDOVzfn71MfpCXTBwg5uC01UTEP2PlUHo1HibE315g1ENh9ydqtqOBQxOoMITGO6uNUxqCDc2zsrP_66tAG3zc
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEYtjvD58JvCoDOVzfn71MfpCXTBwg5uC01UTEP2PlU...

43 B
1 KB

76ms
21ms

Image
image/gif

162.19.138.82

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEYtjvD58JvCoDOVzfn71MfpCXTBwg5uC01UTEP2PlUHo1HibE315g1ENh9ydqtqOBQxOoMITGO6uNUxqCDc2zsrP_66tAG3zc

Protocol

HTTP/1.1

Server

162.19.138.82 -, , ASN (),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 01 Jul 2023 15:41:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Sat, 01 Jul 2023 15:41:44 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEYtjvD58JvCoDOVzfn71MfpCXTBwg5uC01UTEP2PlUHo1HibE315g1ENh9ydqtqOBQxOoMITGO6uNUxqCDc2zsrP_66tAG3zc
x-download-options: noopen
vary: Accept
content-length: 274
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 067C
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEItXwXJ_dHtYqZ7-z7tmUaM&google_cver=1&google_push=AaAOQGGBprjWGdWqj...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEItXwXJ_dHtYqZ7-z7tmUaM%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzQxMzI4NTUyMDA2NDU3ODQwMQ%3D%3D&google_gid=CAESEItXwXJ_dHtYqZ7-z7tmUaM&google_cver=1&google_push=AaAOQGGBprjWGdWqj6lEhytjRE5Q2T5cZW...

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzQxMzI4NTUyMDA2NDU3ODQwMQ%3D%3D&google_gid=CAESEItXwXJ_dHtYqZ7-z7tmUaM&google_cver=1&google_push=AaAOQGGBprjWGdWqj6lEhytjRE5Q2T5cZW3hPqtsDjxLKx00JDyLiCe4XZprWZ8oiLz080Xj2fFbb114189BuhvxK8AfkXrAHRnJ37U

Protocol

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 01 Jul 2023 15:41:44 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.25; 217.114.218.25; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 68c0e2bf-9725-44eb-ab41-8d5d46711347
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzQxMzI4NTUyMDA2NDU3ODQwMQ%3D%3D&google_gid=CAESEItXwXJ_dHtYqZ7-z7tmUaM&google_cver=1&google_push=AaAOQGGBprjWGdWqj6lEhytjRE5Q2T5cZW3hPqtsDjxLKx00JDyLiCe4XZprWZ8oiLz080Xj2fFbb114189BuhvxK8AfkXrAHRnJ37U
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 067C 0
40 B 38ms
28ms Image
text/html 142.250.185.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LM_aooe41PPRovkTi5Yhms2Frr4pLTwzLnPJLU-WYnKQOV5Kt-x86O8Sj9TIkfqNBGSPUh02o

Requested by

Host: 3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
URL: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame F824 38 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 19:11:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 40B0 0
0 56ms
52ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230627&jk=4045573871849722&rc=
Requested by: Host: ye-mek.net
URL: https://ye-mek.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 990E 14 KB
11 KB 69ms
68ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5686193fc78cdddc4c303ab6ff711d7e657e2c19e37306c40d8c4bab93f2543d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11121
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F824 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QYciPA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 990E 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 01 Jul 2023 15:41:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 23EC 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 14:46:54 GMT
expires: Sun, 30 Jun 2024 14:46:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DED6 783 B
534 B 31ms
31ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7232181015eb5b42f53f96e6443fc267df0b8e2cc009f4a2ff948b8852eebff4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VmSNNhfkmKmMlRd-HHZwMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye-mek.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-VmSNNhfkmKmMlRd-HHZwMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 15:41:44 GMT
expires: Sat, 01 Jul 2023 15:41:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 23EC 38 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 19:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 19:11:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DED6 0
0 53ms
53ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306270101&jk=3277620352513465&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 23EC 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xrOBpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 15:41:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 5ed7702fe4b07a92411bc03e
ng2.virgul.com/tck/imp/ Frame 990E 0
209 B 59ms
58ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/5ed7702fe4b07a92411bc03e?g=1&t=gb&r=153378@site_geneli@yemek_net:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1%2Cgprec%3Dyemek%26rec_ing%3D&info=&mt=1688226102198&userId=vnetf3e1f78c-ae40-42e6-bfd2-763ca0c5e0c6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 01 Jul 2023 15:41:45 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7A3D 0
0 58ms
57ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230627&jk=4045573871849722&bg=!LC-lL3vNAAb90kgr3dI7ADkAdvg8WhQw_lX27WpOX6CwOpURm1oNtZUpxF_NB72TYjhXF0XDm-mFaATcgvDjygd9GjSTRu6MSY8CAAABOVIAAAACaAEHmQMNOnKQMZACSaizBggCjnYOmXu0r_orjOE4bua0Jks2stZzuyh1Ranac7TtDd1GD36jY7xPMbq0pRRUeEy-LKcX3kHjI2BieuOAjmlH7cNukM9nsi6CrseAr0_kO-T_Qj59qxDZcQmHdB6DCM4y818Ulrj6_r6gX5nBpRtcomgmcdYxupFO8nXvCxn7mlC0wJEUkD-V7sFZrCW8M2ayQRHR05gtc93dSwcoH-IVAmi7XnVkMNc9UeIHP5WwUeVAIp-qnIdHDt3ybhSMFME1rNUn44WYEhDotufIKO7MCopJwhye89U-iVZLGSR_Tv6ewyHLisQ7BRFbTjW3Ifj6MvmJZFnDC-0oHMIvpTBBW3rSLOHS8UtmDDfzIlhqX2jWHuz0DlYnvnlSn931olGLqP-ZRdGnWKpEjcYXioSxRnv0uO85UxthUGmTocpmpULPm02tn8T8NJ3EKJ0KNe1YiKt85dDCEtJoAhj1ZeSjpjDxgDkRKrp59k8Ff2tPDFvW2GtI2aj791JmkiNMHrMWP1f_Yz1qkZACAaLVAeJoLGkLCRImbWQdw82Sm9w9J9p1zABT_66kmT-IRkHu7yh6k9Adw651vUPfRLY4dbuhYkGCKT6eOzua6JUT8NVYbx5btWt8sL-cdztQLW4ZmkWjWsySRiaXb5dDpensHXrS2_qpAaJVBSGRnDaHcmK2l1SrFS10V4sSWQ3aUq-bVIljxyjZSuHJigqKzHQHc56OywC4b9C__6QdW37tEzW-pQr7JM4TBZj5D7uYWrsW0XOVRZSJiMjLrJDA3aLsd9uA0Jg2LqwNdMTSFVipRhzeS6TA-mVDTMGpiWjUIa9pLg4CyhLWzw_icf9-y2kMXgfULMOp-eYi2_eCoEfJ0BXWO7EJ8mG2K2-_ryL_U-S4hsvMqtoQ1kfiRjEyGUo7o3EhzcjxOdTXWvNFlffEO12oR6xTbLBHPhDrfJeUTvGZW8dr1nCsAPGi8aJf_j_rA1vGoZ9PDZGnP2T9aPY_k92y8GniOOwyQiiE7ECE3IqZCfY9AQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DBB1 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoZjKDQ1MT1PTo67HLcLXzMwHsa70lit_ZRhaDpqYHLbPlGdWcnd_JNQ_NlmA79mkuUxwoYfH-qZrXuw_le2zYnThQ&sig=Cg0ArKJSzPii0dMB3EtvEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3299242717&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688226103437&rpt=892&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 48DF 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUYdI-35gvDxUaI43SGh7a-x6ditFDO-cvgeWZ-DpkBK7b0yZ_Kof6p0MhaHozxcf0hmWLpmwzduBX66PRfDru6HcK&sig=Cg0ArKJSzDCwBvBVXoB4EAE&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3050045420&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688226103422&rpt=914&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AA6C 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3gKpASx7XL0bl9-JdhjuyN1icCBibwIVTiHvhixLdtNUQwSKWyVBaJayIm4vDPlV3UIGAVlnczFd2mztFPQzyb3Re&sig=Cg0ArKJSzDMeE7wc2Y5BEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3203893797&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688226103507&rpt=853&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 629E 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBhtBaerVUXVejyRC3BrWTGkzzYu-GyDzxhJH8eGedhKqdbTh3pkQmmj2yoKJGqMyqUWsGoeJSsAyb9oxTGPG_AZtr&sig=Cg0ArKJSzOC81Om3QxQUEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=456810305&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688226103409&rpt=949&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 15:41:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 990E 0
0 55ms
55ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306270101&jk=3277620352513465&bg=!WFulWw_NAAb90kgr3dI7ADkAdvg8Wr9bDGPlZndmHgLlKu4QYaefeeI2iHJ83vvL2UYtgUpzCkpqYYYNtSXjndRM_qTiVuP_EdkCAAAAWFIAAAADaAEHmQLBKOeJ79kMFYzfsHdo7LkRWBL2YwEs477nBt8fqtnDmraGJWQkDMVVOKi6QcaF6qOds4Td2h9xqH6bQBplLp46Avt-0T3kN2HkWyy5_29YBUcf2NLWby8mszbQIy3CuWGRqjkkBbx6AY8WsD013Z_eAq5ERXILqSinbn8F8aMLUTb_dnpsTF7Bes4U2bdBjvXx4RUDsv7OYdifUaMTc4GgveDUlWob4NjJ24oNjikXWmGsBDb6xcAnbQf_uhTvOUj7vm3b26-Pe-5l2Qvz1_QYuqHIC_aC_lqDo-cgieP1EhlPqgJ02c0z0iFoAUgk0Th5V9TZ6XGbV7KwYBkclURAvUf7-L-Ng1kwdmMUQbiyf11An_WRq-82Uq7yrtpMPfSQ1nuUG2OVeh6USfKs6w9MtWN9ui9kw20VOhH7J20lnBTpYp1s7YqWg9kx_YcfLpD8AT8KPKeHtyJ_i7uEnl1NmORfbWcP9i2a4d9fFF-wYxF3F5lLXbn4QiVqLOAcCeqBFbSQT6Nd2TXjAlg-BgrF5yJVk9K8pmlsDPA6M7llVmWkdnEvramAGlsjjtMtMuLQAFa4P01PpC7g_rr2qfVdqmVKmJMjrpa25VS6zFXa8gHLz7dQVI7bjd6XGjnsyYLNC91WCGm0y5FaOBKTPJUuungSuAH7YN_SxPePddtzONK_qtTPpEvrQ_nPbI0vmusXXOcga_nj7QHDeo-MsxpsxvzQ3yR4PKMfKJlZGJlgyn2xd9ETNe5uk0fTvfwJxvapdz4IhCa2FtVak2wbXVJOPT8d38nhu4rZ4m62D6-EgF3svp35dk3nRhC6ulyITGmsoSMIpNdUJ1W63AqCAvO-A5ySYUQ7MDgkMkQbet0xQEhtnopbgHHNz2J8up1w4ujG729xFd75aJqrEJCbBTqIrjroVIyPXPtWf39JxtnoPRCA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 5ed7638be4b07a92411bbffe
ng.virgul.com/tck/i_vb2/ Frame 990E 0
209 B 60ms
59ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed7638be4b07a92411bbffe?l=&r=153366@site_geneli@yemek_net:site_geneli&cs=1688226105564&userId=vnetf3e1f78c-ae40-42e6-bfd2-763ca0c5e0c6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 01 Jul 2023 15:41:45 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed76f76e4b07a92411bc03a
ng.virgul.com/tck/i_vb2/ Frame 990E 0
209 B 59ms
59ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed76f76e4b07a92411bc03a?l=&r=153377@site_geneli@yemek_net:site_geneli&cs=1688226105564&userId=vnetf3e1f78c-ae40-42e6-bfd2-763ca0c5e0c6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 01 Jul 2023 15:41:45 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771bae4b07a92411bc04c
ng.virgul.com/tck/i_vb2/ Frame 990E 0
209 B 60ms
60ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771bae4b07a92411bc04c?l=&r=153382@site_geneli@yemek_net:site_geneli&cs=1688226105565&userId=vnetf3e1f78c-ae40-42e6-bfd2-763ca0c5e0c6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 01 Jul 2023 15:41:45 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 5ed771e3e4b07a92411bc04e
ng.virgul.com/tck/i_vb2/ Frame 990E 0
209 B 60ms
59ms Image
text/plain 185.7.176.223
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/5ed771e3e4b07a92411bc04e?l=&r=153383@site_geneli@yemek_net:site_geneli&cs=1688226105565&userId=vnetf3e1f78c-ae40-42e6-bfd2-763ca0c5e0c6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye-mek.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ye-mek.net
date: Sat, 01 Jul 2023 15:41:45 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 22:18:42	Name: IDE Value: AHWqTUksTaBWvCzFr_y1WsNEXhvd9qYunl3g-7uAcIz5iC-aMRbJPGW4be2zmgxNZLY
.w55c.net/	1970-01-20 22:28:46	Name: wfivefivec Value: 4Pml9wfm1QfCJi5
.hspvst.com/	1969-12-31 23:59:59	Name: VIP2677 Value: 1
.hspvst.com/	1969-12-31 23:59:59	Name: VI2677 Value: %7B%22time%22%3A1688226104%2C%22utid%22%3A%227386568b023e9f5d51f55dd85549bc9b%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript	error	URL: https://ye-mek.net/(Line 39) Message: Unsafe attempt to initiate navigation for frame with URL 'https://pcloak.blob.core.windows.net/web/6x69807j0b5.html' from frame with URL 'https://ye-mek.net/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6593523210010154&output=html&adk=1812271804&adf=3279755397&plat=1%3A512%2C2%3A512%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpcloak.blob.core.windows.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688226102375&bpp=3&bdt=1034&idt=290&shv=r20230627&mjsv=m202306270101&ptt=9&saldr=aa&nras=1&correlator=6463411842196&frm=24&ife=1&pv=2&ga_vid=1308400559.1688226103&ga_sid=1688226103&ga_hid=559899350&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=222437166&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31075625%2C31075721%2C44772268%2C44788441&oid=2&pvsid=3277620352513465&tmod=1631040865&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.i40oqmbruh5z&fsb=1&dtd=302 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3e52cc87ad83ca70d7f37b80fee442c1.safeframe.googlesyndication.com
a.tribalfusion.com
aax.amazon-adsystem.com
ads.avct.cloud
ads.travelaudience.com
ads.w55c.net
adservice.google.com
ajax.googleapis.com
ap.lijit.com
c.amazon-adsystem.com
c1.imgiz.com
cdn.ye-mek.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cti.w55c.net
d5p.de17a.com
dis.criteo.com
eb2.3lift.com
feed.pghub.io
gcm.ctnsnet.com
googleads.g.doubleclick.net
i.w55c.net
id5-sync.com
images.dmca.com
imasdk.googleapis.com
match.360yield.com
ng.virgul.com
ng2.virgul.com
onetag-sys.com
pagead2.googlesyndication.com
pcloak.blob.core.windows.net
pghub.io
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s7.addthis.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.virgul.com
sync-tm.everesttech.net
sync.1rx.io
sync.inmobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.hspvst.com
tpc.googlesyndication.com
tr.blismedia.com
ups.analytics.yahoo.com
www.cloakan.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ye-mek.net
104.75.88.126
108.128.57.78
13.248.245.213
142.250.185.194
151.101.66.49
151.139.128.10
154.58.197.185
162.19.138.82
178.250.1.9
18.66.138.185
185.29.134.248
185.7.176.223
185.86.139.104
185.89.210.141
2.16.97.41
20.127.253.7
20.60.220.36
213.155.156.184
216.52.2.86
2600:9000:2251:9400:3:4706:a6c0:93a1
2600:9000:25eb:3000:1b:5138:8a40:93a1
2600:9000:25eb:e200:1b:f040:3600:93a1
2606:4700::6812:19ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2001
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a02:6ea0:c700::19
2a03:2880:f083:100:face:b00c:0:3
2a05:d018:d29:3605:c958:4a7f:3095:994e
3.70.92.75
3.75.62.37
34.102.243.38
34.96.105.8
35.156.85.133
35.186.193.173
35.190.0.66
35.227.252.103
35.241.45.217
46.228.174.117
51.75.86.98
52.222.208.154
54.76.77.34
54.93.94.222
69.173.144.165
77.245.159.14
94.138.206.83
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
013fc60df48b7f9806d0b79112a4fb38e65cc29678f48cdb35f4eb4e4bf179a4
05c72250b7b0da8e896799e32f88440d53848a083665b797629e25bad1bde6fd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09d46eb1397a55833670832dcac4edf7f7e1d2b170b3eb7c11557cadcfe0a784
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf21e36751bdc587710b7774f41413d6814eeea1198740907d6ab41707b02c5
10b071d9da2f3b60c6e5e584285c229e240a91ff66d45199bb959d742275004e
10b43d3e90245cb8bf52bd969b4b7ce4fa9996f56f23679e334053f679533386
10f822c68d1bd99ea03b8c10cc382ef0739f538b95f6398143a03d72bdf653e2
120fdf7c1e8de286b8c6ad005bd52d7b3d71cfa17bd6d1f72d023fe952d03708
167b361207c0dbe5cc3e6a4aded1c1523af5ca6241dd25f5087a33d63ed89ed0
18c48f4b7bccba5e4a301f9f5b83eb71cb2351cb810b8009b582da31c3f76bdc
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
279640665adc92d4244ed1cfbf8e8dc558eda38fc5bcf56cb9d8bad0c5c5de91
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2b1f0e311569efa4ea023be14979870fb54497579d73f6954d8a28c6df85fb66
2eb2914e0253d3d949c2aad28f6f109c7b3a67ef37696a4496592837c0f9d7a4
2ee4854a38ad37b61a8727c71e98305037bc4711d65f4bac43420986b4c9455f
2efed30acdac9725b233f6d3d5bd8a16a9049980ceaa91525e061cc9c63da1e3
3002b527e1cb5e6d8601854825ff1a291b37dfe3e190c02eb7ac1ad76cb12898
30a65660d3bee25b460cd23885a800f1c6dc244f9fa41ce36c84a843f0c763e2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324a9c1f26949a62b89c5846de23826737bf3b14443e3f5a969b1799604a0588
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37696e118071c7484a8001f32a4e80edaab20322d5c8ae8e2b1f48a1c45baad9
38461e624a108d65cc4d41e53e87c020378d22fb9f4252648becdd03389204b7
3c1235e8727d2460550da65bf27279e56d3979e37324d658192448b5514665bd
3c3b646e12d7ee40bf57c8b03deb7fe18ad8126f86c303cc0b06c0f55bb72e2e
3cf33fd1cc895fe26505c0677f183cec819f5d55d54905a1adf8e95322d67c19
3e9569df702eb478e6e7699775a0f555b64ef9e89d89a81742bc97c7803dba96
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed559a849229d0ba1622b39b2343f2307a91aae5bab1f08e55c89e50874c980
4484d2c35523fb6c7488dac22a6c826a3b0cccb87b2b50335dfa533f7138f010
4595241cedd0561ea7df5dae27079da65aff6eea25ca9a06869c82524835bd44
45ce3710e0dd18b6bd362d986c5a0adda78c2c9e5ba72a57aef203b9379571cb
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4bc365e1ed3dcc32eb12b13bb0715a5b91a2a9dffc8b88e0986e8a5630e0828c
4c77f8aab3efdc86229d1c28f8275fc0d19491711970bb5be4b8b79d011e2b55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50282fee83281adfa1bd8aa7771950d435a2799ca90959ae8f3a483ff4fb0be0
504638cbcafafa2aaa5ed5d0551239803a52f81ffc79c42508e7ff8deea5311f
5103b27b55207be49f024a501641c7cb93e6469073ccbe194cd5963b53716184
5190a205bf30235a69098c5a28efa26c0802c43319c21b0ecf454cd3c0d1385b
537d42962737bc550bbf34d1404e336cebc1b46ced111cc3c5b1ab744d38bb85
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5686193fc78cdddc4c303ab6ff711d7e657e2c19e37306c40d8c4bab93f2543d
5804cd3bfdf7f7b00ae1f2beef50b9ac7bbdcadcb47e8c3454e8609a52096b92
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
613b97a3f938c5185dc5fcb46ec9c9488f460fdf8a9765eea9f05aebe46a0c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ef244a7f7b27ce2c69ff28e1bb69f7bac2e6be7fe6dbbbcb82feeb11db7d84
6234bb54881f067b302e79cf9b656901eea31a2b1c03f05b468cc43cf7ad4e0e
63b3428dab8c9858bfec0fdd1766207549e01494b99c89a230937546c926592d
6501e50ffffdc89ec56c93111f32c70f697610d4af971fb38ae964b5824c7eb1
66413d92e3b48b21f37de7968a4c6ee6dafb956f4963d0557959a3d10db2c492
66f57830eba3793b6d407a90dc0636b5e5e028f466bec6045ebc0813acaf7afa
6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b
6e1330041e6221db02bceb99117262e8223c801c9c2708e99630521939b3f0d7
7232181015eb5b42f53f96e6443fc267df0b8e2cc009f4a2ff948b8852eebff4
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7922eed1c8ba3aa0a8c5a5add2fca6bc82e5f38a9cdce9181538ef77c3f1feb7
7a58af39da6d397b687cf6721c2efd0d9a3a5c22e05eafacbc30f8076e983a03
7de327885eb13552b4d8343d92108ecd9f34c139b358c2e2e4573227be944949
7fb5acaef87323202589a768ca2f6852b1ff651c1b2a4f6b3e0914c433cab044
80e89ab93ab92c6723a516cc74768f6c16f5c82a5c074ec31af225648be521d7
8c5275956fa1bf68a0418dddb092a5881af6b6be10f6dca54dfacda6ba41992a
8c841ff4eafc691d5a5ec410c4f0f30379bca0dbf5944a36b84c73b1be0f2f36
8e080429f5f69e47f9092b6106ca96eb4a31191dc00cbef1f20104561b44f10b
90b76298736807f5f931fb06b8902492b849ec52f2f045549a0242b99b3aaaba
911f26dd0f9ec06ebb4945e97fd4741a4d417b58a9a78b2c526252f1ee37b208
9133b1a03fbaae9ea9cc0430b15c8f9a20dbff26288ab9eef75a9959d775c6ef
963aad0fa55ae911ea2660ba2f6bcd8342a56dfbf669567ffb9eb60879dc5510
96e22a33f827f042ac4b239c21f468a17c87545df3f6b90e100d3a91b253a1e7
976c546d7233891d42bbe8ef3d19db7d8808cf1038dd4b20fc95326d24c03921
97f538109f326c56c07e09bf99c396700db18558a071cec59b29317a17d53dd0
985d370290186c9cf33775d7a7463d2f90b57047ff842ff8b1fcde3799303596
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c4369c2efa02f134768da1cdf4db9c273d5a5e81b34b9ce976b385184238e45
9cacc351a59879d938ef01e274eca7f341deaaa666237a3de94737ccc05a4b86
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2496d78de3097a5fd65955a0c6a5c974c05fee0e380a06ff997ebb1a65e2ca6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7a580492938c753648b19da1321bf7ea66d7a2e9b1fa42058c821e268fba9e1
a7bdc5489a06f3c3cc24119a5a76f4d5af38e07c2b7e4e458ce411993eb12e7c
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
b2ecd92de7982ef4ffd3778b02d62aaef7341b3c9ac5f4e53e749a9bde702119
b416a8845aebd5d6b32b5a69441731ec63039fdfdf997e4753a024634b266f68
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b869a852368eaa119ee4b5b375ad2c86eb2c8eedaceafc3aff741faf14dc48b1
bea17c8870ba8dae9515993b5c55b65437f03f0e2672e1c3d3dbe7872dd74e5c
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d469330093a2cebd898628a339df6abaf5edcb89e85769ff79840371195a7d1f
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
da91387680a9a55651afd3e8937cb5e32defb01d582dbf5cb791fa812e8d893b
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc
e041f359812b31ffb3d561c106435550a58d86540a0262a93e6e462624fada6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
e8c63d2d30b5ec92225ddec525d42bd96820b0d352bbc94d89cefbb627dc6f20
eab1145c02ae44ca45370dbdb689a98d1756fe3726fde675886a95730fee691d
ecadacb686d0540a5768dae41d50597a71dfaa8135b90f1371d4bfa266e4e361
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb6dfb64e21ed016f93813c7b6995a3e3692b1cc0eb1baeaa282c63a2982931
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f556d86a444693a8395a406f43aaafe3195074466032ed8f4e9e339bab4b67db
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
f6b85d08e7740b6041bcda06b4124e53446c1408317baca2bf95c7d927fd3741
f6beaef746fb9c6b55dd671146333d355d716f7cfc2ac3386b7fe92abb909cff
fe665a455aceb9598500cae8ccd808cbffe5a3525c32cdc7bcbaa0e83a58ac0c

pcloak.blob.core.windows.net Open in urlscan Pro 20.60.220.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

249 Requests

88 %HTTPS

32 %IPv6

44 Domains

60 Subdomains

36 IPs

3 Countries

2907 kBTransfer

6732 kBSize

4 Cookies

0 Outgoing links

Redirected requests

249 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36 Public Scan

Screenshot
Live screenshot

Full Image

249
Requests

88 %
HTTPS

32 %
IPv6

44
Domains

60
Subdomains

36
IPs

3
Countries

2907 kB
Transfer

6732 kB
Size

4
Cookies

249 HTTP transactions
7 data transactions